February 2025 - Linux-stable-mirror

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.13.5 release. There are 137 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu, 27 Feb 2025 06:47:33 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.13.5-rc2… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.13.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.13.5-rc2 Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: bump version for RV/PCO compute fix Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu/gfx9: manually control gfxoff for CS on RV Kory Maincent <kory.maincent(a)bootlin.com> net: pse-pd: Fix deadlock in current limit functions Steven Rostedt <rostedt(a)goodmis.org> tracing: Fix using ret variable in tracing_set_tracer() Arnd Bergmann <arnd(a)arndb.de> drm: select DRM_KMS_HELPER from DRM_GEM_SHMEM_HELPER Steven Rostedt <rostedt(a)goodmis.org> ftrace: Do not add duplicate entries in subops manager ops Steven Rostedt <rostedt(a)goodmis.org> ftrace: Fix accounting of adding subops to a manager ops Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> ftrace: Correct preemption accounting for function tracing. Komal Bajaj <quic_kbajaj(a)quicinc.com> EDAC/qcom: Correct interrupt enable register configuration Haoxiang Li <haoxiang_li2024(a)163.com> smb: client: Add check for next_buffer in receive_encrypted_standard() Marc Zyngier <maz(a)kernel.org> irqchip/gic-v3: Fix rk3399 workaround when secure interrupts are enabled Kan Liang <kan.liang(a)linux.intel.com> perf/x86/intel: Fix event constraints for LNC Niravkumar L Rabara <niravkumar.l.rabara(a)intel.com> mtd: rawnand: cadence: fix incorrect device in dma_unmap_single Niravkumar L Rabara <niravkumar.l.rabara(a)intel.com> mtd: rawnand: cadence: use dma_map_resource for sdma address Niravkumar L Rabara <niravkumar.l.rabara(a)intel.com> mtd: rawnand: cadence: fix error code in cadence_nand_init() Amit Kumar Mahapatra <amit.kumar-mahapatra(a)amd.com> mtd: spi-nor: sst: Fix SST write failure Ricardo Cañuelo Navarro <rcn(a)igalia.com> mm,madvise,hugetlb: check for 0-length range after end address adjustment Christian Brauner <brauner(a)kernel.org> acct: block access to kernel internal filesystems Christian Brauner <brauner(a)kernel.org> acct: perform last write from workqueue Peter Ujfalusi <peter.ujfalusi(a)linux.intel.com> ASoC: SOF: pcm: Clear the susbstream pointer to NULL on close John Veness <john-linux(a)pelago.org.uk> ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED Wentao Liang <vulab(a)iscas.ac.cn> ALSA: hda: Add error check for snd_ctl_rename_id() in snd_hda_create_dig_out_ctls() Nikita Zhandarovich <n.zhandarovich(a)fintech.ru> ASoC: fsl_micfil: Enable default case in micfil_set_quality() Peter Ujfalusi <peter.ujfalusi(a)linux.intel.com> ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() Joshua Washington <joshwash(a)google.com> gve: set xdp redirect target only when it is available Haoxiang Li <haoxiang_li2024(a)163.com> nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() Hyeonggon Yoo <42.hyeyoo(a)gmail.com> mm/zswap: fix inconsistency when zswap_store_page() fails Paulo Alcantara <pc(a)manguebit.com> smb: client: fix chmod(2) regression with ATTR_READONLY Pavel Begunkov <asml.silence(a)gmail.com> lib/iov_iter: fix import_iovec_ubuf iovec management Darrick J. Wong <djwong(a)kernel.org> xfs: fix online repair probing when CONFIG_XFS_ONLINE_REPAIR=n Heiko Carstens <hca(a)linux.ibm.com> s390/boot: Fix ESSA detection Haoxiang Li <haoxiang_li2024(a)163.com> soc: loongson: loongson2_guts: Add check for devm_kstrdup() Johan Korsnes <johan.korsnes(a)remarkable.no> gpio: vf610: add locking to gpio direction functions Lukasz Czechowski <lukasz.czechowski(a)thaumatec.com> arm64: dts: rockchip: Disable DMA for uart5 on px30-ringneck Lukasz Czechowski <lukasz.czechowski(a)thaumatec.com> arm64: dts: rockchip: Move uart5 pin configuration to px30 ringneck SoM Alexander Shiyan <eagle.alexander923(a)gmail.com> arm64: dts: rockchip: Fix broken tsadc pinctrl names for rk3588 Tianling Shen <cnsztl(a)gmail.com> arm64: dts: rockchip: change eth phy mode to rgmii-id for orangepi r1 plus lts David Hildenbrand <david(a)redhat.com> mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize() Gavrilov Ilia <Ilia.Gavrilov(a)infotecs.ru> drop_monitor: fix incorrect initialization order Sumit Garg <sumit.garg(a)linaro.org> tee: optee: Fix supplicant wait loop Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> gpiolib: protect gpio_chip with SRCU in array_info paths in multi get/set Pavel Begunkov <asml.silence(a)gmail.com> io_uring: prevent opcode speculation Pavel Begunkov <asml.silence(a)gmail.com> io_uring/rw: forbid multishot async reads Imre Deak <imre.deak(a)intel.com> drm/i915/dsi: Use TRANS_DDI_FUNC_CTL's own port width macro Krzysztof Karas <krzysztof.karas(a)intel.com> drm/i915/gt: Use spin_lock_irqsave() in interruptible context Imre Deak <imre.deak(a)intel.com> drm/i915/ddi: Fix HDMI port width programming in DDI_BUF_CTL Imre Deak <imre.deak(a)intel.com> drm/i915/dp: Fix error handling during 128b/132b link training Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/i915: Make sure all planes in use by the joiner have their crtc included Jessica Zhang <quic_jesszhan(a)quicinc.com> drm/msm/dpu: Disable dither in phys encoder cleanup Abhinav Kumar <quic_abhinavk(a)quicinc.com> drm/msm/dp: account for widebus and yuv420 during mode validation Hugo Villeneuve <hvilleneuve(a)dimonoff.com> drm: panel: jd9365da-h3: fix reset signal polarity Mathieu Desnoyers <mathieu.desnoyers(a)efficios.com> sched: Compact RSEQ concurrency IDs with reduced threads and affinity Artur Rojek <contact(a)artur-rojek.eu> irqchip/jcore-aic, clocksource/drivers/jcore: Fix jcore-pit interrupt request Aaron Kling <webgeek1234(a)gmail.com> drm/nouveau/pmu: Fix gp10b firmware guard Yan Zhai <yan(a)cloudflare.com> bpf: skip non exist keys in generic_map_lookup_batch Caleb Sander Mateos <csander(a)purestorage.com> nvme/ioctl: add missing space in err message Caleb Sander Mateos <csander(a)purestorage.com> nvme-tcp: fix connect failure on receiving partial ICResp PDU Damien Le Moal <dlemoal(a)kernel.org> nvme: tcp: Fix compilation warning with W=1 Hannes Reinecke <hare(a)kernel.org> nvmet: Fix crash when a namespace is disabled Lucas De Marchi <lucas.demarchi(a)intel.com> drm/xe: Fix error handling in xe_irq_install() Ilia Levi <ilia.levi(a)intel.com> drm/xe/irq: Separate MSI and MSI-X flows Ilia Levi <ilia.levi(a)intel.com> drm/xe: Make irq enabled flag atomic Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> drm/msm/dsi/phy: Do not overwite PHY_CMN_CLK_CFG1 when choosing bitclk source Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> drm/msm/dsi/phy: Protect PHY_CMN_CLK_CFG1 against clock driver Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> drm/msm/dsi/phy: Protect PHY_CMN_CLK_CFG0 updated from driver side Marijn Suijten <marijn.suijten(a)somainline.org> drm/msm/dpu: Don't leak bits_per_component into random DSC_ENC fields Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/msm/dpu: enable DPU_WB_INPUT_CTRL for DPU 5.x Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/msm/dpu: skip watchdog timer programming through TOP on >= SM8450 Rob Clark <robdclark(a)chromium.org> drm/msm: Avoid rounding up to one jiffy David Hildenbrand <david(a)redhat.com> nouveau/svm: fix missing folio unlock + put after make_device_exclusive_range() Geert Uytterhoeven <geert+renesas(a)glider.be> platform: cznic: CZNIC_PLATFORMS should depend on ARCH_MVEBU Geert Uytterhoeven <geert+renesas(a)glider.be> firmware: imx: IMX_SCMI_MISC_DRV should depend on ARCH_MXC Bart Van Assche <bvanassche(a)acm.org> md/raid*: Fix the set_queue_limits implementations Peng Fan <peng.fan(a)nxp.com> firmware: arm_scmi: imx: Correct tx size of scmi_imx_misc_ctrl_set Patrick Wildt <patrick(a)blueri.se> arm64: dts: rockchip: adjust SMMU interrupt type on rk3588 Alan Maguire <alan.maguire(a)oracle.com> bpf: Fix softlockup in arena_map_free on 64k page kernel Kuniyuki Iwashima <kuniyu(a)amazon.com> net: Add rx_skb of kfree_skb to raw_tp_null_args[]. Chris Morgan <macromorgan(a)hotmail.com> power: supply: axp20x_battery: Fix fault handling for AXP717 Andrey Vatoropin <a.vatoropin(a)crpt.ru> power: supply: da9150-fg: fix potential overflow Andy Yan <andyshrk(a)163.com> arm64: dts: rockchip: Fix lcdpwr_en pin for Cool Pi GenBook Heiko Stuebner <heiko(a)sntech.de> arm64: dts: rockchip: fix fixed-regulator renames on rk3399-gru devices Abel Wu <wuyun.abel(a)bytedance.com> bpf: Fix deadlock when freeing cgroup storage Jiayuan Chen <mrpre(a)163.com> bpf: Disable non stream socket for strparser Andrii Nakryiko <andrii(a)kernel.org> bpf: avoid holding freeze_mutex during mmap operation Andrii Nakryiko <andrii(a)kernel.org> bpf: unify VM_WRITE vs VM_MAYWRITE use in BPF map mmaping logic Shigeru Yoshida <syoshida(a)redhat.com> bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type() Gary Guo <gary(a)garyguo.net> rust: cleanup unnecessary casts Gary Guo <gary(a)garyguo.net> rust: map `long` to `isize` and `char` to `u8` Miguel Ojeda <ojeda(a)kernel.org> rust: finish using custom FFI integer types Paolo Abeni <pabeni(a)redhat.com> net: allow small head cache usage with large MAX_SKB_FRAGS values Sabrina Dubroca <sd(a)queasysnail.net> tcp: drop secpath at the same time as we currently drop dst Nick Hu <nick.hu(a)sifive.com> net: axienet: Set mac_managed_pm Breno Leitao <leitao(a)debian.org> arp: switch to dev_getbyhwaddr() in arp_req_set_public() Breno Leitao <leitao(a)debian.org> net: Add non-RCU dev_getbyhwaddr() helper Cong Wang <xiyou.wangcong(a)gmail.com> flow_dissector: Fix port range key handling in BPF conversion Cong Wang <xiyou.wangcong(a)gmail.com> flow_dissector: Fix handling of mixed port and port-range keys Kuniyuki Iwashima <kuniyu(a)amazon.com> geneve: Suppress list corruption splat in geneve_destroy_tunnels(). Kuniyuki Iwashima <kuniyu(a)amazon.com> gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl(). Kory Maincent <kory.maincent(a)bootlin.com> net: pse-pd: pd692x0: Fix power limit retrieval Kory Maincent <kory.maincent(a)bootlin.com> net: pse-pd: Use power limit at driver side instead of current limit Kory Maincent <kory.maincent(a)bootlin.com> net: pse-pd: Avoid setting max_uA in regulator constraints Jakub Kicinski <kuba(a)kernel.org> tcp: adjust rcvq_space after updating scaling ratio Michal Luczaj <mhal(a)rbox.co> vsock/bpf: Warn on socket without transport Michal Luczaj <mhal(a)rbox.co> sockmap, vsock: For connectible sockets allow only connected Nick Child <nnac123(a)linux.ibm.com> ibmvnic: Don't reference skb after sending to VIOS Julian Ruess <julianr(a)linux.ibm.com> s390/ism: add release function for struct device Takashi Iwai <tiwai(a)suse.de> ALSA: seq: Drop UMP events when no UMP-conversion is set Pierre Riteau <pierre(a)stackhpc.com> net/sched: cls_api: fix error handling causing NULL dereference Vitaly Rodionov <vitalyr(a)opensource.cirrus.com> ALSA: hda/cirrus: Correct the full scale volume set logic Kuniyuki Iwashima <kuniyu(a)amazon.com> geneve: Fix use-after-free in geneve_find_dev(). Junnan Wu <junnan01.wu(a)samsung.com> vsock/virtio: fix variables initialization during resuming Shengjiu Wang <shengjiu.wang(a)nxp.com> ASoC: imx-audmix: remove cpu_mclk which is from cpu dai device Christophe Leroy <christophe.leroy(a)csgroup.eu> powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC Kailang Yang <kailang(a)realtek.com> ALSA: hda/realtek: Fixup ALC225 depop procedure Christophe Leroy <christophe.leroy(a)csgroup.eu> powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as static inline Christophe Leroy <christophe.leroy(a)csgroup.eu> powerpc/code-patching: Disable KASAN report during patching via temporary mm Peter Ujfalusi <peter.ujfalusi(a)linux.intel.com> ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers John Keeping <jkeeping(a)inmusicbrands.com> ASoC: rockchip: i2s-tdm: fix shift config for SND_SOC_DAIFMT_DSP_[AB] Jill Donahue <jilliandonahue58(a)gmail.com> USB: gadget: f_midi: f_midi_complete to call queue_work Steven Rostedt <rostedt(a)goodmis.org> tracing: Have the error of __tracing_resize_ring_buffer() passed to user Steven Rostedt <rostedt(a)goodmis.org> tracing: Switch trace.c code over to use guard() Lancelot SIX <lancelot.six(a)amd.com> drm/amdkfd: Ensure consistent barrier state saved in gfx12 trap handler Jay Cornwall <jay.cornwall(a)amd.com> drm/amdkfd: Move gfx12 trap handler to separate file Takashi Iwai <tiwai(a)suse.de> PCI: Restore original INTX_DISABLE bit by pcim_intx() Philipp Stanner <pstanner(a)redhat.com> PCI: Remove devres from pci_intx() Philipp Stanner <pstanner(a)redhat.com> PCI: Export pci_intx_unmanaged() and pcim_intx() Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> serial: sh-sci: Increment the runtime usage counter for the earlycon device Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> serial: sh-sci: Clean sci_ports[0] after at earlycon exit Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> serial: sh-sci: Move runtime PM enable to sci_probe_single() Zijun Hu <quic_zijuhu(a)quicinc.com> Bluetooth: qca: Fix poor RF performance for WCN6855 Cheng Jiang <quic_chejiang(a)quicinc.com> Bluetooth: qca: Update firmware-name to support board specific nvm loanchen <lo-an.chen(a)amd.com> drm/amd/display: Correct register address in dcn35 Charlene Liu <Charlene.Liu(a)amd.com> drm/amd/display: update dcn351 used clock offset Qu Wenruo <wqu(a)suse.com> btrfs: fix double accounting race when extent_writepage_io() failed Qu Wenruo <wqu(a)suse.com> btrfs: fix double accounting race when btrfs_run_delalloc_range() failed David Sterba <dsterba(a)suse.com> btrfs: use btrfs_inode in extent_writepage() John Starks <jostarks(a)microsoft.com> Drivers: hv: vmbus: Log on missing offers if any ------------- Diffstat: Makefile | 4 +- .../boot/dts/rockchip/px30-ringneck-haikou.dts | 1 - arch/arm64/boot/dts/rockchip/px30-ringneck.dtsi | 6 + .../dts/rockchip/rk3328-orangepi-r1-plus-lts.dts | 3 +- .../boot/dts/rockchip/rk3328-orangepi-r1-plus.dts | 1 + .../boot/dts/rockchip/rk3328-orangepi-r1-plus.dtsi | 1 - .../boot/dts/rockchip/rk3399-gru-chromebook.dtsi | 8 +- .../boot/dts/rockchip/rk3399-gru-scarlet.dtsi | 6 +- arch/arm64/boot/dts/rockchip/rk3399-gru.dtsi | 22 +- arch/arm64/boot/dts/rockchip/rk3588-base.dtsi | 22 +- .../dts/rockchip/rk3588-coolpi-cm5-genbook.dts | 4 +- arch/powerpc/include/asm/book3s/64/hash-4k.h | 12 +- arch/powerpc/lib/code-patching.c | 4 +- arch/s390/boot/startup.c | 2 +- arch/x86/events/intel/core.c | 20 +- arch/x86/events/intel/ds.c | 2 +- drivers/bluetooth/btqca.c | 118 +- drivers/clocksource/jcore-pit.c | 15 +- drivers/edac/qcom_edac.c | 4 +- .../firmware/arm_scmi/vendors/imx/imx-sm-misc.c | 4 +- drivers/firmware/imx/Kconfig | 1 + drivers/gpio/gpio-vf610.c | 4 + drivers/gpio/gpiolib.c | 48 +- drivers/gpio/gpiolib.h | 4 +- drivers/gpu/drm/Kconfig | 3 + drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c | 3 +- drivers/gpu/drm/amd/amdgpu/gfx_v9_0.c | 32 +- drivers/gpu/drm/amd/amdkfd/cwsr_trap_handler.h | 3 +- .../gpu/drm/amd/amdkfd/cwsr_trap_handler_gfx10.asm | 202 +--- .../gpu/drm/amd/amdkfd/cwsr_trap_handler_gfx12.asm | 1130 ++++++++++++++++++++ drivers/gpu/drm/amd/display/dc/clk_mgr/Makefile | 2 +- drivers/gpu/drm/amd/display/dc/clk_mgr/clk_mgr.c | 5 +- .../amd/display/dc/clk_mgr/dcn35/dcn351_clk_mgr.c | 140 +++ .../amd/display/dc/clk_mgr/dcn35/dcn35_clk_mgr.c | 130 ++- .../amd/display/dc/clk_mgr/dcn35/dcn35_clk_mgr.h | 4 + .../drm/amd/display/dc/inc/hw/clk_mgr_internal.h | 59 + drivers/gpu/drm/drm_panic_qr.rs | 2 +- drivers/gpu/drm/i915/display/icl_dsi.c | 4 +- drivers/gpu/drm/i915/display/intel_ddi.c | 2 +- drivers/gpu/drm/i915/display/intel_display.c | 18 + .../gpu/drm/i915/display/intel_dp_link_training.c | 15 +- drivers/gpu/drm/i915/gt/uc/intel_guc_submission.c | 4 +- drivers/gpu/drm/i915/i915_reg.h | 2 +- .../gpu/drm/msm/disp/dpu1/catalog/dpu_5_0_sm8150.h | 2 +- .../drm/msm/disp/dpu1/catalog/dpu_5_1_sc8180x.h | 2 +- .../gpu/drm/msm/disp/dpu1/catalog/dpu_5_4_sm6125.h | 2 +- drivers/gpu/drm/msm/disp/dpu1/dpu_encoder.c | 3 + drivers/gpu/drm/msm/disp/dpu1/dpu_hw_dsc.c | 3 +- drivers/gpu/drm/msm/disp/dpu1/dpu_hw_top.c | 2 +- drivers/gpu/drm/msm/dp/dp_display.c | 11 +- drivers/gpu/drm/msm/dp/dp_drm.c | 5 +- drivers/gpu/drm/msm/dsi/phy/dsi_phy_7nm.c | 53 +- drivers/gpu/drm/msm/msm_drv.h | 11 +- .../gpu/drm/msm/registers/display/dsi_phy_7nm.xml | 11 +- drivers/gpu/drm/nouveau/nouveau_svm.c | 9 +- drivers/gpu/drm/nouveau/nvkm/subdev/pmu/gp10b.c | 2 +- drivers/gpu/drm/panel/panel-jadard-jd9365da-h3.c | 8 +- drivers/gpu/drm/xe/display/ext/i915_irq.c | 13 +- drivers/gpu/drm/xe/xe_device.c | 4 +- drivers/gpu/drm/xe/xe_device.h | 3 +- drivers/gpu/drm/xe/xe_device_types.h | 8 +- drivers/gpu/drm/xe/xe_irq.c | 298 ++++-- drivers/gpu/drm/xe/xe_irq.h | 3 + drivers/hv/vmbus_drv.c | 17 + drivers/irqchip/irq-gic-v3.c | 49 +- drivers/irqchip/irq-jcore-aic.c | 2 +- drivers/md/raid0.c | 4 +- drivers/md/raid1.c | 4 +- drivers/md/raid10.c | 4 +- drivers/mtd/nand/raw/cadence-nand-controller.c | 42 +- drivers/mtd/spi-nor/sst.c | 2 +- drivers/net/ethernet/google/gve/gve.h | 10 + drivers/net/ethernet/google/gve/gve_main.c | 6 +- drivers/net/ethernet/ibm/ibmvnic.c | 4 +- drivers/net/ethernet/netronome/nfp/bpf/cmsg.c | 2 + drivers/net/ethernet/xilinx/xilinx_axienet_main.c | 1 + drivers/net/geneve.c | 16 +- drivers/net/gtp.c | 5 - drivers/net/pse-pd/pd692x0.c | 45 +- drivers/net/pse-pd/pse_core.c | 98 +- drivers/nvme/host/ioctl.c | 3 +- drivers/nvme/host/tcp.c | 7 +- drivers/nvme/target/core.c | 40 +- drivers/pci/devres.c | 58 +- drivers/pci/pci.c | 16 +- drivers/platform/cznic/Kconfig | 1 + drivers/power/supply/axp20x_battery.c | 31 +- drivers/power/supply/da9150-fg.c | 4 +- drivers/s390/net/ism_drv.c | 14 +- drivers/soc/loongson/loongson2_guts.c | 5 +- drivers/tee/optee/supp.c | 35 +- drivers/tty/serial/sh-sci.c | 68 +- drivers/usb/gadget/function/f_midi.c | 2 +- fs/btrfs/extent_io.c | 102 +- fs/btrfs/inode.c | 3 +- fs/smb/client/inode.c | 4 +- fs/smb/client/smb2ops.c | 4 + fs/xfs/scrub/common.h | 5 - fs/xfs/scrub/repair.h | 11 +- fs/xfs/scrub/scrub.c | 12 + include/linux/mm_types.h | 7 +- include/linux/netdevice.h | 2 + include/linux/pci.h | 1 + include/linux/pse-pd/pse.h | 16 +- include/net/gro.h | 3 + include/net/tcp.h | 14 + io_uring/io_uring.c | 2 + io_uring/rw.c | 13 +- kernel/acct.c | 134 ++- kernel/bpf/arena.c | 2 +- kernel/bpf/bpf_cgrp_storage.c | 2 +- kernel/bpf/btf.c | 2 + kernel/bpf/ringbuf.c | 4 - kernel/bpf/syscall.c | 43 +- kernel/sched/sched.h | 25 +- kernel/trace/ftrace.c | 36 +- kernel/trace/trace.c | 277 ++--- kernel/trace/trace_functions.c | 6 +- lib/iov_iter.c | 3 +- mm/madvise.c | 11 +- mm/migrate_device.c | 13 +- mm/zswap.c | 35 +- net/bpf/test_run.c | 5 +- net/core/dev.c | 37 +- net/core/drop_monitor.c | 39 +- net/core/flow_dissector.c | 49 +- net/core/gro.c | 3 - net/core/skbuff.c | 10 +- net/core/sock_map.c | 8 +- net/ipv4/arp.c | 2 +- net/ipv4/tcp_fastopen.c | 4 +- net/ipv4/tcp_input.c | 20 +- net/ipv4/tcp_ipv4.c | 2 +- net/sched/cls_api.c | 2 +- net/vmw_vsock/af_vsock.c | 3 + net/vmw_vsock/virtio_transport.c | 10 +- net/vmw_vsock/vsock_bpf.c | 2 +- rust/ffi.rs | 37 +- rust/kernel/device.rs | 4 +- rust/kernel/error.rs | 5 +- rust/kernel/firmware.rs | 2 +- rust/kernel/miscdevice.rs | 12 +- rust/kernel/print.rs | 4 +- rust/kernel/security.rs | 2 +- rust/kernel/seq_file.rs | 2 +- rust/kernel/str.rs | 6 +- rust/kernel/uaccess.rs | 27 +- samples/rust/rust_print_main.rs | 2 +- sound/core/seq/seq_clientmgr.c | 12 +- sound/pci/hda/hda_codec.c | 4 +- sound/pci/hda/patch_conexant.c | 1 + sound/pci/hda/patch_cs8409-tables.c | 6 +- sound/pci/hda/patch_cs8409.c | 20 +- sound/pci/hda/patch_cs8409.h | 5 +- sound/pci/hda/patch_realtek.c | 1 + sound/soc/fsl/fsl_micfil.c | 2 + sound/soc/fsl/imx-audmix.c | 31 - sound/soc/rockchip/rockchip_i2s_tdm.c | 4 +- sound/soc/sof/ipc4-topology.c | 12 +- sound/soc/sof/pcm.c | 2 + sound/soc/sof/stream-ipc.c | 6 +- 161 files changed, 3032 insertions(+), 1289 deletions(-)

7 months, 3 weeks

14
14
0 0

+ revert-mm-page_allocc-dont-show-protection-in-zones-lowmem_reserve-for-empty-zone.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: Revert "mm/page_alloc.c: don't show protection in zone's ->lowmem_reserve[] for empty zone" has been added to the -mm mm-hotfixes-unstable branch. Its filename is revert-mm-page_allocc-dont-show-protection-in-zones-lowmem_reserve-for-empty-zone.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Gabriel Krisman Bertazi <krisman(a)suse.de> Subject: Revert "mm/page_alloc.c: don't show protection in zone's ->lowmem_reserve[] for empty zone" Date: Tue, 25 Feb 2025 22:22:58 -0500 Commit 96a5c186efff ("mm/page_alloc.c: don't show protection in zone's ->lowmem_reserve[] for empty zone") removes the protection of lower zones from allocations targeting memory-less high zones. This had an unintended impact on the pattern of reclaims because it makes the high-zone-targeted allocation more likely to succeed in lower zones, which adds pressure to said zones. I.e, the following corresponding checks in zone_watermark_ok/zone_watermark_fast are less likely to trigger: if (free_pages <= min + z->lowmem_reserve[highest_zoneidx]) return false; As a result, we are observing an increase in reclaim and kswapd scans, due to the increased pressure. This was initially observed as increased latency in filesystem operations when benchmarking with fio on a machine with some memory-less zones, but it has since been associated with increased contention in locks related to memory reclaim. By reverting this patch, the original performance was recovered on that machine. The original commit was introduced as a clarification of the /proc/zoneinfo output, so it doesn't seem there are usecases depending on it, making the revert a simple solution. For reference, I collected vmstat with and without this patch on a freshly booted system running intensive randread io from an nvme for 5 minutes. I got: rpm-6.12.0-slfo.1.2 -> pgscan_kswapd 5629543865 Patched -> pgscan_kswapd 33580844 33M scans is similar to what we had in kernels predating this patch. These numbers is fairly representative of the workload on this machine, as measured in several runs. So we are talking about a 2-order of magnitude increase. Link: https://lkml.kernel.org/r/20250226032258.234099-1-krisman@suse.de Fixes: 96a5c186efff ("mm/page_alloc.c: don't show protection in zone's ->lowmem_reserve[] for empty zone") Signed-off-by: Gabriel Krisman Bertazi <krisman(a)suse.de> Reviewed-by: Vlastimil Babka <vbabka(a)suse.cz> Acked-by: Michal Hocko <mhocko(a)suse.com> Cc: Mel Gorman <mgorman(a)suse.de> Cc: Baoquan He <bhe(a)redhat.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/page_alloc.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) --- a/mm/page_alloc.c~revert-mm-page_allocc-dont-show-protection-in-zones-lowmem_reserve-for-empty-zone +++ a/mm/page_alloc.c @@ -5851,11 +5851,10 @@ static void setup_per_zone_lowmem_reserv for (j = i + 1; j < MAX_NR_ZONES; j++) { struct zone *upper_zone = &pgdat->node_zones[j]; - bool empty = !zone_managed_pages(upper_zone); managed_pages += zone_managed_pages(upper_zone); - if (clear || empty) + if (clear) zone->lowmem_reserve[j] = 0; else zone->lowmem_reserve[j] = managed_pages / ratio; _ Patches currently in -mm which might be from krisman(a)suse.de are revert-mm-page_allocc-dont-show-protection-in-zones-lowmem_reserve-for-empty-zone.patch

7 months, 3 weeks

1
0
0 0

+ mm-fix-finish_fault-handling-for-large-folios.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm: fix finish_fault() handling for large folios has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-fix-finish_fault-handling-for-large-folios.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Brian Geffon <bgeffon(a)google.com> Subject: mm: fix finish_fault() handling for large folios Date: Wed, 26 Feb 2025 11:23:41 -0500 When handling faults for anon shmem finish_fault() will attempt to install ptes for the entire folio. Unfortunately if it encounters a single non-pte_none entry in that range it will bail, even if the pte that triggered the fault is still pte_none. When this situation happens the fault will be retried endlessly never making forward progress. This patch fixes this behavior and if it detects that a pte in the range is not pte_none it will fall back to setting a single pte. Link: https://lkml.kernel.org/r/20250226162341.915535-1-bgeffon@google.com Fixes: 43e027e41423 ("mm: memory: extend finish_fault() to support large folio") Signed-off-by: Brian Geffon <bgeffon(a)google.com> Suggested-by: Baolin Wang <baolin.wang(a)linux.alibaba.com> Reported-by: Marek Maslanka <mmaslanka(a)google.com> Cc: Hugh Dickins <hughd(a)google.com> Cc: David Hildenbrand <david(a)redhat.com> Cc: Hugh Dickens <hughd(a)google.com> Cc: Kefeng Wang <wangkefeng.wang(a)huawei.com> Cc: Matthew Wilcow (Oracle) <willy(a)infradead.org> Cc: Suren Baghdasaryan <surenb(a)google.com> Cc: Zi Yan <ziy(a)nvidia.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/memory.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) --- a/mm/memory.c~mm-fix-finish_fault-handling-for-large-folios +++ a/mm/memory.c @@ -5185,7 +5185,11 @@ vm_fault_t finish_fault(struct vm_fault bool is_cow = (vmf->flags & FAULT_FLAG_WRITE) && !(vma->vm_flags & VM_SHARED); int type, nr_pages; - unsigned long addr = vmf->address; + unsigned long addr; + bool needs_fallback = false; + +fallback: + addr = vmf->address; /* Did we COW the page? */ if (is_cow) @@ -5224,7 +5228,8 @@ vm_fault_t finish_fault(struct vm_fault * approach also applies to non-anonymous-shmem faults to avoid * inflating the RSS of the process. */ - if (!vma_is_anon_shmem(vma) || unlikely(userfaultfd_armed(vma))) { + if (!vma_is_anon_shmem(vma) || unlikely(userfaultfd_armed(vma)) || + unlikely(needs_fallback)) { nr_pages = 1; } else if (nr_pages > 1) { pgoff_t idx = folio_page_idx(folio, page); @@ -5260,9 +5265,9 @@ vm_fault_t finish_fault(struct vm_fault ret = VM_FAULT_NOPAGE; goto unlock; } else if (nr_pages > 1 && !pte_range_none(vmf->pte, nr_pages)) { - update_mmu_tlb_range(vma, addr, vmf->pte, nr_pages); - ret = VM_FAULT_NOPAGE; - goto unlock; + needs_fallback = true; + pte_unmap_unlock(vmf->pte, vmf->ptl); + goto fallback; } folio_ref_add(folio, nr_pages - 1); _ Patches currently in -mm which might be from bgeffon(a)google.com are mm-fix-finish_fault-handling-for-large-folios.patch

7 months, 3 weeks

1
0
0 0

[PATCH v2] i2c: amd-asf: Fix EOI register write to enable successive interrupts

by Shyam Sundar S K

The commit b1f8921dfbaa ("i2c: amd-asf: Clear remote IRR bit to get successive interrupt") introduced a method to enable successive interrupts but inadvertently omitted the necessary write to the EOI register, resulting in a failure to receive successive interrupts. Fix this by adding the required write to the EOI register. Fixes: b1f8921dfbaa ("i2c: amd-asf: Clear remote IRR bit to get successive interrupt") Cc: <stable(a)vger.kernel.org> # v6.13+ Co-developed-by: Sanket Goswami <Sanket.Goswami(a)amd.com> Signed-off-by: Sanket Goswami <Sanket.Goswami(a)amd.com> Signed-off-by: Shyam Sundar S K <Shyam-sundar.S-k(a)amd.com> --- v2: - update commit and add stable tag drivers/i2c/busses/i2c-amd-asf-plat.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/i2c/busses/i2c-amd-asf-plat.c b/drivers/i2c/busses/i2c-amd-asf-plat.c index 438db5a9d0ed..ca45f0f23321 100644 --- a/drivers/i2c/busses/i2c-amd-asf-plat.c +++ b/drivers/i2c/busses/i2c-amd-asf-plat.c @@ -293,6 +293,7 @@ static irqreturn_t amd_asf_irq_handler(int irq, void *ptr) amd_asf_update_ioport_target(piix4_smba, ASF_SLV_INTR, SMBHSTSTS, true); } + iowrite32(irq, dev->eoi_base); return IRQ_HANDLED; } -- 2.34.1

7 months, 3 weeks

2
1
0 0

+ mm-dont-skip-arch_sync_kernel_mappings-in-error-paths.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm: don't skip arch_sync_kernel_mappings() in error paths has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-dont-skip-arch_sync_kernel_mappings-in-error-paths.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Ryan Roberts <ryan.roberts(a)arm.com> Subject: mm: don't skip arch_sync_kernel_mappings() in error paths Date: Wed, 26 Feb 2025 12:16:09 +0000 Fix callers that previously skipped calling arch_sync_kernel_mappings() if an error occurred during a pgtable update. The call is still required to sync any pgtable updates that may have occurred prior to hitting the error condition. These are theoretical bugs discovered during code review. Link: https://lkml.kernel.org/r/20250226121610.2401743-1-ryan.roberts@arm.com Fixes: 2ba3e6947aed ("mm/vmalloc: track which page-table levels were modified") Fixes: 0c95cba49255 ("mm: apply_to_pte_range warn and fail if a large pte is encountered") Signed-off-by: Ryan Roberts <ryan.roberts(a)arm.com> Reviewed-by: Anshuman Khandual <anshuman.khandual(a)arm.com> Reviewed-by: Catalin Marinas <catalin.marinas(a)arm.com> Cc: Christop Hellwig <hch(a)infradead.org> Cc: "Uladzislau Rezki (Sony)" <urezki(a)gmail.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/memory.c | 6 ++++-- mm/vmalloc.c | 4 ++-- 2 files changed, 6 insertions(+), 4 deletions(-) --- a/mm/memory.c~mm-dont-skip-arch_sync_kernel_mappings-in-error-paths +++ a/mm/memory.c @@ -3051,8 +3051,10 @@ static int __apply_to_page_range(struct next = pgd_addr_end(addr, end); if (pgd_none(*pgd) && !create) continue; - if (WARN_ON_ONCE(pgd_leaf(*pgd))) - return -EINVAL; + if (WARN_ON_ONCE(pgd_leaf(*pgd))) { + err = -EINVAL; + break; + } if (!pgd_none(*pgd) && WARN_ON_ONCE(pgd_bad(*pgd))) { if (!create) continue; --- a/mm/vmalloc.c~mm-dont-skip-arch_sync_kernel_mappings-in-error-paths +++ a/mm/vmalloc.c @@ -586,13 +586,13 @@ static int vmap_small_pages_range_noflus mask |= PGTBL_PGD_MODIFIED; err = vmap_pages_p4d_range(pgd, addr, next, prot, pages, &nr, &mask); if (err) - return err; + break; } while (pgd++, addr = next, addr != end); if (mask & ARCH_PAGE_TABLE_SYNC_MASK) arch_sync_kernel_mappings(start, end); - return 0; + return err; } /* _ Patches currently in -mm which might be from ryan.roberts(a)arm.com are mm-dont-skip-arch_sync_kernel_mappings-in-error-paths.patch mm-ioremap-pass-pgprot_t-to-ioremap_prot-instead-of-unsigned-long.patch

7 months, 3 weeks

1
0
0 0

[PATCH v3] i2c: ls2x: Fix frequency division register access

by Binbin Zhou

According to the chip manual, the I2C register access type of Loongson-2K2000/LS7A is "B", so we can only access registers in byte form (readb()/writeb()). Although Loongson-2K0500/Loongson-2K1000 do not have similar constraints, register accesses in byte form also behave correctly. Also, in hardware, the frequency division registers are defined as two separate registers (high 8-bit and low 8-bit), so we just access them directly as bytes. Cc: stable(a)vger.kernel.org Fixes: 015e61f0bffd ("i2c: ls2x: Add driver for Loongson-2K/LS7A I2C controller") Co-developed-by: Hongliang Wang <wanghongliang(a)loongson.cn> Signed-off-by: Hongliang Wang <wanghongliang(a)loongson.cn> Signed-off-by: Binbin Zhou <zhoubinbin(a)loongson.cn> Reviewed-by: Andy Shevchenko <andy(a)kernel.org> --- V3: - Add Reviewed-by tag from Andy, thanks; - In comment and commit message, readb->read()/writeb->writeb(). Link to V2: https://lore.kernel.org/all/20250219020809.3568972-1-zhoubinbin@loongson.cn/ V2: - Add a comment to prevent from changing that back to 16-bit write. Link to V1: https://lore.kernel.org/all/20250218111133.3058590-1-zhoubinbin@loongson.cn/ drivers/i2c/busses/i2c-ls2x.c | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/drivers/i2c/busses/i2c-ls2x.c b/drivers/i2c/busses/i2c-ls2x.c index 8821cac3897b..b475dd27b7af 100644 --- a/drivers/i2c/busses/i2c-ls2x.c +++ b/drivers/i2c/busses/i2c-ls2x.c @@ -10,6 +10,7 @@ * Rewritten for mainline by Binbin Zhou <zhoubinbin(a)loongson.cn> */ +#include <linux/bitfield.h> #include <linux/bits.h> #include <linux/completion.h> #include <linux/device.h> @@ -26,7 +27,8 @@ #include <linux/units.h> /* I2C Registers */ -#define I2C_LS2X_PRER 0x0 /* Freq Division Register(16 bits) */ +#define I2C_LS2X_PRER_LO 0x0 /* Freq Division Low Byte Register */ +#define I2C_LS2X_PRER_HI 0x1 /* Freq Division High Byte Register */ #define I2C_LS2X_CTR 0x2 /* Control Register */ #define I2C_LS2X_TXR 0x3 /* Transport Data Register */ #define I2C_LS2X_RXR 0x3 /* Receive Data Register */ @@ -93,6 +95,7 @@ static irqreturn_t ls2x_i2c_isr(int this_irq, void *dev_id) */ static void ls2x_i2c_adjust_bus_speed(struct ls2x_i2c_priv *priv) { + u16 val; struct i2c_timings *t = &priv->i2c_t; struct device *dev = priv->adapter.dev.parent; u32 acpi_speed = i2c_acpi_find_bus_speed(dev); @@ -104,9 +107,14 @@ static void ls2x_i2c_adjust_bus_speed(struct ls2x_i2c_priv *priv) else t->bus_freq_hz = LS2X_I2C_FREQ_STD; - /* Calculate and set i2c frequency. */ - writew(LS2X_I2C_PCLK_FREQ / (5 * t->bus_freq_hz) - 1, - priv->base + I2C_LS2X_PRER); + /* + * According to the chip manual, we can only access the registers as bytes, + * otherwise the high bits will be truncated. + * So set the I2C frequency with a sequential writeb() instead of writew(). + */ + val = LS2X_I2C_PCLK_FREQ / (5 * t->bus_freq_hz) - 1; + writeb(FIELD_GET(GENMASK(7, 0), val), priv->base + I2C_LS2X_PRER_LO); + writeb(FIELD_GET(GENMASK(15, 8), val), priv->base + I2C_LS2X_PRER_HI); } static void ls2x_i2c_init(struct ls2x_i2c_priv *priv) base-commit: 7e45b505e699f4c80aa8bf79b4ea2a5f5a66bb51 -- 2.47.1

7 months, 3 weeks

2
1
0 0

[PATCH 2/6] scsi: ufs: exynos: move ufs shareability value to drvdata

by Peter Griffin

gs101 IO coherency shareability bits differ from exynosauto SoC. To support both SoCs move this info the SoC drvdata. Currently both the value and mask are the same for both gs101 and exynosauto, thus we use the same value. Signed-off-by: Peter Griffin <peter.griffin(a)linaro.org> Fixes: d11e0a318df8 ("scsi: ufs: exynos: Add support for Tensor gs101 SoC") Cc: stable(a)vger.kernel.org --- drivers/ufs/host/ufs-exynos.c | 20 ++++++++++++++------ drivers/ufs/host/ufs-exynos.h | 2 ++ 2 files changed, 16 insertions(+), 6 deletions(-) diff --git a/drivers/ufs/host/ufs-exynos.c b/drivers/ufs/host/ufs-exynos.c index cd750786187c..a00256ede659 100644 --- a/drivers/ufs/host/ufs-exynos.c +++ b/drivers/ufs/host/ufs-exynos.c @@ -92,11 +92,16 @@ UIC_TRANSPORT_NO_CONNECTION_RX |\ UIC_TRANSPORT_BAD_TC) -/* FSYS UFS Shareability */ -#define UFS_WR_SHARABLE BIT(2) -#define UFS_RD_SHARABLE BIT(1) -#define UFS_SHARABLE (UFS_WR_SHARABLE | UFS_RD_SHARABLE) -#define UFS_SHAREABILITY_OFFSET 0x710 +/* UFS Shareability */ +#define UFS_EXYNOSAUTO_WR_SHARABLE BIT(2) +#define UFS_EXYNOSAUTO_RD_SHARABLE BIT(1) +#define UFS_EXYNOSAUTO_SHARABLE (UFS_EXYNOSAUTO_WR_SHARABLE | \ + UFS_EXYNOSAUTO_RD_SHARABLE) +#define UFS_GS101_WR_SHARABLE BIT(1) +#define UFS_GS101_RD_SHARABLE BIT(0) +#define UFS_GS101_SHARABLE (UFS_GS101_WR_SHARABLE | \ + UFS_GS101_RD_SHARABLE) +#define UFS_SHAREABILITY_OFFSET 0x710 /* Multi-host registers */ #define MHCTRL 0xC4 @@ -210,7 +215,7 @@ static int exynos_ufs_shareability(struct exynos_ufs *ufs) if (ufs->sysreg) { return regmap_update_bits(ufs->sysreg, ufs->shareability_reg_offset, - UFS_SHARABLE, UFS_SHARABLE); + ufs->shareability, ufs->shareability); } return 0; @@ -1193,6 +1198,7 @@ static inline void exynos_ufs_priv_init(struct ufs_hba *hba, { ufs->hba = hba; ufs->opts = ufs->drv_data->opts; + ufs->shareability = ufs->drv_data->shareability; ufs->rx_sel_idx = PA_MAXDATALANES; if (ufs->opts & EXYNOS_UFS_OPT_BROKEN_RX_SEL_IDX) ufs->rx_sel_idx = 0; @@ -2034,6 +2040,7 @@ static const struct exynos_ufs_drv_data exynosauto_ufs_drvs = { .opts = EXYNOS_UFS_OPT_BROKEN_AUTO_CLK_CTRL | EXYNOS_UFS_OPT_SKIP_CONFIG_PHY_ATTR | EXYNOS_UFS_OPT_BROKEN_RX_SEL_IDX, + .shareability = UFS_EXYNOSAUTO_SHARABLE, .drv_init = exynosauto_ufs_drv_init, .post_hce_enable = exynosauto_ufs_post_hce_enable, .pre_link = exynosauto_ufs_pre_link, @@ -2135,6 +2142,7 @@ static const struct exynos_ufs_drv_data gs101_ufs_drvs = { .opts = EXYNOS_UFS_OPT_SKIP_CONFIG_PHY_ATTR | EXYNOS_UFS_OPT_UFSPR_SECURE | EXYNOS_UFS_OPT_TIMER_TICK_SELECT, + .shareability = UFS_GS101_SHARABLE, .drv_init = gs101_ufs_drv_init, .pre_link = gs101_ufs_pre_link, .post_link = gs101_ufs_post_link, diff --git a/drivers/ufs/host/ufs-exynos.h b/drivers/ufs/host/ufs-exynos.h index 9670dc138d1e..78bd13dc2d70 100644 --- a/drivers/ufs/host/ufs-exynos.h +++ b/drivers/ufs/host/ufs-exynos.h @@ -181,6 +181,7 @@ struct exynos_ufs_drv_data { struct exynos_ufs_uic_attr *uic_attr; unsigned int quirks; unsigned int opts; + u32 shareability; /* SoC's specific operations */ int (*drv_init)(struct exynos_ufs *ufs); int (*pre_link)(struct exynos_ufs *ufs); @@ -231,6 +232,7 @@ struct exynos_ufs { const struct exynos_ufs_drv_data *drv_data; struct regmap *sysreg; u32 shareability_reg_offset; + u32 shareability; u32 opts; #define EXYNOS_UFS_OPT_HAS_APB_CLK_CTRL BIT(0) -- 2.48.1.658.g4767266eb4-goog

7 months, 3 weeks

1
0
0 0

+ userfaultfd-fix-pte-unmapping-stack-allocated-pte-copies.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: userfaultfd: fix PTE unmapping stack-allocated PTE copies has been added to the -mm mm-hotfixes-unstable branch. Its filename is userfaultfd-fix-pte-unmapping-stack-allocated-pte-copies.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Suren Baghdasaryan <surenb(a)google.com> Subject: userfaultfd: fix PTE unmapping stack-allocated PTE copies Date: Wed, 26 Feb 2025 10:55:09 -0800 Current implementation of move_pages_pte() copies source and destination PTEs in order to detect concurrent changes to PTEs involved in the move. However these copies are also used to unmap the PTEs, which will fail if CONFIG_HIGHPTE is enabled because the copies are allocated on the stack. Fix this by using the actual PTEs which were kmap()ed. Link: https://lkml.kernel.org/r/20250226185510.2732648-3-surenb@google.com Fixes: adef440691ba ("userfaultfd: UFFDIO_MOVE uABI") Signed-off-by: Suren Baghdasaryan <surenb(a)google.com> Reported-by: Peter Xu <peterx(a)redhat.com> Reviewed-by: Peter Xu <peterx(a)redhat.com> Cc: Andrea Arcangeli <aarcange(a)redhat.com> Cc: Barry Song <21cnbao(a)gmail.com> Cc: Barry Song <v-songbaohua(a)oppo.com> Cc: David Hildenbrand <david(a)redhat.com> Cc: Hugh Dickins <hughd(a)google.com> Cc: Jann Horn <jannh(a)google.com> Cc: Kalesh Singh <kaleshsingh(a)google.com> Cc: Liam R. Howlett <Liam.Howlett(a)Oracle.com> Cc: Lokesh Gidra <lokeshgidra(a)google.com> Cc: Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> Cc: Matthew Wilcow (Oracle) <willy(a)infradead.org> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/userfaultfd.c | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) --- a/mm/userfaultfd.c~userfaultfd-fix-pte-unmapping-stack-allocated-pte-copies +++ a/mm/userfaultfd.c @@ -1290,8 +1290,8 @@ retry: spin_unlock(src_ptl); if (!locked) { - pte_unmap(&orig_src_pte); - pte_unmap(&orig_dst_pte); + pte_unmap(src_pte); + pte_unmap(dst_pte); src_pte = dst_pte = NULL; /* now we can block and wait */ folio_lock(src_folio); @@ -1307,8 +1307,8 @@ retry: /* at this point we have src_folio locked */ if (folio_test_large(src_folio)) { /* split_folio() can block */ - pte_unmap(&orig_src_pte); - pte_unmap(&orig_dst_pte); + pte_unmap(src_pte); + pte_unmap(dst_pte); src_pte = dst_pte = NULL; err = split_folio(src_folio); if (err) @@ -1333,8 +1333,8 @@ retry: goto out; } if (!anon_vma_trylock_write(src_anon_vma)) { - pte_unmap(&orig_src_pte); - pte_unmap(&orig_dst_pte); + pte_unmap(src_pte); + pte_unmap(dst_pte); src_pte = dst_pte = NULL; /* now we can block and wait */ anon_vma_lock_write(src_anon_vma); @@ -1352,8 +1352,8 @@ retry: entry = pte_to_swp_entry(orig_src_pte); if (non_swap_entry(entry)) { if (is_migration_entry(entry)) { - pte_unmap(&orig_src_pte); - pte_unmap(&orig_dst_pte); + pte_unmap(src_pte); + pte_unmap(dst_pte); src_pte = dst_pte = NULL; migration_entry_wait(mm, src_pmd, src_addr); err = -EAGAIN; @@ -1396,8 +1396,8 @@ retry: src_folio = folio; src_folio_pte = orig_src_pte; if (!folio_trylock(src_folio)) { - pte_unmap(&orig_src_pte); - pte_unmap(&orig_dst_pte); + pte_unmap(src_pte); + pte_unmap(dst_pte); src_pte = dst_pte = NULL; /* now we can block and wait */ folio_lock(src_folio); _ Patches currently in -mm which might be from surenb(a)google.com are userfaultfd-do-not-block-on-locking-a-large-folio-with-raised-refcount.patch userfaultfd-fix-pte-unmapping-stack-allocated-pte-copies.patch mm-avoid-extra-mem_alloc_profiling_enabled-checks.patch alloc_tag-uninline-code-gated-by-mem_alloc_profiling_key-in-slab-allocator.patch alloc_tag-uninline-code-gated-by-mem_alloc_profiling_key-in-page-allocator.patch mm-introduce-vma_start_read_locked_nested-helpers.patch mm-move-per-vma-lock-into-vm_area_struct.patch mm-mark-vma-as-detached-until-its-added-into-vma-tree.patch mm-introduce-vma_iter_store_attached-to-use-with-attached-vmas.patch mm-mark-vmas-detached-upon-exit.patch types-move-struct-rcuwait-into-typesh.patch mm-allow-vma_start_read_locked-vma_start_read_locked_nested-to-fail.patch mm-move-mmap_init_lock-out-of-the-header-file.patch mm-uninline-the-main-body-of-vma_start_write.patch refcount-provide-ops-for-cases-when-objects-memory-can-be-reused.patch refcount-provide-ops-for-cases-when-objects-memory-can-be-reused-fix.patch refcount-introduce-__refcount_addinc_not_zero_limited_acquire.patch mm-replace-vm_lock-and-detached-flag-with-a-reference-count.patch mm-replace-vm_lock-and-detached-flag-with-a-reference-count-fix.patch mm-move-lesser-used-vma_area_struct-members-into-the-last-cacheline.patch mm-debug-print-vm_refcnt-state-when-dumping-the-vma.patch mm-remove-extra-vma_numab_state_init-call.patch mm-prepare-lock_vma_under_rcu-for-vma-reuse-possibility.patch mm-make-vma-cache-slab_typesafe_by_rcu.patch mm-make-vma-cache-slab_typesafe_by_rcu-fix.patch docs-mm-document-latest-changes-to-vm_lock.patch

7 months, 3 weeks

1
0
0 0

+ userfaultfd-do-not-block-on-locking-a-large-folio-with-raised-refcount.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: userfaultfd: do not block on locking a large folio with raised refcount has been added to the -mm mm-hotfixes-unstable branch. Its filename is userfaultfd-do-not-block-on-locking-a-large-folio-with-raised-refcount.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Suren Baghdasaryan <surenb(a)google.com> Subject: userfaultfd: do not block on locking a large folio with raised refcount Date: Wed, 26 Feb 2025 10:55:08 -0800 Lokesh recently raised an issue about UFFDIO_MOVE getting into a deadlock state when it goes into split_folio() with raised folio refcount. split_folio() expects the reference count to be exactly mapcount + num_pages_in_folio + 1 (see can_split_folio()) and fails with EAGAIN otherwise. If multiple processes are trying to move the same large folio, they raise the refcount (all tasks succeed in that) then one of them succeeds in locking the folio, while others will block in folio_lock() while keeping the refcount raised. The winner of this race will proceed with calling split_folio() and will fail returning EAGAIN to the caller and unlocking the folio. The next competing process will get the folio locked and will go through the same flow. In the meantime the original winner will be retried and will block in folio_lock(), getting into the queue of waiting processes only to repeat the same path. All this results in a livelock. An easy fix would be to avoid waiting for the folio lock while holding folio refcount, similar to madvise_free_huge_pmd() where folio lock is acquired before raising the folio refcount. Since we lock and take a refcount of the folio while holding the PTE lock, changing the order of these operations should not break anything. Modify move_pages_pte() to try locking the folio first and if that fails and the folio is large then return EAGAIN without touching the folio refcount. If the folio is single-page then split_folio() is not called, so we don't have this issue. Lokesh has a reproducer [1] and I verified that this change fixes the issue. [1] https://github.com/lokeshgidra/uffd_move_ioctl_deadlock Link: https://lkml.kernel.org/r/20250226185510.2732648-2-surenb@google.com Fixes: adef440691ba ("userfaultfd: UFFDIO_MOVE uABI") Signed-off-by: Suren Baghdasaryan <surenb(a)google.com> Reported-by: Lokesh Gidra <lokeshgidra(a)google.com> Reviewed-by: Peter Xu <peterx(a)redhat.com> Acked-by: Liam R. Howlett <Liam.Howlett(a)Oracle.com> Cc: Andrea Arcangeli <aarcange(a)redhat.com> Cc: Barry Song <21cnbao(a)gmail.com> Cc: Barry Song <v-songbaohua(a)oppo.com> Cc: David Hildenbrand <david(a)redhat.com> Cc: Hugh Dickins <hughd(a)google.com> Cc: Jann Horn <jannh(a)google.com> Cc: Kalesh Singh <kaleshsingh(a)google.com> Cc: Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> Cc: Matthew Wilcow (Oracle) <willy(a)infradead.org> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/userfaultfd.c | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) --- a/mm/userfaultfd.c~userfaultfd-do-not-block-on-locking-a-large-folio-with-raised-refcount +++ a/mm/userfaultfd.c @@ -1250,6 +1250,7 @@ retry: */ if (!src_folio) { struct folio *folio; + bool locked; /* * Pin the page while holding the lock to be sure the @@ -1269,12 +1270,26 @@ retry: goto out; } + locked = folio_trylock(folio); + /* + * We avoid waiting for folio lock with a raised refcount + * for large folios because extra refcounts will result in + * split_folio() failing later and retrying. If multiple + * tasks are trying to move a large folio we can end + * livelocking. + */ + if (!locked && folio_test_large(folio)) { + spin_unlock(src_ptl); + err = -EAGAIN; + goto out; + } + folio_get(folio); src_folio = folio; src_folio_pte = orig_src_pte; spin_unlock(src_ptl); - if (!folio_trylock(src_folio)) { + if (!locked) { pte_unmap(&orig_src_pte); pte_unmap(&orig_dst_pte); src_pte = dst_pte = NULL; _ Patches currently in -mm which might be from surenb(a)google.com are userfaultfd-do-not-block-on-locking-a-large-folio-with-raised-refcount.patch userfaultfd-fix-pte-unmapping-stack-allocated-pte-copies.patch mm-avoid-extra-mem_alloc_profiling_enabled-checks.patch alloc_tag-uninline-code-gated-by-mem_alloc_profiling_key-in-slab-allocator.patch alloc_tag-uninline-code-gated-by-mem_alloc_profiling_key-in-page-allocator.patch mm-introduce-vma_start_read_locked_nested-helpers.patch mm-move-per-vma-lock-into-vm_area_struct.patch mm-mark-vma-as-detached-until-its-added-into-vma-tree.patch mm-introduce-vma_iter_store_attached-to-use-with-attached-vmas.patch mm-mark-vmas-detached-upon-exit.patch types-move-struct-rcuwait-into-typesh.patch mm-allow-vma_start_read_locked-vma_start_read_locked_nested-to-fail.patch mm-move-mmap_init_lock-out-of-the-header-file.patch mm-uninline-the-main-body-of-vma_start_write.patch refcount-provide-ops-for-cases-when-objects-memory-can-be-reused.patch refcount-provide-ops-for-cases-when-objects-memory-can-be-reused-fix.patch refcount-introduce-__refcount_addinc_not_zero_limited_acquire.patch mm-replace-vm_lock-and-detached-flag-with-a-reference-count.patch mm-replace-vm_lock-and-detached-flag-with-a-reference-count-fix.patch mm-move-lesser-used-vma_area_struct-members-into-the-last-cacheline.patch mm-debug-print-vm_refcnt-state-when-dumping-the-vma.patch mm-remove-extra-vma_numab_state_init-call.patch mm-prepare-lock_vma_under_rcu-for-vma-reuse-possibility.patch mm-make-vma-cache-slab_typesafe_by_rcu.patch mm-make-vma-cache-slab_typesafe_by_rcu-fix.patch docs-mm-document-latest-changes-to-vm_lock.patch

7 months, 3 weeks

1
0
0 0

[to-be-updated] mm-zswap-fix-crypto_free_acomp-deadlock-in-zswap_cpu_comp_dead.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: mm: zswap: fix crypto_free_acomp deadlock in zswap_cpu_comp_dead has been removed from the -mm tree. Its filename was mm-zswap-fix-crypto_free_acomp-deadlock-in-zswap_cpu_comp_dead.patch This patch was dropped because an updated version will be issued ------------------------------------------------------ From: Herbert Xu <herbert(a)gondor.apana.org.au> Subject: mm: zswap: fix crypto_free_acomp deadlock in zswap_cpu_comp_dead Date: Tue, 25 Feb 2025 16:53:58 +0800 Call crypto_free_acomp outside of the mutex in zswap_cpu_comp_dead() as otherwise this could deadlock as the allocation path may lead back into zswap while holding the same lock. Zap the pointers to acomp and buffer after freeing. Also move the NULL check on acomp_ctx so that it takes place before the mutex dereference. Link: https://lkml.kernel.org/r/Z72FJnbA39zWh4zS@gondor.apana.org.au Fixes: 12dcb0ef5406 ("mm: zswap: properly synchronize freeing resources during CPU hotunplug") Reported-by: syzbot+1a517ccfcbc6a7ab0f82(a)syzkaller.appspotmail.com Signed-off-by: Herbert Xu <herbert(a)gondor.apana.org.au> Cc: David S. Miller <davem(a)davemloft.net> Cc: Yosry Ahmed <yosry.ahmed(a)linux.dev> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/zswap.c | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) --- a/mm/zswap.c~mm-zswap-fix-crypto_free_acomp-deadlock-in-zswap_cpu_comp_dead +++ a/mm/zswap.c @@ -881,18 +881,23 @@ static int zswap_cpu_comp_dead(unsigned { struct zswap_pool *pool = hlist_entry(node, struct zswap_pool, node); struct crypto_acomp_ctx *acomp_ctx = per_cpu_ptr(pool->acomp_ctx, cpu); + struct crypto_acomp *acomp = NULL; + + if (IS_ERR_OR_NULL(acomp_ctx)) + return 0; mutex_lock(&acomp_ctx->mutex); - if (!IS_ERR_OR_NULL(acomp_ctx)) { - if (!IS_ERR_OR_NULL(acomp_ctx->req)) - acomp_request_free(acomp_ctx->req); - acomp_ctx->req = NULL; - if (!IS_ERR_OR_NULL(acomp_ctx->acomp)) - crypto_free_acomp(acomp_ctx->acomp); - kfree(acomp_ctx->buffer); - } + if (!IS_ERR_OR_NULL(acomp_ctx->req)) + acomp_request_free(acomp_ctx->req); + acomp_ctx->req = NULL; + acomp = acomp_ctx->acomp; + acomp_ctx->acomp = NULL; + kfree(acomp_ctx->buffer); + acomp_ctx->buffer = NULL; mutex_unlock(&acomp_ctx->mutex); + crypto_free_acomp(acomp); + return 0; } _ Patches currently in -mm which might be from herbert(a)gondor.apana.org.au are

7 months, 3 weeks

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror February 2025