April 2025 - Linux-stable-mirror

FAILED: patch "[PATCH] gpio: tegra186: fix resource handling in ACPI probe path" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 8323f3a69de6f6e96bf22f32dd8e2920766050c2 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025041751-faculty-suffix-09fc@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 8323f3a69de6f6e96bf22f32dd8e2920766050c2 Mon Sep 17 00:00:00 2001 From: Guixin Liu <kanie(a)linux.alibaba.com> Date: Thu, 27 Mar 2025 11:23:49 +0800 Subject: [PATCH] gpio: tegra186: fix resource handling in ACPI probe path When the Tegra186 GPIO controller is probed through ACPI matching, the driver emits two error messages during probing: "tegra186-gpio NVDA0508:00: invalid resource (null)" "tegra186-gpio NVDA0508:00: invalid resource (null)" Fix this by getting resource first and then do the ioremap. Fixes: 2606e7c9f5fc ("gpio: tegra186: Add ACPI support") Cc: stable(a)vger.kernel.org Signed-off-by: Guixin Liu <kanie(a)linux.alibaba.com> Link: https://lore.kernel.org/r/20250327032349.78809-1-kanie@linux.alibaba.com Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> diff --git a/drivers/gpio/gpio-tegra186.c b/drivers/gpio/gpio-tegra186.c index 6895b65c86af..d27bfac6c9f5 100644 --- a/drivers/gpio/gpio-tegra186.c +++ b/drivers/gpio/gpio-tegra186.c @@ -823,6 +823,7 @@ static int tegra186_gpio_probe(struct platform_device *pdev) struct gpio_irq_chip *irq; struct tegra_gpio *gpio; struct device_node *np; + struct resource *res; char **names; int err; @@ -842,19 +843,19 @@ static int tegra186_gpio_probe(struct platform_device *pdev) gpio->num_banks++; /* get register apertures */ - gpio->secure = devm_platform_ioremap_resource_byname(pdev, "security"); - if (IS_ERR(gpio->secure)) { - gpio->secure = devm_platform_ioremap_resource(pdev, 0); - if (IS_ERR(gpio->secure)) - return PTR_ERR(gpio->secure); - } + res = platform_get_resource_byname(pdev, IORESOURCE_MEM, "security"); + if (!res) + res = platform_get_resource(pdev, IORESOURCE_MEM, 0); + gpio->secure = devm_ioremap_resource(&pdev->dev, res); + if (IS_ERR(gpio->secure)) + return PTR_ERR(gpio->secure); - gpio->base = devm_platform_ioremap_resource_byname(pdev, "gpio"); - if (IS_ERR(gpio->base)) { - gpio->base = devm_platform_ioremap_resource(pdev, 1); - if (IS_ERR(gpio->base)) - return PTR_ERR(gpio->base); - } + res = platform_get_resource_byname(pdev, IORESOURCE_MEM, "gpio"); + if (!res) + res = platform_get_resource(pdev, IORESOURCE_MEM, 1); + gpio->base = devm_ioremap_resource(&pdev->dev, res); + if (IS_ERR(gpio->base)) + return PTR_ERR(gpio->base); err = platform_irq_count(pdev); if (err < 0)

7 months, 3 weeks

1
0
0 0

Re: [PATCH] xen-netfront: handle NULL returned by xdp_convert_buff_to_frame()

by Jürgen Groß

On 17.04.25 12:06, Alexey wrote: > > On 17.04.2025 11:51, Juergen Gross wrote: >> On 17.04.25 10:45, Alexey wrote: >>> >>> On 17.04.2025 10:12, Jürgen Groß wrote: >>>> On 17.04.25 09:00, Alexey wrote: >>>>> >>>>> On 17.04.2025 03:58, Jakub Kicinski wrote: >>>>>> On Mon, 14 Apr 2025 18:34:01 +0000 Alexey Nepomnyashih wrote: >>>>>>> get_page(pdata); >>>>>> Please notice this get_page() here. >>>>>> >>>>>>> xdpf = xdp_convert_buff_to_frame(xdp); >>>>>>> + if (unlikely(!xdpf)) { >>>>>>> + trace_xdp_exception(queue->info->netdev, prog, act); >>>>>>> + break; >>>>>>> + } >>>>> Do you mean that it would be better to move the get_page(pdata) call lower, >>>>> after checking for NULL in xdpf, so that the reference count is only increased >>>>> after a successful conversion? >>>> >>>> I think the error handling here is generally broken (or at least very >>>> questionable). >>>> >>>> I suspect that in case of at least some errors the get_page() is leaking >>>> even without this new patch. >>>> >>>> In case I'm wrong a comment reasoning why there is no leak should be >>>> added. >>>> >>>> >>>> Juergen >>> >>> I think pdata is freed in xdp_return_frame_rx_napi() -> __xdp_return() >> >> Agreed. But what if xennet_xdp_xmit() returns an error < 0? >> >> In this case xdp_return_frame_rx_napi() won't be called. >> >> >> Juergen > > Agreed. There is no explicit freed pdata in the calling function > xennet_get_responses(). Without this, the page referenced by pdata > could be leaked. > > I suggest: > > case XDP_TX: > - get_page(pdata); > xdpf = xdp_convert_buff_to_frame(xdp); > + if (unlikely(!xdpf)) { > + trace_xdp_exception(queue->info->netdev, prog, act); > + break; > + } > + get_page(pdata); > err = xennet_xdp_xmit(queue->info->netdev, 1, &xdpf, 0); > if (unlikely(!err)) > xdp_return_frame_rx_napi(xdpf); > - else if (unlikely(err < 0)) > + else if (unlikely(err < 0)) { > trace_xdp_exception(queue->info->netdev, prog, act); > + xdp_return_frame_rx_napi(xdpf); > + } Could you please merge the two if () blocks, as they share the call of xdp_return_frame_rx_napi() now? Something like: if (unlikely(err <= 0)) { if (err < 0) trace_xdp_exception(queue->info->netdev, prog, act); xdp_return_frame_rx_napi(xdpf); } > break; > case XDP_REDIRECT: > get_page(pdata); > err = xdp_do_redirect(queue->info->netdev, xdp, prog); > *need_xdp_flush = true; > - if (unlikely(err)) > + if (unlikely(err)) { > trace_xdp_exception(queue->info->netdev, prog, act); > + __xdp_return(page_address(pdata), &xdp->mem, true, xdp); > + } > break; Juergen P.S.: please don't use HTML in emails

7 months, 3 weeks

2
2
0 0

FAILED: patch "[PATCH] clk: renesas: r9a07g043: Fix HP clock source for RZ/Five" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 7f22a298d926664b51fcfe2f8ea5feb7f8b79952 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025041727-zips-envious-11ba@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 7f22a298d926664b51fcfe2f8ea5feb7f8b79952 Mon Sep 17 00:00:00 2001 From: Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> Date: Mon, 27 Jan 2025 17:31:59 +0000 Subject: [PATCH] clk: renesas: r9a07g043: Fix HP clock source for RZ/Five According to the Rev.1.20 hardware manual for the RZ/Five SoC, the clock source for HP is derived from PLL6 divided by 2. Correct the implementation by configuring HP as a fixed clock source instead of a MUX. The `CPG_PL6_ETH_SSEL' register, which is available on the RZ/G2UL SoC, is not present on the RZ/Five SoC, necessitating this change. Fixes: 95d48d270305ad2c ("clk: renesas: r9a07g043: Add support for RZ/Five SoC") Cc: stable(a)vger.kernel.org Reported-by: Hien Huynh <hien.huynh.px(a)renesas.com> Signed-off-by: Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> Reviewed-by: Geert Uytterhoeven <geert+renesas(a)glider.be> Link: https://lore.kernel.org/20250127173159.34572-1-prabhakar.mahadev-lad.rj@bp.… Signed-off-by: Geert Uytterhoeven <geert+renesas(a)glider.be> diff --git a/drivers/clk/renesas/r9a07g043-cpg.c b/drivers/clk/renesas/r9a07g043-cpg.c index c3c2b0c43983..fce2eecfa8c0 100644 --- a/drivers/clk/renesas/r9a07g043-cpg.c +++ b/drivers/clk/renesas/r9a07g043-cpg.c @@ -89,7 +89,9 @@ static const struct clk_div_table dtable_1_32[] = { /* Mux clock tables */ static const char * const sel_pll3_3[] = { ".pll3_533", ".pll3_400" }; +#ifdef CONFIG_ARM64 static const char * const sel_pll6_2[] = { ".pll6_250", ".pll5_250" }; +#endif static const char * const sel_sdhi[] = { ".clk_533", ".clk_400", ".clk_266" }; static const u32 mtable_sdhi[] = { 1, 2, 3 }; @@ -137,7 +139,12 @@ static const struct cpg_core_clk r9a07g043_core_clks[] __initconst = { DEF_DIV("P2", R9A07G043_CLK_P2, CLK_PLL3_DIV2_4_2, DIVPL3A, dtable_1_32), DEF_FIXED("M0", R9A07G043_CLK_M0, CLK_PLL3_DIV2_4, 1, 1), DEF_FIXED("ZT", R9A07G043_CLK_ZT, CLK_PLL3_DIV2_4_2, 1, 1), +#ifdef CONFIG_ARM64 DEF_MUX("HP", R9A07G043_CLK_HP, SEL_PLL6_2, sel_pll6_2), +#endif +#ifdef CONFIG_RISCV + DEF_FIXED("HP", R9A07G043_CLK_HP, CLK_PLL6_250, 1, 1), +#endif DEF_FIXED("SPI0", R9A07G043_CLK_SPI0, CLK_DIV_PLL3_C, 1, 2), DEF_FIXED("SPI1", R9A07G043_CLK_SPI1, CLK_DIV_PLL3_C, 1, 4), DEF_SD_MUX("SD0", R9A07G043_CLK_SD0, SEL_SDHI0, SEL_SDHI0_STS, sel_sdhi,

7 months, 3 weeks

1
0
0 0

FAILED: patch "[PATCH] clk: renesas: r9a07g043: Fix HP clock source for RZ/Five" failed to apply to 6.6-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.6-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y git checkout FETCH_HEAD git cherry-pick -x 7f22a298d926664b51fcfe2f8ea5feb7f8b79952 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025041726-traps-erasable-72f5@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 7f22a298d926664b51fcfe2f8ea5feb7f8b79952 Mon Sep 17 00:00:00 2001 From: Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> Date: Mon, 27 Jan 2025 17:31:59 +0000 Subject: [PATCH] clk: renesas: r9a07g043: Fix HP clock source for RZ/Five According to the Rev.1.20 hardware manual for the RZ/Five SoC, the clock source for HP is derived from PLL6 divided by 2. Correct the implementation by configuring HP as a fixed clock source instead of a MUX. The `CPG_PL6_ETH_SSEL' register, which is available on the RZ/G2UL SoC, is not present on the RZ/Five SoC, necessitating this change. Fixes: 95d48d270305ad2c ("clk: renesas: r9a07g043: Add support for RZ/Five SoC") Cc: stable(a)vger.kernel.org Reported-by: Hien Huynh <hien.huynh.px(a)renesas.com> Signed-off-by: Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> Reviewed-by: Geert Uytterhoeven <geert+renesas(a)glider.be> Link: https://lore.kernel.org/20250127173159.34572-1-prabhakar.mahadev-lad.rj@bp.… Signed-off-by: Geert Uytterhoeven <geert+renesas(a)glider.be> diff --git a/drivers/clk/renesas/r9a07g043-cpg.c b/drivers/clk/renesas/r9a07g043-cpg.c index c3c2b0c43983..fce2eecfa8c0 100644 --- a/drivers/clk/renesas/r9a07g043-cpg.c +++ b/drivers/clk/renesas/r9a07g043-cpg.c @@ -89,7 +89,9 @@ static const struct clk_div_table dtable_1_32[] = { /* Mux clock tables */ static const char * const sel_pll3_3[] = { ".pll3_533", ".pll3_400" }; +#ifdef CONFIG_ARM64 static const char * const sel_pll6_2[] = { ".pll6_250", ".pll5_250" }; +#endif static const char * const sel_sdhi[] = { ".clk_533", ".clk_400", ".clk_266" }; static const u32 mtable_sdhi[] = { 1, 2, 3 }; @@ -137,7 +139,12 @@ static const struct cpg_core_clk r9a07g043_core_clks[] __initconst = { DEF_DIV("P2", R9A07G043_CLK_P2, CLK_PLL3_DIV2_4_2, DIVPL3A, dtable_1_32), DEF_FIXED("M0", R9A07G043_CLK_M0, CLK_PLL3_DIV2_4, 1, 1), DEF_FIXED("ZT", R9A07G043_CLK_ZT, CLK_PLL3_DIV2_4_2, 1, 1), +#ifdef CONFIG_ARM64 DEF_MUX("HP", R9A07G043_CLK_HP, SEL_PLL6_2, sel_pll6_2), +#endif +#ifdef CONFIG_RISCV + DEF_FIXED("HP", R9A07G043_CLK_HP, CLK_PLL6_250, 1, 1), +#endif DEF_FIXED("SPI0", R9A07G043_CLK_SPI0, CLK_DIV_PLL3_C, 1, 2), DEF_FIXED("SPI1", R9A07G043_CLK_SPI1, CLK_DIV_PLL3_C, 1, 4), DEF_SD_MUX("SD0", R9A07G043_CLK_SD0, SEL_SDHI0, SEL_SDHI0_STS, sel_sdhi,

7 months, 3 weeks

1
0
0 0

FAILED: patch "[PATCH] cifs: fix integer overflow in match_server()" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 2510859475d7f46ed7940db0853f3342bf1b65ee # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025041759-pristine-hungry-5acf@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 2510859475d7f46ed7940db0853f3342bf1b65ee Mon Sep 17 00:00:00 2001 From: Roman Smirnov <r.smirnov(a)omp.ru> Date: Mon, 31 Mar 2025 11:22:49 +0300 Subject: [PATCH] cifs: fix integer overflow in match_server() The echo_interval is not limited in any way during mounting, which makes it possible to write a large number to it. This can cause an overflow when multiplying ctx->echo_interval by HZ in match_server(). Add constraints for echo_interval to smb3_fs_context_parse_param(). Found by Linux Verification Center (linuxtesting.org) with Svace. Fixes: adfeb3e00e8e1 ("cifs: Make echo interval tunable") Cc: stable(a)vger.kernel.org Signed-off-by: Roman Smirnov <r.smirnov(a)omp.ru> Signed-off-by: Steve French <stfrench(a)microsoft.com> diff --git a/fs/smb/client/fs_context.c b/fs/smb/client/fs_context.c index bdb762d398af..9c3ded0cf006 100644 --- a/fs/smb/client/fs_context.c +++ b/fs/smb/client/fs_context.c @@ -1383,6 +1383,11 @@ static int smb3_fs_context_parse_param(struct fs_context *fc, ctx->closetimeo = HZ * result.uint_32; break; case Opt_echo_interval: + if (result.uint_32 < SMB_ECHO_INTERVAL_MIN || + result.uint_32 > SMB_ECHO_INTERVAL_MAX) { + cifs_errorf(fc, "echo interval is out of bounds\n"); + goto cifs_parse_mount_err; + } ctx->echo_interval = result.uint_32; break; case Opt_snapshot:

7 months, 3 weeks

1
0
0 0

FAILED: patch "[PATCH] cifs: avoid NULL pointer dereference in dbg call" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x b4885bd5935bb26f0a414ad55679a372e53f9b9b # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025041739-swivel-handball-0839@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From b4885bd5935bb26f0a414ad55679a372e53f9b9b Mon Sep 17 00:00:00 2001 From: Alexandra Diupina <adiupina(a)astralinux.ru> Date: Wed, 19 Mar 2025 17:28:58 +0300 Subject: [PATCH] cifs: avoid NULL pointer dereference in dbg call cifs_server_dbg() implies server to be non-NULL so move call under condition to avoid NULL pointer dereference. Found by Linux Verification Center (linuxtesting.org) with SVACE. Fixes: e79b0332ae06 ("cifs: ignore cached share root handle closing errors") Cc: stable(a)vger.kernel.org Signed-off-by: Alexandra Diupina <adiupina(a)astralinux.ru> Signed-off-by: Steve French <stfrench(a)microsoft.com> diff --git a/fs/smb/client/smb2misc.c b/fs/smb/client/smb2misc.c index f3c4b70b77b9..cddf273c14ae 100644 --- a/fs/smb/client/smb2misc.c +++ b/fs/smb/client/smb2misc.c @@ -816,11 +816,12 @@ smb2_handle_cancelled_close(struct cifs_tcon *tcon, __u64 persistent_fid, WARN_ONCE(tcon->tc_count < 0, "tcon refcount is negative"); spin_unlock(&cifs_tcp_ses_lock); - if (tcon->ses) + if (tcon->ses) { server = tcon->ses->server; - - cifs_server_dbg(FYI, "tid=0x%x: tcon is closing, skipping async close retry of fid %llu %llu\n", - tcon->tid, persistent_fid, volatile_fid); + cifs_server_dbg(FYI, + "tid=0x%x: tcon is closing, skipping async close retry of fid %llu %llu\n", + tcon->tid, persistent_fid, volatile_fid); + } return 0; }

7 months, 3 weeks

1
0
0 0

FAILED: patch "[PATCH] cifs: avoid NULL pointer dereference in dbg call" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x b4885bd5935bb26f0a414ad55679a372e53f9b9b # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025041739-rumor-retention-833e@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From b4885bd5935bb26f0a414ad55679a372e53f9b9b Mon Sep 17 00:00:00 2001 From: Alexandra Diupina <adiupina(a)astralinux.ru> Date: Wed, 19 Mar 2025 17:28:58 +0300 Subject: [PATCH] cifs: avoid NULL pointer dereference in dbg call cifs_server_dbg() implies server to be non-NULL so move call under condition to avoid NULL pointer dereference. Found by Linux Verification Center (linuxtesting.org) with SVACE. Fixes: e79b0332ae06 ("cifs: ignore cached share root handle closing errors") Cc: stable(a)vger.kernel.org Signed-off-by: Alexandra Diupina <adiupina(a)astralinux.ru> Signed-off-by: Steve French <stfrench(a)microsoft.com> diff --git a/fs/smb/client/smb2misc.c b/fs/smb/client/smb2misc.c index f3c4b70b77b9..cddf273c14ae 100644 --- a/fs/smb/client/smb2misc.c +++ b/fs/smb/client/smb2misc.c @@ -816,11 +816,12 @@ smb2_handle_cancelled_close(struct cifs_tcon *tcon, __u64 persistent_fid, WARN_ONCE(tcon->tc_count < 0, "tcon refcount is negative"); spin_unlock(&cifs_tcp_ses_lock); - if (tcon->ses) + if (tcon->ses) { server = tcon->ses->server; - - cifs_server_dbg(FYI, "tid=0x%x: tcon is closing, skipping async close retry of fid %llu %llu\n", - tcon->tid, persistent_fid, volatile_fid); + cifs_server_dbg(FYI, + "tid=0x%x: tcon is closing, skipping async close retry of fid %llu %llu\n", + tcon->tid, persistent_fid, volatile_fid); + } return 0; }

7 months, 3 weeks

1
0
0 0

[PATCH vulns] scripts: Correct kernel tree variable name

by He Zhe

Signed-off-by: He Zhe <zhe.he(a)windriver.com> --- scripts/cve_create | 2 +- scripts/cve_create_batch | 2 +- scripts/cve_search | 2 +- scripts/cvelistV5_check | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/cve_create b/scripts/cve_create index dee842d43..eed7b45b2 100755 --- a/scripts/cve_create +++ b/scripts/cve_create @@ -24,7 +24,7 @@ KERNEL_TREE=${CVEKERNELTREE} if [ ! -d ${KERNEL_TREE} ]; then - echo "CVEERNELTREE needs setting to the stable repo directory" + echo "CVEKERNELTREE needs setting to the stable repo directory" echo "Either manually export it or add it to your .bashrc/.zshrc et al." echo "See HOWTO in the root of this repo" exit 1 diff --git a/scripts/cve_create_batch b/scripts/cve_create_batch index 00c7e89f8..28e98b836 100755 --- a/scripts/cve_create_batch +++ b/scripts/cve_create_batch @@ -27,7 +27,7 @@ fi KERNEL_TREE=${CVEKERNELTREE} if [ ! -d ${KERNEL_TREE} ]; then - echo "CVEERNELTREE needs setting to the stable repo directory" + echo "CVEKERNELTREE needs setting to the stable repo directory" echo "Either manually export it or add it to your .bashrc/.zshrc et al." echo "See HOWTO in the root of this repo" exit 1 diff --git a/scripts/cve_search b/scripts/cve_search index cd90a1599..cb0730c63 100755 --- a/scripts/cve_search +++ b/scripts/cve_search @@ -18,7 +18,7 @@ KERNEL_TREE=${CVEKERNELTREE} if [ ! -d "${KERNEL_TREE}" ]; then - echo "CVEERNELTREE needs setting to the stable repo directory" + echo "CVEKERNELTREE needs setting to the stable repo directory" echo "Either manually export it or add it to your .bashrc/.zshrc et al." echo "See HOWTO in the root of this repo" exit 1 diff --git a/scripts/cvelistV5_check b/scripts/cvelistV5_check index 5eb41cea1..8a3bd71d3 100755 --- a/scripts/cvelistV5_check +++ b/scripts/cvelistV5_check @@ -45,7 +45,7 @@ fi KERNEL_TREE=${CVEKERNELTREE} if [ ! -d ${KERNEL_TREE} ]; then - echo "CVEERNELTREE needs setting to the stable repo directory" + echo "CVEKERNELTREE needs setting to the stable repo directory" echo "Either manually export it or add it to your .bashrc/.zshrc et al." echo "See HOWTO in the root of this repo" exit 1 -- 2.34.1

7 months, 3 weeks

2
1
0 0

[PATCH vulns 1/2] CVE-2024-36912: Fix affected versions

by He Zhe

Link: https://lore.kernel.org/stable/SN6PR02MB415791F29F01716CCB1A23FAD4B72@SN6PR… Signed-off-by: He Zhe <zhe.he(a)windriver.com> --- cve/published/2024/CVE-2024-36912.vulnerable | 1 + 1 file changed, 1 insertion(+) create mode 100644 cve/published/2024/CVE-2024-36912.vulnerable diff --git a/cve/published/2024/CVE-2024-36912.vulnerable b/cve/published/2024/CVE-2024-36912.vulnerable new file mode 100644 index 000000000..ffedf3da8 --- /dev/null +++ b/cve/published/2024/CVE-2024-36912.vulnerable @@ -0,0 +1 @@ +d4dccf353db80e209f262e3973c834e6e48ba9a9 -- 2.34.1

7 months, 3 weeks

2
3
0 0

[tip: perf/core] perf/x86/intel: Don't clear perf metrics overflow bit unconditionally

by tip-bot2 for Dapeng Mi

The following commit has been merged into the perf/core branch of tip: Commit-ID: a5f5e1238f4ff919816f69e77d2537a48911767b Gitweb: https://git.kernel.org/tip/a5f5e1238f4ff919816f69e77d2537a48911767b Author: Dapeng Mi <dapeng1.mi(a)linux.intel.com> AuthorDate: Tue, 15 Apr 2025 10:41:34 Committer: Ingo Molnar <mingo(a)kernel.org> CommitterDate: Thu, 17 Apr 2025 14:19:07 +02:00 perf/x86/intel: Don't clear perf metrics overflow bit unconditionally The below code would always unconditionally clear other status bits like perf metrics overflow bit once PEBS buffer overflows: status &= intel_ctrl | GLOBAL_STATUS_TRACE_TOPAPMI; This is incorrect. Perf metrics overflow bit should be cleared only when fixed counter 3 in PEBS counter group. Otherwise perf metrics overflow could be missed to handle. Closes: https://lore.kernel.org/all/20250225110012.GK31462@noisy.programming.kicks-… Fixes: 7b2c05a15d29 ("perf/x86/intel: Generic support for hardware TopDown metrics") Signed-off-by: Dapeng Mi <dapeng1.mi(a)linux.intel.com> Signed-off-by: Peter Zijlstra (Intel) <peterz(a)infradead.org> Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Reviewed-by: Kan Liang <kan.liang(a)linux.intel.com> Cc: stable(a)vger.kernel.org Link: https://lore.kernel.org/r/20250415104135.318169-1-dapeng1.mi@linux.intel.com --- arch/x86/events/intel/core.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/arch/x86/events/intel/core.c b/arch/x86/events/intel/core.c index 09d2d66..2b70a3a 100644 --- a/arch/x86/events/intel/core.c +++ b/arch/x86/events/intel/core.c @@ -3049,7 +3049,6 @@ static int handle_pmi_common(struct pt_regs *regs, u64 status) struct cpu_hw_events *cpuc = this_cpu_ptr(&cpu_hw_events); int bit; int handled = 0; - u64 intel_ctrl = hybrid(cpuc->pmu, intel_ctrl); inc_irq_stat(apic_perf_irqs); @@ -3093,7 +3092,6 @@ static int handle_pmi_common(struct pt_regs *regs, u64 status) handled++; x86_pmu_handle_guest_pebs(regs, &data); static_call(x86_pmu_drain_pebs)(regs, &data); - status &= intel_ctrl | GLOBAL_STATUS_TRACE_TOPAPMI; /* * PMI throttle may be triggered, which stops the PEBS event. @@ -3104,6 +3102,15 @@ static int handle_pmi_common(struct pt_regs *regs, u64 status) */ if (pebs_enabled != cpuc->pebs_enabled) wrmsrl(MSR_IA32_PEBS_ENABLE, cpuc->pebs_enabled); + + /* + * Above PEBS handler (PEBS counters snapshotting) has updated fixed + * counter 3 and perf metrics counts if they are in counter group, + * unnecessary to update again. + */ + if (cpuc->events[INTEL_PMC_IDX_FIXED_SLOTS] && + is_pebs_counter_event_group(cpuc->events[INTEL_PMC_IDX_FIXED_SLOTS])) + status &= ~GLOBAL_STATUS_PERF_METRICS_OVF_BIT; } /* @@ -3123,6 +3130,8 @@ static int handle_pmi_common(struct pt_regs *regs, u64 status) static_call(intel_pmu_update_topdown_event)(NULL, NULL); } + status &= hybrid(cpuc->pmu, intel_ctrl); + /* * Checkpointed counters can lead to 'spurious' PMIs because the * rollback caused by the PMI will have cleared the overflow status

7 months, 3 weeks

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror April 2025