February 2025 - Linux-stable-mirror

by Ahmed, Shehab Sarar

Hello, While experimenting with bbr protocol, I manipulated the network conditions by maintaining a high RTT for about one second before abruptly reducing it. Some packets sent during the high RTT phase experienced long delays in reaching the destination, while later packets, benefiting from the lower RTT, arrived earlier. This out-of-order arrival triggered the receiver to generate duplicate acknowledgments (dup ACKs). Due to the low RTT, these dup ACKs quickly reached the sender. Upon receiving three dup ACKs, the sender initiated a fast retransmission for an earlier packet that was not lost but was simply taking longer to arrive. Interestingly, despite the fast-retransmitted packet experienced a lower RTT, the original delayed packet still arrived first. When the receiver received this packet, it sent an ACK for the next packet in sequence. However, upon later receiving the fast-retransmitted packet, an issue arose in its logic for updating the acknowledgment number. As a result, even after the next expected packet was received, the acknowledgment number was not updated correctly. The receiver continued sending dup ACKs, ultimately forcing bbr into the retransmission timeout (RTO) phase. I generated this issue in linux kernel version 5.15.0-117-generic with Ubuntu 20.04. I attempted to confirm whether the issue persists with the latest Linux kernel. However, I discovered that the behavior of bbr has changed in the most recent kernel version, where it now sends chunks of packets instead of sending them one by one over time. As a result, I was unable to reproduce the specific sequence of events that triggered the bug we identified. Consequently, I could not confirm whether the bug still exists in the latest kernel. I believe that the issue (if still exists) will have to be resolved in the location net/ipv4/tcp_input.c or something like that. There are so many authors here that I do not know who to CC here. So, sending this email to you. Sorry if this is not the best way to report this issue. Thanks Shehab ________________________________________ From: Ahmed, Shehab Sarar Sent: Saturday, February 1, 2025 1:01 PM To: stable(a)vger.kernel.org Cc: regressions(a)lists.linux.dev Subject: TCP Fast Retransmission Issue Hello, While experimenting with bbr protocol, I manipulated the network conditions by maintaining a high RTT for about one second before abruptly reducing it. Some packets sent during the high RTT phase experienced long delays in reaching the destination, while later packets, benefiting from the lower RTT, arrived earlier. This out-of-order arrival triggered the receiver to generate duplicate acknowledgments (dup ACKs). Due to the low RTT, these dup ACKs quickly reached the sender. Upon receiving three dup ACKs, the sender initiated a fast retransmission for an earlier packet that was not lost but was simply taking longer to arrive. Interestingly, despite the fast-retransmitted packet experienced a lower RTT, the original delayed packet still arrived first. When the receiver received this packet, it sent an ACK for the next packet in sequence. However, upon later receiving the fast-retransmitted packet, an issue arose in its logic for updating the acknowledgment number. As a result, even after the next expected packet was received, the acknowledgment number was not updated correctly. The receiver continued sending dup ACKs, ultimately forcing bbr into the retransmission timeout (RTO) phase. I generated this issue in linux kernel version 5.15.0-117-generic with Ubuntu 20.04. I attempted to confirm whether the issue persists with the latest Linux kernel. However, I discovered that the behavior of bbr has changed in the most recent kernel version, where it now sends chunks of packets instead of sending them one by one over time. As a result, I was unable to reproduce the specific sequence of events that triggered the bug we identified. Consequently, I could not confirm whether the bug still exists in the latest kernel. I believe that the issue (if still exists) will have to be resolved in the location net/ipv4/tcp_input.c or something like that. There are so many authors here that I do not know who to CC here. So, sending this email to you. Sorry if this is not the best way to report this issue. Thanks Shehab

4 weeks, 1 day

2
2
0 0

[PATCH 6.1 00/19] xfs 6.1.y fixes from 6.7

by Leah Rumancik

Returning to focus on 6.1, here is the 6.1 set from the corresponding 6.6 set: https://lore.kernel.org/all/20240208232054.15778-1-catherine.hoang@oracle.c… Two patches are missing from the original set: [01/21] MAINTAINERS: add Catherine as xfs maintainer for 6.6.y 6.6.y-only change [16/21] xfs: fix again select in kconfig XFS_ONLINE_SCRUB_STATS XFS_ONLINE_SCRUB_STATS didn't show up till 6.6 The auto group was run on 10 configs and no regressions were seen. This has been ack'd on the xfs-stable mailing list. Thanks, Leah Catherine Hoang (1): xfs: allow read IO and FICLONE to run concurrently Cheng Lin (1): xfs: introduce protection for drop nlink Christoph Hellwig (4): xfs: handle nimaps=0 from xfs_bmapi_write in xfs_alloc_file_space xfs: only remap the written blocks in xfs_reflink_end_cow_extent xfs: clean up FS_XFLAG_REALTIME handling in xfs_ioctl_setattr_xflags xfs: respect the stable writes flag on the RT device Darrick J. Wong (8): xfs: bump max fsgeom struct version xfs: hoist freeing of rt data fork extent mappings xfs: prevent rt growfs when quota is enabled xfs: rt stubs should return negative errnos when rt disabled xfs: fix units conversion error in xfs_bmap_del_extent_delay xfs: make sure maxlen is still congruent with prod when rounding down xfs: clean up dqblk extraction xfs: dquot recovery does not validate the recovered dquot Dave Chinner (1): xfs: inode recovery does not validate the recovered inode Leah Rumancik (1): xfs: up(ic_sema) if flushing data device fails Long Li (2): xfs: factor out xfs_defer_pending_abort xfs: abort intent items when recovery intents fail Omar Sandoval (1): xfs: fix internal error from AGFL exhaustion fs/xfs/libxfs/xfs_alloc.c | 27 ++++++++++++-- fs/xfs/libxfs/xfs_bmap.c | 21 +++-------- fs/xfs/libxfs/xfs_defer.c | 28 +++++++++------ fs/xfs/libxfs/xfs_defer.h | 2 +- fs/xfs/libxfs/xfs_inode_buf.c | 3 ++ fs/xfs/libxfs/xfs_rtbitmap.c | 33 +++++++++++++++++ fs/xfs/libxfs/xfs_sb.h | 2 +- fs/xfs/xfs_bmap_util.c | 24 +++++++------ fs/xfs/xfs_dquot.c | 5 +-- fs/xfs/xfs_dquot_item_recover.c | 21 +++++++++-- fs/xfs/xfs_file.c | 63 ++++++++++++++++++++++++++------- fs/xfs/xfs_inode.c | 24 +++++++++++++ fs/xfs/xfs_inode.h | 17 +++++++++ fs/xfs/xfs_inode_item_recover.c | 14 +++++++- fs/xfs/xfs_ioctl.c | 30 ++++++++++------ fs/xfs/xfs_iops.c | 7 ++++ fs/xfs/xfs_log.c | 23 ++++++------ fs/xfs/xfs_log_recover.c | 2 +- fs/xfs/xfs_reflink.c | 5 +++ fs/xfs/xfs_rtalloc.c | 33 +++++++++++++---- fs/xfs/xfs_rtalloc.h | 27 ++++++++------ 21 files changed, 310 insertions(+), 101 deletions(-) -- 2.48.1.362.g079036d154-goog

1 month

3
39
0 0

[PATCH 1/1] blk-cgroup: Fix UAF in blkcg_unpin_online()

by ciprietti＠google.com

From: Tejun Heo <tj(a)kernel.org> [ Upstream commit 86e6ca55b83c575ab0f2e105cf08f98e58d3d7af ] blkcg_unpin_online() walks up the blkcg hierarchy putting the online pin. To walk up, it uses blkcg_parent(blkcg) but it was calling that after blkcg_destroy_blkgs(blkcg) which could free the blkcg, leading to the following UAF: ================================================================== BUG: KASAN: slab-use-after-free in blkcg_unpin_online+0x15a/0x270 Read of size 8 at addr ffff8881057678c0 by task kworker/9:1/117 CPU: 9 UID: 0 PID: 117 Comm: kworker/9:1 Not tainted 6.13.0-rc1-work-00182-gb8f52214c61a-dirty #48 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS unknown 02/02/2022 Workqueue: cgwb_release cgwb_release_workfn Call Trace: <TASK> dump_stack_lvl+0x27/0x80 print_report+0x151/0x710 kasan_report+0xc0/0x100 blkcg_unpin_online+0x15a/0x270 cgwb_release_workfn+0x194/0x480 process_scheduled_works+0x71b/0xe20 worker_thread+0x82a/0xbd0 kthread+0x242/0x2c0 ret_from_fork+0x33/0x70 ret_from_fork_asm+0x1a/0x30 </TASK> ... Freed by task 1944: kasan_save_track+0x2b/0x70 kasan_save_free_info+0x3c/0x50 __kasan_slab_free+0x33/0x50 kfree+0x10c/0x330 css_free_rwork_fn+0xe6/0xb30 process_scheduled_works+0x71b/0xe20 worker_thread+0x82a/0xbd0 kthread+0x242/0x2c0 ret_from_fork+0x33/0x70 ret_from_fork_asm+0x1a/0x30 Note that the UAF is not easy to trigger as the free path is indirected behind a couple RCU grace periods and a work item execution. I could only trigger it with artifical msleep() injected in blkcg_unpin_online(). Fix it by reading the parent pointer before destroying the blkcg's blkg's. Signed-off-by: Tejun Heo <tj(a)kernel.org> Reported-by: Abagail ren <renzezhongucas(a)gmail.com> Suggested-by: Linus Torvalds <torvalds(a)linuxfoundation.org> Fixes: 4308a434e5e0 ("blkcg: don't offline parent blkcg first") Cc: stable(a)vger.kernel.org # v5.7+ Signed-off-by: Jens Axboe <axboe(a)kernel.dk> Signed-off-by: Andrea Ciprietti <ciprietti(a)google.com> --- include/linux/blk-cgroup.h | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/include/linux/blk-cgroup.h b/include/linux/blk-cgroup.h index 0e6e84db06f6..b89099360a86 100644 --- a/include/linux/blk-cgroup.h +++ b/include/linux/blk-cgroup.h @@ -428,10 +428,14 @@ static inline void blkcg_pin_online(struct blkcg *blkcg) static inline void blkcg_unpin_online(struct blkcg *blkcg) { do { + struct blkcg *parent; + if (!refcount_dec_and_test(&blkcg->online_pin)) break; + + parent = blkcg_parent(blkcg); blkcg_destroy_blkgs(blkcg); - blkcg = blkcg_parent(blkcg); + blkcg = parent; } while (blkcg); } -- 2.48.1.262.g85cc9f2d1e-goog

1 month

4
5
0 0

rk3399 fails to boot since v6.12.7

by Christoph Fritz

Hello Marc, since 773c05f417fa1 ("irqchip/gic-v3: Work around insecure GIC integrations") landed in stable v6.12.7 as 0bf32f482887, here the rk3399 fails to boot (~4 out of 10 times) because OP-TEE panics (gets a secure interrupt that it cannot handle). Setup is: - BL31 proprietary (since mainline TF-A has no DMA) - OP-TEE mainline version: 3.20 - Kernel v6.12.7 <snip> [ 0.000000] GICv3: Broken GIC integration, security disabled <snip> E/TC:4 0 Panic 'Secure interrupt handler not defined' at core/kernel/interrupt.c:139 <itr_core_handler> E/TC:4 0 TEE load address @ 0x30000000 E/TC:4 0 Call stack: E/TC:4 0 0x300091f8 E/TC:4 0 0x30016664 E/TC:4 0 0x30015710 E/TC:4 0 0x30005714 [ 26.087363] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 26.087925] rcu: (detected by 2, t=21002 jiffies, g=2233, q=2416 ncpus=6) [ 26.088530] rcu: All QSes seen, last rcu_preempt kthread activity 21002 (4294693363-4294672361), jiffies_till_next_fqs=3, root ->qsmask 0x0 [ 26.089623] rcu: rcu_preempt kthread timer wakeup didn't happen for 20999 jiffies! g2233 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x200 [ 26.090617] rcu: Possible timer handling issue on cpu=4 timer-softirq=293 [ 26.091218] rcu: rcu_preempt kthread starved for 21002 jiffies! g2233 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x200 ->cpu=4 [ 26.092131] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 26.092926] rcu: RCU grace-period kthread stack dump: [ 26.093369] task:rcu_preempt state:R stack:0 pid:16 tgid:16 ppid:2 flags:0x00000008 [ 26.094192] Call trace: [ 26.094409] __switch_to+0xf0/0x14c [ 26.094728] __schedule+0x264/0xa90 [ 26.095040] schedule+0x34/0x104 [ 26.095329] schedule_timeout+0x80/0xf4 [ 26.095672] rcu_gp_fqs_loop+0x14c/0x4a4 [ 26.096027] rcu_gp_kthread+0x138/0x164 [ 26.096369] kthread+0x114/0x118 [ 26.096661] ret_from_fork+0x10/0x20 [ 26.096982] rcu: Stack dump where RCU GP kthread last ran: [ 26.097463] Sending NMI from CPU 2 to CPUs 4: [ 46.276364] sched: DL replenish lagged too much Is it too late for the kernel to disable the "security" since OP-TEE assumes it is enabled? Any ideas? Thanks -- Christoph

1 month

2
4
0 0

Linux 6.6.75

by Greg Kroah-Hartman

I'm announcing the release of the 6.6.75 kernel. All users of the 6.6 kernel series must upgrade. The updated 6.6.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.6.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 block/ioctl.c | 9 drivers/ata/libahci.c | 12 drivers/ata/libata-core.c | 8 drivers/cpufreq/amd-pstate.c | 7 drivers/gpu/drm/amd/display/dc/dce/dmub_hw_lock_mgr.c | 3 drivers/gpu/drm/v3d/v3d_irq.c | 16 drivers/hid/hid-ids.h | 1 drivers/hid/hid-multitouch.c | 8 drivers/hwmon/drivetemp.c | 2 drivers/infiniband/hw/bnxt_re/main.c | 10 drivers/input/joystick/xpad.c | 9 drivers/input/keyboard/atkbd.c | 2 drivers/irqchip/irq-sunxi-nmi.c | 3 drivers/of/unittest-data/tests-platform.dtsi | 13 drivers/of/unittest.c | 14 drivers/scsi/scsi_transport_iscsi.c | 4 drivers/scsi/storvsc_drv.c | 8 drivers/usb/gadget/function/u_serial.c | 8 drivers/usb/serial/quatech2.c | 2 drivers/vfio/platform/vfio_platform_common.c | 10 fs/ext4/super.c | 3 fs/gfs2/file.c | 1 fs/libfs.c | 177 +++++-- fs/smb/client/smb2inode.c | 92 ++- include/linux/fs.h | 2 include/linux/seccomp.h | 2 mm/filemap.c | 19 mm/shmem.c | 3 net/ipv4/ip_tunnel.c | 2 net/ipv6/ip6_fib.c | 8 net/ipv6/route.c | 45 + net/sched/sch_ets.c | 2 sound/soc/codecs/Kconfig | 1 sound/soc/samsung/Kconfig | 6 sound/usb/quirks.c | 2 tools/testing/selftests/net/Makefile | 1 tools/testing/selftests/net/ipv6_route_update_soft_lockup.sh | 262 +++++++++++ 38 files changed, 645 insertions(+), 134 deletions(-) Alex Williamson (1): vfio/platform: check the bounds of read/write syscalls Alexey Dobriyan (1): block: fix integer overflow in BLKSECDISCARD Anastasia Belova (1): cpufreq: amd-pstate: add check for cpufreq_cpu_get's return value Andreas Gruenbacher (1): gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag Charles Keepax (3): ASoC: wm8994: Add depends on MFD core ASoC: samsung: Add missing selects for MFD_WM8994 ASoC: samsung: Add missing depends on I2C Chuck Lever (10): libfs: Re-arrange locking in offset_iterate_dir() libfs: Define a minimum directory offset libfs: Add simple_offset_empty() libfs: Fix simple_offset_rename_exchange() libfs: Add simple_offset_rename() API shmem: Fix shmem_rename2() libfs: Return ENOSPC when the directory offset range is exhausted Revert "libfs: Add simple_offset_empty()" libfs: Replace simple_offset end-of-directory detection libfs: Use d_children list to iterate simple_offset directories Easwar Hariharan (1): scsi: storvsc: Ratelimit warning logs to prevent VM denial of service Greg Kroah-Hartman (2): Revert "usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null" Linux 6.6.75 Ido Schimmel (1): ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() Igor Pylypiv (1): ata: libata-core: Set ATA_QCFLAG_RTF_FILLED in fill_result_tf() Jack Greiner (1): Input: xpad - add support for wooting two he (arm) Jamal Hadi Salim (1): net: sched: fix ets qdisc OOB Indexing Jiri Kosina (1): Revert "HID: multitouch: Add support for lenovo Y9000P Touchpad" Leonardo Brondani Schenkel (1): Input: xpad - improve name of 8BitDo controller 2dc8:3106 Lianqin Hu (1): ALSA: usb-audio: Add delay quirk for USB Audio Device Linus Torvalds (1): cachestat: fix page cache statistics permission checking Linus Walleij (1): seccomp: Stub for !CONFIG_SECCOMP Luis Henriques (SUSE) (1): ext4: fix access to uninitialised lock in fc replay path Mark Pearson (1): Input: atkbd - map F23 key to support default copilot shortcut Matheos Mattsson (1): Input: xpad - add support for Nacon Evol-X Xbox One Controller Maíra Canal (1): drm/v3d: Assign job pointer to NULL before signaling the fence Nicolas Nobelis (1): Input: xpad - add support for Nacon Pro Compact Nilton Perim Neto (1): Input: xpad - add unofficial Xbox 360 wireless receiver clone Omid Ehtemam-Haghighi (1): ipv6: Fix soft lockups in fib6_select_path under high next hop churn Paulo Alcantara (1): smb: client: handle lack of EA support in smb2_query_path_info() Philippe Simons (1): irqchip/sunxi-nmi: Add missing SKIP_WAKE flag Pierre-Loup A. Griffais (1): Input: xpad - add QH Electronics VID/PID Qasim Ijaz (1): USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() Rob Herring (Arm) (1): of/unittest: Add test that of_address_to_resource() fails on non-translatable address Russell Harmon (1): hwmon: (drivetemp) Set scsi command timeout to 10s Selvin Xavier (1): RDMA/bnxt_re: Avoid CPU lockups due fifo occupancy check loop Tom Chung (1): drm/amd/display: Use HW lock mgr for PSR1 Xiang Zhang (1): scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request

1 month

1
1
0 0

Linux 6.12.12

by Greg Kroah-Hartman

I'm announcing the release of the 6.12.12 kernel. All users of the 6.12 kernel series must upgrade. The updated 6.12.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.12.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 drivers/gpu/drm/amd/display/dc/dce/dmub_hw_lock_mgr.c | 3 drivers/gpu/drm/amd/display/dc/dml2/dml21/src/dml2_core/dml2_core_dcn4_calcs.c | 4 drivers/gpu/drm/drm_connector.c | 3 drivers/gpu/drm/v3d/v3d_irq.c | 16 drivers/hid/hid-ids.h | 1 drivers/hid/hid-multitouch.c | 8 drivers/hid/wacom_sys.c | 24 - drivers/hwmon/drivetemp.c | 2 drivers/input/joystick/xpad.c | 9 drivers/input/keyboard/atkbd.c | 2 drivers/irqchip/irq-sunxi-nmi.c | 3 drivers/net/wireless/realtek/rtl8xxxu/core.c | 20 + drivers/of/unittest-data/tests-platform.dtsi | 13 drivers/of/unittest.c | 14 drivers/scsi/scsi_transport_iscsi.c | 4 drivers/scsi/storvsc_drv.c | 8 drivers/usb/gadget/function/u_serial.c | 8 drivers/usb/serial/quatech2.c | 2 drivers/vfio/platform/vfio_platform_common.c | 10 fs/gfs2/file.c | 1 fs/libfs.c | 162 ++++------ fs/smb/client/smb2inode.c | 92 ++++- include/linux/fs.h | 1 include/linux/seccomp.h | 2 io_uring/rsrc.c | 7 mm/filemap.c | 19 + mm/shmem.c | 4 mm/zswap.c | 90 +++-- net/sched/sch_ets.c | 2 sound/pci/hda/patch_realtek.c | 4 sound/soc/codecs/Kconfig | 1 sound/soc/codecs/cs42l43.c | 1 sound/soc/codecs/es8316.c | 10 sound/soc/samsung/Kconfig | 6 sound/usb/quirks.c | 2 36 files changed, 379 insertions(+), 181 deletions(-) Alex Hung (1): drm/amd/display: Initialize denominator defaults to 1 Alex Williamson (1): vfio/platform: check the bounds of read/write syscalls Andreas Gruenbacher (1): gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag Charles Keepax (3): ASoC: wm8994: Add depends on MFD core ASoC: samsung: Add missing selects for MFD_WM8994 ASoC: samsung: Add missing depends on I2C Chuck Lever (5): libfs: Return ENOSPC when the directory offset range is exhausted Revert "libfs: Add simple_offset_empty()" Revert "libfs: fix infinite directory reads for offset dir" libfs: Replace simple_offset end-of-directory detection libfs: Use d_children list to iterate simple_offset directories Cristian Ciocaltea (1): drm/connector: hdmi: Validate supported_formats matches ycbcr_420_allowed Easwar Hariharan (1): scsi: storvsc: Ratelimit warning logs to prevent VM denial of service Greg Kroah-Hartman (2): Revert "usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null" Linux 6.12.12 Hans de Goede (1): wifi: rtl8xxxu: add more missing rtl8192cu USB IDs Jack Greiner (1): Input: xpad - add support for wooting two he (arm) Jamal Hadi Salim (1): net: sched: fix ets qdisc OOB Indexing Jann Horn (1): io_uring/rsrc: require cloned buffers to share accounting contexts Jason Gerecke (1): HID: wacom: Initialize brightness of LED trigger Jiri Kosina (1): Revert "HID: multitouch: Add support for lenovo Y9000P Touchpad" Leonardo Brondani Schenkel (1): Input: xpad - improve name of 8BitDo controller 2dc8:3106 Lianqin Hu (1): ALSA: usb-audio: Add delay quirk for USB Audio Device Linus Torvalds (1): cachestat: fix page cache statistics permission checking Linus Walleij (1): seccomp: Stub for !CONFIG_SECCOMP Maciej Strozek (1): ASoC: cs42l43: Add codec force suspend/resume ops Marian Postevca (1): ASoC: codecs: es8316: Fix HW rate calculation for 48Mhz MCLK Mark Pearson (1): Input: atkbd - map F23 key to support default copilot shortcut Matheos Mattsson (1): Input: xpad - add support for Nacon Evol-X Xbox One Controller Maíra Canal (1): drm/v3d: Assign job pointer to NULL before signaling the fence Nicolas Nobelis (1): Input: xpad - add support for Nacon Pro Compact Nilton Perim Neto (1): Input: xpad - add unofficial Xbox 360 wireless receiver clone Paulo Alcantara (1): smb: client: handle lack of EA support in smb2_query_path_info() Philippe Simons (1): irqchip/sunxi-nmi: Add missing SKIP_WAKE flag Pierre-Loup A. Griffais (1): Input: xpad - add QH Electronics VID/PID Qasim Ijaz (1): USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() Rob Herring (Arm) (1): of/unittest: Add test that of_address_to_resource() fails on non-translatable address Russell Harmon (1): hwmon: (drivetemp) Set scsi command timeout to 10s Tom Chung (1): drm/amd/display: Use HW lock mgr for PSR1 Xiang Zhang (1): scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request Yage Geng (1): ALSA: hda/realtek: Fix volume adjustment issue on Lenovo ThinkBook 16P Gen5 Yosry Ahmed (2): mm: zswap: properly synchronize freeing resources during CPU hotunplug mm: zswap: move allocations during CPU init outside the lock

1 month

1
1
0 0

Linux 6.1.128

by Greg Kroah-Hartman

I'm announcing the release of the 6.1.128 kernel. All users of the 6.1 kernel series must upgrade. The updated 6.1.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.1.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 block/ioctl.c | 9 drivers/base/regmap/regmap.c | 12 drivers/gpu/drm/amd/display/dc/dce/dmub_hw_lock_mgr.c | 3 drivers/gpu/drm/v3d/v3d_irq.c | 16 drivers/hid/hid-ids.h | 1 drivers/hid/hid-multitouch.c | 8 drivers/input/joystick/xpad.c | 2 drivers/input/keyboard/atkbd.c | 2 drivers/irqchip/irq-sunxi-nmi.c | 3 drivers/net/wireless/intel/iwlwifi/dvm/rs.c | 9 drivers/net/wireless/intel/iwlwifi/mvm/rs.c | 9 drivers/scsi/scsi_transport_iscsi.c | 4 drivers/scsi/storvsc_drv.c | 8 drivers/usb/gadget/function/u_serial.c | 8 drivers/usb/serial/quatech2.c | 2 drivers/vfio/platform/vfio_platform_common.c | 10 fs/ext4/super.c | 3 fs/gfs2/file.c | 1 fs/smb/client/smb2ops.c | 47 + fs/smb/client/smb2pdu.c | 10 fs/xfs/libxfs/xfs_alloc.c | 27 + fs/xfs/libxfs/xfs_bmap.c | 21 fs/xfs/libxfs/xfs_defer.c | 28 - fs/xfs/libxfs/xfs_defer.h | 2 fs/xfs/libxfs/xfs_inode_buf.c | 3 fs/xfs/libxfs/xfs_rtbitmap.c | 33 + fs/xfs/libxfs/xfs_sb.h | 2 fs/xfs/xfs_bmap_util.c | 24 - fs/xfs/xfs_dquot.c | 5 fs/xfs/xfs_dquot_item_recover.c | 21 fs/xfs/xfs_file.c | 63 ++ fs/xfs/xfs_inode.c | 24 + fs/xfs/xfs_inode.h | 17 fs/xfs/xfs_inode_item_recover.c | 14 fs/xfs/xfs_ioctl.c | 30 - fs/xfs/xfs_iops.c | 7 fs/xfs/xfs_log.c | 23 fs/xfs/xfs_log_recover.c | 2 fs/xfs/xfs_reflink.c | 5 fs/xfs/xfs_rtalloc.c | 33 + fs/xfs/xfs_rtalloc.h | 27 - include/linux/seccomp.h | 2 io_uring/io_uring.c | 4 kernel/softirq.c | 15 net/ipv4/ip_tunnel.c | 2 net/ipv6/ip6_fib.c | 8 net/ipv6/route.c | 45 + net/sched/sch_ets.c | 2 sound/soc/codecs/Kconfig | 1 sound/soc/samsung/Kconfig | 6 sound/soc/samsung/midas_wm1811.c | 24 - sound/usb/quirks.c | 2 tools/testing/selftests/net/Makefile | 1 tools/testing/selftests/net/ipv6_route_update_soft_lockup.sh | 262 +++++++++++ 55 files changed, 767 insertions(+), 187 deletions(-) Alex Williamson (1): vfio/platform: check the bounds of read/write syscalls Alexey Dobriyan (1): block: fix integer overflow in BLKSECDISCARD Alper Nebi Yasak (1): ASoC: samsung: midas_wm1811: Map missing jack kcontrols Andreas Gruenbacher (1): gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag Anjaneyulu (1): wifi: iwlwifi: add a few rate index validity checks Catherine Hoang (1): xfs: allow read IO and FICLONE to run concurrently Charles Keepax (3): ASoC: wm8994: Add depends on MFD core ASoC: samsung: Add missing selects for MFD_WM8994 ASoC: samsung: Add missing depends on I2C Cheng Lin (1): xfs: introduce protection for drop nlink Christoph Hellwig (4): xfs: handle nimaps=0 from xfs_bmapi_write in xfs_alloc_file_space xfs: only remap the written blocks in xfs_reflink_end_cow_extent xfs: clean up FS_XFLAG_REALTIME handling in xfs_ioctl_setattr_xflags xfs: respect the stable writes flag on the RT device Cosmin Tanislav (1): regmap: detach regmap from dev on regmap_exit Darrick J. Wong (8): xfs: bump max fsgeom struct version xfs: hoist freeing of rt data fork extent mappings xfs: prevent rt growfs when quota is enabled xfs: rt stubs should return negative errnos when rt disabled xfs: fix units conversion error in xfs_bmap_del_extent_delay xfs: make sure maxlen is still congruent with prod when rounding down xfs: clean up dqblk extraction xfs: dquot recovery does not validate the recovered dquot Dave Chinner (1): xfs: inode recovery does not validate the recovered inode Easwar Hariharan (1): scsi: storvsc: Ratelimit warning logs to prevent VM denial of service Enzo Matsumiya (1): smb: client: fix UAF in async decryption Greg Kroah-Hartman (2): Revert "usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null" Linux 6.1.128 Ido Schimmel (1): ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() Jack Greiner (1): Input: xpad - add support for wooting two he (arm) Jamal Hadi Salim (1): net: sched: fix ets qdisc OOB Indexing Jiri Kosina (1): Revert "HID: multitouch: Add support for lenovo Y9000P Touchpad" K Prateek Nayak (1): softirq: Allow raising SCHED_SOFTIRQ from SMP-call-function on RT kernel Leah Rumancik (1): xfs: up(ic_sema) if flushing data device fails Lianqin Hu (1): ALSA: usb-audio: Add delay quirk for USB Audio Device Linus Walleij (1): seccomp: Stub for !CONFIG_SECCOMP Long Li (2): xfs: factor out xfs_defer_pending_abort xfs: abort intent items when recovery intents fail Luis Henriques (SUSE) (1): ext4: fix access to uninitialised lock in fc replay path Marek Szyprowski (1): ASoC: samsung: midas_wm1811: Fix 'Headphone Switch' control creation Mark Pearson (1): Input: atkbd - map F23 key to support default copilot shortcut Maíra Canal (1): drm/v3d: Assign job pointer to NULL before signaling the fence Nilton Perim Neto (1): Input: xpad - add unofficial Xbox 360 wireless receiver clone Omar Sandoval (1): xfs: fix internal error from AGFL exhaustion Omid Ehtemam-Haghighi (1): ipv6: Fix soft lockups in fib6_select_path under high next hop churn Paulo Alcantara (1): smb: client: fix NULL ptr deref in crypto_aead_setkey() Pavel Begunkov (1): io_uring: fix waiters missing wake ups Philippe Simons (1): irqchip/sunxi-nmi: Add missing SKIP_WAKE flag Qasim Ijaz (1): USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() Tom Chung (1): drm/amd/display: Use HW lock mgr for PSR1 Xiang Zhang (1): scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request

1 month

1
1
0 0

Linux 5.15.178

by Greg Kroah-Hartman

I'm announcing the release of the 5.15.178 kernel. All users of the 5.15 kernel series must upgrade. The updated 5.15.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.15.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 +- drivers/base/regmap/regmap.c | 12 ++++++++++++ drivers/gpu/drm/v3d/v3d_irq.c | 16 ++++++++++++---- drivers/input/joystick/xpad.c | 2 ++ drivers/input/keyboard/atkbd.c | 2 +- drivers/irqchip/irq-sunxi-nmi.c | 3 ++- drivers/net/wireless/intel/iwlwifi/dvm/rs.c | 7 +++++-- drivers/net/wireless/intel/iwlwifi/mvm/rs.c | 9 ++++++--- drivers/platform/chrome/cros_ec_typec.c | 3 +++ drivers/scsi/scsi_transport_iscsi.c | 4 +++- drivers/scsi/storvsc_drv.c | 8 +++++++- drivers/usb/gadget/function/u_serial.c | 8 ++++---- drivers/usb/serial/quatech2.c | 2 +- drivers/vfio/platform/vfio_platform_common.c | 10 ++++++++++ fs/gfs2/file.c | 1 + fs/ntfs3/file.c | 12 ++++++++++-- include/linux/seccomp.h | 2 +- include/net/bluetooth/bluetooth.h | 9 +++++++++ net/bluetooth/rfcomm/sock.c | 14 +++++--------- net/bluetooth/sco.c | 19 ++++++++----------- net/ipv4/ip_tunnel.c | 2 +- net/mptcp/protocol.c | 18 +++++++++--------- net/sched/sch_ets.c | 2 ++ sound/soc/codecs/Kconfig | 1 + sound/soc/samsung/Kconfig | 6 ++++-- sound/usb/quirks.c | 2 ++ 26 files changed, 122 insertions(+), 54 deletions(-) Akihiko Odaki (1): platform/chrome: cros_ec_typec: Check for EC driver Alex Williamson (1): vfio/platform: check the bounds of read/write syscalls Andreas Gruenbacher (1): gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag Anjaneyulu (1): wifi: iwlwifi: add a few rate index validity checks Charles Keepax (3): ASoC: wm8994: Add depends on MFD core ASoC: samsung: Add missing selects for MFD_WM8994 ASoC: samsung: Add missing depends on I2C Cosmin Tanislav (1): regmap: detach regmap from dev on regmap_exit Easwar Hariharan (1): scsi: storvsc: Ratelimit warning logs to prevent VM denial of service Greg Kroah-Hartman (2): Revert "usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null" Linux 5.15.178 Ido Schimmel (1): ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() Jack Greiner (1): Input: xpad - add support for wooting two he (arm) Jamal Hadi Salim (1): net: sched: fix ets qdisc OOB Indexing Konstantin Komarov (1): fs/ntfs3: Additional check in ntfs_file_release Lianqin Hu (1): ALSA: usb-audio: Add delay quirk for USB Audio Device Linus Walleij (1): seccomp: Stub for !CONFIG_SECCOMP Luiz Augusto von Dentz (2): Bluetooth: SCO: Fix not validating setsockopt user input Bluetooth: RFCOMM: Fix not validating setsockopt user input Mark Pearson (1): Input: atkbd - map F23 key to support default copilot shortcut Maíra Canal (1): drm/v3d: Assign job pointer to NULL before signaling the fence Nilton Perim Neto (1): Input: xpad - add unofficial Xbox 360 wireless receiver clone Paolo Abeni (1): mptcp: don't always assume copied data in mptcp_cleanup_rbuf() Philippe Simons (1): irqchip/sunxi-nmi: Add missing SKIP_WAKE flag Qasim Ijaz (1): USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() Xiang Zhang (1): scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request

1 month

1
1
0 0

Linux 5.10.234

by Greg Kroah-Hartman

I'm announcing the release of the 5.10.234 kernel. All users of the 5.10 kernel series must upgrade. The updated 5.10.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.10.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arm64/boot/dts/rockchip/px30.dtsi | 8 + arch/arm64/boot/dts/rockchip/rk3328.dtsi | 4 arch/arm64/boot/dts/rockchip/rk3399.dtsi | 20 ++++ arch/m68k/fpsp040/skeleton.S | 3 arch/m68k/kernel/entry.S | 2 arch/m68k/kernel/traps.c | 2 arch/riscv/kernel/traps.c | 6 - arch/x86/include/asm/special_insns.h | 2 arch/x86/xen/xen-asm.S | 2 block/genhd.c | 13 +- drivers/acpi/resource.c | 18 +++ drivers/block/loop.c | 8 - drivers/block/virtio_blk.c | 2 drivers/block/xen-blkfront.c | 2 drivers/gpio/gpiolib-cdev.c | 2 drivers/gpu/drm/amd/display/dc/dc.h | 2 drivers/gpu/drm/amd/display/dc/dml/dml_inline_defs.h | 8 + drivers/gpu/drm/bridge/adv7511/adv7511.h | 1 drivers/gpu/drm/bridge/adv7511/adv7511_drv.c | 17 +-- drivers/gpu/drm/bridge/adv7511/adv7533.c | 38 ++----- drivers/gpu/drm/drm_mipi_dsi.c | 81 ++++++++++++++++ drivers/gpu/drm/radeon/radeon_gem.c | 2 drivers/gpu/drm/v3d/v3d_irq.c | 12 ++ drivers/i2c/busses/i2c-rcar.c | 20 +++- drivers/i2c/muxes/i2c-demux-pinctrl.c | 4 drivers/iio/adc/at91_adc.c | 2 drivers/iio/adc/rockchip_saradc.c | 2 drivers/iio/adc/ti-ads124s08.c | 4 drivers/iio/adc/ti-ads8688.c | 2 drivers/iio/dummy/iio_simple_dummy_buffer.c | 2 drivers/iio/gyro/fxas21002c_core.c | 9 + drivers/iio/imu/inv_icm42600/inv_icm42600.h | 1 drivers/iio/imu/inv_icm42600/inv_icm42600_core.c | 18 +++ drivers/iio/imu/inv_icm42600/inv_icm42600_spi.c | 3 drivers/iio/imu/kmx61.c | 2 drivers/iio/inkern.c | 2 drivers/iio/light/vcnl4035.c | 2 drivers/iio/pressure/zpa2326.c | 2 drivers/infiniband/hw/hns/hns_roce_main.c | 1 drivers/infiniband/hw/hns/hns_roce_srq.c | 6 - drivers/input/joystick/xpad.c | 2 drivers/input/keyboard/atkbd.c | 2 drivers/irqchip/irq-gic-v3.c | 2 drivers/irqchip/irq-sunxi-nmi.c | 3 drivers/md/dm-ebs-target.c | 2 drivers/md/dm-thin.c | 5 - drivers/md/persistent-data/dm-array.c | 19 ++- drivers/md/raid5.c | 14 +- drivers/net/ethernet/amd/xgbe/xgbe-phy-v2.c | 19 --- drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c | 5 - drivers/net/ethernet/mellanox/mlx5/core/fs_core.c | 95 +++++++++++++++---- drivers/net/ethernet/netronome/nfp/bpf/offload.c | 3 drivers/net/ethernet/ti/cpsw_ale.c | 14 +- drivers/net/gtp.c | 42 +++++--- drivers/net/ieee802154/ca8210.c | 6 + drivers/net/wireless/intel/iwlwifi/dvm/rs.c | 7 + drivers/net/wireless/intel/iwlwifi/mvm/rs.c | 9 + drivers/nvme/host/core.c | 5 - drivers/nvme/target/io-cmd-bdev.c | 2 drivers/pci/controller/pci-host-common.c | 4 drivers/pci/probe.c | 20 ++-- drivers/phy/broadcom/phy-brcm-usb-init-synopsys.c | 53 ++++++++-- drivers/phy/broadcom/phy-brcm-usb-init.h | 1 drivers/phy/broadcom/phy-brcm-usb.c | 8 + drivers/scsi/scsi_transport_iscsi.c | 4 drivers/scsi/sd.c | 9 - drivers/scsi/sg.c | 2 drivers/staging/iio/frequency/ad9832.c | 2 drivers/staging/iio/frequency/ad9834.c | 2 drivers/usb/class/usblp.c | 7 - drivers/usb/core/hub.c | 6 - drivers/usb/core/port.c | 7 - drivers/usb/dwc3/core.h | 1 drivers/usb/dwc3/gadget.c | 4 drivers/usb/gadget/function/f_fs.c | 2 drivers/usb/host/xhci-pci.c | 4 drivers/usb/serial/cp210x.c | 1 drivers/usb/serial/option.c | 4 drivers/usb/serial/quatech2.c | 2 drivers/usb/storage/unusual_devs.h | 7 + drivers/vfio/platform/vfio_platform_common.c | 10 ++ fs/afs/afs.h | 2 fs/afs/afs_vl.h | 1 fs/afs/vl_alias.c | 8 + fs/afs/vlclient.c | 2 fs/ceph/mds_client.c | 9 - fs/exfat/dir.c | 3 fs/file.c | 1 fs/gfs2/file.c | 1 fs/hfs/super.c | 4 fs/jbd2/commit.c | 4 fs/nfsd/filecache.c | 18 ++- fs/nfsd/filecache.h | 1 fs/ocfs2/quota_global.c | 2 fs/ocfs2/quota_local.c | 10 -- fs/proc/vmcore.c | 2 include/drm/drm_mipi_dsi.h | 4 include/linux/blk-cgroup.h | 6 + include/linux/genhd.h | 3 include/linux/hrtimer.h | 1 include/linux/mlx5/device.h | 2 include/linux/mlx5/fs.h | 2 include/linux/poll.h | 10 +- include/linux/seccomp.h | 2 include/linux/usb.h | 3 include/linux/usb/hcd.h | 2 include/net/inet_connection_sock.h | 2 include/net/net_namespace.h | 3 include/net/netfilter/nf_tables.h | 2 kernel/cpu.c | 2 kernel/gen_kheaders.sh | 1 kernel/time/hrtimer.c | 11 ++ mm/vmalloc.c | 3 net/802/psnap.c | 4 net/bluetooth/rfcomm/sock.c | 14 +- net/core/filter.c | 30 +++--- net/core/net_namespace.c | 83 ++++++++++------ net/dccp/ipv6.c | 2 net/ipv4/fou.c | 2 net/ipv4/ip_tunnel.c | 2 net/ipv6/route.c | 2 net/ipv6/tcp_ipv6.c | 4 net/mac802154/iface.c | 4 net/netfilter/nf_conntrack_core.c | 5 - net/netfilter/nf_tables_api.c | 38 ++++++- net/netfilter/nft_dynset.c | 7 + net/sched/cls_flow.c | 3 net/sched/sch_ets.c | 2 net/sctp/sysctl.c | 9 + net/tls/tls_sw.c | 2 net/vmw_vsock/af_vsock.c | 15 +++ net/vmw_vsock/virtio_transport_common.c | 36 +++++-- scripts/sorttable.h | 10 +- sound/soc/codecs/Kconfig | 1 sound/soc/mediatek/common/mtk-afe-platform-driver.c | 4 sound/soc/samsung/Kconfig | 6 - 137 files changed, 813 insertions(+), 354 deletions(-) Aharon Landau (1): net/mlx5: Add priorities for counters in RDMA namespaces Ahmad Fatoum (1): drm: bridge: adv7511: use dev_err_probe in probe function Akash M (1): usb: gadget: f_fs: Remove WARN_ON in functionfs_bind Al Cooper (1): phy: usb: Add "wake on" functionality for newer Synopsis XHCI controllers Al Viro (1): m68k: Update ->thread.esp0 before calling syscall_trace() in ret_from_signal Alex Williamson (1): vfio/platform: check the bounds of read/write syscalls Alvin Šipraga (1): drm: bridge: adv7511: unregister cec i2c device after cec adapter Andreas Gruenbacher (1): gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag André Draszik (1): usb: dwc3: gadget: fix writing NYET threshold Anjaneyulu (1): wifi: iwlwifi: add a few rate index validity checks Antonio Pastor (1): net: 802: LLC+SNAP OID:PID lookup on start of skb data Anumula Murali Mohan Reddy (1): cxgb4: Avoid removal of uninserted tid Arnd Bergmann (1): xhci: use pm_ptr() instead of #ifdef for CONFIG_PM conditionals Benjamin Coddington (1): tls: Fix tls_sw_sendmsg error handling Biju Das (1): drm: adv7511: Fix use-after-free in adv7533_attach_dsi() Carlos Song (1): iio: gyro: fxas21002c: Fix missing data update in trigger handler Charles Keepax (3): ASoC: wm8994: Add depends on MFD core ASoC: samsung: Add missing selects for MFD_WM8994 ASoC: samsung: Add missing depends on I2C Chen-Yu Tsai (1): ASoC: mediatek: disable buffer pre-allocation Chengchang Tang (1): RDMA/hns: Fix deadlock on SRQ async events. Christoph Hellwig (4): loop: let set_capacity_revalidate_and_notify update the bdev size nvme: let set_capacity_revalidate_and_notify update the bdev size sd: update the bdev size in sd_revalidate_disk block: remove the update_bdev parameter to set_capacity_revalidate_and_notify Chukun Pan (1): USB: serial: option: add MeiG Smart SRM815 Dan Carpenter (1): nfp: bpf: prevent integer overflow in nfp_bpf_event_output() David Howells (2): afs: Fix the maximum cell name length kheaders: Ignore silly-rename files Dennis Lam (1): ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv Eric Dumazet (4): net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute net: add exit_batch_rtnl() method gtp: use exit_batch_rtnl() method ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() Eric W. Biederman (1): signal/m68k: Use force_sigsegv(SIGSEGV) in fpsp040_die Fabio Estevam (1): iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() Greg Kroah-Hartman (2): Revert "usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null" Linux 5.10.234 Gui-Dong Han (1): md/raid5: fix atomicity violation in raid5_cache_count Hans de Goede (2): ACPI: resource: Add TongFang GM5HG0A to irq1_edge_low_force_override[] ACPI: resource: Add Asus Vivobook X1504VAP to irq1_level_low_skip_override[] Heiner Kallweit (1): net: ethernet: xgbe: re-add aneg to supported features in PHY quirks Ido Schimmel (1): ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() Jack Greiner (1): Input: xpad - add support for wooting two he (arm) Jamal Hadi Salim (1): net: sched: fix ets qdisc OOB Indexing Jason Xing (1): tcp/dccp: complete lockless accesses to sk->sk_max_ack_backlog Javier Carrasco (6): iio: pressure: zpa2326: fix information leak in triggered buffer iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer iio: light: vcnl4035: fix information leak in triggered buffer iio: imu: kmx61: fix information leak in triggered buffer iio: adc: ti-ads8688: fix information leak in triggered buffer iio: adc: rockchip_saradc: fix information leak in triggered buffer Jean-Baptiste Maneyrol (2): iio: imu: inv_icm42600: fix spi burst write not supported iio: imu: inv_icm42600: fix timestamps after suspend if sensor is on Joe Hattori (2): iio: adc: at91: call input_free_device() on allocated iio_dev iio: inkern: call iio_device_put() only on mapped devices Johan Hovold (1): USB: serial: cp210x: add Phoenix Contact UPS Device Johan Jonker (1): arm64: dts: rockchip: add #power-domain-cells to power domain nodes Joseph Qi (1): ocfs2: correct return value of ocfs2_local_free_info() Juergen Gross (2): x86/asm: Make serialize() always_inline x86/xen: fix SLS mitigation in xen_hypercall_iret() Jun Yan (1): USB: usblp: return error when setting unsupported protocol Justin Chen (3): phy: usb: Toggle the PHY power during init phy: usb: Use slow clock for wake enabled suspend phy: usb: Fix clock imbalance for suspend/resume Kai-Heng Feng (1): USB: core: Disable LPM only for non-suspended ports Keisuke Nishimura (1): ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() Koichiro Den (1): hrtimers: Handle CPU state correctly on hotplug Krister Johansen (1): dm thin: make get_first_thin use rcu-safe list first function Kuan-Wei Chiu (1): scripts/sorttable: fix orc_sort_cmp() to maintain symmetry and transitivity Kuniyuki Iwashima (2): gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp(). gtp: Destroy device along with udp socket's netns dismantle. Leo Stone (1): hfs: Sanity check the root record Lianqin Hu (1): usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null Linus Walleij (1): seccomp: Stub for !CONFIG_SECCOMP Lizhi Xu (1): mac802154: check local interfaces before deleting sdata list Lubomir Rintel (1): usb-storage: Add max sectors quirk for Nokia 208 Luis Chamberlain (1): nvmet: propagate npwg topology Luiz Augusto von Dentz (1): Bluetooth: RFCOMM: Fix not validating setsockopt user input Ma Ke (1): usb: fix reference leak in usb_new_device() Maor Gottlieb (1): net/mlx5: Refactor mlx5_get_flow_namespace Mark Pearson (1): Input: atkbd - map F23 key to support default copilot shortcut Matthew Wilcox (Oracle) (1): vmalloc: fix accounting with i915 Matthieu Baerts (NGI0) (3): sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy sctp: sysctl: auth_enable: avoid using current->nsproxy sctp: sysctl: rto_min/max: avoid using current->nsproxy Max Kellermann (1): ceph: give up on paths longer than PATH_MAX Maxime Ripard (3): drm/mipi-dsi: Create devm device registration drm/mipi-dsi: Create devm device attachment drm/bridge: adv7533: Switch to devm MIPI-DSI helpers Maíra Canal (2): drm/v3d: Ensure job pointer is set to NULL after job completion drm/v3d: Assign job pointer to NULL before signaling the fence Melissa Wen (1): drm/amd/display: increase MAX_SURFACES to the value supported by hw Michal Hrusecky (1): USB: serial: option: add Neoway N723-EA support Michal Luczaj (1): bpf: Fix bpf_sk_select_reuseport() memory leak Mikulas Patocka (1): dm-ebs: don't set the flag DM_TARGET_PASSES_INTEGRITY Ming-Hung Tsai (3): dm array: fix releasing a faulty array block twice in dm_array_cursor_end dm array: fix unreleased btree blocks on closing a faulty array cursor dm array: fix cursor index when skipping across block boundaries Nam Cao (1): riscv: Fix sleeping in invalid context in die() Nilton Perim Neto (1): Input: xpad - add unofficial Xbox 360 wireless receiver clone Oleg Nesterov (1): poll_wait: add mb() to fix theoretical race between waitqueue_active() and .poll() Pablo Neira Ayuso (3): netfilter: nft_dynset: honor stateful expressions in set definition netfilter: nf_tables: imbalance in flowtable binding netfilter: conntrack: clamp maximum hashtable size to INT_MAX Patrisious Haddad (1): net/mlx5: Fix RDMA TX steering prio Peter Geis (1): arm64: dts: rockchip: add hevc power domain clock to rk3328 Philippe Simons (1): irqchip/sunxi-nmi: Add missing SKIP_WAKE flag Pierre-Eric Pelloux-Prayer (1): drm/radeon: check bo_va->bo is non-NULL before using it Qasim Ijaz (1): USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() Rik van Riel (1): fs/proc: fix softlockup in __read_vmcore (part 2) Roman Li (1): drm/amd/display: Add check for granularity in dml ceil/floor helpers Ron Economos (1): Partial revert of xhci: use pm_ptr() instead #ifdef for CONFIG_PM conditionals Stefano Garzarella (4): vsock/virtio: cancel close work in the destructor vsock: reset socket state when de-assigning the transport vsock/virtio: discard packets if the transport changes vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] Sudheer Kumar Doredla (1): net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field() Suraj Sonawane (1): scsi: sg: Fix slab-use-after-free read in sg_release() Tejun Heo (1): blk-cgroup: Fix UAF in blkcg_unpin_online() Terry Tritton (1): Revert "PCI: Use preserve_config in place of pci_flags" Wang Liang (1): net: fix data-races around sk->sk_forward_alloc Willem de Bruijn (1): fou: remove warn in gue_gro_receive on unsupported protocol Wolfram Sang (2): i2c: mux: demux-pinctrl: check initial mux selection, too i2c: rcar: fix NACK handling when being a target Xiang Zhang (1): scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request Xu Wang (1): drm: bridge: adv7511: Remove redundant null check before clk_disable_unprepare Yajun Deng (1): net: net_namespace: Optimize the code Yogesh Lal (1): irqchip/gic-v3: Handle CPU_PM_ENTER_FAILED correctly Youzhong Yang (1): nfsd: add list_head nf_gc to struct nfsd_file Yuezhang Mo (1): exfat: fix the infinite loop in exfat_readdir() Zhang Kunbo (1): fs: fix missing declaration of init_files Zhang Yi (1): jbd2: flush filesystem device before updating tail sequence Zhongqiu Duan (1): tcp/dccp: allow a connection when sk_max_ack_backlog is zero Zhongqiu Han (1): gpiolib: cdev: Fix use after free in lineinfo_changed_notify Zicheng Qu (2): staging: iio: ad9834: Correct phase range check staging: iio: ad9832: Correct phase range check

1 month

1
1
0 0

Linux 5.4.290

by Greg Kroah-Hartman

I'm announcing the release of the 5.4.290 kernel. All users of the 5.4 kernel series must upgrade. The updated 5.4.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.4.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arm64/boot/dts/rockchip/px30.dtsi | 8 + arch/arm64/boot/dts/rockchip/rk3328.dtsi | 4 arch/arm64/boot/dts/rockchip/rk3399.dtsi | 40 ++++++--- arch/m68k/fpsp040/skeleton.S | 3 arch/m68k/kernel/entry.S | 2 arch/m68k/kernel/sys_m68k.c | 2 arch/m68k/kernel/traps.c | 2 drivers/acpi/resource.c | 18 ++++ drivers/gpu/drm/amd/display/dc/dc.h | 2 drivers/gpu/drm/amd/display/dc/dml/dml_inline_defs.h | 8 + drivers/gpu/drm/v3d/v3d_irq.c | 12 ++ drivers/i2c/muxes/i2c-demux-pinctrl.c | 4 drivers/iio/adc/at91_adc.c | 2 drivers/iio/adc/ti-ads124s08.c | 4 drivers/iio/adc/ti-ads8688.c | 2 drivers/iio/dummy/iio_simple_dummy_buffer.c | 2 drivers/iio/gyro/fxas21002c_core.c | 9 +- drivers/iio/imu/kmx61.c | 2 drivers/iio/inkern.c | 2 drivers/iio/light/vcnl4035.c | 2 drivers/iio/pressure/zpa2326.c | 2 drivers/input/joystick/xpad.c | 2 drivers/input/keyboard/atkbd.c | 2 drivers/irqchip/irq-gic-v3.c | 2 drivers/irqchip/irq-sunxi-nmi.c | 3 drivers/md/dm-thin.c | 5 - drivers/md/persistent-data/dm-array.c | 19 ++-- drivers/net/ethernet/amd/xgbe/xgbe-phy-v2.c | 19 ---- drivers/net/ethernet/netronome/nfp/bpf/offload.c | 3 drivers/net/ethernet/ti/cpsw_ale.c | 14 +-- drivers/net/gtp.c | 42 +++++---- drivers/net/ieee802154/ca8210.c | 6 + drivers/net/xen-netback/hash.c | 7 - drivers/nvme/target/io-cmd-bdev.c | 2 drivers/phy/phy-core.c | 7 - drivers/scsi/scsi_transport_iscsi.c | 4 drivers/scsi/sg.c | 2 drivers/staging/iio/frequency/ad9832.c | 2 drivers/staging/iio/frequency/ad9834.c | 2 drivers/usb/class/usblp.c | 7 - drivers/usb/core/hub.c | 6 - drivers/usb/core/port.c | 7 - drivers/usb/gadget/function/f_fs.c | 2 drivers/usb/serial/cp210x.c | 1 drivers/usb/serial/option.c | 4 drivers/usb/serial/quatech2.c | 2 drivers/usb/storage/unusual_devs.h | 7 + drivers/vfio/platform/vfio_platform_common.c | 10 ++ fs/ext4/ext4.h | 1 fs/ext4/extents.c | 64 ++++++++++++-- fs/gfs2/file.c | 1 fs/hfs/super.c | 4 fs/jbd2/commit.c | 4 fs/ocfs2/quota_global.c | 2 fs/ocfs2/quota_local.c | 10 -- fs/proc/vmcore.c | 2 include/linux/hrtimer.h | 1 include/linux/poll.h | 10 ++ include/linux/usb.h | 3 include/linux/usb/hcd.h | 2 include/net/inet_connection_sock.h | 2 include/net/net_namespace.h | 3 kernel/cpu.c | 2 kernel/gen_kheaders.sh | 1 kernel/time/hrtimer.c | 11 ++ net/802/psnap.c | 4 net/core/net_namespace.c | 83 ++++++++++++------- net/dccp/ipv6.c | 2 net/ipv6/route.c | 2 net/ipv6/tcp_ipv6.c | 4 net/mac802154/iface.c | 4 net/sched/cls_flow.c | 3 net/sctp/sysctl.c | 9 +- net/tls/tls_sw.c | 2 sound/soc/codecs/Kconfig | 1 76 files changed, 387 insertions(+), 173 deletions(-) Akash M (1): usb: gadget: f_fs: Remove WARN_ON in functionfs_bind Al Viro (1): m68k: Update ->thread.esp0 before calling syscall_trace() in ret_from_signal Alex Williamson (1): vfio/platform: check the bounds of read/write syscalls Andreas Gruenbacher (1): gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag Antonio Pastor (1): net: 802: LLC+SNAP OID:PID lookup on start of skb data Arnd Bergmann (1): xhci: use pm_ptr() instead of #ifdef for CONFIG_PM conditionals Baokun Li (1): ext4: fix slab-use-after-free in ext4_split_extent_at() Benjamin Coddington (1): tls: Fix tls_sw_sendmsg error handling Carlos Song (1): iio: gyro: fxas21002c: Fix missing data update in trigger handler Charles Keepax (1): ASoC: wm8994: Add depends on MFD core Chukun Pan (1): USB: serial: option: add MeiG Smart SRM815 Dan Carpenter (1): nfp: bpf: prevent integer overflow in nfp_bpf_event_output() David Howells (1): kheaders: Ignore silly-rename files Dennis Lam (1): ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv Eric Dumazet (4): net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute net: add exit_batch_rtnl() method gtp: use exit_batch_rtnl() method ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() Eric W. Biederman (1): signal/m68k: Use force_sigsegv(SIGSEGV) in fpsp040_die Fabio Estevam (1): iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() Greg Kroah-Hartman (2): Revert "usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null" Linux 5.4.290 Hans de Goede (2): ACPI: resource: Add TongFang GM5HG0A to irq1_edge_low_force_override[] ACPI: resource: Add Asus Vivobook X1504VAP to irq1_level_low_skip_override[] Heiner Kallweit (1): net: ethernet: xgbe: re-add aneg to supported features in PHY quirks Jack Greiner (1): Input: xpad - add support for wooting two he (arm) Jason Xing (1): tcp/dccp: complete lockless accesses to sk->sk_max_ack_backlog Javier Carrasco (5): iio: pressure: zpa2326: fix information leak in triggered buffer iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer iio: light: vcnl4035: fix information leak in triggered buffer iio: imu: kmx61: fix information leak in triggered buffer iio: adc: ti-ads8688: fix information leak in triggered buffer Jeongjun Park (1): net/xen-netback: prevent UAF in xenvif_flush_hash() Joe Hattori (2): iio: adc: at91: call input_free_device() on allocated iio_dev iio: inkern: call iio_device_put() only on mapped devices Johan Hovold (1): USB: serial: cp210x: add Phoenix Contact UPS Device Johan Jonker (3): arm64: dts: rockchip: fix defines in pd_vio node for rk3399 arm64: dts: rockchip: fix pd_tcpc0 and pd_tcpc1 node position on rk3399 arm64: dts: rockchip: add #power-domain-cells to power domain nodes Joseph Qi (1): ocfs2: correct return value of ocfs2_local_free_info() Jun Yan (1): USB: usblp: return error when setting unsupported protocol Kai-Heng Feng (1): USB: core: Disable LPM only for non-suspended ports Keisuke Nishimura (1): ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() Koichiro Den (1): hrtimers: Handle CPU state correctly on hotplug Krister Johansen (1): dm thin: make get_first_thin use rcu-safe list first function Kuniyuki Iwashima (2): gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp(). gtp: Destroy device along with udp socket's netns dismantle. Leo Stone (1): hfs: Sanity check the root record Liam Howlett (1): m68k: Add missing mmap_read_lock() to sys_cacheflush() Lianqin Hu (1): usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null Lizhi Xu (1): mac802154: check local interfaces before deleting sdata list Lubomir Rintel (1): usb-storage: Add max sectors quirk for Nokia 208 Luis Chamberlain (1): nvmet: propagate npwg topology Ma Ke (1): usb: fix reference leak in usb_new_device() Madhuparna Bhowmik (1): net: xen-netback: hash.c: Use built-in RCU list checking Mark Pearson (1): Input: atkbd - map F23 key to support default copilot shortcut Matthieu Baerts (NGI0) (3): sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy sctp: sysctl: auth_enable: avoid using current->nsproxy sctp: sysctl: rto_min/max: avoid using current->nsproxy Maíra Canal (2): drm/v3d: Ensure job pointer is set to NULL after job completion drm/v3d: Assign job pointer to NULL before signaling the fence Melissa Wen (1): drm/amd/display: increase MAX_SURFACES to the value supported by hw Michal Hrusecky (1): USB: serial: option: add Neoway N723-EA support Ming-Hung Tsai (3): dm array: fix releasing a faulty array block twice in dm_array_cursor_end dm array: fix unreleased btree blocks on closing a faulty array cursor dm array: fix cursor index when skipping across block boundaries Nilton Perim Neto (1): Input: xpad - add unofficial Xbox 360 wireless receiver clone Oleg Nesterov (1): poll_wait: add mb() to fix theoretical race between waitqueue_active() and .poll() Peter Geis (1): arm64: dts: rockchip: add hevc power domain clock to rk3328 Philippe Simons (1): irqchip/sunxi-nmi: Add missing SKIP_WAKE flag Qasim Ijaz (1): USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() Rik van Riel (1): fs/proc: fix softlockup in __read_vmcore (part 2) Roman Li (1): drm/amd/display: Add check for granularity in dml ceil/floor helpers Ron Economos (1): Partial revert of xhci: use pm_ptr() instead #ifdef for CONFIG_PM conditionals Sudheer Kumar Doredla (1): net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field() Suraj Sonawane (1): scsi: sg: Fix slab-use-after-free read in sg_release() Theodore Ts'o (1): ext4: avoid ext4_error()'s caused by ENOMEM in the truncate path Vinod Koul (1): phy: core: fix code style in devm_of_phy_provider_unregister Wang Liang (1): net: fix data-races around sk->sk_forward_alloc Wolfram Sang (1): i2c: mux: demux-pinctrl: check initial mux selection, too Xiang Zhang (1): scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request Yajun Deng (1): net: net_namespace: Optimize the code Yogesh Lal (1): irqchip/gic-v3: Handle CPU_PM_ENTER_FAILED correctly Zhang Yi (1): jbd2: flush filesystem device before updating tail sequence Zhongqiu Duan (1): tcp/dccp: allow a connection when sk_max_ack_backlog is zero Zicheng Qu (2): staging: iio: ad9834: Correct phase range check staging: iio: ad9832: Correct phase range check Zijun Hu (1): phy: core: Fix that API devm_of_phy_provider_unregister() fails to unregister the phy provider

1 month

1
1
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror February 2025