February 2025 - Linux-stable-mirror

[PATCH] btrfs: add a sanity check for btrfs root in btrfs_search_old_slot()

by Ma Ke

When searching the extent tree to gather the needed extent info, btrfs_search_old_slot() doesn't check if the target root is NULL or not, resulting the null-ptr-deref. Add sanity check for btrfs root before using it in btrfs_search_old_slot(). Found by code review. Cc: stable(a)vger.kernel.org Fixes: 0b246afa62b0 ("btrfs: root->fs_info cleanup, add fs_info convenience variables") Signed-off-by: Ma Ke <make24(a)iscas.ac.cn> --- fs/btrfs/ctree.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/fs/btrfs/ctree.c b/fs/btrfs/ctree.c index 3dc5a35dd19b..4e2e1c38d33a 100644 --- a/fs/btrfs/ctree.c +++ b/fs/btrfs/ctree.c @@ -2232,7 +2232,7 @@ ALLOW_ERROR_INJECTION(btrfs_search_slot, ERRNO); int btrfs_search_old_slot(struct btrfs_root *root, const struct btrfs_key *key, struct btrfs_path *p, u64 time_seq) { - struct btrfs_fs_info *fs_info = root->fs_info; + struct btrfs_fs_info *fs_info; struct extent_buffer *b; int slot; int ret; @@ -2241,6 +2241,10 @@ int btrfs_search_old_slot(struct btrfs_root *root, const struct btrfs_key *key, int lowest_unlock = 1; u8 lowest_level = 0; + if (!root) + return -EINVAL; + + fs_info = root->fs_info; lowest_level = p->lowest_level; WARN_ON(p->nodes[0] != NULL); ASSERT(!p->nowait); -- 2.25.1

8 months, 1 week

3
2
0 0

[PATCH v2] perf: Add RCU read lock protection to perf_iterate_ctx()

by Breno Leitao

The perf_iterate_ctx() function performs RCU list traversal but currently lacks RCU read lock protection. This causes lockdep warnings when running perf probe with unshare(1) under CONFIG_PROVE_RCU_LIST=y: WARNING: suspicious RCU usage kernel/events/core.c:8168 RCU-list traversed in non-reader section!! Call Trace: lockdep_rcu_suspicious ? perf_event_addr_filters_apply perf_iterate_ctx perf_event_exec begin_new_exec ? load_elf_phdrs load_elf_binary ? lock_acquire ? find_held_lock ? bprm_execve bprm_execve do_execveat_common.isra.0 __x64_sys_execve do_syscall_64 entry_SYSCALL_64_after_hwframe This protection was previously present but was removed in commit bd2756811766 ("perf: Rewrite core context handling"). Add back the necessary RCU read locks around perf_iterate_ctx() call in perf_event_exec(). CC: stable(a)vger.kernel.org Fixes: bd2756811766 ("perf: Rewrite core context handling") Signed-off-by: Breno Leitao <leitao(a)debian.org> --- Changes in v2: - Use scoped_guard() instead of rcu_read_lock() as suggested by Peter Zijlstra. - Link to v1: https://lore.kernel.org/r/20250117-fix_perf_rcu-v1-1-13cb9210fc6a@debian.org --- kernel/events/core.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/kernel/events/core.c b/kernel/events/core.c index bcb09e011e9e1..7dabbcaf825a0 100644 --- a/kernel/events/core.c +++ b/kernel/events/core.c @@ -8321,7 +8321,8 @@ void perf_event_exec(void) perf_event_enable_on_exec(ctx); perf_event_remove_on_exec(ctx); - perf_iterate_ctx(ctx, perf_event_addr_filters_exec, NULL, true); + scoped_guard(rcu) + perf_iterate_ctx(ctx, perf_event_addr_filters_exec, NULL, true); perf_unpin_context(ctx); put_ctx(ctx); --- base-commit: d082ecbc71e9e0bf49883ee4afd435a77a5101b6 change-id: 20250117-fix_perf_rcu-2ff93190950a Best regards, -- Breno Leitao <leitao(a)debian.org>

8 months, 1 week

1
0
0 0

Linux 6.6.78

by Greg Kroah-Hartman

I'm announcing the release of the 6.6.78 kernel. All users of the 6.6 kernel series must upgrade. The updated 6.6.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.6.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arm/boot/dts/ti/omap/dra7-l4.dtsi | 2 arch/arm/boot/dts/ti/omap/omap3-gta04.dtsi | 10 arch/arm64/boot/dts/nvidia/tegra234.dtsi | 6 arch/arm64/boot/dts/qcom/sm6115.dtsi | 8 arch/arm64/boot/dts/qcom/sm6350.dtsi | 6 arch/arm64/boot/dts/qcom/sm6375.dtsi | 10 arch/arm64/boot/dts/qcom/sm8350.dtsi | 492 +++++------ arch/arm64/boot/dts/qcom/sm8450.dtsi | 4 arch/arm64/boot/dts/qcom/sm8550.dtsi | 9 arch/arm64/boot/dts/rockchip/rk3399-puma.dtsi | 2 arch/arm64/kvm/arch_timer.c | 4 arch/arm64/mm/hugetlbpage.c | 12 arch/loongarch/include/uapi/asm/ptrace.h | 10 arch/loongarch/kernel/ptrace.c | 6 arch/m68k/include/asm/vga.h | 8 arch/mips/kernel/ftrace.c | 2 arch/mips/loongson64/boardinfo.c | 2 arch/mips/math-emu/cp1emu.c | 2 arch/powerpc/kvm/e500_mmu_host.c | 21 arch/powerpc/platforms/pseries/eeh_pseries.c | 6 arch/s390/include/asm/futex.h | 2 arch/s390/include/asm/processor.h | 3 arch/s390/kvm/vsie.c | 25 arch/x86/boot/compressed/Makefile | 1 arch/x86/include/asm/kexec.h | 18 arch/x86/include/asm/kvm_host.h | 2 arch/x86/kernel/amd_nb.c | 4 arch/x86/kernel/machine_kexec_64.c | 45 - arch/x86/kvm/lapic.c | 66 + arch/x86/kvm/svm/svm.c | 2 arch/x86/kvm/vmx/vmx.c | 2 arch/x86/mm/ident_map.c | 23 arch/x86/pci/fixup.c | 30 arch/x86/xen/xen-head.S | 5 block/blk-cgroup.c | 1 block/fops.c | 5 drivers/acpi/apei/ghes.c | 10 drivers/acpi/prmt.c | 4 drivers/acpi/property.c | 10 drivers/ata/libata-sff.c | 18 drivers/char/misc.c | 39 drivers/char/tpm/eventlog/acpi.c | 15 drivers/clk/mediatek/clk-mt2701-aud.c | 10 drivers/clk/mediatek/clk-mt2701-bdp.c | 1 drivers/clk/mediatek/clk-mt2701-img.c | 1 drivers/clk/mediatek/clk-mt2701-mm.c | 1 drivers/clk/mediatek/clk-mt2701-vdec.c | 1 drivers/clk/qcom/Kconfig | 1 drivers/clk/qcom/clk-alpha-pll.c | 2 drivers/clk/qcom/clk-rpmh.c | 2 drivers/clk/qcom/dispcc-sm6350.c | 7 drivers/clk/qcom/gcc-mdm9607.c | 2 drivers/clk/qcom/gcc-sm6350.c | 22 drivers/clk/qcom/gcc-sm8550.c | 8 drivers/clk/sunxi-ng/ccu-sun50i-a100.c | 6 drivers/cpufreq/s3c64xx-cpufreq.c | 11 drivers/crypto/qce/aead.c | 2 drivers/crypto/qce/core.c | 13 drivers/crypto/qce/sha.c | 2 drivers/crypto/qce/skcipher.c | 2 drivers/firmware/Kconfig | 2 drivers/firmware/efi/libstub/Makefile | 2 drivers/gpio/gpio-pca953x.c | 19 drivers/gpu/drm/amd/amdkfd/kfd_process_queue_manager.c | 7 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 2 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.c | 6 drivers/gpu/drm/amd/display/dc/dce/dmub_hw_lock_mgr.c | 3 drivers/gpu/drm/amd/pm/swsmu/smu13/aldebaran_ppt.c | 1 drivers/gpu/drm/arm/display/komeda/komeda_wb_connector.c | 4 drivers/gpu/drm/bridge/analogix/anx7625.c | 2 drivers/gpu/drm/bridge/ite-it6505.c | 83 + drivers/gpu/drm/bridge/ite-it66121.c | 2 drivers/gpu/drm/display/drm_dp_cec.c | 14 drivers/gpu/drm/drm_connector.c | 1 drivers/gpu/drm/drm_edid.c | 6 drivers/gpu/drm/drm_fb_helper.c | 14 drivers/gpu/drm/exynos/exynos_hdmi.c | 2 drivers/gpu/drm/i915/display/skl_universal_plane.c | 4 drivers/gpu/drm/i915/gem/i915_gem_shmem.c | 6 drivers/gpu/drm/i915/gt/uc/intel_guc_submission.c | 20 drivers/gpu/drm/radeon/radeon_audio.c | 2 drivers/gpu/drm/rockchip/cdn-dp-core.c | 9 drivers/gpu/drm/sti/sti_hdmi.c | 2 drivers/gpu/drm/vc4/vc4_hdmi.c | 4 drivers/gpu/drm/virtio/virtgpu_drv.h | 7 drivers/gpu/drm/virtio/virtgpu_plane.c | 58 - drivers/hid/hid-sensor-hub.c | 21 drivers/hid/wacom_wac.c | 5 drivers/i2c/i2c-core-acpi.c | 22 drivers/i3c/master.c | 2 drivers/iio/light/as73211.c | 24 drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c | 17 drivers/iommu/arm/arm-smmu/arm-smmu-qcom.c | 1 drivers/irqchip/irq-apple-aic.c | 3 drivers/leds/leds-lp8860.c | 2 drivers/mailbox/tegra-hsp.c | 6 drivers/md/dm-crypt.c | 27 drivers/media/i2c/ccs/ccs-core.c | 6 drivers/media/i2c/ccs/ccs-data.c | 14 drivers/media/i2c/ds90ub913.c | 1 drivers/media/i2c/ds90ub953.c | 1 drivers/media/i2c/ds90ub960.c | 123 +- drivers/media/i2c/imx296.c | 2 drivers/media/i2c/ov5640.c | 1 drivers/media/platform/marvell/mmp-driver.c | 21 drivers/media/usb/uvc/uvc_ctrl.c | 8 drivers/media/usb/uvc/uvc_driver.c | 98 +- drivers/media/usb/uvc/uvc_video.c | 21 drivers/media/usb/uvc/uvcvideo.h | 1 drivers/media/v4l2-core/v4l2-mc.c | 2 drivers/mfd/lpc_ich.c | 3 drivers/misc/fastrpc.c | 8 drivers/mmc/core/sdio.c | 2 drivers/mmc/host/sdhci-msm.c | 53 + drivers/mtd/nand/onenand/onenand_base.c | 1 drivers/mtd/ubi/build.c | 2 drivers/net/ethernet/aquantia/atlantic/aq_nic.c | 4 drivers/net/ethernet/broadcom/genet/bcmgenet_wol.c | 16 drivers/net/ethernet/broadcom/tg3.c | 58 + drivers/net/ethernet/intel/ice/ice_devlink.c | 3 drivers/net/ethernet/intel/ice/ice_txrx.c | 79 + drivers/net/ethernet/mellanox/mlx5/core/lib/clock.c | 24 drivers/net/phy/nxp-c45-tja11xx.c | 2 drivers/net/tun.c | 2 drivers/net/usb/ipheth.c | 69 + drivers/net/vmxnet3/vmxnet3_xdp.c | 14 drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c | 5 drivers/net/wireless/broadcom/brcm80211/brcmfmac/of.c | 8 drivers/net/wireless/broadcom/brcm80211/brcmsmac/phy/phy_n.c | 3 drivers/net/wireless/intel/iwlwifi/fw/acpi.c | 13 drivers/net/wireless/mediatek/mt76/mt7915/eeprom.c | 21 drivers/net/wireless/mediatek/mt76/mt7915/init.c | 4 drivers/net/wireless/mediatek/mt76/mt7921/usb.c | 3 drivers/net/wireless/realtek/rtlwifi/rtl8821ae/fw.h | 4 drivers/net/wireless/realtek/rtw88/sdio.c | 2 drivers/net/wireless/realtek/rtw89/phy.c | 11 drivers/net/wireless/realtek/rtw89/phy.h | 2 drivers/net/wwan/iosm/iosm_ipc_pcie.c | 56 + drivers/nvme/host/core.c | 8 drivers/nvme/host/fc.c | 9 drivers/nvme/host/pci.c | 4 drivers/nvmem/core.c | 2 drivers/nvmem/imx-ocotp-ele.c | 16 drivers/nvmem/qcom-spmi-sdam.c | 1 drivers/of/base.c | 8 drivers/of/of_reserved_mem.c | 4 drivers/pci/endpoint/pci-epf-core.c | 1 drivers/pinctrl/samsung/pinctrl-samsung.c | 2 drivers/platform/x86/acer-wmi.c | 4 drivers/platform/x86/intel/int3472/discrete.c | 3 drivers/platform/x86/intel/int3472/tps68470.c | 3 drivers/ptp/ptp_clock.c | 8 drivers/pwm/pwm-microchip-core.c | 2 drivers/rtc/rtc-zynqmp.c | 4 drivers/scsi/qla2xxx/qla_def.h | 2 drivers/scsi/qla2xxx/qla_dfs.c | 124 ++ drivers/scsi/qla2xxx/qla_gbl.h | 3 drivers/scsi/qla2xxx/qla_init.c | 28 drivers/scsi/st.c | 6 drivers/scsi/st.h | 1 drivers/scsi/storvsc_drv.c | 1 drivers/soc/mediatek/mtk-devapc.c | 18 drivers/soc/qcom/smem_state.c | 3 drivers/soc/qcom/socinfo.c | 2 drivers/spi/atmel-quadspi.c | 118 +- drivers/tty/serial/sh-sci.c | 25 drivers/tty/serial/xilinx_uartps.c | 10 drivers/ufs/host/ufs-qcom.c | 18 drivers/usb/gadget/function/f_tcm.c | 54 - drivers/vfio/platform/vfio_platform_common.c | 10 fs/binfmt_flat.c | 2 fs/btrfs/file.c | 2 fs/btrfs/inode.c | 4 fs/btrfs/ordered-data.c | 12 fs/btrfs/relocation.c | 14 fs/btrfs/transaction.c | 4 fs/cachefiles/interface.c | 14 fs/cachefiles/ondemand.c | 30 fs/exec.c | 29 fs/nfs/flexfilelayout/flexfilelayout.c | 27 fs/nilfs2/inode.c | 6 fs/ocfs2/dir.c | 25 fs/ocfs2/super.c | 2 fs/ocfs2/symlink.c | 5 fs/proc/array.c | 2 fs/smb/client/cifsglob.h | 14 fs/smb/client/dir.c | 6 fs/smb/client/smb1ops.c | 2 fs/smb/client/smb2inode.c | 108 +- fs/smb/client/smb2ops.c | 18 fs/smb/client/smb2pdu.c | 2 fs/smb/client/smb2proto.h | 2 fs/smb/server/transport_ipc.c | 9 fs/xfs/xfs_inode.c | 7 fs/xfs/xfs_iomap.c | 6 include/drm/drm_connector.h | 5 include/linux/binfmts.h | 4 include/linux/kvm_host.h | 9 include/linux/mlx5/driver.h | 1 include/net/sch_generic.h | 2 include/rv/da_monitor.h | 4 include/trace/events/rxrpc.h | 1 include/uapi/linux/input-event-codes.h | 1 include/ufs/ufs.h | 4 io_uring/io_uring.c | 5 io_uring/net.c | 5 io_uring/poll.c | 4 io_uring/rw.c | 10 kernel/printk/printk.c | 2 kernel/sched/core.c | 6 kernel/trace/trace_osnoise.c | 17 lib/Kconfig.debug | 8 lib/maple_tree.c | 23 mm/kfence/core.c | 2 mm/kmemleak.c | 2 net/bluetooth/l2cap_sock.c | 7 net/bluetooth/mgmt.c | 12 net/ipv4/udp.c | 4 net/ipv6/udp.c | 4 net/mptcp/pm_netlink.c | 3 net/mptcp/protocol.c | 1 net/ncsi/internal.h | 2 net/ncsi/ncsi-cmd.c | 3 net/ncsi/ncsi-manage.c | 38 net/ncsi/ncsi-pkt.h | 10 net/ncsi/ncsi-rsp.c | 58 - net/nfc/nci/hci.c | 2 net/rose/af_rose.c | 24 net/rxrpc/ar-internal.h | 2 net/rxrpc/call_object.c | 6 net/rxrpc/conn_event.c | 21 net/rxrpc/conn_object.c | 1 net/rxrpc/input.c | 2 net/rxrpc/sendmsg.c | 2 net/sched/sch_netem.c | 2 net/tipc/crypto.c | 4 rust/kernel/init.rs | 2 scripts/Makefile.extrawarn | 5 scripts/gdb/linux/cpus.py | 2 security/safesetid/securityfs.c | 3 security/tomoyo/common.c | 2 sound/pci/hda/hda_auto_parser.c | 8 sound/pci/hda/hda_auto_parser.h | 1 sound/pci/hda/patch_realtek.c | 2 sound/soc/amd/Kconfig | 2 sound/soc/amd/yc/acp6x-mach.c | 28 sound/soc/soc-pcm.c | 32 tools/perf/bench/epoll-wait.c | 7 tools/testing/selftests/net/ipsec.c | 3 tools/testing/selftests/net/mptcp/mptcp_connect.c | 2 tools/testing/selftests/net/mptcp/mptcp_join.sh | 2 tools/testing/selftests/net/udpgso.c | 26 tools/tracing/rtla/src/osnoise.c | 2 tools/tracing/rtla/src/timerlat_hist.c | 26 tools/tracing/rtla/src/timerlat_top.c | 27 tools/tracing/rtla/src/trace.c | 8 tools/tracing/rtla/src/trace.h | 1 258 files changed, 2394 insertions(+), 1205 deletions(-) Alex Williamson (1): vfio/platform: check the bounds of read/write syscalls Alexander Sverdlin (1): leds: lp8860: Write full EEPROM, not only half of it Anandu Krishnan E (1): misc: fastrpc: Deregister device nodes properly in error scenarios Anastasia Belova (1): clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate Andreas Kemnade (1): ARM: dts: ti/omap: gta04: fix pm issues caused by spi module Andy Shevchenko (1): ACPI: property: Fix return value for nval == 0 in acpi_data_prop_read() Anshuman Khandual (1): arm64/mm: Ensure adequate HUGE_MAX_HSTATE Armin Wolf (1): platform/x86: acer-wmi: Ignore AC events Aubrey Li (1): ACPI: PRM: Remove unnecessary strict handler address checks Bao D. Nguyen (1): scsi: ufs: core: Fix the HIGH/LOW_TEMP Bit Definitions Bartosz Golaszewski (2): crypto: qce - fix goto jump in error path crypto: qce - unregister previously registered algos in error path Bence Csókás (1): spi: atmel-qspi: Memory barriers after memory-mapped I/O Bitterblue Smith (1): wifi: rtlwifi: rtl8821ae: Fix media status report Borislav Petkov (1): APEI: GHES: Have GHES honor the panic= setting Brad Griffis (1): arm64: tegra: Fix Tegra234 PCIe interrupt-map Brian Geffon (1): drm/i915: Fix page cleanup on DMA remap failure Carlos Llamas (1): lockdep: Fix upper limit for LOCKDEP_*_BITS configs Catalin Marinas (1): mm: kmemleak: fix upper boundary check for physical address objects Chih-Kang Chang (1): wifi: rtw89: add crystal_cap check to avoid setting as overflow value Claudiu Beznea (2): serial: sh-sci: Drop __initdata macro for port_cfg serial: sh-sci: Do not probe the serial port if its slot in sci_ports[] is in use Cody Eksal (1): clk: sunxi-ng: a100: enable MMC clock reparenting Cong Wang (1): netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() Conor Dooley (1): pwm: microchip-core: fix incorrect comparison with max period Cosmin Tanislav (1): media: mc: fix endpoint iteration Csókás, Bence (1): spi: atmel-quadspi: Create `atmel_qspi_ops` to support newer SoC families Dan Carpenter (4): tipc: re-order conditions in tipc_crypto_key_rcv() binfmt_flat: Fix integer overflow bug on 32 bit systems ksmbd: fix integer overflows on 32 bit systems NFC: nci: Add bounds checking in nci_hci_create_pipe() Daniel Golle (5): clk: mediatek: mt2701-vdec: fix conversion to mtk_clk_simple_probe clk: mediatek: mt2701-aud: fix conversion to mtk_clk_simple_probe clk: mediatek: mt2701-bdp: add missing dummy clk clk: mediatek: mt2701-img: add missing dummy clk clk: mediatek: mt2701-mm: add missing dummy clk Daniel Wagner (2): nvme: handle connectivity loss in nvme_set_queue_count nvme-fc: use ctrl state getter Daniele Ceraolo Spurio (1): drm/i915/guc: Debug print LRC state entries only if the context is pinned David Hildenbrand (1): KVM: s390: vsie: fix some corner-cases when grabbing vsie pages David Howells (2): rxrpc: Fix the rxrpc_connection attend queue handling rxrpc: Fix call state set to not include the SERVER_SECURING state David Woodhouse (1): x86/kexec: Allocate PGD for x86_64 transition page tables separately Denis Arefev (1): ubi: Add a check for ubi_num Dmitry Antipov (1): wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() Dmitry Baryshkov (9): drm/connector: add mutex to protect ELD from concurrent access drm/bridge: anx7625: use eld_mutex to protect access to connector->eld drm/bridge: ite-it66121: use eld_mutex to protect access to connector->eld drm/amd/display: use eld_mutex to protect access to connector->eld drm/exynos: hdmi: use eld_mutex to protect access to connector->eld drm/radeon: use eld_mutex to protect access to connector->eld drm/sti: hdmi: use eld_mutex to protect access to connector->eld drm/vc4: hdmi: use eld_mutex to protect access to connector->eld arm64: dts: qcom: sm8550: correct MDSS interconnects Dongwon Kim (1): drm/virtio: New fence for every plane update Edson Juliano Drosdeck (1): ALSA: hda/realtek: Enable headset mic on Positivo C6400 Ekansh Gupta (2): misc: fastrpc: Fix registered buffer page address misc: fastrpc: Fix copy buffer page size Eric Biggers (2): scsi: ufs: qcom: Fix crypto key eviction crypto: qce - fix priority to be less than ARMv8 CE Eric Dumazet (1): net: rose: lock the socket in rose_bind() Even Xu (1): HID: Wacom: Add PCI Wacom device support Fangzhi Zuo (1): drm/amd/display: Fix Mode Cutoff in DSC Passthrough to DP2.1 Monitor Fedor Pchelkin (2): Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc Bluetooth: L2CAP: accept zero as a special value for MTU auto-selection Filipe Manana (3): btrfs: fix assertion failure when splitting ordered extent after transaction abort btrfs: fix use-after-free when attempting to join an aborted transaction btrfs: avoid monopolizing a core when activating a swap file Fiona Klute (1): wifi: rtw88: sdio: Fix disconnection after beacon loss Florian Fainelli (1): net: bcmgenet: Correct overlaying of PHY and MAC Wake-on-LAN Foster Snowhill (7): usbnet: ipheth: fix possible overflow in DPE length check usbnet: ipheth: use static NDP16 location in URB usbnet: ipheth: check that DPE points past NCM header usbnet: ipheth: refactor NCM datagram loop usbnet: ipheth: break up NCM header size computation usbnet: ipheth: fix DPE OoB read usbnet: ipheth: document scope of NCM implementation Frank Li (1): i3c: master: Fix missing 'ret' assignment in set_speed() Gabor Juhos (1): clk: qcom: clk-alpha-pll: fix alpha mode configuration Gabriele Monaco (1): rv: Reset per-task monitors also for idle tasks Georg Gottleuber (2): nvme-pci: Add TUXEDO InfinityFlex to Samsung sleep quirk nvme-pci: Add TUXEDO IBP Gen9 to Samsung sleep quirk Greg Kroah-Hartman (1): Linux 6.6.78 Hans Verkuil (1): gpu: drm_dp_cec: fix broken CEC adapter properties check Hans de Goede (2): mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id platform/x86: int3472: Check for adev == NULL Hao-ran Zheng (1): btrfs: fix data race when accessing the inode's disk_i_size at btrfs_drop_extents() Haoxiang Li (1): drm/komeda: Add check for komeda_get_layer_fourcc_list() Heiko Carstens (1): s390/futex: Fix FUTEX_OP_ANDN implementation Heiko Stuebner (1): HID: hid-sensor-hub: don't use stale platform-data on remove Heming Zhao (1): ocfs2: fix incorrect CPU endianness conversion causing mount failure Hermes Wu (5): drm/bridge: it6505: Change definition MAX_HDCP_DOWN_STREAM_COUNT drm/bridge: it6505: fix HDCP Bstatus check drm/bridge: it6505: fix HDCP encryption when R0 ready drm/bridge: it6505: fix HDCP CTS compare V matching drm/bridge: it6505: fix HDCP CTS KSV list wait timer Hou Tao (2): dm-crypt: don't update io->sector after kcryptd_crypt_write_io_submit() dm-crypt: track tag_offset in convert_context Ido Schimmel (1): net: sched: Fix truncation of offloaded action statistics Illia Ostapyshyn (1): Input: allocate keycode for phone linking Ivan Stepchenko (1): mtd: onenand: Fix uninitialized retlen in do_otp_read() Jacob Moroni (1): net: atlantic: fix warning during hot unplug Jakob Unterwurzacher (1): arm64: dts: rockchip: increase gmac rx_delay on rk3399-puma Jan Kiszka (1): scripts/gdb: fix aarch64 userspace detection in get_current_task Jarkko Sakkinen (1): tpm: Change to kvalloc() in eventlog/acpi.c Javier Carrasco (2): iio: light: as73211: fix channel handling in only-color triggered buffer pinctrl: samsung: fix fwnode refcount cleanup if platform_get_irq_optional() fails Jennifer Berringer (1): nvmem: core: improve range check for nvmem_cell_write() Jens Axboe (2): block: don't revert iter for -EIOCBQUEUED io_uring/net: don't retry connect operation on EPOLLERR Jiasheng Jiang (1): ice: Add check for devm_kzalloc() Josef Bacik (1): btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling Juergen Gross (2): x86/xen: fix xen_hypercall_hvm() to not clobber %rbx x86/xen: add FRAME_END to xen_hypercall_hvm() Kai Mäkisara (1): scsi: st: Don't set pos_unknown just after device recognition Kees Cook (1): exec: fix up /proc/pid/comm in the execveat(AT_EMPTY_PATH) case Kexy Biscuit (1): MIPS: Loongson64: remove ROM Size unit in boardinfo Koichiro Den (1): Revert "btrfs: avoid monopolizing a core when activating a swap file" Konrad Dybcio (1): clk: qcom: Make GCC_8150 depend on QCOM_GDSC Krzysztof Kozlowski (17): arm64: dts: qcom: sm6115: Fix MPSS memory length arm64: dts: qcom: sm6115: Fix CDSP memory length arm64: dts: qcom: sm6115: Fix ADSP memory base and length arm64: dts: qcom: sm6350: Fix ADSP memory length arm64: dts: qcom: sm6350: Fix MPSS memory length arm64: dts: qcom: sm6375: Fix ADSP memory length arm64: dts: qcom: sm6375: Fix CDSP memory base and length arm64: dts: qcom: sm6375: Fix MPSS memory base and length arm64: dts: qcom: sm8350: Fix ADSP memory base and length arm64: dts: qcom: sm8350: Fix CDSP memory base and length arm64: dts: qcom: sm8350: Fix MPSS memory length arm64: dts: qcom: sm8450: Fix CDSP memory length arm64: dts: qcom: sm8450: Fix MPSS memory length arm64: dts: qcom: sm8550: Fix CDSP memory length arm64: dts: qcom: sm8550: Fix MPSS memory length soc: mediatek: mtk-devapc: Fix leaking IO map on error paths soc: qcom: smem_state: fix missing of_node_put in error path Kuan-Wei Chiu (3): printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX perf bench: Fix undefined behavior in cmpworker() ALSA: hda: Fix headset detection failure due to unstable sort Kuninori Morimoto (1): ASoC: soc-pcm: don't use soc_pcm_ret() on .prepare callback Lenny Szubowicz (1): tg3: Disable tg3 PCIe AER on system reboot Leo Stone (1): safesetid: check size of policy writes Lijo Lazar (1): drm/amd/pm: Mark MM activity as unsupported Liu Ye (1): selftests/net/ipsec: Fix Null pointer dereference in rtattr_pack() Long Li (1): scsi: storvsc: Set correct data length for sending SCSI command without payload Lubomir Rintel (1): media: mmp: Bring back registration of the device Luca Weiss (4): clk: qcom: gcc-sm6350: Add missing parent_map for two clocks clk: qcom: dispcc-sm6350: Add missing parent_map for a clock arm64: dts: qcom: sm6350: Fix uart1 interconnect path nvmem: qcom-spmi-sdam: Set size in struct nvmem_config Maarten Lankhorst (1): drm/modeset: Handle tiled displays in pan_display_atomic. Maciej Fijalkowski (1): ice: put Rx buffers after being done with current frame Maciej S. Szmigiero (1): net: wwan: iosm: Fix hibernation by re-binding the driver around it Manivannan Sadhasivam (1): clk: qcom: gcc-sm8550: Do not turn off PCIe GDSCs during gdsc_disable() Marc Zyngier (1): KVM: arm64: timer: Always evaluate the need for a soft timer Marcel Hamer (1): wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() Marco Elver (1): kfence: skip __GFP_THISNODE allocations on NUMA systems Mario Limonciello (1): ASoC: acp: Support microphone from Lenovo Go S Mark Tomlinson (1): gpio: pca953x: Improve interrupt support Mateusz Jończyk (1): mips/math-emu: fix emulation of the prefx instruction Matthew Wilcox (Oracle) (1): ocfs2: handle a symlink read error correctly Matthieu Baerts (NGI0) (3): selftests: mptcp: connect: -f: no reconnect mptcp: pm: only set fullmesh for subflow endp selftests: mptcp: join: fix AF_INET6 variable Mazin Al Haddad (1): Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync Meetakshi Setiya (1): smb: client: change lease epoch type from unsigned int to __u16 Mehdi Djait (1): media: ccs: Fix cleanup order in ccs_probe() Michal Simek (1): rtc: zynqmp: Fix optional clock name property Miguel Ojeda (1): rust: init: use explicit ABI to clean warning in future compilers Mike Snitzer (1): pnfs/flexfiles: retry getting layout segment for reads Milos Reljin (1): net: phy: c45-tjaxx: add delay between MDIO write and read in soft_reset Miri Korenblit (1): wifi: iwlwifi: avoid memory leak Nam Cao (1): fs/proc: do_task_stat: Fix ESP not readable during coredump Narayana Murty N (1): powerpc/pseries/eeh: Fix get PE state translation Nathan Chancellor (3): efi: libstub: Use '-std=gnu11' to fix build with GCC 15 kbuild: Move -Wenum-enum-conversion to W=2 x86/boot: Use '-std=gnu11' to fix build with GCC 15 Naushir Patuck (1): media: imx296: Add standby delay during probe Nick Chan (1): irqchip/apple-aic: Only handle PMC interrupt as FIQ when configured so Nick Morrow (1): wifi: mt76: mt7921u: Add VID/PID for TP-Link TXE50UH Nikita Zhandarovich (1): nilfs2: fix possible int overflows in nilfs_fiemap() Niklas Cassel (1): ata: libata-sff: Ensure that we cannot write outside the allocated buffer Paolo Abeni (1): mptcp: prevent excessive coalescing on receive Paolo Bonzini (1): KVM: e500: always restore irqs Paul Fertser (3): net/ncsi: fix locking in Get MAC Address handling net/ncsi: wait for the last response to Deselect Package before configuring channel net/ncsi: use dev_set_mac_address() for Get MC MAC Address handling Pavel Begunkov (3): io_uring: fix multishots with selected buffers io_uring: fix io_req_prep_async with provided buffers io_uring/rw: commit provided buffer state on async Pekka Pessi (1): mailbox: tegra-hsp: Clear mailbox before using message Peter Delevoryas (1): net/ncsi: Add NC-SI 1.2 Get MC MAC Address command Prasad Pandit (1): firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry Prike Liang (1): drm/amdkfd: only flush the validate MES contex Quinn Tran (1): scsi: qla2xxx: Move FCE Trace buffer allocation to user control Randolph Ha (1): i2c: Force ELAN06FA touchpad I2C bus freq to 100KHz Ricardo Ribalda (4): media: uvcvideo: Fix crash during unbind if gpio unit is in use media: uvcvideo: Fix event flags in uvc_ctrl_send_events media: uvcvideo: Support partial control reads media: uvcvideo: Remove redundant NULL assignment Richard Acayan (1): iommu/arm-smmu-qcom: add sdm670 adreno iommu compatible Robin Murphy (1): iommu/arm-smmu-v3: Clean up more on probe failure Romain Naour (1): ARM: dts: dra7: Add bus_dma_limit for l4 cfg bus Ruben Devos (1): smb: client: fix order of arguments of tracepoints Sakari Ailus (2): media: ccs: Clean up parsed CCS static data on parse failure media: ccs: Fix CCS static data parsing for large block sizes Sam Bobrowicz (1): media: ov5640: fix get_light_freq on auto Sankararaman Jayaraman (1): vmxnet3: Fix tx queue race condition with XDP Sascha Hauer (3): nvmem: imx-ocotp-ele: simplify read beyond device check nvmem: imx-ocotp-ele: fix reading from non zero offset nvmem: imx-ocotp-ele: set word length to 1 Satya Priya Kakitapalli (1): clk: qcom: gcc-mdm9607: Fix cmd_rcgr offset for blsp1_uart6 rcg Sean Anderson (1): tty: xilinx_uartps: split sysrq handling Sean Christopherson (6): KVM: PPC: e500: Mark "struct page" dirty in kvmppc_e500_shadow_map() KVM: PPC: e500: Mark "struct page" pfn accessed before dropping mmu_lock KVM: PPC: e500: Use __kvm_faultin_pfn() to handle page faults KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() KVM: x86: Make x2APIC ID 100% readonly KVM: x86: Re-split x2APIC ICR into ICR+ICR2 for AMD (x2AVIC) Sebastian Wiese-Wagner (1): ALSA: hda/realtek: Enable Mute LED on HP Laptop 14s-fq1xxx Shawn Lin (1): mmc: core: Respect quirk_max_rate for non-UHS SDIO card Shayne Chen (1): wifi: mt76: mt7915: add module param to select 5 GHz or 6 GHz on MT7916 Stas Sergeev (1): tun: fix group permission check Stefan Dösinger (1): wifi: brcmfmac: Check the return value of of_property_read_string_index() Stephan Gerhold (1): soc: qcom: socinfo: Avoid out of bounds read of serial number Steve Wahl (1): x86/mm/ident_map: Use gbpages only where full GB page should be mapped. Steven Rostedt (1): tracing/osnoise: Fix resetting of tracepoints Su Yue (1): ocfs2: check dir i_size in ocfs2_find_entry Suleiman Souhlal (1): sched: Don't try to catch up excess steal time. Sumit Gupta (2): arm64: tegra: Fix typo in Tegra234 dce-fabric compatible arm64: tegra: Disable Tegra234 sce-fabric node Sven Schnelle (1): s390/stackleak: Use exrl instead of ex in __stackleak_poison() Tetsuo Handa (1): tomoyo: don't emit warning in tomoyo_write_control() Thadeu Lima de Souza Cascardo (1): Revert "media: uvcvideo: Require entities to have a non-zero unique ID" Thinh Nguyen (4): usb: gadget: f_tcm: Translate error to sense usb: gadget: f_tcm: Decrement command ref count on cleanup usb: gadget: f_tcm: ep_autoconfig with fullspeed endpoint usb: gadget: f_tcm: Don't prepare BOT write request twice Thomas Weißschuh (1): ptp: Ensure info->enable callback is always set Thomas Zimmermann (2): m68k: vga: Fix I/O defines drm/rockchip: cdn-dp: Use drm_connector_helper_hpd_irq_event() Tiezhu Yang (1): LoongArch: Extend the maximum number of watchpoints Tom Chung (1): Revert "drm/amd/display: Use HW lock mgr for PSR1" Tomas Glozar (6): rtla/osnoise: Distinguish missing workload option rtla/timerlat_hist: Set OSNOISE_WORKLOAD for kernel threads rtla/timerlat_top: Set OSNOISE_WORKLOAD for kernel threads rtla: Add trace_instance_stop rtla/timerlat_hist: Stop timerlat tracer on signal rtla/timerlat_top: Stop timerlat tracer on signal Tomi Valkeinen (5): media: i2c: ds90ub960: Fix UB9702 refclk register access media: i2c: ds90ub9x3: Fix extra fwnode_handle_put() media: i2c: ds90ub960: Fix use of non-existing registers on UB9702 media: i2c: ds90ub960: Fix UB9702 VC map media: i2c: ds90ub960: Fix logging SP & EQ status only for UB9702 Vadim Fedorenko (1): net/mlx5: use do_aux_work for PHC overflow checks Ville Syrjälä (1): drm/i915: Drop 64bpp YUV formats from ICL+ SDR planes Vimal Agrawal (1): misc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors Viresh Kumar (1): cpufreq: s3c64xx: Fix compilation warning WangYuli (1): MIPS: ftrace: Declare ftrace_get_parent_ra_addr() as static Wei Yang (1): maple_tree: simplify split calculation Wentao Liang (2): xfs: Propagate errors from xfs_reflink_cancel_cow_range in xfs_dax_write_iomap_end xfs: Add error handling for xfs_reflink_cancel_cow_range Werner Sembach (1): PCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1 Willem de Bruijn (1): tun: revert fix group permission check Yan Zhai (1): udp: gso: do not drop small packets when PMTU reduces Yazen Ghannam (1): x86/amd_nb: Restrict init function to AMD-based systems Yu-Chun Lin (1): ASoC: amd: Add ACPI dependency to fix build error Yuanjie Yang (1): mmc: sdhci-msm: Correctly set the load for the regulator Zijun Hu (5): blk-cgroup: Fix class @block_class's subsystem refcount leakage of: Correct child specifier used as input of the 2nd nexus node of: Fix of_find_node_opts_by_path() handling of alias+path+options of: reserved-memory: Fix using wrong number of cells to get property 'alignment' PCI: endpoint: Finish virtual EP removal in pci_epf_remove_vepf() Zizhi Wo (1): cachefiles: Fix NULL pointer dereference in object->file

8 months, 1 week

2
3
0 0

FAILED: patch "[PATCH] drm/amdkfd: Ensure consistent barrier state saved in gfx12" failed to apply to 6.13-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.13-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.13.y git checkout FETCH_HEAD git cherry-pick -x d584198a6fe4c51f4aa88ad72f258f8961a0f11c # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025021802-scrimmage-oppressor-8e61@gregkh' --subject-prefix 'PATCH 6.13.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From d584198a6fe4c51f4aa88ad72f258f8961a0f11c Mon Sep 17 00:00:00 2001 From: Lancelot SIX <lancelot.six(a)amd.com> Date: Tue, 28 Jan 2025 19:16:49 +0000 Subject: [PATCH] drm/amdkfd: Ensure consistent barrier state saved in gfx12 trap handler It is possible for some waves in a workgroup to finish their save sequence before the group leader has had time to capture the workgroup barrier state. When this happens, having those waves exit do impact the barrier state. As a consequence, the state captured by the group leader is invalid, and is eventually incorrectly restored. This patch proposes to have all waves in a workgroup wait for each other at the end of their save sequence (just before calling s_endpgm_saved). Signed-off-by: Lancelot SIX <lancelot.six(a)amd.com> Reviewed-by: Jay Cornwall <jay.cornwall(a)amd.com> Signed-off-by: Alex Deucher <alexander.deucher(a)amd.com> Cc: stable(a)vger.kernel.org # 6.12.x diff --git a/drivers/gpu/drm/amd/amdkfd/cwsr_trap_handler.h b/drivers/gpu/drm/amd/amdkfd/cwsr_trap_handler.h index 984f0e705078..651660958e5b 100644 --- a/drivers/gpu/drm/amd/amdkfd/cwsr_trap_handler.h +++ b/drivers/gpu/drm/amd/amdkfd/cwsr_trap_handler.h @@ -4121,7 +4121,8 @@ static const uint32_t cwsr_trap_gfx12_hex[] = { 0x0000ffff, 0x8bfe7e7e, 0x8bea6a6a, 0xb97af804, 0xbe804ec2, 0xbf94fffe, - 0xbe804a6c, 0xbfb10000, + 0xbe804a6c, 0xbe804ec2, + 0xbf94fffe, 0xbfb10000, 0xbf9f0000, 0xbf9f0000, 0xbf9f0000, 0xbf9f0000, 0xbf9f0000, 0x00000000, diff --git a/drivers/gpu/drm/amd/amdkfd/cwsr_trap_handler_gfx12.asm b/drivers/gpu/drm/amd/amdkfd/cwsr_trap_handler_gfx12.asm index 1740e98c6719..7b9d36e5fa43 100644 --- a/drivers/gpu/drm/amd/amdkfd/cwsr_trap_handler_gfx12.asm +++ b/drivers/gpu/drm/amd/amdkfd/cwsr_trap_handler_gfx12.asm @@ -1049,6 +1049,10 @@ L_SKIP_BARRIER_RESTORE: s_rfe_b64 s_restore_pc_lo //Return to the main shader program and resume execution L_END_PGM: + // Make sure that no wave of the workgroup can exit the trap handler + // before the workgroup barrier state is saved. + s_barrier_signal -2 + s_barrier_wait -2 s_endpgm_saved end

8 months, 1 week

4
3
0 0

FAILED: patch "[PATCH] drm/amdkfd: Ensure consistent barrier state saved in gfx12" failed to apply to 6.12-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.12-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.12.y git checkout FETCH_HEAD git cherry-pick -x d584198a6fe4c51f4aa88ad72f258f8961a0f11c # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025021803-fondness-ship-dc72@gregkh' --subject-prefix 'PATCH 6.12.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From d584198a6fe4c51f4aa88ad72f258f8961a0f11c Mon Sep 17 00:00:00 2001 From: Lancelot SIX <lancelot.six(a)amd.com> Date: Tue, 28 Jan 2025 19:16:49 +0000 Subject: [PATCH] drm/amdkfd: Ensure consistent barrier state saved in gfx12 trap handler It is possible for some waves in a workgroup to finish their save sequence before the group leader has had time to capture the workgroup barrier state. When this happens, having those waves exit do impact the barrier state. As a consequence, the state captured by the group leader is invalid, and is eventually incorrectly restored. This patch proposes to have all waves in a workgroup wait for each other at the end of their save sequence (just before calling s_endpgm_saved). Signed-off-by: Lancelot SIX <lancelot.six(a)amd.com> Reviewed-by: Jay Cornwall <jay.cornwall(a)amd.com> Signed-off-by: Alex Deucher <alexander.deucher(a)amd.com> Cc: stable(a)vger.kernel.org # 6.12.x diff --git a/drivers/gpu/drm/amd/amdkfd/cwsr_trap_handler.h b/drivers/gpu/drm/amd/amdkfd/cwsr_trap_handler.h index 984f0e705078..651660958e5b 100644 --- a/drivers/gpu/drm/amd/amdkfd/cwsr_trap_handler.h +++ b/drivers/gpu/drm/amd/amdkfd/cwsr_trap_handler.h @@ -4121,7 +4121,8 @@ static const uint32_t cwsr_trap_gfx12_hex[] = { 0x0000ffff, 0x8bfe7e7e, 0x8bea6a6a, 0xb97af804, 0xbe804ec2, 0xbf94fffe, - 0xbe804a6c, 0xbfb10000, + 0xbe804a6c, 0xbe804ec2, + 0xbf94fffe, 0xbfb10000, 0xbf9f0000, 0xbf9f0000, 0xbf9f0000, 0xbf9f0000, 0xbf9f0000, 0x00000000, diff --git a/drivers/gpu/drm/amd/amdkfd/cwsr_trap_handler_gfx12.asm b/drivers/gpu/drm/amd/amdkfd/cwsr_trap_handler_gfx12.asm index 1740e98c6719..7b9d36e5fa43 100644 --- a/drivers/gpu/drm/amd/amdkfd/cwsr_trap_handler_gfx12.asm +++ b/drivers/gpu/drm/amd/amdkfd/cwsr_trap_handler_gfx12.asm @@ -1049,6 +1049,10 @@ L_SKIP_BARRIER_RESTORE: s_rfe_b64 s_restore_pc_lo //Return to the main shader program and resume execution L_END_PGM: + // Make sure that no wave of the workgroup can exit the trap handler + // before the workgroup barrier state is saved. + s_barrier_signal -2 + s_barrier_wait -2 s_endpgm_saved end

8 months, 1 week

4
3
0 0

[PATCH v2] auxdisplay: hd44780: Fix an API misuse in hd44780.c

by Haoxiang Li

Variable allocated by charlcd_alloc() should be released by charlcd_free(). The following patch changed kfree() to charlcd_free() to fix an API misuse. Fixes: 718e05ed92ec ("auxdisplay: Introduce hd44780_common.[ch]") Cc: stable(a)vger.kernel.org Signed-off-by: Haoxiang Li <haoxiang_li2024(a)163.com> --- Changes in v2: - Merge the two patches into one. - Modify the patch description. Sorry Geert, I didn't see your reply until after I sent the second patch. I've merged the two patches into one, hoping to make your work a bit easier! Thanks a lot! --- drivers/auxdisplay/hd44780.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/auxdisplay/hd44780.c b/drivers/auxdisplay/hd44780.c index 0526f0d90a79..9d0ae9c02e9b 100644 --- a/drivers/auxdisplay/hd44780.c +++ b/drivers/auxdisplay/hd44780.c @@ -313,7 +313,7 @@ static int hd44780_probe(struct platform_device *pdev) fail3: kfree(hd); fail2: - kfree(lcd); + charlcd_free(lcd); fail1: kfree(hdc); return ret; @@ -328,7 +328,7 @@ static void hd44780_remove(struct platform_device *pdev) kfree(hdc->hd44780); kfree(lcd->drvdata); - kfree(lcd); + charlcd_free(lcd); } static const struct of_device_id hd44780_of_match[] = { -- 2.25.1

8 months, 1 week

3
7
0 0

FAILED: patch "[PATCH] xfs: fix mount hang during primary superblock recovery" failed to apply to 6.6-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.6-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y git checkout FETCH_HEAD git cherry-pick -x efebe42d95fbba91dca6e3e32cb9e0612eb56de5 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025022413-skedaddle-gloss-62e4@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From efebe42d95fbba91dca6e3e32cb9e0612eb56de5 Mon Sep 17 00:00:00 2001 From: Long Li <leo.lilong(a)huawei.com> Date: Sat, 11 Jan 2025 15:05:44 +0800 Subject: [PATCH] xfs: fix mount hang during primary superblock recovery failure When mounting an image containing a log with sb modifications that require log replay, the mount process hang all the time and stack as follows: [root@localhost ~]# cat /proc/557/stack [<0>] xfs_buftarg_wait+0x31/0x70 [<0>] xfs_buftarg_drain+0x54/0x350 [<0>] xfs_mountfs+0x66e/0xe80 [<0>] xfs_fs_fill_super+0x7f1/0xec0 [<0>] get_tree_bdev_flags+0x186/0x280 [<0>] get_tree_bdev+0x18/0x30 [<0>] xfs_fs_get_tree+0x1d/0x30 [<0>] vfs_get_tree+0x2d/0x110 [<0>] path_mount+0xb59/0xfc0 [<0>] do_mount+0x92/0xc0 [<0>] __x64_sys_mount+0xc2/0x160 [<0>] x64_sys_call+0x2de4/0x45c0 [<0>] do_syscall_64+0xa7/0x240 [<0>] entry_SYSCALL_64_after_hwframe+0x76/0x7e During log recovery, while updating the in-memory superblock from the primary SB buffer, if an error is encountered, such as superblock corruption occurs or some other reasons, we will proceed to out_release and release the xfs_buf. However, this is insufficient because the xfs_buf's log item has already been initialized and the xfs_buf is held by the buffer log item as follows, the xfs_buf will not be released, causing the mount thread to hang. xlog_recover_do_primary_sb_buffer xlog_recover_do_reg_buffer xlog_recover_validate_buf_type xfs_buf_item_init(bp, mp) The solution is straightforward, we simply need to allow it to be handled by the normal buffer write process. The filesystem will be shutdown before the submission of buffer_list in xlog_do_recovery_pass(), ensuring the correct release of the xfs_buf as follows: xlog_do_recovery_pass error = xlog_recover_process xlog_recover_process_data xlog_recover_process_ophdr xlog_recovery_process_trans ... xlog_recover_buf_commit_pass2 error = xlog_recover_do_primary_sb_buffer //Encounter error and return if (error) goto out_writebuf ... out_writebuf: xfs_buf_delwri_queue(bp, buffer_list) //add bp to list return error ... if (!list_empty(&buffer_list)) if (error) xlog_force_shutdown(log, SHUTDOWN_LOG_IO_ERROR); //shutdown first xfs_buf_delwri_submit(&buffer_list); //submit buffers in list __xfs_buf_submit if (bp->b_mount->m_log && xlog_is_shutdown(bp->b_mount->m_log)) xfs_buf_ioend_fail(bp) //release bp correctly Fixes: 6a18765b54e2 ("xfs: update the file system geometry after recoverying superblock buffers") Cc: stable(a)vger.kernel.org # v6.12 Signed-off-by: Long Li <leo.lilong(a)huawei.com> Reviewed-by: Darrick J. Wong <djwong(a)kernel.org> Reviewed-by: Christoph Hellwig <hch(a)lst.de> Signed-off-by: Carlos Maiolino <cem(a)kernel.org> diff --git a/fs/xfs/xfs_buf_item_recover.c b/fs/xfs/xfs_buf_item_recover.c index b05d5b81f642..05a2f6927c12 100644 --- a/fs/xfs/xfs_buf_item_recover.c +++ b/fs/xfs/xfs_buf_item_recover.c @@ -1087,7 +1087,7 @@ xlog_recover_buf_commit_pass2( error = xlog_recover_do_primary_sb_buffer(mp, item, bp, buf_f, current_lsn); if (error) - goto out_release; + goto out_writebuf; /* Update the rt superblock if we have one. */ if (xfs_has_rtsb(mp) && mp->m_rtsb_bp) { @@ -1104,6 +1104,15 @@ xlog_recover_buf_commit_pass2( xlog_recover_do_reg_buffer(mp, item, bp, buf_f, current_lsn); } + /* + * Buffer held by buf log item during 'normal' buffer recovery must + * be committed through buffer I/O submission path to ensure proper + * release. When error occurs during sb buffer recovery, log shutdown + * will be done before submitting buffer list so that buffers can be + * released correctly through ioend failure path. + */ +out_writebuf: + /* * Perform delayed write on the buffer. Asynchronous writes will be * slower when taking into account all the buffers to be flushed.

8 months, 1 week

1
0
0 0

FAILED: patch "[PATCH] ibmvnic: Inspect header requirements before using scrq direct" failed to apply to 6.6-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.6-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y git checkout FETCH_HEAD git cherry-pick -x de390657b5d6f7deb9d1d36aaf45f02ba51ec9dc # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025022447-prelaunch-remnant-9fee@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From de390657b5d6f7deb9d1d36aaf45f02ba51ec9dc Mon Sep 17 00:00:00 2001 From: Nick Child <nnac123(a)linux.ibm.com> Date: Tue, 1 Oct 2024 11:32:00 -0500 Subject: [PATCH] ibmvnic: Inspect header requirements before using scrq direct Previously, the TX header requirement for standard frames was ignored. This requirement is a bitstring sent from the VIOS which maps to the type of header information needed during TX. If no header information, is needed then send subcrq direct can be used (which can be more performant). This bitstring was previously ignored for standard packets (AKA non LSO, non CSO) due to the belief that the bitstring was over-cautionary. It turns out that there are some configurations where the backing device does need header information for transmission of standard packets. If the information is not supplied then this causes continuous "Adapter error" transport events. Therefore, this bitstring should be respected and observed before considering the use of send subcrq direct. Fixes: 74839f7a8268 ("ibmvnic: Introduce send sub-crq direct") Signed-off-by: Nick Child <nnac123(a)linux.ibm.com> Reviewed-by: Simon Horman <horms(a)kernel.org> Link: https://patch.msgid.link/20241001163200.1802522-2-nnac123@linux.ibm.com Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> diff --git a/drivers/net/ethernet/ibm/ibmvnic.c b/drivers/net/ethernet/ibm/ibmvnic.c index 87e693a81433..97425c06e1ed 100644 --- a/drivers/net/ethernet/ibm/ibmvnic.c +++ b/drivers/net/ethernet/ibm/ibmvnic.c @@ -2472,9 +2472,11 @@ static netdev_tx_t ibmvnic_xmit(struct sk_buff *skb, struct net_device *netdev) /* if we are going to send_subcrq_direct this then we need to * update the checksum before copying the data into ltb. Essentially * these packets force disable CSO so that we can guarantee that - * FW does not need header info and we can send direct. + * FW does not need header info and we can send direct. Also, vnic + * server must be able to xmit standard packets without header data */ - if (!skb_is_gso(skb) && !ind_bufp->index && !netdev_xmit_more()) { + if (*hdrs == 0 && !skb_is_gso(skb) && + !ind_bufp->index && !netdev_xmit_more()) { use_scrq_send_direct = true; if (skb->ip_summed == CHECKSUM_PARTIAL && skb_checksum_help(skb))

8 months, 1 week

1
0
0 0

FAILED: patch "[PATCH] ibmvnic: Inspect header requirements before using scrq direct" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x de390657b5d6f7deb9d1d36aaf45f02ba51ec9dc # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025022446-sanding-rover-58d9@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From de390657b5d6f7deb9d1d36aaf45f02ba51ec9dc Mon Sep 17 00:00:00 2001 From: Nick Child <nnac123(a)linux.ibm.com> Date: Tue, 1 Oct 2024 11:32:00 -0500 Subject: [PATCH] ibmvnic: Inspect header requirements before using scrq direct Previously, the TX header requirement for standard frames was ignored. This requirement is a bitstring sent from the VIOS which maps to the type of header information needed during TX. If no header information, is needed then send subcrq direct can be used (which can be more performant). This bitstring was previously ignored for standard packets (AKA non LSO, non CSO) due to the belief that the bitstring was over-cautionary. It turns out that there are some configurations where the backing device does need header information for transmission of standard packets. If the information is not supplied then this causes continuous "Adapter error" transport events. Therefore, this bitstring should be respected and observed before considering the use of send subcrq direct. Fixes: 74839f7a8268 ("ibmvnic: Introduce send sub-crq direct") Signed-off-by: Nick Child <nnac123(a)linux.ibm.com> Reviewed-by: Simon Horman <horms(a)kernel.org> Link: https://patch.msgid.link/20241001163200.1802522-2-nnac123@linux.ibm.com Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> diff --git a/drivers/net/ethernet/ibm/ibmvnic.c b/drivers/net/ethernet/ibm/ibmvnic.c index 87e693a81433..97425c06e1ed 100644 --- a/drivers/net/ethernet/ibm/ibmvnic.c +++ b/drivers/net/ethernet/ibm/ibmvnic.c @@ -2472,9 +2472,11 @@ static netdev_tx_t ibmvnic_xmit(struct sk_buff *skb, struct net_device *netdev) /* if we are going to send_subcrq_direct this then we need to * update the checksum before copying the data into ltb. Essentially * these packets force disable CSO so that we can guarantee that - * FW does not need header info and we can send direct. + * FW does not need header info and we can send direct. Also, vnic + * server must be able to xmit standard packets without header data */ - if (!skb_is_gso(skb) && !ind_bufp->index && !netdev_xmit_more()) { + if (*hdrs == 0 && !skb_is_gso(skb) && + !ind_bufp->index && !netdev_xmit_more()) { use_scrq_send_direct = true; if (skb->ip_summed == CHECKSUM_PARTIAL && skb_checksum_help(skb))

8 months, 1 week

1
0
0 0

[PATCH 6.1.y] ssb: Fix potential NULL pointer dereference in ssb_device_uevent()

by jianqi.ren.cn＠windriver.com

From: Rand Deeb <rand.sec96(a)gmail.com> [ Upstream commit 789c17185fb0f39560496c2beab9b57ce1d0cbe7 ] The ssb_device_uevent() function first attempts to convert the 'dev' pointer to 'struct ssb_device *'. However, it mistakenly dereferences 'dev' before performing the NULL check, potentially leading to a NULL pointer dereference if 'dev' is NULL. To fix this issue, move the NULL check before dereferencing the 'dev' pointer, ensuring that the pointer is valid before attempting to use it. Found by Linux Verification Center (linuxtesting.org) with SVACE. Signed-off-by: Rand Deeb <rand.sec96(a)gmail.com> Signed-off-by: Kalle Valo <kvalo(a)kernel.org> Link: https://msgid.link/20240306123028.164155-1-rand.sec96@gmail.com Signed-off-by: Jianqi Ren <jianqi.ren.cn(a)windriver.com> Signed-off-by: He Zhe <zhe.he(a)windriver.com> --- Verified the build test. --- drivers/ssb/main.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/ssb/main.c b/drivers/ssb/main.c index d52e91258e98..aae50a5dfb57 100644 --- a/drivers/ssb/main.c +++ b/drivers/ssb/main.c @@ -341,11 +341,13 @@ static int ssb_bus_match(struct device *dev, struct device_driver *drv) static int ssb_device_uevent(struct device *dev, struct kobj_uevent_env *env) { - struct ssb_device *ssb_dev = dev_to_ssb_dev(dev); + struct ssb_device *ssb_dev; if (!dev) return -ENODEV; + ssb_dev = dev_to_ssb_dev(dev); + return add_uevent_var(env, "MODALIAS=ssb:v%04Xid%04Xrev%02X", ssb_dev->id.vendor, ssb_dev->id.coreid, -- 2.25.1

8 months, 1 week

3
2
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror February 2025