March 2025 - Linux-stable-mirror

[PATCH 6.6 0/4] fix kernel crash for xfs/235 test

by Fedor Pchelkin

Incomplete backport of series "xfs: log intent item recovery should reconstruct defer work state" [1] leads to a kernel crash during the xfs/235 test execution on top of 6.6.y stable. Tested (briefly) with my local xfstests setup. Additional testing would be much appreciated. [1]: https://lore.kernel.org/linux-xfs/170191741007.1195961.10092536809136830257… XFS (loop1): Corruption of in-memory data (0x8) detected at xfs_trans_cancel+0x4d9/0x610 (fs/xfs/xfs_trans.c:1097). Shutting down filesystem. XFS (loop1): Please unmount the filesystem and rectify the problem(s) general protection fault, probably for non-canonical address 0xdffffc000000000c: 0000 [#1] PREEMPT SMP KASAN NOPTI KASAN: null-ptr-deref in range [0x0000000000000060-0x0000000000000067] CPU: 1 PID: 2011 Comm: mount Not tainted 6.6.84-rc2+ #12 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014 RIP: 0010:xlog_recover_cancel_intents+0xad/0x1b0 Call Trace: <TASK> xlog_recover_finish+0x7f6/0x9a0 xfs_log_mount_finish+0x386/0x650 xfs_mountfs+0x1405/0x1fb0 xfs_fs_fill_super+0x11d6/0x1ca0 get_tree_bdev+0x3b4/0x650 vfs_get_tree+0x92/0x370 path_mount+0x13b9/0x1f10 __x64_sys_mount+0x286/0x310 do_syscall_64+0x39/0x90 entry_SYSCALL_64_after_hwframe+0x78/0xe2 </TASK> Modules linked in: ---[ end trace 0000000000000000 ]--- RIP: 0010:xlog_recover_cancel_intents+0xad/0x1b0 Link to the original bug report [2]. [2]: https://lore.kernel.org/stable/6pxyzwujo52p4bp2otliyssjcvsfydd6ju32eusdlyhz… Found by Linux Verification Center (linuxtesting.org). Darrick J. Wong (4): xfs: recreate work items when recovering intent items xfs: dump the recovered xattri log item if corruption happens xfs: use xfs_defer_finish_one to finish recovered work items xfs: move ->iop_recover to xfs_defer_op_type fs/xfs/libxfs/xfs_defer.c | 22 ++++- fs/xfs/libxfs/xfs_defer.h | 14 +++ fs/xfs/libxfs/xfs_log_recover.h | 4 +- fs/xfs/xfs_attr_item.c | 115 ++++++++++++------------ fs/xfs/xfs_bmap_item.c | 92 ++++++++++--------- fs/xfs/xfs_extfree_item.c | 117 +++++++++++-------------- fs/xfs/xfs_log_recover.c | 37 ++++---- fs/xfs/xfs_refcount_item.c | 127 +++++++++------------------ fs/xfs/xfs_rmap_item.c | 151 ++++++++++++++++---------------- fs/xfs/xfs_trans.h | 4 - 10 files changed, 326 insertions(+), 357 deletions(-) -- 2.49.0

7 months, 2 weeks

1
4
0 0

[PATCH v2] ext4: fix OOB read when checking dotdot dir

by Acs, Jakub

Mounting a corrupted filesystem with directory which contains '.' dir entry with rec_len == block size results in out-of-bounds read (later on, when the corrupted directory is removed). ext4_empty_dir() assumes every ext4 directory contains at least '.' and '..' as directory entries in the first data block. It first loads the '.' dir entry, performs sanity checks by calling ext4_check_dir_entry() and then uses its rec_len member to compute the location of '..' dir entry (in ext4_next_entry). It assumes the '..' dir entry fits into the same data block. If the rec_len of '.' is precisely one block (4KB), it slips through the sanity checks (it is considered the last directory entry in the data block) and leaves "struct ext4_dir_entry_2 *de" point exactly past the memory slot allocated to the data block. The following call to ext4_check_dir_entry() on new value of de then dereferences this pointer which results in out-of-bounds mem access. Fix this by extending __ext4_check_dir_entry() to check for '.' dir entries that reach the end of data block. Make sure to ignore the phony dir entries for checksum (by checking name_len for non-zero). Note: This is reported by KASAN as use-after-free in case another structure was recently freed from the slot past the bound, but it is really an OOB read. This issue was found by syzkaller tool. Call Trace: [ 38.594108] BUG: KASAN: slab-use-after-free in __ext4_check_dir_entry+0x67e/0x710 [ 38.594649] Read of size 2 at addr ffff88802b41a004 by task syz-executor/5375 [ 38.595158] [ 38.595288] CPU: 0 UID: 0 PID: 5375 Comm: syz-executor Not tainted 6.14.0-rc7 #1 [ 38.595298] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014 [ 38.595304] Call Trace: [ 38.595308] <TASK> [ 38.595311] dump_stack_lvl+0xa7/0xd0 [ 38.595325] print_address_description.constprop.0+0x2c/0x3f0 [ 38.595339] ? __ext4_check_dir_entry+0x67e/0x710 [ 38.595349] print_report+0xaa/0x250 [ 38.595359] ? __ext4_check_dir_entry+0x67e/0x710 [ 38.595368] ? kasan_addr_to_slab+0x9/0x90 [ 38.595378] kasan_report+0xab/0xe0 [ 38.595389] ? __ext4_check_dir_entry+0x67e/0x710 [ 38.595400] __ext4_check_dir_entry+0x67e/0x710 [ 38.595410] ext4_empty_dir+0x465/0x990 [ 38.595421] ? __pfx_ext4_empty_dir+0x10/0x10 [ 38.595432] ext4_rmdir.part.0+0x29a/0xd10 [ 38.595441] ? __dquot_initialize+0x2a7/0xbf0 [ 38.595455] ? __pfx_ext4_rmdir.part.0+0x10/0x10 [ 38.595464] ? __pfx___dquot_initialize+0x10/0x10 [ 38.595478] ? down_write+0xdb/0x140 [ 38.595487] ? __pfx_down_write+0x10/0x10 [ 38.595497] ext4_rmdir+0xee/0x140 [ 38.595506] vfs_rmdir+0x209/0x670 [ 38.595517] ? lookup_one_qstr_excl+0x3b/0x190 [ 38.595529] do_rmdir+0x363/0x3c0 [ 38.595537] ? __pfx_do_rmdir+0x10/0x10 [ 38.595544] ? strncpy_from_user+0x1ff/0x2e0 [ 38.595561] __x64_sys_unlinkat+0xf0/0x130 [ 38.595570] do_syscall_64+0x5b/0x180 [ 38.595583] entry_SYSCALL_64_after_hwframe+0x76/0x7e Fixes: ac27a0ec112a0 ("[PATCH] ext4: initial copy of files from ext3") Signed-off-by: Jakub Acs <acsjakub(a)amazon.de> Cc: "Theodore Ts'o" <tytso(a)mit.edu> Cc: Andreas Dilger <adilger.kernel(a)dilger.ca> Cc: linux-ext4(a)vger.kernel.org Cc: linux-kernel(a)vger.kernel.org Cc: Mahmoud Adam <mngyadam(a)amazon.com> Cc: stable(a)vger.kernel.org Cc: security(a)kernel.org --- v1: https://lore.kernel.org/all/20250319110134.10071-1-acsjakub@amazon.com/ v1->v2: - optimize condition as per suggestions - remove questions - move this section to correct place I ran 'kvm-xfstests smoke' and '-c ext4/4k -g quick' as suggested in reply to v1. Some were skipped, none failed. fs/ext4/dir.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/fs/ext4/dir.c b/fs/ext4/dir.c index 02d47a64e8d1..253992fcf57c 100644 --- a/fs/ext4/dir.c +++ b/fs/ext4/dir.c @@ -104,6 +104,9 @@ int __ext4_check_dir_entry(const char *function, unsigned int line, else if (unlikely(le32_to_cpu(de->inode) > le32_to_cpu(EXT4_SB(dir->i_sb)->s_es->s_inodes_count))) error_msg = "inode out of bounds"; + else if (unlikely(next_offset == size && de->name_len == 1 && + de->name[0] == '.')) + error_msg = "'.' directory cannot be the last in data block"; else return 0; -- 2.47.1

7 months, 2 weeks

2
1
0 0

+ mm-zswap-fix-crypto_free_acomp-deadlock-in-zswap_cpu_comp_dead.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-zswap-fix-crypto_free_acomp-deadlock-in-zswap_cpu_comp_dead.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Yosry Ahmed <yosry.ahmed(a)linux.dev> Subject: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() Date: Wed, 26 Feb 2025 18:56:25 +0000 Currently, zswap_cpu_comp_dead() calls crypto_free_acomp() while holding the per-CPU acomp_ctx mutex. crypto_free_acomp() then holds scomp_lock (through crypto_exit_scomp_ops_async()). On the other hand, crypto_alloc_acomp_node() holds the scomp_lock (through crypto_scomp_init_tfm()), and then allocates memory. If the allocation results in reclaim, we may attempt to hold the per-CPU acomp_ctx mutex. The above dependencies can cause an ABBA deadlock. For example in the following scenario: (1) Task A running on CPU #1: crypto_alloc_acomp_node() Holds scomp_lock Enters reclaim Reads per_cpu_ptr(pool->acomp_ctx, 1) (2) Task A is descheduled (3) CPU #1 goes offline zswap_cpu_comp_dead(CPU #1) Holds per_cpu_ptr(pool->acomp_ctx, 1)) Calls crypto_free_acomp() Waits for scomp_lock (4) Task A running on CPU #2: Waits for per_cpu_ptr(pool->acomp_ctx, 1) // Read on CPU #1 DEADLOCK Since there is no requirement to call crypto_free_acomp() with the per-CPU acomp_ctx mutex held in zswap_cpu_comp_dead(), move it after the mutex is unlocked. Also move the acomp_request_free() and kfree() calls for consistency and to avoid any potential sublte locking dependencies in the future. With this, only setting acomp_ctx fields to NULL occurs with the mutex held. This is similar to how zswap_cpu_comp_prepare() only initializes acomp_ctx fields with the mutex held, after performing all allocations before holding the mutex. Opportunistically, move the NULL check on acomp_ctx so that it takes place before the mutex dereference. Link: https://lkml.kernel.org/r/20250226185625.2672936-1-yosry.ahmed@linux.dev Fixes: 12dcb0ef5406 ("mm: zswap: properly synchronize freeing resources during CPU hotunplug") Signed-off-by: Herbert Xu <herbert(a)gondor.apana.org.au> Co-developed-by: Herbert Xu <herbert(a)gondor.apana.org.au> Signed-off-by: Yosry Ahmed <yosry.ahmed(a)linux.dev> Reported-by: syzbot+1a517ccfcbc6a7ab0f82(a)syzkaller.appspotmail.com Closes: https://lore.kernel.org/all/67bcea51.050a0220.bbfd1.0096.GAE@google.com/ Acked-by: Herbert Xu <herbert(a)gondor.apana.org.au> Cc: Chengming Zhou <chengming.zhou(a)linux.dev> Cc: David S. Miller <davem(a)davemloft.net> Cc: Eric Biggers <ebiggers(a)kernel.org> Cc: Johannes Weiner <hannes(a)cmpxchg.org> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/zswap.c | 30 ++++++++++++++++++++++-------- 1 file changed, 22 insertions(+), 8 deletions(-) --- a/mm/zswap.c~mm-zswap-fix-crypto_free_acomp-deadlock-in-zswap_cpu_comp_dead +++ a/mm/zswap.c @@ -881,18 +881,32 @@ static int zswap_cpu_comp_dead(unsigned { struct zswap_pool *pool = hlist_entry(node, struct zswap_pool, node); struct crypto_acomp_ctx *acomp_ctx = per_cpu_ptr(pool->acomp_ctx, cpu); + struct acomp_req *req; + struct crypto_acomp *acomp; + u8 *buffer; + + if (IS_ERR_OR_NULL(acomp_ctx)) + return 0; mutex_lock(&acomp_ctx->mutex); - if (!IS_ERR_OR_NULL(acomp_ctx)) { - if (!IS_ERR_OR_NULL(acomp_ctx->req)) - acomp_request_free(acomp_ctx->req); - acomp_ctx->req = NULL; - if (!IS_ERR_OR_NULL(acomp_ctx->acomp)) - crypto_free_acomp(acomp_ctx->acomp); - kfree(acomp_ctx->buffer); - } + req = acomp_ctx->req; + acomp = acomp_ctx->acomp; + buffer = acomp_ctx->buffer; + acomp_ctx->req = NULL; + acomp_ctx->acomp = NULL; + acomp_ctx->buffer = NULL; mutex_unlock(&acomp_ctx->mutex); + /* + * Do the actual freeing after releasing the mutex to avoid subtle + * locking dependencies causing deadlocks. + */ + if (!IS_ERR_OR_NULL(req)) + acomp_request_free(req); + if (!IS_ERR_OR_NULL(acomp)) + crypto_free_acomp(acomp); + kfree(buffer); + return 0; } _ Patches currently in -mm which might be from yosry.ahmed(a)linux.dev are mm-zswap-fix-crypto_free_acomp-deadlock-in-zswap_cpu_comp_dead.patch

7 months, 2 weeks

1
0
0 0

[PATCH 6.6 000/166] 6.6.84-rc2 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.6.84 release. There are 166 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sat, 22 Mar 2025 16:56:28 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.6.84-rc2… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.6.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.6.84-rc2 Florian Westphal <fw(a)strlen.de> netfilter: nf_tables: allow clone callbacks to sleep Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_tables: bail out if stateful expression provides no .clone Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_tables: use timestamp to check for set element timeout Mitchell Levy <levymitchell0(a)gmail.com> rust: lockdep: Remove support for dynamically allocated LockClassKeys Maurizio Lombardi <mlombard(a)redhat.com> nvme-tcp: Fix a C2HTermReq error message Alex Henrie <alexhenrie24(a)gmail.com> HID: apple: disable Fn key handling on the Omoton KB066 Daniel Wagner <wagi(a)kernel.org> nvme-fc: rely on state transitions to handle connectivity loss Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: L2CAP: Fix corrupted list in hci_chan_del Henrique Carvalho <henrique.carvalho(a)suse.com> smb: client: Fix match_session bug preventing session reuse Steve French <stfrench(a)microsoft.com> smb3: add support for IAKerb Philipp Stanner <phasta(a)kernel.org> stmmac: loongson: Pass correct arg to PCI function Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> i2c: sis630: Fix an error handling path in sis630_probe() Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> i2c: ali15x3: Fix an error handling path in ali15x3_probe() Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> i2c: ali1535: Fix an error handling path in ali1535_probe() Pali Rohár <pali(a)kernel.org> cifs: Throw -EOPNOTSUPP error on unsupported reparse point type from parse_reparse_point() Pali Rohár <pali(a)kernel.org> cifs: Validate content of WSL reparse point buffers Murad Masimov <m.masimov(a)mt-integration.ru> cifs: Fix integer overflow while processing closetimeo mount option Murad Masimov <m.masimov(a)mt-integration.ru> cifs: Fix integer overflow while processing actimeo mount option Murad Masimov <m.masimov(a)mt-integration.ru> cifs: Fix integer overflow while processing acdirmax mount option Murad Masimov <m.masimov(a)mt-integration.ru> cifs: Fix integer overflow while processing acregmax mount option Tamir Duberstein <tamird(a)gmail.com> scripts: generate_rust_analyzer: add missing macros deps Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> ASoC: codecs: wm0010: Fix error handling path in wm0010_spi_probe() Bard Liao <yung-chuan.liao(a)linux.intel.com> ASoC: rt722-sdca: add missing readable registers Alban Kurti <kurti(a)invicto.ai> rust: init: add missing newline to pr_info! calls Charles Keepax <ckeepax(a)opensource.cirrus.com> ASoC: cs42l43: Fix maximum ADC Volume Ivan Abramov <i.abramov(a)mt-integration.ru> drm/gma500: Add NULL check for pci_gfx_root in mid_get_vbt_data() Alban Kurti <kurti(a)invicto.ai> rust: error: add missing newline to pr_warn! calls Charles Keepax <ckeepax(a)opensource.cirrus.com> ASoC: ops: Consistently treat platform_max as control value Kirill A. Shutemov <kirill.shutemov(a)linux.intel.com> mm: split critical region in remap_file_pages() and invoke LSMs in between Andrii Nakryiko <andrii(a)kernel.org> lib/buildid: Handle memfd_secret() files in build_id_parse() Benno Lossin <benno.lossin(a)proton.me> rust: init: fix `Zeroable` implementation for `Option<NonNull<T>>` and `Option<KBox<T>>` Matthew Maurer <mmaurer(a)google.com> rust: Disallow BTF generation with Rust + LTO Paulo Alcantara <pc(a)manguebit.com> smb: client: fix regression with guest option Haoxiang Li <haoxiang_li2024(a)163.com> qlcnic: fix memory leak issues in qlcnic_sriov_common.c Zhenhua Huang <quic_zhenhuah(a)quicinc.com> arm64: mm: Populate vmemmap at the page level if not section aligned Kent Overstreet <kent.overstreet(a)linux.dev> dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature Thomas Mizrahi <thomasmizra(a)gmail.com> ASoC: amd: yc: Support mic on another Lenovo ThinkPad E16 Gen 2 model Varada Pavani <v.pavani(a)samsung.com> clk: samsung: update PLL locktime for PLL142XX used on FSD platform Namjae Jeon <linkinjeon(a)kernel.org> ksmbd: prevent connection release during oplock break notification Namjae Jeon <linkinjeon(a)kernel.org> ksmbd: fix use-after-free in ksmbd_free_work_struct Mario Limonciello <mario.limonciello(a)amd.com> drm/amd/display: Fix slab-use-after-free on hdcp_work Alex Hung <alex.hung(a)amd.com> drm/amd/display: Assign normalized_pix_clk when color depth = 14 Mario Limonciello <mario.limonciello(a)amd.com> drm/amd/display: Restore correct backlight brightness after a GPU reset Leo Li <sunpeng.li(a)amd.com> drm/amd/display: Disable unneeded hpd interrupts during dm_init Imre Deak <imre.deak(a)intel.com> drm/dp_mst: Fix locking when skipping CSN before topology probing Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/atomic: Filter out redundant DPMS calls Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/i915/cdclk: Do cdclk post plane programming later Florent Revest <revest(a)chromium.org> x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes Johan Hovold <johan(a)kernel.org> USB: serial: option: match on interface class for Telit FN990B Fabio Porcedda <fabio.porcedda(a)gmail.com> USB: serial: option: fix Telit Cinterion FE990A name Fabio Porcedda <fabio.porcedda(a)gmail.com> USB: serial: option: add Telit Cinterion FE990B compositions Boon Khai Ng <boon.khai.ng(a)intel.com> USB: serial: ftdi_sio: add support for Altera USB Blaster 3 Werner Sembach <wse(a)tuxedocomputers.com> Input: i8042 - swap old quirk combination with new quirk for more devices Werner Sembach <wse(a)tuxedocomputers.com> Input: i8042 - swap old quirk combination with new quirk for several devices Werner Sembach <wse(a)tuxedocomputers.com> Input: i8042 - add required quirks for missing old boardnames Werner Sembach <wse(a)tuxedocomputers.com> Input: i8042 - swap old quirk combination with new quirk for NHxxRZQ Antheas Kapenekakis <lkml(a)antheas.dev> Input: xpad - rename QH controller to Legion Go S Antheas Kapenekakis <lkml(a)antheas.dev> Input: xpad - add support for TECNO Pocket Go Antheas Kapenekakis <lkml(a)antheas.dev> Input: xpad - add support for ZOTAC Gaming Zone Pavel Rojtberg <rojtberg(a)gmail.com> Input: xpad - add multiple supported devices Nilton Perim Neto <niltonperimneto(a)gmail.com> Input: xpad - add 8BitDo SN30 Pro, Hyperkin X91 and Gamesir G7 SE controllers Jeff LaBundy <jeff(a)labundy.com> Input: iqs7222 - preserve system status register H. Nikolaus Schaller <hns(a)goldelico.com> Input: ads7846 - fix gpiod allocation Pavel Begunkov <asml.silence(a)gmail.com> io_uring: fix error pbuf checking Jens Axboe <axboe(a)kernel.dk> io_uring: use unpin_user_pages() where appropriate Jens Axboe <axboe(a)kernel.dk> io_uring/kbuf: use vm_insert_pages() for mmap'ed pbuf ring Jens Axboe <axboe(a)kernel.dk> io_uring/kbuf: vmap pinned buffer ring Jens Axboe <axboe(a)kernel.dk> io_uring: unify io_pin_pages() Jens Axboe <axboe(a)kernel.dk> io_uring: use vmap() for ring mapping Pavel Begunkov <asml.silence(a)gmail.com> io_uring: fix corner case forgetting to vunmap Jens Axboe <axboe(a)kernel.dk> io_uring: don't attempt to mmap larger than what the user asks for Jens Axboe <axboe(a)kernel.dk> io_uring: get rid of remap_pfn_range() for mapping rings/sqes Jens Axboe <axboe(a)kernel.dk> mm: add nommu variant of vm_insert_pages() Ming Lei <ming.lei(a)redhat.com> block: fix 'kmem_cache of name 'bio-108' already exists' Frederic Weisbecker <frederic(a)kernel.org> net: Handle napi_schedule() calls from non-interrupt Thomas Zimmermann <tzimmermann(a)suse.de> drm/nouveau: Do not override forced connector status Matthieu Baerts (NGI0) <matttbe(a)kernel.org> mptcp: safety check before fallback Arnd Bergmann <arnd(a)arndb.de> x86/irq: Define trace events conditionally Kan Liang <kan.liang(a)linux.intel.com> perf/x86/intel: Use better start period for frequency mode Harry Wentland <harry.wentland(a)amd.com> drm/vkms: Round fixp2int conversion in lerp_u16 Miklos Szeredi <mszeredi(a)redhat.com> fuse: don't truncate cached, mutated symlink Hector Martin <marcan(a)marcan.st> ASoC: tas2764: Set the SDOUT polarity correctly Hector Martin <marcan(a)marcan.st> ASoC: tas2764: Fix power control mask Hector Martin <marcan(a)marcan.st> ASoC: tas2770: Fix volume scale Daniel Wagner <wagi(a)kernel.org> nvme: only allow entering LIVE from CONNECTING state Yu-Chun Lin <eleanor15x(a)gmail.com> sctp: Fix undefined behavior in left shift operation Pali Rohár <pali(a)kernel.org> cifs: Treat unhandled directory name surrogate reparse points as mount directory nodes Hector Martin <marcan(a)marcan.st> apple-nvme: Release power domains when probe fails Ruozhu Li <david.li(a)jaguarmicro.com> nvmet-rdma: recheck queue state is LIVE in state lock in recv done Maurizio Lombardi <mlombard(a)redhat.com> nvme-tcp: add basic support for the C2HTermReq PDU Christopher Lentocha <christopherericlentocha(a)gmail.com> nvme-pci: quirk Acer FA100 for non-uniqueue identifiers Uday Shankar <ushankar(a)purestorage.com> io-wq: backoff when retrying worker creation Stephan Gerhold <stephan.gerhold(a)linaro.org> net: wwan: mhi_wwan_mbim: Silence sequence number glitch errors Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ASoC: SOF: amd: Handle IPC replies before FW_BOOT_COMPLETE Terry Cheong <htcheong(a)chromium.org> ASoC: SOF: Intel: hda: add softdep pre to snd-hda-codec-hdmi module Vitaly Rodionov <vitalyr(a)opensource.cirrus.com> ASoC: arizona/madera: use fsleep() in up/down DAPM event delays. Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com> ASoC: rsnd: adjust convert rate limitation Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com> ASoC: rsnd: don't indicate warning on rsnd_kctrl_accept_runtime() Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com> ASoC: rsnd: indicate unsupported clock rate Edson Juliano Drosdeck <edson.drosdeck(a)gmail.com> ALSA: hda/realtek: Limit mic boost on Positivo ARN50 Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com> ASoC: simple-card-utils.c: add missing dlc->of_node Jiayuan Chen <mrpre(a)163.com> selftests/bpf: Fix invalid flag of recv() Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd Jan Beulich <jbeulich(a)suse.com> Xen/swiotlb: mark xen_swiotlb_fixup() __init Daniel Lezcano <daniel.lezcano(a)linaro.org> thermal/cpufreq_cooling: Remove structure member documentation Peter Oberparleiter <oberpar(a)linux.ibm.com> s390/cio: Fix CHPID "configure" attribute caching Mark Pearson <mpearson-lenovo(a)squebb.ca> platform/x86: thinkpad_acpi: Support for V9 DYTC platform profiles Sybil Isabel Dorsett <sybdorsett(a)proton.me> platform/x86: thinkpad_acpi: Fix invalid fan speed on ThinkPad X120e Jann Horn <jannh(a)google.com> sched: Clarify wake_up_q()'s write to task->wake_q.next Josh Poimboeuf <jpoimboe(a)kernel.org> objtool: Ignore dangling jump table entries Alex Henrie <alexhenrie24(a)gmail.com> HID: apple: fix up the F6 key on the Omoton KB066 keyboard Ievgen Vovk <YevgenVovk(a)ukr.net> HID: hid-apple: Apple Magic Keyboard a3203 USB-C support Daniel Brackenbury <daniel.brackenbury(a)gmail.com> HID: topre: Fix n-key rollover on Realforce R3S TKL boards Alexander Stein <alexander.stein(a)ew.tq-group.com> usb: phy: generic: Use proper helper for property detection Chia-Lin Kao (AceLan) <acelan.kao(a)canonical.com> HID: ignore non-functional sensor in HP 5MP Camera Zhang Lixu <lixu.zhang(a)intel.com> HID: intel-ish-hid: Send clock sync message immediately after reset Zhang Lixu <lixu.zhang(a)intel.com> HID: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in doorbell Brahmajit Das <brahmajit.xyz(a)gmail.com> vboxsf: fix building with GCC 15 Eric W. Biederman <ebiederm(a)xmission.com> alpha/elf: Fix misc/setarch test of util-linux by removing 32bit support Paulo Alcantara <pc(a)manguebit.com> smb: client: fix noisy when tree connecting to DFS interlink targets Gannon Kolding <gannon.kolding(a)gmail.com> ACPI: resource: IRQ override for Eluktronics MECH-17 Magnus Lindholm <linmag7(a)gmail.com> scsi: qla1280: Fix kernel oops when debug level > 2 Seunghui Lee <sh043.lee(a)samsung.com> scsi: ufs: core: Fix error return with query response Rik van Riel <riel(a)surriel.com> scsi: core: Use GFP_NOIO to avoid circular locking dependency Dmitry Kandybka <d.kandybka(a)gmail.com> platform/x86/intel: pmc: fix ltr decode in pmc_core_ltr_show() Christian Loehle <christian.loehle(a)arm.com> sched/debug: Provide slice length for fair tasks Chengen Du <chengen.du(a)canonical.com> iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() Joe Hattori <joe(a)pf.is.s.u-tokyo.ac.jp> powercap: call put_device() on an error path in powercap_register_control_type() Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> hrtimers: Mark is_migration_base() with __always_inline Daniel Wagner <wagi(a)kernel.org> nvme-fc: do not ignore connectivity loss during connecting Daniel Wagner <wagi(a)kernel.org> nvme-fc: go straight to connecting state when initializing Carolina Jubran <cjubran(a)nvidia.com> net/mlx5e: Prevent bridge link show failure for non-eswitch-allowed devices Jianbo Liu <jianbol(a)nvidia.com> net/mlx5: Bridge, fix the crash caused by LAG state check Shay Drory <shayd(a)nvidia.com> net/mlx5: Lag, Check shared fdb before creating MultiPort E-Switch Ilya Maximets <i.maximets(a)ovn.org> net: openvswitch: remove misbehaving actions length check Guillaume Nault <gnault(a)redhat.com> gre: Fix IPv6 link-local address generation. Alexey Kashavkin <akashavkin(a)gmail.com> netfilter: nft_exthdr: fix offset with ipv4_find_option() Cong Wang <xiyou.wangcong(a)gmail.com> net_sched: Prevent creation of classes with TC_H_ROOT Dan Carpenter <dan.carpenter(a)linaro.org> ipvs: prevent integer overflow in do_ip_vs_get_ctl() Kohei Enju <enjuk(a)amazon.com> netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree() Hangbin Liu <liuhangbin(a)gmail.com> bonding: fix incorrect MAC address setting to receive NS messages Amit Cohen <amcohen(a)nvidia.com> net: switchdev: Convert blocking notification chain to a raw one Taehee Yoo <ap420073(a)gmail.com> eth: bnxt: do not update checksum in bnxt_xdp_build_skb() Wentao Liang <vulab(a)iscas.ac.cn> net/mlx5: handle errors in mlx5_chains_create_table() Michael Kelley <mhklinux(a)outlook.com> Drivers: hv: vmbus: Don't release fb_mmio resource in vmbus_free_mmio() Michael Kelley <mhklinux(a)outlook.com> drm/hyperv: Fix address space leak when Hyper-V DRM device is removed Breno Leitao <leitao(a)debian.org> netpoll: hold rcu read lock in __netpoll_send_skb() Matt Johnston <matt(a)codeconstruct.com.au> net: mctp i2c: Copy headers if cloned Joseph Huang <Joseph.Huang(a)garmin.com> net: dsa: mv88e6xxx: Verify after ATU Load ops Jiri Pirko <jiri(a)resnulli.us> net/mlx5: Fill out devlink dev info only for PFs Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Revert "Bluetooth: hci_core: Fix sleeping function called from invalid context" Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: hci_event: Fix enabling passive scanning Miri Korenblit <miriam.rachel.korenblit(a)intel.com> wifi: cfg80211: cancel wiphy_work before freeing wiphy Jun Yang <juny24602(a)gmail.com> sched: address a potential NULL pointer dereference in the GRED scheduler. Nicklas Bo Jensen <njensen(a)akamai.com> netfilter: nf_conncount: garbage collection is not skipped when jiffies wrap around Grzegorz Nitka <grzegorz.nitka(a)intel.com> ice: fix memory leak in aRFS after reset Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> netfilter: nft_ct: Use __refcount_inc() for per-CPU nft_ct_pcpu_template. Artur Weber <aweber.kernel(a)gmail.com> pinctrl: bcm281xx: Fix incorrect regmap max_registers value Michael Kelley <mhklinux(a)outlook.com> fbdev: hyperv_fb: iounmap() the correct memory when removing a device Xueming Feng <kuro(a)kuroa.me> tcp: fix forever orphan socket caused by tcp_abort Eric Dumazet <edumazet(a)google.com> tcp: fix races in tcp_abort() Wander Lairson Costa <wander.lairson(a)gmail.com> bpf: Use raw_spinlock_t in ringbuf Felix Moessbauer <felix.moessbauer(a)siemens.com> hrtimer: Use and report correct timerslack values for realtime tasks Liu Shixin <liushixin2(a)huawei.com> zram: fix NULL pointer in comp_algorithm_show() Oleg Nesterov <oleg(a)redhat.com> sched/isolation: Prevent boot crash when the boot CPU is nohz_full David Woodhouse <dwmw(a)amazon.co.uk> clockevents/drivers/i8253: Fix stop sequence for timer 0 ------------- Diffstat: Documentation/timers/no_hz.rst | 7 +- Makefile | 4 +- arch/alpha/include/asm/elf.h | 6 +- arch/alpha/include/asm/pgtable.h | 2 +- arch/alpha/include/asm/processor.h | 8 +- arch/alpha/kernel/osf_sys.c | 11 +- arch/arm64/mm/mmu.c | 5 +- arch/x86/events/intel/core.c | 85 +++++++ arch/x86/kernel/cpu/microcode/amd.c | 2 +- arch/x86/kernel/cpu/mshyperv.c | 11 - arch/x86/kernel/irq.c | 2 + block/bio.c | 2 +- drivers/acpi/resource.c | 6 + drivers/block/zram/zram_drv.c | 4 +- drivers/clk/samsung/clk-pll.c | 7 +- drivers/clocksource/i8253.c | 36 ++- drivers/firmware/iscsi_ibft.c | 5 +- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 10 + .../gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_hdcp.c | 1 + .../gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_irq.c | 64 ++++-- drivers/gpu/drm/amd/display/dc/core/dc_resource.c | 7 +- drivers/gpu/drm/display/drm_dp_mst_topology.c | 40 ++-- drivers/gpu/drm/drm_atomic_uapi.c | 4 + drivers/gpu/drm/drm_connector.c | 4 + drivers/gpu/drm/gma500/mid_bios.c | 5 + drivers/gpu/drm/hyperv/hyperv_drm_drv.c | 2 + drivers/gpu/drm/i915/display/intel_display.c | 5 +- drivers/gpu/drm/nouveau/nouveau_connector.c | 1 - drivers/gpu/drm/vkms/vkms_composer.c | 2 +- drivers/hid/Kconfig | 3 +- drivers/hid/hid-apple.c | 13 +- drivers/hid/hid-ids.h | 3 + drivers/hid/hid-quirks.c | 1 + drivers/hid/hid-topre.c | 7 + drivers/hid/intel-ish-hid/ipc/ipc.c | 15 +- drivers/hid/intel-ish-hid/ishtp/ishtp-dev.h | 2 + drivers/hv/vmbus_drv.c | 13 ++ drivers/i2c/busses/i2c-ali1535.c | 12 +- drivers/i2c/busses/i2c-ali15x3.c | 12 +- drivers/i2c/busses/i2c-sis630.c | 12 +- drivers/input/joystick/xpad.c | 39 +++- drivers/input/misc/iqs7222.c | 50 ++-- drivers/input/serio/i8042-acpipnpio.h | 111 +++++---- drivers/input/touchscreen/ads7846.c | 2 +- drivers/md/dm-flakey.c | 2 +- drivers/net/bonding/bond_options.c | 55 ++++- drivers/net/dsa/mv88e6xxx/chip.c | 59 ++++- drivers/net/ethernet/broadcom/bnxt/bnxt.c | 3 +- drivers/net/ethernet/broadcom/bnxt/bnxt_xdp.c | 11 +- drivers/net/ethernet/broadcom/bnxt/bnxt_xdp.h | 3 +- drivers/net/ethernet/intel/ice/ice_arfs.c | 2 +- drivers/net/ethernet/mellanox/mlx5/core/devlink.c | 3 + .../ethernet/mellanox/mlx5/core/en/rep/bridge.c | 12 +- drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 6 +- drivers/net/ethernet/mellanox/mlx5/core/lag/lag.c | 4 +- drivers/net/ethernet/mellanox/mlx5/core/lag/lag.h | 1 + .../net/ethernet/mellanox/mlx5/core/lag/mpesw.c | 3 +- .../ethernet/mellanox/mlx5/core/lib/fs_chains.c | 5 + .../ethernet/qlogic/qlcnic/qlcnic_sriov_common.c | 8 +- .../net/ethernet/stmicro/stmmac/dwmac-loongson.c | 7 +- drivers/net/mctp/mctp-i2c.c | 5 + drivers/net/wwan/mhi_wwan_mbim.c | 2 +- drivers/nvme/host/apple.c | 2 + drivers/nvme/host/core.c | 2 - drivers/nvme/host/fc.c | 59 +---- drivers/nvme/host/pci.c | 2 + drivers/nvme/host/tcp.c | 43 ++++ drivers/nvme/target/rdma.c | 33 ++- drivers/pinctrl/bcm/pinctrl-bcm281xx.c | 2 +- drivers/platform/x86/intel/pmc/core.c | 4 +- drivers/platform/x86/thinkpad_acpi.c | 50 ++-- drivers/powercap/powercap_sys.c | 3 +- drivers/s390/cio/chp.c | 3 +- drivers/scsi/qla1280.c | 2 +- drivers/scsi/scsi_scan.c | 2 +- drivers/thermal/cpufreq_cooling.c | 2 - drivers/ufs/core/ufshcd.c | 7 +- drivers/usb/phy/phy-generic.c | 2 +- drivers/usb/serial/ftdi_sio.c | 14 ++ drivers/usb/serial/ftdi_sio_ids.h | 13 ++ drivers/usb/serial/option.c | 48 ++-- drivers/video/fbdev/hyperv_fb.c | 2 +- drivers/xen/swiotlb-xen.c | 2 +- fs/fuse/dir.c | 2 +- fs/namei.c | 24 +- fs/proc/base.c | 9 +- fs/select.c | 11 +- fs/smb/client/asn1.c | 2 + fs/smb/client/cifs_spnego.c | 4 +- fs/smb/client/cifsglob.h | 4 + fs/smb/client/connect.c | 16 +- fs/smb/client/fs_context.c | 18 +- fs/smb/client/inode.c | 13 ++ fs/smb/client/reparse.c | 10 +- fs/smb/client/sess.c | 3 +- fs/smb/client/smb2pdu.c | 4 +- fs/smb/common/smbfsctl.h | 3 + fs/smb/server/connection.c | 20 ++ fs/smb/server/connection.h | 2 + fs/smb/server/ksmbd_work.c | 3 - fs/smb/server/ksmbd_work.h | 1 - fs/smb/server/oplock.c | 43 ++-- fs/smb/server/oplock.h | 1 - fs/smb/server/server.c | 14 +- fs/vboxsf/super.c | 3 +- include/linux/fs.h | 2 + include/linux/i8253.h | 1 - include/linux/io_uring_types.h | 3 - include/linux/nvme-tcp.h | 2 + include/net/bluetooth/hci_core.h | 108 ++++----- include/net/bluetooth/l2cap.h | 3 +- include/net/netfilter/nf_tables.h | 20 +- include/sound/soc.h | 5 +- init/Kconfig | 2 +- io_uring/io-wq.c | 23 +- io_uring/io_uring.c | 252 +++++++++++++++------ io_uring/io_uring.h | 8 +- io_uring/kbuf.c | 173 ++++---------- io_uring/kbuf.h | 3 +- io_uring/rsrc.c | 39 ---- kernel/bpf/ringbuf.c | 12 +- kernel/sched/core.c | 13 +- kernel/sched/debug.c | 2 + kernel/sys.c | 2 + kernel/time/hrtimer.c | 40 ++-- lib/buildid.c | 5 + mm/mmap.c | 69 ++++-- mm/nommu.c | 7 + net/bluetooth/hci_core.c | 10 +- net/bluetooth/hci_event.c | 37 +-- net/bluetooth/iso.c | 6 - net/bluetooth/l2cap_core.c | 181 +++++++-------- net/bluetooth/l2cap_sock.c | 15 +- net/bluetooth/rfcomm/core.c | 6 - net/bluetooth/sco.c | 12 +- net/core/dev.c | 2 +- net/core/netpoll.c | 9 +- net/ipv4/tcp.c | 20 +- net/ipv6/addrconf.c | 15 +- net/mptcp/protocol.h | 2 + net/netfilter/ipvs/ip_vs_ctl.c | 8 +- net/netfilter/nf_conncount.c | 6 +- net/netfilter/nf_tables_api.c | 25 +- net/netfilter/nft_connlimit.c | 4 +- net/netfilter/nft_counter.c | 4 +- net/netfilter/nft_ct.c | 6 +- net/netfilter/nft_dynset.c | 2 +- net/netfilter/nft_exthdr.c | 10 +- net/netfilter/nft_last.c | 4 +- net/netfilter/nft_limit.c | 14 +- net/netfilter/nft_quota.c | 4 +- net/netfilter/nft_set_hash.c | 8 +- net/netfilter/nft_set_pipapo.c | 18 +- net/netfilter/nft_set_rbtree.c | 11 +- net/openvswitch/flow_netlink.c | 15 +- net/sched/sch_api.c | 6 + net/sched/sch_gred.c | 3 +- net/sctp/stream.c | 2 +- net/switchdev/switchdev.c | 25 +- net/wireless/core.c | 7 + rust/kernel/error.rs | 2 +- rust/kernel/init.rs | 23 +- rust/kernel/init/macros.rs | 6 +- rust/kernel/sync.rs | 10 +- scripts/generate_rust_analyzer.py | 30 ++- sound/pci/hda/patch_realtek.c | 1 + sound/soc/amd/yc/acp6x-mach.c | 7 + sound/soc/codecs/arizona.c | 14 +- sound/soc/codecs/cs42l43.c | 2 +- sound/soc/codecs/madera.c | 10 +- sound/soc/codecs/rt722-sdca-sdw.c | 4 + sound/soc/codecs/tas2764.c | 10 +- sound/soc/codecs/tas2764.h | 8 +- sound/soc/codecs/tas2770.c | 2 +- sound/soc/codecs/wm0010.c | 13 +- sound/soc/codecs/wm5110.c | 8 +- sound/soc/generic/simple-card-utils.c | 1 + sound/soc/sh/rcar/core.c | 14 -- sound/soc/sh/rcar/rsnd.h | 1 - sound/soc/sh/rcar/src.c | 116 ++++++++-- sound/soc/sh/rcar/ssi.c | 3 +- sound/soc/soc-ops.c | 15 +- sound/soc/sof/amd/acp-ipc.c | 23 +- sound/soc/sof/intel/hda-codec.c | 1 + tools/objtool/check.c | 9 + .../selftests/bpf/prog_tests/sockmap_basic.c | 6 +- 186 files changed, 1804 insertions(+), 1167 deletions(-)

7 months, 2 weeks

7
6
0 0

Re: [PATCH net 0/3] mptcp: fix data stream corruption and missing sockopts

by patchwork-bot+netdevbpf＠kernel.org

Hello: This series was applied to netdev/net-next.git (main) by Paolo Abeni <pabeni(a)redhat.com>: On Fri, 14 Mar 2025 21:11:30 +0100 you wrote: > Here are 3 unrelated fixes for the net tree. > > - Patch 1: fix data stream corruption when ending up not sending an > ADD_ADDR. > > - Patch 2: fix missing getsockopt(IPV6_V6ONLY) support -- the set part > is supported. > > [...] Here is the summary with links: - [net,1/3] mptcp: Fix data stream corruption in the address announcement (no matching commit) - [net,2/3] mptcp: sockopt: fix getting IPV6_V6ONLY https://git.kernel.org/netdev/net-next/c/8c3963375988 - [net,3/3] mptcp: sockopt: fix getting freebind & transparent https://git.kernel.org/netdev/net-next/c/e2f4ac7bab22 You are awesome, thank you! -- Deet-doot-dot, I am a bot. https://korg.docs.kernel.org/patchwork/pwbot.html

7 months, 2 weeks

1
0
0 0

[PATCH 6.13 v2 0/8] KVM: arm64: Backport of SVE fixes to v6.13

by Mark Brown

This series backports some recent fixes for SVE/KVM interactions from Mark Rutland to v6.13. Signed-off-by: Mark Brown <broonie(a)kernel.org> --- Changes in v2: - Remove an erronious kern_hyp_va(). - Move standard cherry pick to stable format in patch 8. - Link to v1: https://lore.kernel.org/r/20250312-stable-sve-6-13-v1-0-c7ba07a6f4f7@kernel… --- Fuad Tabba (1): KVM: arm64: Calculate cptr_el2 traps on activating traps Mark Rutland (7): KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state KVM: arm64: Remove host FPSIMD saving for non-protected KVM KVM: arm64: Remove VHE host restore of CPACR_EL1.ZEN KVM: arm64: Remove VHE host restore of CPACR_EL1.SMEN KVM: arm64: Refactor exit handlers KVM: arm64: Mark some header functions as inline KVM: arm64: Eagerly switch ZCR_EL{1,2} arch/arm64/include/asm/kvm_host.h | 25 ++---- arch/arm64/kernel/fpsimd.c | 25 ------ arch/arm64/kvm/arm.c | 9 --- arch/arm64/kvm/fpsimd.c | 100 ++---------------------- arch/arm64/kvm/hyp/entry.S | 5 ++ arch/arm64/kvm/hyp/include/hyp/switch.h | 133 ++++++++++++++++++++++--------- arch/arm64/kvm/hyp/nvhe/hyp-main.c | 11 +-- arch/arm64/kvm/hyp/nvhe/pkvm.c | 30 ------- arch/arm64/kvm/hyp/nvhe/switch.c | 134 ++++++++++++++++++-------------- arch/arm64/kvm/hyp/vhe/switch.c | 21 ++--- 10 files changed, 201 insertions(+), 292 deletions(-) --- base-commit: 648e04a805652f513af04b47035cde896addf9b0 change-id: 20250227-stable-sve-6-13-5ceaf408b5f7 Best regards, -- Mark Brown <broonie(a)kernel.org>

7 months, 2 weeks

2
16
0 0

[PATCH 6.12 v2 0/8] KVM: arm64: Backport of SVE fixes to v6.12

by Mark Brown

This series backports some recent fixes for SVE/KVM interactions from Mark Rutland to v6.12. Signed-off-by: Mark Brown <broonie(a)kernel.org> --- Changes in v2: - Remove an erronious kern_hyp_va(). - Link to v1: https://lore.kernel.org/r/20250314-stable-sve-6-12-v1-0-ddc16609d9ba@kernel… --- Fuad Tabba (1): KVM: arm64: Calculate cptr_el2 traps on activating traps Mark Rutland (7): KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state KVM: arm64: Remove host FPSIMD saving for non-protected KVM KVM: arm64: Remove VHE host restore of CPACR_EL1.ZEN KVM: arm64: Remove VHE host restore of CPACR_EL1.SMEN KVM: arm64: Refactor exit handlers KVM: arm64: Mark some header functions as inline KVM: arm64: Eagerly switch ZCR_EL{1,2} arch/arm64/include/asm/kvm_host.h | 25 ++---- arch/arm64/kernel/fpsimd.c | 25 ------ arch/arm64/kvm/arm.c | 9 --- arch/arm64/kvm/fpsimd.c | 100 ++---------------------- arch/arm64/kvm/hyp/entry.S | 5 ++ arch/arm64/kvm/hyp/include/hyp/switch.h | 133 ++++++++++++++++++++++--------- arch/arm64/kvm/hyp/nvhe/hyp-main.c | 11 +-- arch/arm64/kvm/hyp/nvhe/pkvm.c | 29 ------- arch/arm64/kvm/hyp/nvhe/switch.c | 134 ++++++++++++++++++-------------- arch/arm64/kvm/hyp/vhe/switch.c | 21 ++--- 10 files changed, 201 insertions(+), 291 deletions(-) --- base-commit: e9cc806c0152fa9993f817cebf42989a3e2530bb change-id: 20250227-stable-sve-6-12-777778ad28fb Best regards, -- Mark Brown <broonie(a)kernel.org>

7 months, 2 weeks

3
18
0 0

[PATCH 6.6 0/8] KVM: arm64: Backport of SVE fixes to v6.6

by Mark Brown

This series backports some recent fixes for SVE/KVM interactions from Mark Rutland to v6.6. Signed-off-by: Mark Brown <broonie(a)kernel.org> --- Fuad Tabba (1): KVM: arm64: Calculate cptr_el2 traps on activating traps Mark Rutland (7): KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state KVM: arm64: Remove host FPSIMD saving for non-protected KVM KVM: arm64: Remove VHE host restore of CPACR_EL1.ZEN KVM: arm64: Remove VHE host restore of CPACR_EL1.SMEN KVM: arm64: Refactor exit handlers KVM: arm64: Mark some header functions as inline KVM: arm64: Eagerly switch ZCR_EL{1,2} arch/arm64/include/asm/kvm_host.h | 7 +-- arch/arm64/include/asm/kvm_hyp.h | 1 + arch/arm64/kernel/fpsimd.c | 25 -------- arch/arm64/kvm/arm.c | 1 - arch/arm64/kvm/fpsimd.c | 89 +++++---------------------- arch/arm64/kvm/hyp/entry.S | 5 ++ arch/arm64/kvm/hyp/include/hyp/switch.h | 106 +++++++++++++++++++++----------- arch/arm64/kvm/hyp/nvhe/hyp-main.c | 15 +---- arch/arm64/kvm/hyp/nvhe/pkvm.c | 29 +-------- arch/arm64/kvm/hyp/nvhe/switch.c | 106 ++++++++++++++++++++++---------- arch/arm64/kvm/hyp/vhe/switch.c | 13 ++-- arch/arm64/kvm/reset.c | 3 + 12 files changed, 182 insertions(+), 218 deletions(-) --- base-commit: 594a1dd5138a6bbaa1697e5648cce23d2520eba9 change-id: 20250227-stable-sve-6-6-e795d85262b9 Best regards, -- Mark Brown <broonie(a)kernel.org>

7 months, 2 weeks

2
16
0 0

[PATCH 0/2] spi: fsl-qspi: Fix kernel panic when unbinding the SPI host

by Kevin Hao

Hi, I observed a kernel panic on my imx8mq-evk board. It can be easily reproduced with the following steps: while true; do cat /dev/mtd0 >/dev/null; done & echo 30bb0000.spi >/sys/bus/platform/drivers/fsl-quadspi/unbind The following is the kernel log: Unable to handle kernel paging request at virtual address ffffffc082a6015c Mem abort info: ESR = 0x0000000096000007 EC = 0x25: DABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x07: level 3 translation fault Data abort info: ISV = 0, ISS = 0x00000007, ISS2 = 0x00000000 CM = 0, WnR = 0, TnD = 0, TagAccess = 0 GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 swapper pgtable: 4k pages, 39-bit VAs, pgdp=0000000041dc3000 [ffffffc082a6015c] pgd=1000000042779003, p4d=1000000042779003, pud=1000000042779003, pmd=1000000044631403, pte=0000000000000000 Internal error: Oops: 0000000096000007 [#1] SMP Modules linked in: 8021q ath10k_pci ath10k_core etnaviv snd_soc_fsl_asoc_card ath snd_soc_imx_audmux gpu_sched snd_soc_fsl_sai snd_soc_fsl_spdif imx_sdma imx_pcm_dma snd_soc_fsl_utils snd_soc_wm8524 sch_fq_codel openvswitch nsh nf_conncount nf_nat fuse configfs nfnetlink Hardware name: NXP i.MX8MQ EVK (DT) pc : fsl_qspi_exec_op+0xa8/0x7c0 lr : fsl_qspi_exec_op+0x88/0x7c0 sp : ffffffc08433b650 x8 : ffffffc08433b748 x7 : 0000000000000000 x6 : 0000000000000004 x5 : 0000000000000001 x4 : 0000000000000000 x3 : 0000000000004174 x2 : 0032724c809254be x1 : 000000000000c2a2 x0 : 000000173a720be8 Call trace: fsl_qspi_exec_op+0xa8/0x7c0 (P) spi_mem_exec_op+0x410/0x4a0 spi_mem_no_dirmap_read+0xb0/0xd0 spi_mem_dirmap_read+0xdc/0x150 spi_nor_read_data+0x128/0x1a0 spi_nor_read+0xf4/0x2c8 mtd_read_oob_std+0x80/0x98 mtd_read_oob+0x9c/0x168 mtd_read+0x70/0xe0 mtdchar_read+0x224/0x2a8 vfs_read+0xcc/0x310 ksys_read+0x78/0x118 __arm64_sys_read+0x24/0x38 invoke_syscall+0x5c/0x130 el0_svc_common.constprop.0+0x48/0xf0 do_el0_svc+0x24/0x38 el0_svc+0x30/0xd0 el0t_64_sync_handler+0x10c/0x138 el0t_64_sync+0x198/0x1a0 CPU: 1 UID: 0 PID: 527 Comm: cat Not tainted 6.14.0-rc7-next-20250321-yocto-standard+ #11 PREEMPT pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) x29: ffffffc08433b670 x28: 0000007f8019f000 x27: 000000000000000e x26: ffffff8004781140 x25: 000000173a814e28 x24: 0000000000000006 x23: ffffffc082a6015c x22: ffffff80046a3d80 x21: ffffff80046a3d98 x20: ffffffc082a60000 x19: ffffffc08433b9b8 x18: 0000000000000000 x17: 0000000000000000 x16: 003135312e373631 x15: 2e3432322e383231 x14: 0000000000000000 x13: ffffff80bf74d940 x12: 0000000000000000 x11: 0000000000000160 x10: 00000000000009b0 x9 : ffffffc08010ea78 Code: d2800141 d2800060 941ecb48 d503203f (b94002e1) --- Kevin Hao (2): spi: fsl-qsi: Optimize fsl_qspi struct spi: fsl-qspi: Explicitly unregister SPI host in remove() drivers/spi/spi-fsl-qspi.c | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) --- base-commit: 9388ec571cb1adba59d1cded2300eeb11827679c change-id: 20250321-spi-8d7999765767 Best regards, -- Kevin Hao <haokexin(a)gmail.com>

7 months, 2 weeks

3
3
0 0

x86 kexec problem in stable 6.1.129 and later due to change related to PGD allocation

by Elias Rudberg

Hello, The following change seems to cause kexec to sometimes fail (not every time but about 50% chance) for the stable 6.1 kernels, 6.1.129 and later: 6821918f4519 ("x86/kexec: Allocate PGD for x86_64 transition page tables separately") The commit message for that commit states that it is dependent on another change "x86/mm: Add _PAGE_NOPTISHADOW bit to avoid updating userspace page tables" but that change does not seem to have been done in the 6.1 kernel series, which could explain why the 6821918f4519 change causes problems for 6.1. This appears to be a problem only for 6.1, for the 6.6 and later stable kernels there is no problem. I think the reason this problem is seen only for 6.1 and not for 6.6 and later is that the change "x86/kexec: Allocate PGD for x86_64 transition page tables separately" relies on things that are not available in 6.1. In the tests I have done, kexec is called via u-root. More details are available here: https://git.glasklar.is/system-transparency/core/stboot/-/issues/227 Cheers, Elias

7 months, 2 weeks

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror March 2025