March 2025 - Linux-stable-mirror

[PATCH v2] tty: Permit some TIOCL_SETSEL modes without CAP_SYS_ADMIN

by Günther Noack

With this, processes without CAP_SYS_ADMIN are able to use TIOCLINUX with subcode TIOCL_SETSEL, in the selection modes TIOCL_SETPOINTER, TIOCL_SELCLEAR and TIOCL_SELMOUSEREPORT. TIOCL_SETSEL was previously changed to require CAP_SYS_ADMIN, as this IOCTL let callers change the selection buffer and could be used to simulate keypresses. These three TIOCL_SETSEL selection modes, however, are safe to use, as they do not modify the selection buffer. This fixes a mouse support regression that affected Emacs (invisible mouse cursor). Cc: stable(a)vger.kernel.org Link: https://lore.kernel.org/r/ee3ec63269b43b34e1c90dd8c9743bf8@finder.org Fixes: 8d1b43f6a6df ("tty: Restrict access to TIOCLINUX' copy-and-paste subcommands") Signed-off-by: Günther Noack <gnoack(a)google.com> --- Changes in V2: * Removed comment in vt.c (per Greg's suggestion) * CC'd stable@ * I *kept* the CAP_SYS_ADMIN check *after* copy_from_user(), with the reasoning that: 1. I do not see a good alternative to reorder the code here. We need the data from copy_from_user() in order to know whether the CAP_SYS_ADMIN check even needs to be performed. 2. A previous get_user() from an adjacent memory region already worked (making this a very unlikely failure) I would still appreciate a more formal Tested-by from Hanno (hint, hint) :) --- drivers/tty/vt/selection.c | 14 ++++++++++++++ drivers/tty/vt/vt.c | 2 -- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/drivers/tty/vt/selection.c b/drivers/tty/vt/selection.c index 564341f1a74f..0bd6544e30a6 100644 --- a/drivers/tty/vt/selection.c +++ b/drivers/tty/vt/selection.c @@ -192,6 +192,20 @@ int set_selection_user(const struct tiocl_selection __user *sel, if (copy_from_user(&v, sel, sizeof(*sel))) return -EFAULT; + /* + * TIOCL_SELCLEAR, TIOCL_SELPOINTER and TIOCL_SELMOUSEREPORT are OK to + * use without CAP_SYS_ADMIN as they do not modify the selection. + */ + switch (v.sel_mode) { + case TIOCL_SELCLEAR: + case TIOCL_SELPOINTER: + case TIOCL_SELMOUSEREPORT: + break; + default: + if (!capable(CAP_SYS_ADMIN)) + return -EPERM; + } + return set_selection_kernel(&v, tty); } diff --git a/drivers/tty/vt/vt.c b/drivers/tty/vt/vt.c index 96842ce817af..be5564ed8c01 100644 --- a/drivers/tty/vt/vt.c +++ b/drivers/tty/vt/vt.c @@ -3345,8 +3345,6 @@ int tioclinux(struct tty_struct *tty, unsigned long arg) switch (type) { case TIOCL_SETSEL: - if (!capable(CAP_SYS_ADMIN)) - return -EPERM; return set_selection_user(param, tty); case TIOCL_PASTESEL: if (!capable(CAP_SYS_ADMIN)) -- 2.47.1.613.gc27f4b7a9f-goog

8 months

6
13
0 0

let me know

by Martyn Beasley.

Hi there! Good morning, I am in need of your assistance in procuring materials for production in Asia. Can you please respond? Martyn -- Notice of Non-Discrimination: The school district of Labette County USD 506 does not discriminate on the basis of race, color, ethnicity, national origin, sex/gender (to include orientation, identity or expression), age, disability, genetic information or any other basis prohibited by law. The following person has been designated to handle inquiries or complaints regarding nondiscrimination policies, including requests for accommodations or access to district buildings and programs. Complaints in regard to Discrimination: Discrimination against any student or employees on the basis of race, color, ethnicity, national origin, sex/gender (to include orientation, identity or expression), age, disability, genetic information or any other basis prohibited by law. The superintendent of Schools, PO Box 189, Altamont, Kansas 67330-0188, 620-784-5326, has been designated to coordinate compliance with nondiscrimination requirements contained in Title VI of the Civil Rights Act of 1964, Title IX of the Education Amendments of 1972, Section 504 of the Rehabilitation Act of 1973, Age Discrimination Act of 1975, and Americans with Disability Act of 1990. Superintendent of Schools, 401 S. High School Street, PO Box 189, Altamont, KS 67330, 620-724-6280 (telecommunications device for the deaf), 620-328-3121 (speech impaired). jwyrick(a)usd506.org <mailto:jwyrick@usd506.org>

8 months

1
0
0 0

[PATCH net v2 1/2] net: phy: nxp-c45-tja11xx: add TJA112X PHY configuration errata

by Andrei Botila

The most recent sillicon versions of TJA1120 and TJA1121 can achieve full silicon performance by putting the PHY in managed mode. It is necessary to apply these PHY writes before link gets established. Application of this fix is required after restart of device and wakeup from sleep. Cc: stable(a)vger.kernel.org Fixes: f1fe5dff2b8a ("net: phy: nxp-c45-tja11xx: add TJA1120 support") Signed-off-by: Andrei Botila <andrei.botila(a)oss.nxp.com> --- drivers/net/phy/nxp-c45-tja11xx.c | 52 +++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) diff --git a/drivers/net/phy/nxp-c45-tja11xx.c b/drivers/net/phy/nxp-c45-tja11xx.c index 34231b5b9175..709d6c9f7cba 100644 --- a/drivers/net/phy/nxp-c45-tja11xx.c +++ b/drivers/net/phy/nxp-c45-tja11xx.c @@ -22,6 +22,11 @@ #define PHY_ID_TJA_1103 0x001BB010 #define PHY_ID_TJA_1120 0x001BB031 +#define VEND1_DEVICE_ID3 0x0004 +#define TJA1120_DEV_ID3_SILICON_VERSION GENMASK(15, 12) +#define TJA1120_DEV_ID3_SAMPLE_TYPE GENMASK(11, 8) +#define DEVICE_ID3_SAMPLE_TYPE_R 0x9 + #define VEND1_DEVICE_CONTROL 0x0040 #define DEVICE_CONTROL_RESET BIT(15) #define DEVICE_CONTROL_CONFIG_GLOBAL_EN BIT(14) @@ -1593,6 +1598,50 @@ static int nxp_c45_set_phy_mode(struct phy_device *phydev) return 0; } +/* Errata: ES_TJA1120 and ES_TJA1121 Rev. 1.0 — 28 November 2024 Section 3.1 */ +static void nxp_c45_tja1120_errata(struct phy_device *phydev) +{ + int silicon_version, sample_type; + bool macsec_ability; + int phy_abilities; + int ret = 0; + + ret = phy_read_mmd(phydev, MDIO_MMD_VEND1, VEND1_DEVICE_ID3); + if (ret < 0) + return; + + sample_type = FIELD_GET(TJA1120_DEV_ID3_SAMPLE_TYPE, ret); + if (sample_type != DEVICE_ID3_SAMPLE_TYPE_R) + return; + + silicon_version = FIELD_GET(TJA1120_DEV_ID3_SILICON_VERSION, ret); + + phy_abilities = phy_read_mmd(phydev, MDIO_MMD_VEND1, + VEND1_PORT_ABILITIES); + macsec_ability = !!(phy_abilities & MACSEC_ABILITY); + if ((!macsec_ability && silicon_version == 2) || + (macsec_ability && silicon_version == 1)) { + /* TJA1120/TJA1121 PHY configuration errata workaround. + * Apply PHY writes sequence before link up. + */ + if (!macsec_ability) { + phy_write_mmd(phydev, MDIO_MMD_VEND1, 0x01F8, 0x4b95); + phy_write_mmd(phydev, MDIO_MMD_VEND1, 0x01F9, 0xf3cd); + } else { + phy_write_mmd(phydev, MDIO_MMD_VEND1, 0x01F8, 0x89c7); + phy_write_mmd(phydev, MDIO_MMD_VEND1, 0x01F9, 0x0893); + } + + phy_write_mmd(phydev, MDIO_MMD_VEND1, 0x0476, 0x58a0); + + phy_write_mmd(phydev, MDIO_MMD_PMAPMD, 0x8921, 0xa3a); + phy_write_mmd(phydev, MDIO_MMD_PMAPMD, 0x89F1, 0x16c1); + + phy_write_mmd(phydev, MDIO_MMD_VEND1, 0x01F8, 0x0); + phy_write_mmd(phydev, MDIO_MMD_VEND1, 0x01F9, 0x0); + } +} + static int nxp_c45_config_init(struct phy_device *phydev) { int ret; @@ -1609,6 +1658,9 @@ static int nxp_c45_config_init(struct phy_device *phydev) phy_write_mmd(phydev, MDIO_MMD_VEND1, 0x01F8, 1); phy_write_mmd(phydev, MDIO_MMD_VEND1, 0x01F9, 2); + if (phy_id_compare(phydev->phy_id, PHY_ID_TJA_1120, GENMASK(31, 4))) + nxp_c45_tja1120_errata(phydev); + phy_set_bits_mmd(phydev, MDIO_MMD_VEND1, VEND1_PHY_CONFIG, PHY_CONFIG_AUTO); -- 2.48.1

8 months

4
4
0 0

[PATCH] x86/boot: Sanitize boot params before parsing command line

by Ard Biesheuvel

From: Ard Biesheuvel <ardb(a)kernel.org> The 5-level paging code parses the command line to look for the 'no5lvl' string, and does so very early, before sanitize_boot_params() has been called and has been given the opportunity to wipe bogus data from the fields in boot_params that are not covered by struct setup_header, and are therefore supposed to be initialized to zero by the bootloader. This triggers an early boot crash when using syslinux-efi to boot a recent kernel built with CONFIG_X86_5LEVEL=y and CONFIG_EFI_STUB=n, as the 0xff padding that now fills the unused PE/COFF header is copied into boot_params by the bootloader, and interpreted as the top half of the command line pointer. Fix this by sanitizing the boot_params before use. Note that there is no harm in calling this more than once; subsequent invocations are able to spot that the boot_params have already been cleaned up. Cc: <stable(a)vger.kernel.org> # v6.1+ Cc: "H. Peter Anvin" <hpa(a)zytor.com> Cc: "Kirill A. Shutemov" <kirill.shutemov(a)linux.intel.com> Cc: Ulrich Gemkow <ulrich.gemkow(a)ikr.uni-stuttgart.de> Closes: https://lore.kernel.org/all/202503041549.35913.ulrich.gemkow@ikr.uni-stuttg… Signed-off-by: Ard Biesheuvel <ardb(a)kernel.org> --- arch/x86/boot/compressed/pgtable_64.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/arch/x86/boot/compressed/pgtable_64.c b/arch/x86/boot/compressed/pgtable_64.c index c882e1f67af0..d8c5de40669d 100644 --- a/arch/x86/boot/compressed/pgtable_64.c +++ b/arch/x86/boot/compressed/pgtable_64.c @@ -1,6 +1,7 @@ // SPDX-License-Identifier: GPL-2.0 #include "misc.h" #include <asm/bootparam.h> +#include <asm/bootparam_utils.h> #include <asm/e820/types.h> #include <asm/processor.h> #include "pgtable.h" @@ -107,6 +108,7 @@ asmlinkage void configure_5level_paging(struct boot_params *bp, void *pgtable) bool l5_required = false; /* Initialize boot_params. Required for cmdline_find_option_bool(). */ + sanitize_boot_params(bp); boot_params_ptr = bp; /* -- 2.48.1.711.g2feabab25a-goog

8 months

3
2
0 0

[PATCH v2] arm64: dts: ti: k3-j784s4-j742s2-main-common: Fix serdes_ln_ctrl reg-masks

by Siddharth Vadapalli

Commit under Fixes added the 'idle-states' property for SERDES4 lane muxes without defining the corresponding register offsets and masks for it in the 'mux-reg-masks' property within the 'serdes_ln_ctrl' node. Fix this. Fixes: 7287d423f138 ("arm64: dts: ti: k3-j784s4-main: Add system controller and SERDES lane mux") Cc: stable(a)vger.kernel.org Signed-off-by: Siddharth Vadapalli <s-vadapalli(a)ti.com> --- Patch is based on commit 76544811c850 Merge tag 'drm-fixes-2025-02-28' of https://gitlab.freedesktop.org/drm/kernel of the master branch of Mainline Linux. v1: https://patchwork.kernel.org/project/linux-arm-kernel/patch/20250227061643.… Changes since v1: - Updated offsets to begin from 0x40 instead of 0x30. This is because SERDES3 is not present in J784S4. Regards, Siddharth. arch/arm64/boot/dts/ti/k3-j784s4-j742s2-main-common.dtsi | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/arch/arm64/boot/dts/ti/k3-j784s4-j742s2-main-common.dtsi b/arch/arm64/boot/dts/ti/k3-j784s4-j742s2-main-common.dtsi index 83bbf94b58d1..51cb8f3fd1c8 100644 --- a/arch/arm64/boot/dts/ti/k3-j784s4-j742s2-main-common.dtsi +++ b/arch/arm64/boot/dts/ti/k3-j784s4-j742s2-main-common.dtsi @@ -84,7 +84,9 @@ serdes_ln_ctrl: mux-controller@4080 { <0x10 0x3>, <0x14 0x3>, /* SERDES1 lane0/1 select */ <0x18 0x3>, <0x1c 0x3>, /* SERDES1 lane2/3 select */ <0x20 0x3>, <0x24 0x3>, /* SERDES2 lane0/1 select */ - <0x28 0x3>, <0x2c 0x3>; /* SERDES2 lane2/3 select */ + <0x28 0x3>, <0x2c 0x3>, /* SERDES2 lane2/3 select */ + <0x40 0x3>, <0x44 0x3>, /* SERDES4 lane0/1 select */ + <0x48 0x3>, <0x4c 0x3>; /* SERDES4 lane2/3 select */ idle-states = <J784S4_SERDES0_LANE0_PCIE1_LANE0>, <J784S4_SERDES0_LANE1_PCIE1_LANE1>, <J784S4_SERDES0_LANE2_IP3_UNUSED>, -- 2.34.1

8 months

2
1
0 0

Reply Request For INTEC 2025

by Davin Roos

Hi, Quick follow up to check if you had a chance to review my previous email? I would appreciate a response from you. Regards, Davin _________________________________________________________________________________________ From: Davin Roos Subject: INTEC 2025 Hi, We are offering the visitors contact list The Intec International Trade Fair for Machine Tools, Manufacturing and Automation (INTEC 2025) We currently have 17,207+ verified visitor contacts. Each contact contains: Contact name, Job Title, Business Name, Physical Address, Phone Numbers, Official Email address and many more… Let me know if you are Interested so that I can share the Pricing for the same. Additionally, we can also provide the Exhibitors list upon request. Kind Regards, Davin Roos Sr. Demand Generation If you do not wish to receive this newsletter reply as “Unfollow”

8 months

1
0
0 0

Embedded World Exhibition 2025 Visitor's Contact List

by Frances Gross

Hi, We are offering the visitors contact list of Embedded World Exhibition & Conference 2025. We currently have 36,668 verified visitor contacts. Each contact contains: Contact Name, Job Title, Business Name, Physical Address, Phone Number, Official Email address, and many more. Let me know your interest so that I can share the pricing accordingly. Kind Regards, Frances Gross - Sr. Marketing Manager If you do not wish to receive this newsletter reply as "Not interested"

8 months

1
0
0 0

FAILED: patch "[PATCH] mm: hugetlb: Add huge page size param to" failed to apply to 6.6-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.6-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y git checkout FETCH_HEAD git cherry-pick -x 02410ac72ac3707936c07ede66e94360d0d65319 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025030436-idealize-unsaddle-3c68@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 02410ac72ac3707936c07ede66e94360d0d65319 Mon Sep 17 00:00:00 2001 From: Ryan Roberts <ryan.roberts(a)arm.com> Date: Wed, 26 Feb 2025 12:06:51 +0000 Subject: [PATCH] mm: hugetlb: Add huge page size param to huge_ptep_get_and_clear() In order to fix a bug, arm64 needs to be told the size of the huge page for which the huge_pte is being cleared in huge_ptep_get_and_clear(). Provide for this by adding an `unsigned long sz` parameter to the function. This follows the same pattern as huge_pte_clear() and set_huge_pte_at(). This commit makes the required interface modifications to the core mm as well as all arches that implement this function (arm64, loongarch, mips, parisc, powerpc, riscv, s390, sparc). The actual arm64 bug will be fixed in a separate commit. Cc: stable(a)vger.kernel.org Fixes: 66b3923a1a0f ("arm64: hugetlb: add support for PTE contiguous bit") Acked-by: David Hildenbrand <david(a)redhat.com> Reviewed-by: Alexandre Ghiti <alexghiti(a)rivosinc.com> # riscv Reviewed-by: Christophe Leroy <christophe.leroy(a)csgroup.eu> Reviewed-by: Catalin Marinas <catalin.marinas(a)arm.com> Reviewed-by: Anshuman Khandual <anshuman.khandual(a)arm.com> Signed-off-by: Ryan Roberts <ryan.roberts(a)arm.com> Acked-by: Alexander Gordeev <agordeev(a)linux.ibm.com> # s390 Link: https://lore.kernel.org/r/20250226120656.2400136-2-ryan.roberts@arm.com Signed-off-by: Will Deacon <will(a)kernel.org> diff --git a/arch/arm64/include/asm/hugetlb.h b/arch/arm64/include/asm/hugetlb.h index c6dff3e69539..03db9cb21ace 100644 --- a/arch/arm64/include/asm/hugetlb.h +++ b/arch/arm64/include/asm/hugetlb.h @@ -42,8 +42,8 @@ extern int huge_ptep_set_access_flags(struct vm_area_struct *vma, unsigned long addr, pte_t *ptep, pte_t pte, int dirty); #define __HAVE_ARCH_HUGE_PTEP_GET_AND_CLEAR -extern pte_t huge_ptep_get_and_clear(struct mm_struct *mm, - unsigned long addr, pte_t *ptep); +extern pte_t huge_ptep_get_and_clear(struct mm_struct *mm, unsigned long addr, + pte_t *ptep, unsigned long sz); #define __HAVE_ARCH_HUGE_PTEP_SET_WRPROTECT extern void huge_ptep_set_wrprotect(struct mm_struct *mm, unsigned long addr, pte_t *ptep); diff --git a/arch/arm64/mm/hugetlbpage.c b/arch/arm64/mm/hugetlbpage.c index 98a2a0e64e25..06db4649af91 100644 --- a/arch/arm64/mm/hugetlbpage.c +++ b/arch/arm64/mm/hugetlbpage.c @@ -396,8 +396,8 @@ void huge_pte_clear(struct mm_struct *mm, unsigned long addr, __pte_clear(mm, addr, ptep); } -pte_t huge_ptep_get_and_clear(struct mm_struct *mm, - unsigned long addr, pte_t *ptep) +pte_t huge_ptep_get_and_clear(struct mm_struct *mm, unsigned long addr, + pte_t *ptep, unsigned long sz) { int ncontig; size_t pgsize; @@ -549,6 +549,8 @@ bool __init arch_hugetlb_valid_size(unsigned long size) pte_t huge_ptep_modify_prot_start(struct vm_area_struct *vma, unsigned long addr, pte_t *ptep) { + unsigned long psize = huge_page_size(hstate_vma(vma)); + if (alternative_has_cap_unlikely(ARM64_WORKAROUND_2645198)) { /* * Break-before-make (BBM) is required for all user space mappings @@ -558,7 +560,7 @@ pte_t huge_ptep_modify_prot_start(struct vm_area_struct *vma, unsigned long addr if (pte_user_exec(__ptep_get(ptep))) return huge_ptep_clear_flush(vma, addr, ptep); } - return huge_ptep_get_and_clear(vma->vm_mm, addr, ptep); + return huge_ptep_get_and_clear(vma->vm_mm, addr, ptep, psize); } void huge_ptep_modify_prot_commit(struct vm_area_struct *vma, unsigned long addr, pte_t *ptep, diff --git a/arch/loongarch/include/asm/hugetlb.h b/arch/loongarch/include/asm/hugetlb.h index c8e4057734d0..4dc4b3e04225 100644 --- a/arch/loongarch/include/asm/hugetlb.h +++ b/arch/loongarch/include/asm/hugetlb.h @@ -36,7 +36,8 @@ static inline void huge_pte_clear(struct mm_struct *mm, unsigned long addr, #define __HAVE_ARCH_HUGE_PTEP_GET_AND_CLEAR static inline pte_t huge_ptep_get_and_clear(struct mm_struct *mm, - unsigned long addr, pte_t *ptep) + unsigned long addr, pte_t *ptep, + unsigned long sz) { pte_t clear; pte_t pte = ptep_get(ptep); @@ -51,8 +52,9 @@ static inline pte_t huge_ptep_clear_flush(struct vm_area_struct *vma, unsigned long addr, pte_t *ptep) { pte_t pte; + unsigned long sz = huge_page_size(hstate_vma(vma)); - pte = huge_ptep_get_and_clear(vma->vm_mm, addr, ptep); + pte = huge_ptep_get_and_clear(vma->vm_mm, addr, ptep, sz); flush_tlb_page(vma, addr); return pte; } diff --git a/arch/mips/include/asm/hugetlb.h b/arch/mips/include/asm/hugetlb.h index d0a86ce83de9..fbc71ddcf0f6 100644 --- a/arch/mips/include/asm/hugetlb.h +++ b/arch/mips/include/asm/hugetlb.h @@ -27,7 +27,8 @@ static inline int prepare_hugepage_range(struct file *file, #define __HAVE_ARCH_HUGE_PTEP_GET_AND_CLEAR static inline pte_t huge_ptep_get_and_clear(struct mm_struct *mm, - unsigned long addr, pte_t *ptep) + unsigned long addr, pte_t *ptep, + unsigned long sz) { pte_t clear; pte_t pte = *ptep; @@ -42,13 +43,14 @@ static inline pte_t huge_ptep_clear_flush(struct vm_area_struct *vma, unsigned long addr, pte_t *ptep) { pte_t pte; + unsigned long sz = huge_page_size(hstate_vma(vma)); /* * clear the huge pte entry firstly, so that the other smp threads will * not get old pte entry after finishing flush_tlb_page and before * setting new huge pte entry */ - pte = huge_ptep_get_and_clear(vma->vm_mm, addr, ptep); + pte = huge_ptep_get_and_clear(vma->vm_mm, addr, ptep, sz); flush_tlb_page(vma, addr); return pte; } diff --git a/arch/parisc/include/asm/hugetlb.h b/arch/parisc/include/asm/hugetlb.h index 5b3a5429f71b..21e9ace17739 100644 --- a/arch/parisc/include/asm/hugetlb.h +++ b/arch/parisc/include/asm/hugetlb.h @@ -10,7 +10,7 @@ void set_huge_pte_at(struct mm_struct *mm, unsigned long addr, #define __HAVE_ARCH_HUGE_PTEP_GET_AND_CLEAR pte_t huge_ptep_get_and_clear(struct mm_struct *mm, unsigned long addr, - pte_t *ptep); + pte_t *ptep, unsigned long sz); #define __HAVE_ARCH_HUGE_PTEP_CLEAR_FLUSH static inline pte_t huge_ptep_clear_flush(struct vm_area_struct *vma, diff --git a/arch/parisc/mm/hugetlbpage.c b/arch/parisc/mm/hugetlbpage.c index e9d18cf25b79..a94fe546d434 100644 --- a/arch/parisc/mm/hugetlbpage.c +++ b/arch/parisc/mm/hugetlbpage.c @@ -126,7 +126,7 @@ void set_huge_pte_at(struct mm_struct *mm, unsigned long addr, pte_t huge_ptep_get_and_clear(struct mm_struct *mm, unsigned long addr, - pte_t *ptep) + pte_t *ptep, unsigned long sz) { pte_t entry; diff --git a/arch/powerpc/include/asm/hugetlb.h b/arch/powerpc/include/asm/hugetlb.h index dad2e7980f24..86326587e58d 100644 --- a/arch/powerpc/include/asm/hugetlb.h +++ b/arch/powerpc/include/asm/hugetlb.h @@ -45,7 +45,8 @@ void set_huge_pte_at(struct mm_struct *mm, unsigned long addr, pte_t *ptep, #define __HAVE_ARCH_HUGE_PTEP_GET_AND_CLEAR static inline pte_t huge_ptep_get_and_clear(struct mm_struct *mm, - unsigned long addr, pte_t *ptep) + unsigned long addr, pte_t *ptep, + unsigned long sz) { return __pte(pte_update(mm, addr, ptep, ~0UL, 0, 1)); } @@ -55,8 +56,9 @@ static inline pte_t huge_ptep_clear_flush(struct vm_area_struct *vma, unsigned long addr, pte_t *ptep) { pte_t pte; + unsigned long sz = huge_page_size(hstate_vma(vma)); - pte = huge_ptep_get_and_clear(vma->vm_mm, addr, ptep); + pte = huge_ptep_get_and_clear(vma->vm_mm, addr, ptep, sz); flush_hugetlb_page(vma, addr); return pte; } diff --git a/arch/riscv/include/asm/hugetlb.h b/arch/riscv/include/asm/hugetlb.h index faf3624d8057..446126497768 100644 --- a/arch/riscv/include/asm/hugetlb.h +++ b/arch/riscv/include/asm/hugetlb.h @@ -28,7 +28,8 @@ void set_huge_pte_at(struct mm_struct *mm, #define __HAVE_ARCH_HUGE_PTEP_GET_AND_CLEAR pte_t huge_ptep_get_and_clear(struct mm_struct *mm, - unsigned long addr, pte_t *ptep); + unsigned long addr, pte_t *ptep, + unsigned long sz); #define __HAVE_ARCH_HUGE_PTEP_CLEAR_FLUSH pte_t huge_ptep_clear_flush(struct vm_area_struct *vma, diff --git a/arch/riscv/mm/hugetlbpage.c b/arch/riscv/mm/hugetlbpage.c index 42314f093922..b4a78a4b35cf 100644 --- a/arch/riscv/mm/hugetlbpage.c +++ b/arch/riscv/mm/hugetlbpage.c @@ -293,7 +293,7 @@ int huge_ptep_set_access_flags(struct vm_area_struct *vma, pte_t huge_ptep_get_and_clear(struct mm_struct *mm, unsigned long addr, - pte_t *ptep) + pte_t *ptep, unsigned long sz) { pte_t orig_pte = ptep_get(ptep); int pte_num; diff --git a/arch/s390/include/asm/hugetlb.h b/arch/s390/include/asm/hugetlb.h index 7c52acaf9f82..663e87220e89 100644 --- a/arch/s390/include/asm/hugetlb.h +++ b/arch/s390/include/asm/hugetlb.h @@ -25,8 +25,16 @@ void __set_huge_pte_at(struct mm_struct *mm, unsigned long addr, #define __HAVE_ARCH_HUGE_PTEP_GET pte_t huge_ptep_get(struct mm_struct *mm, unsigned long addr, pte_t *ptep); +pte_t __huge_ptep_get_and_clear(struct mm_struct *mm, unsigned long addr, + pte_t *ptep); + #define __HAVE_ARCH_HUGE_PTEP_GET_AND_CLEAR -pte_t huge_ptep_get_and_clear(struct mm_struct *mm, unsigned long addr, pte_t *ptep); +static inline pte_t huge_ptep_get_and_clear(struct mm_struct *mm, + unsigned long addr, pte_t *ptep, + unsigned long sz) +{ + return __huge_ptep_get_and_clear(mm, addr, ptep); +} static inline void arch_clear_hugetlb_flags(struct folio *folio) { @@ -48,7 +56,7 @@ static inline void huge_pte_clear(struct mm_struct *mm, unsigned long addr, static inline pte_t huge_ptep_clear_flush(struct vm_area_struct *vma, unsigned long address, pte_t *ptep) { - return huge_ptep_get_and_clear(vma->vm_mm, address, ptep); + return __huge_ptep_get_and_clear(vma->vm_mm, address, ptep); } #define __HAVE_ARCH_HUGE_PTEP_SET_ACCESS_FLAGS @@ -59,7 +67,7 @@ static inline int huge_ptep_set_access_flags(struct vm_area_struct *vma, int changed = !pte_same(huge_ptep_get(vma->vm_mm, addr, ptep), pte); if (changed) { - huge_ptep_get_and_clear(vma->vm_mm, addr, ptep); + __huge_ptep_get_and_clear(vma->vm_mm, addr, ptep); __set_huge_pte_at(vma->vm_mm, addr, ptep, pte); } return changed; @@ -69,7 +77,7 @@ static inline int huge_ptep_set_access_flags(struct vm_area_struct *vma, static inline void huge_ptep_set_wrprotect(struct mm_struct *mm, unsigned long addr, pte_t *ptep) { - pte_t pte = huge_ptep_get_and_clear(mm, addr, ptep); + pte_t pte = __huge_ptep_get_and_clear(mm, addr, ptep); __set_huge_pte_at(mm, addr, ptep, pte_wrprotect(pte)); } diff --git a/arch/s390/mm/hugetlbpage.c b/arch/s390/mm/hugetlbpage.c index d9ce199953de..2e568f175cd4 100644 --- a/arch/s390/mm/hugetlbpage.c +++ b/arch/s390/mm/hugetlbpage.c @@ -188,8 +188,8 @@ pte_t huge_ptep_get(struct mm_struct *mm, unsigned long addr, pte_t *ptep) return __rste_to_pte(pte_val(*ptep)); } -pte_t huge_ptep_get_and_clear(struct mm_struct *mm, - unsigned long addr, pte_t *ptep) +pte_t __huge_ptep_get_and_clear(struct mm_struct *mm, + unsigned long addr, pte_t *ptep) { pte_t pte = huge_ptep_get(mm, addr, ptep); pmd_t *pmdp = (pmd_t *) ptep; diff --git a/arch/sparc/include/asm/hugetlb.h b/arch/sparc/include/asm/hugetlb.h index c714ca6a05aa..e7a9cdd498dc 100644 --- a/arch/sparc/include/asm/hugetlb.h +++ b/arch/sparc/include/asm/hugetlb.h @@ -20,7 +20,7 @@ void __set_huge_pte_at(struct mm_struct *mm, unsigned long addr, #define __HAVE_ARCH_HUGE_PTEP_GET_AND_CLEAR pte_t huge_ptep_get_and_clear(struct mm_struct *mm, unsigned long addr, - pte_t *ptep); + pte_t *ptep, unsigned long sz); #define __HAVE_ARCH_HUGE_PTEP_CLEAR_FLUSH static inline pte_t huge_ptep_clear_flush(struct vm_area_struct *vma, diff --git a/arch/sparc/mm/hugetlbpage.c b/arch/sparc/mm/hugetlbpage.c index eee601a0d2cf..80504148d8a5 100644 --- a/arch/sparc/mm/hugetlbpage.c +++ b/arch/sparc/mm/hugetlbpage.c @@ -260,7 +260,7 @@ void set_huge_pte_at(struct mm_struct *mm, unsigned long addr, } pte_t huge_ptep_get_and_clear(struct mm_struct *mm, unsigned long addr, - pte_t *ptep) + pte_t *ptep, unsigned long sz) { unsigned int i, nptes, orig_shift, shift; unsigned long size; diff --git a/include/asm-generic/hugetlb.h b/include/asm-generic/hugetlb.h index f42133dae68e..2afc95bf1655 100644 --- a/include/asm-generic/hugetlb.h +++ b/include/asm-generic/hugetlb.h @@ -90,7 +90,7 @@ static inline void set_huge_pte_at(struct mm_struct *mm, unsigned long addr, #ifndef __HAVE_ARCH_HUGE_PTEP_GET_AND_CLEAR static inline pte_t huge_ptep_get_and_clear(struct mm_struct *mm, - unsigned long addr, pte_t *ptep) + unsigned long addr, pte_t *ptep, unsigned long sz) { return ptep_get_and_clear(mm, addr, ptep); } diff --git a/include/linux/hugetlb.h b/include/linux/hugetlb.h index ec8c0ccc8f95..bf5f7256bd28 100644 --- a/include/linux/hugetlb.h +++ b/include/linux/hugetlb.h @@ -1004,7 +1004,9 @@ static inline void hugetlb_count_sub(long l, struct mm_struct *mm) static inline pte_t huge_ptep_modify_prot_start(struct vm_area_struct *vma, unsigned long addr, pte_t *ptep) { - return huge_ptep_get_and_clear(vma->vm_mm, addr, ptep); + unsigned long psize = huge_page_size(hstate_vma(vma)); + + return huge_ptep_get_and_clear(vma->vm_mm, addr, ptep, psize); } #endif diff --git a/mm/hugetlb.c b/mm/hugetlb.c index 65068671e460..de9d49e521c1 100644 --- a/mm/hugetlb.c +++ b/mm/hugetlb.c @@ -5447,7 +5447,7 @@ static void move_huge_pte(struct vm_area_struct *vma, unsigned long old_addr, if (src_ptl != dst_ptl) spin_lock_nested(src_ptl, SINGLE_DEPTH_NESTING); - pte = huge_ptep_get_and_clear(mm, old_addr, src_pte); + pte = huge_ptep_get_and_clear(mm, old_addr, src_pte, sz); if (need_clear_uffd_wp && pte_marker_uffd_wp(pte)) huge_pte_clear(mm, new_addr, dst_pte, sz); @@ -5622,7 +5622,7 @@ void __unmap_hugepage_range(struct mmu_gather *tlb, struct vm_area_struct *vma, set_vma_resv_flags(vma, HPAGE_RESV_UNMAPPED); } - pte = huge_ptep_get_and_clear(mm, address, ptep); + pte = huge_ptep_get_and_clear(mm, address, ptep, sz); tlb_remove_huge_tlb_entry(h, tlb, ptep, address); if (huge_pte_dirty(pte)) set_page_dirty(page);

8 months

3
6
0 0

[PATCH 6.12 000/150] 6.12.18-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.12.18 release. There are 150 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Fri, 07 Mar 2025 17:44:26 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.12.18-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.12.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.12.18-rc1 Borislav Petkov (AMD) <bp(a)alien8.de> x86/microcode/AMD: Load only SHA256-checksummed patches Borislav Petkov (AMD) <bp(a)alien8.de> x86/microcode/AMD: Add get_patch_level() Borislav Petkov (AMD) <bp(a)alien8.de> x86/microcode/AMD: Get rid of the _load_microcode_amd() forward declaration Borislav Petkov (AMD) <bp(a)alien8.de> x86/microcode/AMD: Merge early_apply_microcode() into its single callsite Borislav Petkov (AMD) <bp(a)alien8.de> x86/microcode/AMD: Remove unused save_microcode_in_initrd_amd() declarations Borislav Petkov (AMD) <bp(a)alien8.de> x86/microcode/AMD: Remove ugly linebreak in __verify_patch_section() signature Borislav Petkov (AMD) <bp(a)alien8.de> x86/microcode/AMD: Have __apply_microcode_amd() return bool Nikolay Borisov <nik.borisov(a)suse.com> x86/microcode/AMD: Return bool from find_blobs_in_containers() chr[] <chris(a)rudorff.com> amdgpu/pm/legacy: fix suspend/resume issues Peter Jones <pjones(a)redhat.com> efi: Don't map the entire mokvar table to determine its size Clément Léger <cleger(a)rivosinc.com> riscv: cpufeature: use bitmap_equal() instead of memcmp() Yong-Xuan Wang <yongxuan.wang(a)sifive.com> riscv: signal: fix signal_minsigstksz Rob Herring <robh(a)kernel.org> riscv: cacheinfo: Use of_property_present() for non-boolean properties Yong-Xuan Wang <yongxuan.wang(a)sifive.com> riscv: signal: fix signal frame size Andreas Schwab <schwab(a)suse.de> riscv/futex: sign extend compare value in atomic cmpxchg Stafford Horne <shorne(a)gmail.com> rseq/selftests: Fix riscv rseq_offset_deref_addv inline asm Arthur Simchaev <arthur.simchaev(a)sandisk.com> scsi: ufs: core: bsg: Fix crash when arpmb command fails Roberto Sassu <roberto.sassu(a)huawei.com> ima: Reset IMA_NONACTION_RULE_FLAGS after post_setattr Ken Raeburn <raeburn(a)redhat.com> dm vdo: add missing spin_lock_init Milan Broz <gmazyland(a)gmail.com> dm-integrity: Avoid divide by zero in table status in Inline mode Mikhail Ivanov <ivanov.mikhail1(a)huawei-partners.com> selftests/landlock: Test TCP accesses with protocol=IPPROTO_TCP Tejun Heo <tj(a)kernel.org> sched_ext: Fix pick_task_scx() picking non-queued tasks when it's called without balance() Thomas Gleixner <tglx(a)linutronix.de> sched/core: Prevent rescheduling when interrupts are disabled Thomas Gleixner <tglx(a)linutronix.de> rcuref: Plug slowpath race in rcuref_put() Ard Biesheuvel <ardb(a)kernel.org> vmlinux.lds: Ensure that const vars with relocations are mapped R/O Mikhail Ivanov <ivanov.mikhail1(a)huawei-partners.com> selftests/landlock: Test that MPTCP actions are not restricted Matthieu Baerts (NGI0) <matttbe(a)kernel.org> mptcp: reset when MPTCP opts are dropped after join Paolo Abeni <pabeni(a)redhat.com> mptcp: always handle address removal under msk socket lock Thomas Gleixner <tglx(a)linutronix.de> intel_idle: Handle older CPUs, which stop the TSC in deeper C states, correctly Lu Baolu <baolu.lu(a)linux.intel.com> iommu/vt-d: Fix suspicious RCU usage Jerry Snitselaar <jsnitsel(a)redhat.com> iommu/vt-d: Remove device comparison in context_setup_pass_through_cb André Draszik <andre.draszik(a)linaro.org> phy: exynos5-usbdrd: gs101: ensure power is gated to SS phy in phy_exit() Kaustabh Chakraborty <kauschluss(a)disroot.org> phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL masks in refclk BH Hsieh <bhsieh(a)nvidia.com> phy: tegra: xusb: reset VBUS & ID OVERRIDE Wei Fang <wei.fang(a)nxp.com> net: enetc: fix the off-by-one issue in enetc_map_tx_tso_buffs() Wei Fang <wei.fang(a)nxp.com> net: enetc: correct the xdp_tx statistics Wei Fang <wei.fang(a)nxp.com> net: enetc: update UDP checksum when updating originTimestamp field Wei Fang <wei.fang(a)nxp.com> net: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC Wei Fang <wei.fang(a)nxp.com> net: enetc: keep track of correct Tx BD count in enetc_map_tx_tso_buffs() Wei Fang <wei.fang(a)nxp.com> net: enetc: fix the off-by-one issue in enetc_map_tx_buffs() George Moussalem <george.moussalem(a)outlook.com> net: phy: qcom: qca807x fix condition for DAC_DSP_BIAS_CURRENT Qunqin Zhao <zhaoqunqin(a)loongson.cn> net: stmmac: dwmac-loongson: Add fix_soc_reset() callback Nikita Zhandarovich <n.zhandarovich(a)fintech.ru> usbnet: gl620a: fix endpoint checking in genelink_bind() Binbin Zhou <zhoubinbin(a)loongson.cn> i2c: ls2x: Fix frequency division register access Tyrone Ting <kfting(a)nuvoton.com> i2c: npcm: disable interrupt enable bit before devm_request_irq Damien Le Moal <dlemoal(a)kernel.org> block: Remove zone write plugs when handling native zone append writes Ryan Roberts <ryan.roberts(a)arm.com> arm64: hugetlb: Fix flush_hugetlb_tlb_range() invalidation level Ryan Roberts <ryan.roberts(a)arm.com> arm64: hugetlb: Fix huge_ptep_get_and_clear() for non-present ptes Ryan Roberts <ryan.roberts(a)arm.com> arm64/mm: Fix Boot panic on Ampere Altra Roman Li <Roman.Li(a)amd.com> drm/amd/display: Fix HPD after gpu reset Yilin Chen <Yilin.Chen(a)amd.com> drm/amd/display: add a quirk to enable eDP0 on DP1 Tom Chung <chiahsuan.chung(a)amd.com> drm/amd/display: Disable PSR-SU on eDP panels Pierre-Eric Pelloux-Prayer <pierre-eric.pelloux-prayer(a)amd.com> drm/amdgpu: init return value in amdgpu_ttm_clear_buffer Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: disable BAR resize on Dell G5 SE David Yat Sin <David.YatSin(a)amd.com> drm/amdkfd: Preserve cp_hqd_pq_control on update_mqd Matthew Auld <matthew.auld(a)intel.com> drm/xe/userptr: fix EFAULT handling Matthew Auld <matthew.auld(a)intel.com> drm/xe/userptr: restore invalidation list on error Mingcong Bai <jeffbai(a)aosc.io> drm/xe/regs: remove a duplicate definition for RING_CTL_SIZE(size) Kan Liang <kan.liang(a)linux.intel.com> perf/core: Fix low freq setting via IOC_PERIOD Kan Liang <kan.liang(a)linux.intel.com> perf/x86: Fix low freqency setting issue Breno Leitao <leitao(a)debian.org> perf/core: Add RCU read lock protection to perf_iterate_ctx() Oliver Upton <oliver.upton(a)linux.dev> KVM: arm64: Ensure a VMID is allocated before programming VTTBR_EL2 Adrien Vergé <adrienverge(a)gmail.com> ALSA: hda/realtek: Fix microphone regression on ASUS N705UD Dmitry Panchenko <dmitry(a)d-systems.ee> ALSA: usb-audio: Re-add sample rate quirk for Pioneer DJM-900NXS2 Nikolay Kuratov <kniv(a)yandex-team.ru> ftrace: Avoid potential division by zero in function_stat_show() Steven Rostedt <rostedt(a)goodmis.org> tracing: Fix bad hist from corrupting named_triggers list Andrew Jones <ajones(a)ventanamicro.com> riscv: KVM: Fix SBI TIME error generation Andrew Jones <ajones(a)ventanamicro.com> riscv: KVM: Fix SBI IPI error generation Andrew Jones <ajones(a)ventanamicro.com> riscv: KVM: Fix hart suspend_type use Andrew Jones <ajones(a)ventanamicro.com> riscv: KVM: Fix hart suspend status check Chukun Pan <amadeus(a)jmu.edu.cn> phy: rockchip: naneng-combphy: compatible reset with old DT Arnd Bergmann <arnd(a)arndb.de> phy: rockchip: fix Kconfig dependency more Russell Senior <russell(a)personaltelco.net> x86/CPU: Fix warm boot hang regression on AMD SC1100 SoC systems Ard Biesheuvel <ardb(a)kernel.org> objtool: Fix C jump table annotations for Clang Peter Zijlstra <peterz(a)infradead.org> objtool: Remove annotate_{,un}reachable() Peter Zijlstra <peterz(a)infradead.org> unreachable: Unify Pavel Begunkov <asml.silence(a)gmail.com> io_uring/net: save msg_control for compat Yu-Che Cheng <giver(a)chromium.org> thermal: gov_power_allocator: Update total_weight on bind and cdev updates Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> thermal: core: Move lists of thermal instances to trip descriptors Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> thermal/of: Fix cdev lookup in thermal_of_should_bind() Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> thermal: of: Simplify thermal_of_should_bind with scoped for each OF child Tong Tiangen <tongtiangen(a)huawei.com> uprobes: Reject the shared zeropage in uprobe_write_opcode() Luo Gengkun <luogengkun(a)huaweicloud.com> perf/core: Order the PMU list to fix warning about unordered pmu_ctx_list Yu-Che Cheng <giver(a)chromium.org> thermal: gov_power_allocator: Fix incorrect calculation in divvy_up_power() Meghana Malladi <m-malladi(a)ti.com> net: ti: icss-iep: Reject perout generation request Eric Dumazet <edumazet(a)google.com> idpf: fix checksums set in idpf_rx_rsc() Joe Damato <jdamato(a)fastly.com> selftests: drv-net: Check if combined-count exists Justin Iurman <justin.iurman(a)uliege.be> net: ipv6: fix dst ref loop on input in rpl lwt Justin Iurman <justin.iurman(a)uliege.be> net: ipv6: fix dst ref loop on input in seg6 lwt Shay Drory <shayd(a)nvidia.com> net/mlx5: IRQ, Fix null string in debug print Harshal Chaudhari <hchaudhari(a)marvell.com> net: mvpp2: cls: Fixed Non IP flow, with vlan tag flow defination. Mohammad Heib <mheib(a)redhat.com> net: Clear old fragment checksum value in napi_reuse_skb Tejas Upadhyay <tejas.upadhyay(a)intel.com> drm/xe: cancel pending job timer before freeing scheduler Wang Hai <wanghai38(a)huawei.com> tcp: Defer ts_recent changes until req is owned Marcin Szycik <marcin.szycik(a)linux.intel.com> ice: Avoid setting default Rx VSI twice in switchdev setup Marcin Szycik <marcin.szycik(a)linux.intel.com> ice: Fix deinitializing VF in error path Paul Greenwalt <paul.greenwalt(a)intel.com> ice: add E830 HW VF mailbox message limit support Stanislav Fomichev <sdf(a)fomichev.me> tcp: devmem: don't write truncated dmabuf CMSGs to userspace Sascha Hauer <s.hauer(a)pengutronix.de> net: ethernet: ti: am65-cpsw: select PAGE_POOL Takashi Iwai <tiwai(a)suse.de> ALSA: hda/realtek: Fix wrong mic setup for ASUS VivoBook 15 Richard Fitzgerald <rf(a)opensource.cirrus.com> ASoC: cs35l56: Prevent races when soft-resetting using SPI control Richard Fitzgerald <rf(a)opensource.cirrus.com> firmware: cs_dsp: Remove async regmap writes Umesh Nerlige Ramappa <umesh.nerlige.ramappa(a)intel.com> drm/xe/oa: Allow oa_exponent value of 0 Ashutosh Dixit <ashutosh.dixit(a)intel.com> drm/xe/oa: Allow only certain property changes from config Ashutosh Dixit <ashutosh.dixit(a)intel.com> drm/xe/oa: Add syncs support to OA config ioctl Ashutosh Dixit <ashutosh.dixit(a)intel.com> drm/xe/oa: Move functions up so they can be reused for config ioctl Ashutosh Dixit <ashutosh.dixit(a)intel.com> drm/xe/oa: Signal output fences Philo Lu <lulie(a)linux.alibaba.com> ipvs: Always clear ipvs_property flag in skb_scrub_packet() Chancel Liu <chancel.liu(a)nxp.com> ASoC: fsl: Rename stream name of SAI DAI driver Nicolas Frattaroli <nicolas.frattaroli(a)collabora.com> ASoC: es8328: fix route from DAC to output Linus Walleij <linus.walleij(a)linaro.org> net: dsa: rtl8366rb: Fix compilation problem Sean Anderson <sean.anderson(a)linux.dev> net: cadence: macb: Synchronize stats calculations Eric Dumazet <edumazet(a)google.com> ipvlan: ensure network headers are in skb linear part Guillaume Nault <gnault(a)redhat.com> ipvlan: Prepare ipvlan_process_v4_outbound() to future .flowi4_tos conversion. Guillaume Nault <gnault(a)redhat.com> ipv4: Convert ip_route_input() to dscp_t. Guillaume Nault <gnault(a)redhat.com> ipv4: Convert icmp_route_lookup() to dscp_t. Jiri Slaby (SUSE) <jirislaby(a)kernel.org> net: set the minimum for net_hotdata.netdev_budget_usecs Ido Schimmel <idosch(a)nvidia.com> net: loopback: Avoid sending IP packets without an Ethernet header David Howells <dhowells(a)redhat.com> afs: Give an afs_server object a ref on the afs_cell object it points to David Howells <dhowells(a)redhat.com> afs: Fix the server_list to unuse a displaced server rather than putting it David Howells <dhowells(a)redhat.com> rxrpc: rxperf: Fix missing decoding of terminal magic cookie Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: L2CAP: Fix L2CAP_ECRED_CONN_RSP response Takashi Iwai <tiwai(a)suse.de> ALSA: usb-audio: Avoid dropping MIDI events at closing multiple ports Arnd Bergmann <arnd(a)arndb.de> sunrpc: suppress warnings for unused procfs functions Kashyap Desai <kashyap.desai(a)broadcom.com> RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers Patrisious Haddad <phaddad(a)nvidia.com> RDMA/mlx5: Fix bind QP error cleanup flow Manivannan Sadhasivam <manivannan.sadhasivam(a)linaro.org> scsi: ufs: core: Set default runtime/system PM levels before ufshcd_hba_init() Ye Bin <yebin10(a)huawei.com> scsi: core: Clear driver private data when retrying request Patrisious Haddad <phaddad(a)nvidia.com> RDMA/mlx5: Fix AH static rate parsing Yishai Hadas <yishaih(a)nvidia.com> RDMA/mlx5: Fix implicit ODP hang on parent deregistration Benjamin Coddington <bcodding(a)redhat.com> SUNRPC: Handle -ETIMEDOUT return from tlshd Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4: Fix a deadlock when recovering state on a sillyrenamed file Trond Myklebust <trond.myklebust(a)hammerspace.com> SUNRPC: Prevent looping due to rpc_signal_task() races Trond Myklebust <trond.myklebust(a)hammerspace.com> NFS: Adjust delegated timestamps for O_DIRECT reads and writes Trond Myklebust <trond.myklebust(a)hammerspace.com> NFS: O_DIRECT writes must check and adjust the file length Vasiliy Kovalev <kovalev(a)altlinux.org> ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up Bart Van Assche <bvanassche(a)acm.org> scsi: ufs: core: Fix ufshcd_is_ufs_dev_busy() and ufshcd_eh_timed_out() Mikhail Ivanov <ivanov.mikhail1(a)huawei-partners.com> landlock: Fix non-TCP sockets restriction Selvin Xavier <selvin.xavier(a)broadcom.com> RDMA/bnxt_re: Fix the statistics for Gen P7 VF Kalesh AP <kalesh-anakkur.purayil(a)broadcom.com> RDMA/bnxt_re: Allocate dev_attr information dynamically Kalesh AP <kalesh-anakkur.purayil(a)broadcom.com> RDMA/bnxt_re: Add sanity checks on rdev validity Kalesh AP <kalesh-anakkur.purayil(a)broadcom.com> RDMA/bnxt_re: Cache MSIx info to a local structure Kalesh AP <kalesh-anakkur.purayil(a)broadcom.com> RDMA/bnxt_re: Refactor NQ allocation Kalesh AP <kalesh-anakkur.purayil(a)broadcom.com> RDMA/bnxt_re: Fail probe early when not enough MSI-x vectors are reserved Junxian Huang <huangjunxian6(a)hisilicon.com> RDMA/hns: Fix mbox timing out by adding retry mechanism Konstantin Taranov <kotaranov(a)microsoft.com> RDMA/mana_ib: Allocate PAGE aligned doorbell index Yishai Hadas <yishaih(a)nvidia.com> RDMA/mlx5: Fix a WARN during dereg_mr for DM type Yishai Hadas <yishaih(a)nvidia.com> RDMA/mlx5: Fix a race for DMABUF MR which can lead to CQE with error Mark Zhang <markzhang(a)nvidia.com> IB/mlx5: Set and get correct qp_num for a DCT QP Yishai Hadas <yishaih(a)nvidia.com> RDMA/mlx5: Fix the recovery flow of the UMR QP ------------- Diffstat: Makefile | 4 +- arch/arm64/include/asm/hugetlb.h | 22 +- arch/arm64/include/asm/kvm_host.h | 2 +- arch/arm64/kvm/arm.c | 22 +- arch/arm64/kvm/vmid.c | 11 +- arch/arm64/mm/hugetlbpage.c | 51 +- arch/arm64/mm/init.c | 7 +- arch/riscv/include/asm/futex.h | 2 +- arch/riscv/kernel/cacheinfo.c | 12 +- arch/riscv/kernel/cpufeature.c | 2 +- arch/riscv/kernel/setup.c | 2 +- arch/riscv/kernel/signal.c | 6 - arch/riscv/kvm/vcpu_sbi_hsm.c | 11 +- arch/riscv/kvm/vcpu_sbi_replace.c | 15 +- arch/x86/Kconfig | 1 + arch/x86/events/core.c | 2 +- arch/x86/kernel/cpu/cyrix.c | 4 +- arch/x86/kernel/cpu/microcode/amd.c | 283 ++++++--- arch/x86/kernel/cpu/microcode/amd_shas.c | 444 ++++++++++++++ arch/x86/kernel/cpu/microcode/internal.h | 2 - block/blk-zoned.c | 76 ++- drivers/firmware/cirrus/cs_dsp.c | 24 +- drivers/firmware/efi/mokvar-table.c | 42 +- drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 7 + drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c | 2 +- drivers/gpu/drm/amd/amdkfd/kfd_mqd_manager_v10.c | 6 +- drivers/gpu/drm/amd/amdkfd/kfd_mqd_manager_v11.c | 5 +- drivers/gpu/drm/amd/amdkfd/kfd_mqd_manager_v12.c | 5 +- drivers/gpu/drm/amd/amdkfd/kfd_mqd_manager_v9.c | 5 +- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 69 ++- .../gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_irq.c | 14 + .../gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_psr.c | 3 +- drivers/gpu/drm/amd/pm/legacy-dpm/kv_dpm.c | 25 +- drivers/gpu/drm/amd/pm/legacy-dpm/legacy_dpm.c | 8 +- drivers/gpu/drm/amd/pm/legacy-dpm/si_dpm.c | 26 +- drivers/gpu/drm/xe/regs/xe_engine_regs.h | 1 - drivers/gpu/drm/xe/xe_guc_submit.c | 2 + drivers/gpu/drm/xe/xe_oa.c | 657 ++++++++++++--------- drivers/gpu/drm/xe/xe_oa_types.h | 6 + drivers/gpu/drm/xe/xe_vm.c | 40 +- drivers/i2c/busses/i2c-ls2x.c | 16 +- drivers/i2c/busses/i2c-npcm7xx.c | 7 + drivers/idle/intel_idle.c | 4 + drivers/infiniband/hw/bnxt_re/bnxt_re.h | 18 +- drivers/infiniband/hw/bnxt_re/hw_counters.c | 4 +- drivers/infiniband/hw/bnxt_re/ib_verbs.c | 46 +- drivers/infiniband/hw/bnxt_re/main.c | 153 +++-- drivers/infiniband/hw/bnxt_re/qplib_res.c | 7 +- drivers/infiniband/hw/bnxt_re/qplib_res.h | 12 +- drivers/infiniband/hw/bnxt_re/qplib_sp.c | 4 +- drivers/infiniband/hw/bnxt_re/qplib_sp.h | 3 +- drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 64 +- drivers/infiniband/hw/hns/hns_roce_hw_v2.h | 2 + drivers/infiniband/hw/mana/main.c | 2 +- drivers/infiniband/hw/mlx5/ah.c | 3 +- drivers/infiniband/hw/mlx5/counters.c | 8 +- drivers/infiniband/hw/mlx5/mr.c | 16 +- drivers/infiniband/hw/mlx5/odp.c | 1 + drivers/infiniband/hw/mlx5/qp.c | 10 +- drivers/infiniband/hw/mlx5/qp.h | 1 + drivers/infiniband/hw/mlx5/umr.c | 83 ++- drivers/iommu/intel/dmar.c | 1 + drivers/iommu/intel/iommu.c | 10 +- drivers/md/dm-integrity.c | 8 +- drivers/md/dm-vdo/dedupe.c | 1 + drivers/net/dsa/realtek/Kconfig | 6 + drivers/net/dsa/realtek/Makefile | 3 + drivers/net/dsa/realtek/rtl8366rb-leds.c | 177 ++++++ drivers/net/dsa/realtek/rtl8366rb.c | 258 +------- drivers/net/dsa/realtek/rtl8366rb.h | 107 ++++ drivers/net/ethernet/cadence/macb.h | 2 + drivers/net/ethernet/cadence/macb_main.c | 12 +- drivers/net/ethernet/freescale/enetc/enetc.c | 103 +++- .../net/ethernet/freescale/enetc/enetc_ethtool.c | 7 +- drivers/net/ethernet/intel/ice/ice.h | 1 + drivers/net/ethernet/intel/ice/ice_eswitch.c | 3 +- drivers/net/ethernet/intel/ice/ice_hw_autogen.h | 3 + drivers/net/ethernet/intel/ice/ice_lib.c | 3 + drivers/net/ethernet/intel/ice/ice_main.c | 24 +- drivers/net/ethernet/intel/ice/ice_sriov.c | 4 +- drivers/net/ethernet/intel/ice/ice_vf_lib.c | 34 +- .../net/ethernet/intel/ice/ice_vf_lib_private.h | 1 + drivers/net/ethernet/intel/ice/ice_vf_mbx.c | 32 + drivers/net/ethernet/intel/ice/ice_vf_mbx.h | 9 + drivers/net/ethernet/intel/ice/ice_virtchnl.c | 8 +- drivers/net/ethernet/intel/idpf/idpf_txrx.c | 3 +- drivers/net/ethernet/marvell/mvpp2/mvpp2_cls.c | 2 +- drivers/net/ethernet/mellanox/mlx5/core/pci_irq.c | 2 +- .../net/ethernet/stmicro/stmmac/dwmac-loongson.c | 14 + drivers/net/ethernet/ti/Kconfig | 1 + drivers/net/ethernet/ti/icssg/icss_iep.c | 21 +- drivers/net/ipvlan/ipvlan_core.c | 22 +- drivers/net/loopback.c | 14 + drivers/net/phy/qcom/qca807x.c | 2 +- drivers/net/usb/gl620a.c | 4 +- drivers/phy/rockchip/Kconfig | 1 + drivers/phy/rockchip/phy-rockchip-naneng-combphy.c | 5 +- drivers/phy/samsung/phy-exynos5-usbdrd.c | 25 +- drivers/phy/tegra/xusb-tegra186.c | 11 + drivers/scsi/scsi_lib.c | 14 +- drivers/thermal/gov_bang_bang.c | 11 +- drivers/thermal/gov_fair_share.c | 16 +- drivers/thermal/gov_power_allocator.c | 68 ++- drivers/thermal/gov_step_wise.c | 16 +- drivers/thermal/thermal_core.c | 33 +- drivers/thermal/thermal_core.h | 5 +- drivers/thermal/thermal_helpers.c | 5 +- drivers/thermal/thermal_of.c | 53 +- drivers/ufs/core/ufs_bsg.c | 6 +- drivers/ufs/core/ufshcd.c | 38 +- fs/afs/server.c | 3 + fs/afs/server_list.c | 4 +- fs/nfs/delegation.c | 37 ++ fs/nfs/delegation.h | 1 + fs/nfs/direct.c | 23 + fs/nfs/nfs4proc.c | 3 + fs/overlayfs/copy_up.c | 2 +- include/asm-generic/vmlinux.lds.h | 2 +- include/linux/blkdev.h | 7 +- include/linux/compiler-gcc.h | 12 - include/linux/compiler.h | 39 +- include/linux/rcuref.h | 9 +- include/linux/socket.h | 2 + include/linux/sunrpc/sched.h | 3 +- include/net/ip.h | 5 + include/net/route.h | 5 +- include/sound/cs35l56.h | 31 + include/trace/events/afs.h | 2 + include/trace/events/sunrpc.h | 3 +- io_uring/net.c | 4 +- kernel/events/core.c | 31 +- kernel/events/uprobes.c | 5 + kernel/sched/core.c | 2 +- kernel/sched/ext.c | 11 +- kernel/trace/ftrace.c | 27 +- kernel/trace/trace_events_hist.c | 34 +- lib/rcuref.c | 5 +- net/bluetooth/l2cap_core.c | 9 +- net/bridge/br_netfilter_hooks.c | 8 +- net/core/gro.c | 1 + net/core/scm.c | 10 + net/core/skbuff.c | 2 +- net/core/sysctl_net_core.c | 3 +- net/ipv4/icmp.c | 19 +- net/ipv4/ip_options.c | 3 +- net/ipv4/tcp.c | 26 +- net/ipv4/tcp_minisocks.c | 10 +- net/ipv6/ip6_tunnel.c | 4 +- net/ipv6/rpl_iptunnel.c | 14 +- net/ipv6/seg6_iptunnel.c | 14 +- net/mptcp/pm_netlink.c | 5 - net/mptcp/subflow.c | 15 +- net/rxrpc/rxperf.c | 12 + net/sunrpc/cache.c | 10 +- net/sunrpc/sched.c | 2 - net/sunrpc/xprtsock.c | 10 +- security/integrity/ima/ima.h | 3 + security/integrity/ima/ima_main.c | 7 +- security/landlock/net.c | 3 +- sound/pci/hda/cs35l56_hda_spi.c | 3 + sound/pci/hda/patch_realtek.c | 2 +- sound/soc/codecs/cs35l56-shared.c | 80 +++ sound/soc/codecs/cs35l56-spi.c | 3 + sound/soc/codecs/es8328.c | 15 +- sound/soc/fsl/fsl_sai.c | 6 +- sound/soc/fsl/imx-audmix.c | 4 +- sound/usb/midi.c | 2 +- sound/usb/quirks.c | 1 + tools/objtool/check.c | 50 +- tools/objtool/include/objtool/special.h | 2 +- tools/testing/selftests/drivers/net/queues.py | 7 +- tools/testing/selftests/landlock/common.h | 1 + tools/testing/selftests/landlock/config | 2 + tools/testing/selftests/landlock/net_test.c | 124 +++- tools/testing/selftests/rseq/rseq-riscv-bits.h | 6 +- tools/testing/selftests/rseq/rseq-riscv.h | 2 +- 176 files changed, 2965 insertions(+), 1448 deletions(-)

8 months

10
161
0 0

[PATCH] mm: memcontrol: fix swap counter leak from offline cgroup

by Muchun Song

The commit 6769183166b3 has removed the parameter of id from swap_cgroup_record() and get the memcg id from mem_cgroup_id(folio_memcg(folio)). However, the caller of it may update a different memcg's counter instead of folio_memcg(folio). E.g. in the caller of mem_cgroup_swapout(), @swap_memcg could be different with @memcg and update the counter of @swap_memcg, but swap_cgroup_record() records the wrong memcg's ID. When it is uncharged from __mem_cgroup_uncharge_swap(), the swap counter will leak since the wrong recorded ID. Fix it by bring the parameter of id back. Fixes: 6769183166b3 ("mm/swap_cgroup: decouple swap cgroup recording and clearing") Cc: <stable(a)vger.kernel.org> Signed-off-by: Muchun Song <songmuchun(a)bytedance.com> --- include/linux/swap_cgroup.h | 4 ++-- mm/memcontrol.c | 4 ++-- mm/swap_cgroup.c | 7 ++++--- 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/include/linux/swap_cgroup.h b/include/linux/swap_cgroup.h index b5ec038069dab..91cdf12190a03 100644 --- a/include/linux/swap_cgroup.h +++ b/include/linux/swap_cgroup.h @@ -6,7 +6,7 @@ #if defined(CONFIG_MEMCG) && defined(CONFIG_SWAP) -extern void swap_cgroup_record(struct folio *folio, swp_entry_t ent); +extern void swap_cgroup_record(struct folio *folio, unsigned short id, swp_entry_t ent); extern unsigned short swap_cgroup_clear(swp_entry_t ent, unsigned int nr_ents); extern unsigned short lookup_swap_cgroup_id(swp_entry_t ent); extern int swap_cgroup_swapon(int type, unsigned long max_pages); @@ -15,7 +15,7 @@ extern void swap_cgroup_swapoff(int type); #else static inline -void swap_cgroup_record(struct folio *folio, swp_entry_t ent) +void swap_cgroup_record(struct folio *folio, unsigned short id, swp_entry_t ent) { } diff --git a/mm/memcontrol.c b/mm/memcontrol.c index a5d870fbb4321..a5ab603806fbb 100644 --- a/mm/memcontrol.c +++ b/mm/memcontrol.c @@ -4988,7 +4988,7 @@ void mem_cgroup_swapout(struct folio *folio, swp_entry_t entry) mem_cgroup_id_get_many(swap_memcg, nr_entries - 1); mod_memcg_state(swap_memcg, MEMCG_SWAP, nr_entries); - swap_cgroup_record(folio, entry); + swap_cgroup_record(folio, mem_cgroup_id(swap_memcg), entry); folio_unqueue_deferred_split(folio); folio->memcg_data = 0; @@ -5050,7 +5050,7 @@ int __mem_cgroup_try_charge_swap(struct folio *folio, swp_entry_t entry) mem_cgroup_id_get_many(memcg, nr_pages - 1); mod_memcg_state(memcg, MEMCG_SWAP, nr_pages); - swap_cgroup_record(folio, entry); + swap_cgroup_record(folio, mem_cgroup_id(memcg), entry); return 0; } diff --git a/mm/swap_cgroup.c b/mm/swap_cgroup.c index be39078f255be..1007c30f12e2c 100644 --- a/mm/swap_cgroup.c +++ b/mm/swap_cgroup.c @@ -58,9 +58,11 @@ static unsigned short __swap_cgroup_id_xchg(struct swap_cgroup *map, * entries must not have been charged * * @folio: the folio that the swap entry belongs to + * @id: mem_cgroup ID to be recorded * @ent: the first swap entry to be recorded */ -void swap_cgroup_record(struct folio *folio, swp_entry_t ent) +void swap_cgroup_record(struct folio *folio, unsigned short id, + swp_entry_t ent) { unsigned int nr_ents = folio_nr_pages(folio); struct swap_cgroup *map; @@ -72,8 +74,7 @@ void swap_cgroup_record(struct folio *folio, swp_entry_t ent) map = swap_cgroup_ctrl[swp_type(ent)].map; do { - old = __swap_cgroup_id_xchg(map, offset, - mem_cgroup_id(folio_memcg(folio))); + old = __swap_cgroup_id_xchg(map, offset, id); VM_BUG_ON(old); } while (++offset != end); } -- 2.20.1

8 months

4
4
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror March 2025