May 2025 - Linux-stable-mirror

Please apply to v6.14.x commit 6eab70345799 ("ASoC: soc-core: Stop using of_property_read_bool() for non-boolean properties")

by LEROY Christophe

Hi, Could you please apply commit 6eab70345799 ("ASoC: soc-core: Stop using of_property_read_bool() for non-boolean properties") to v6.14.x in order to silence warnings introduced in v6.14 by commit c141ecc3cecd ("of: Warn when of_property_read_bool() is used on non-boolean properties") Thanks Christophe

4 weeks, 1 day

3
4
0 0

[GIT PULL] bcachefs fixes for 6.14.y

by Kent Overstreet

The following changes since commit 02a22be3c0003af08df510cba3d79d00c6495b74: bcachefs: bch2_ioctl_subvolume_destroy() fixes (2025-04-03 16:13:53 -0400) are available in the Git repository at: git://evilpiepirate.org/bcachefs.git tags/bcachefs-for-6.14-2025-05-02 for you to fetch changes up to 52b17bca7b20663e5df6dbfc24cc2030259b64b6: bcachefs: Remove incorrect __counted_by annotation (2025-05-02 21:09:51 -0400) ---------------------------------------------------------------- bcachefs fixes for 6.15 remove incorrect counted_by annotation, fixing FORTIFY_SOURCE crashes that have been hitting arch users ---------------------------------------------------------------- Alan Huang (1): bcachefs: Remove incorrect __counted_by annotation fs/bcachefs/xattr_format.h | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-)

4 weeks, 1 day

2
6
0 0

[6.12.y] WARNING: CPU: 0 PID: 681 at block/blk-mq-cpumap.c:90 blk_mq_map_hw_queues+0xcf/0xe0

by Wang Yugui

Hi, I noticed a WARNING in recent 6.12.y kernel. This WARNING happen on 6.12.26/6.12.25, but not happen on 6.12.20. More bisect job need to be done, but reporti it firstly. [ 13.288365] ------------[ cut here ]------------ [ 13.288366] WARNING: CPU: 0 PID: 681 at block/blk-mq-cpumap.c:90 blk_mq_map_hw_queues+0xcf/0xe0 void blk_mq_map_hw_queues(struct blk_mq_queue_map *qmap, struct device *dev, unsigned int offset) { ... ... fallback: L90： WARN_ON_ONCE(qmap->nr_queues > 1); blk_mq_clear_mq_map(qmap); } [ 13.288373] Modules linked in: ahci(+) mlxfw libahci pci_hyperv_intf bnx2x(+) i40e(+) mpi3mr(+) psample bnxt_en(+) libata mgag200(+) tls megaraid_sas(+) crc32c_intel scsi_transport_sas mdio libie i2c_algo_bit wmi dm_mirror dm_region_hash dm_log dm_mod [ 13.288386] CPU: 0 UID: 0 PID: 681 Comm: kworker/0:2 Not tainted 6.12.26-1.el7.x86_64 #1 [ 13.288388] Hardware name: Dell Inc. PowerEdge T640/0TWW5Y, BIOS 2.22.1 09/12/2024 [ 13.288390] Workqueue: events work_for_cpu_fn [ 13.288394] RIP: 0010:blk_mq_map_hw_queues+0xcf/0xe0 [ 13.288396] Code: 8b 35 85 e4 9a 02 48 63 d0 48 c7 c7 e0 e5 78 94 e8 26 0b 07 00 39 05 70 e4 9a 02 77 d3 5b 5d 41 5c 41 5d 41 5e c3 cc cc cc cc <0f> 0b eb d2 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 13.288398] RSP: 0018:ffffc0e11b83bd38 EFLAGS: 00010212 [ 13.288400] RAX: 0000000000000000 RBX: ffffa0804ad58000 RCX: 0000000000000050 [ 13.288402] RDX: 0000000000000050 RSI: ffffa07f8f24d0c8 RDI: ffffa0804ad580e8 [ 13.288403] RBP: ffffa0804ad580e0 R08: 000000000000004f R09: 0000000000000000 [ 13.288404] R10: ffffc0e11b83bd78 R11: ffffa07f9039da00 R12: 0000000000000000 [ 13.288405] R13: 0000000000000001 R14: ffffa0804ad580e8 R15: 0000000000000000 [ 13.288406] FS: 0000000000000000(0000) GS:ffffa0dd3fe00000(0000) knlGS:0000000000000000 [ 13.288407] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 13.288408] CR2: 00007f1f3226ba20 CR3: 00000002f9780005 CR4: 00000000007706f0 [ 13.288409] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 13.288410] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 13.288411] PKRU: 55555554 [ 13.288412] Call Trace: [ 13.288413] <TASK> [ 13.288415] megasas_map_queues+0x49/0x90 [megaraid_sas] [ 13.288431] blk_mq_alloc_tag_set+0x150/0x3b0 [ 13.288436] scsi_add_host_with_dma+0xd0/0x350 [ 13.288440] megasas_io_attach+0x15c/0x220 [megaraid_sas] [ 13.288456] megasas_probe_one+0x1cb/0x570 [megaraid_sas] [ 13.288468] local_pci_probe+0x47/0xa0 [ 13.288474] work_for_cpu_fn+0x17/0x30 [ 13.288475] process_one_work+0x179/0x3a0 [ 13.288480] worker_thread+0x24b/0x350 [ 13.288483] ? __pfx_worker_thread+0x10/0x10 [ 13.288485] kthread+0xde/0x110 [ 13.288489] ? __pfx_kthread+0x10/0x10 [ 13.288491] ret_from_fork+0x31/0x50 [ 13.288494] ? __pfx_kthread+0x10/0x10 [ 13.288496] ret_from_fork_asm+0x1a/0x30 [ 13.288502] </TASK> [ 13.288502] ---[ end trace 0000000000000000 ]--- Best Regards Wang Yugui (wangyugui(a)e16-tech.com) 2025/05/03

4 weeks, 1 day

6
9
0 0

[GIT PULL] bcachefs fixes for 6.12.y

by Kent Overstreet

The following changes since commit 1a7a2300e0dd8b4a73bcd3777a2947fe42a16bef: bcachefs: bch2_ioctl_subvolume_destroy() fixes (2025-03-31 13:16:15 -0400) are available in the Git repository at: git://evilpiepirate.org/bcachefs.git tags/bcachefs-for-6.12-2025-05-5 for you to fetch changes up to 3f105630c0b2e53a93713c2328e3426081f961c1: bcachefs: Remove incorrect __counted_by annotation (2025-05-05 09:41:26 -0400) ---------------------------------------------------------------- bcachefs fixes for 6.12 remove incorrect counted_by annotation, fixing FORTIFY_SOURCE crashes that have been hitting arch users ---------------------------------------------------------------- Alan Huang (1): bcachefs: Remove incorrect __counted_by annotation fs/bcachefs/xattr_format.h | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-)

4 weeks, 1 day

1
0
0 0

[tip: timers/urgent] clocksource/i8253: Use raw_spinlock_irqsave() in clockevent_i8253_disable()

by tip-bot2 for Sebastian Andrzej Siewior

The following commit has been merged into the timers/urgent branch of tip: Commit-ID: 94cff94634e506a4a44684bee1875d2dbf782722 Gitweb: https://git.kernel.org/tip/94cff94634e506a4a44684bee1875d2dbf782722 Author: Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> AuthorDate: Fri, 04 Apr 2025 15:31:16 +02:00 Committer: Thomas Gleixner <tglx(a)linutronix.de> CommitterDate: Mon, 05 May 2025 15:34:49 +02:00 clocksource/i8253: Use raw_spinlock_irqsave() in clockevent_i8253_disable() On x86 during boot, clockevent_i8253_disable() can be invoked via x86_late_time_init -> hpet_time_init() -> pit_timer_init() which happens with enabled interrupts. If some of the old i8253 hardware is actually used then lockdep will notice that i8253_lock is used in hard interrupt context. This causes lockdep to complain because it observed the lock being acquired with interrupts enabled and in hard interrupt context. Make clockevent_i8253_disable() acquire the lock with raw_spinlock_irqsave() to cure this. [ tglx: Massage change log and use guard() ] Fixes: c8c4076723dac ("x86/timer: Skip PIT initialization on modern chipsets") Signed-off-by: Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Cc: stable(a)vger.kernel.org Link: https://lore.kernel.org/all/20250404133116.p-XRWJXf@linutronix.de --- drivers/clocksource/i8253.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/drivers/clocksource/i8253.c b/drivers/clocksource/i8253.c index 39f7c2d..b603c25 100644 --- a/drivers/clocksource/i8253.c +++ b/drivers/clocksource/i8253.c @@ -103,7 +103,7 @@ int __init clocksource_i8253_init(void) #ifdef CONFIG_CLKEVT_I8253 void clockevent_i8253_disable(void) { - raw_spin_lock(&i8253_lock); + guard(raw_spinlock_irqsave)(&i8253_lock); /* * Writing the MODE register should stop the counter, according to @@ -132,8 +132,6 @@ void clockevent_i8253_disable(void) outb_p(0, PIT_CH0); outb_p(0x30, PIT_MODE); - - raw_spin_unlock(&i8253_lock); } static int pit_shutdown(struct clock_event_device *evt)

4 weeks, 1 day

1
0
0 0

FAILED: patch "[PATCH] ASoC: soc-core: Stop using of_property_read_bool() for" failed to apply to 6.6-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.6-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y git checkout FETCH_HEAD git cherry-pick -x 6eab70345799 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025050546-commute-subduing-1917@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 6eab7034579917f207ca6d8e3f4e11e85e0ab7d5 Mon Sep 17 00:00:00 2001 From: Geert Uytterhoeven <geert+renesas(a)glider.be> Date: Wed, 22 Jan 2025 09:21:27 +0100 Subject: [PATCH] ASoC: soc-core: Stop using of_property_read_bool() for non-boolean properties On R-Car: OF: /sound: Read of boolean property 'simple-audio-card,bitclock-master' with a value. OF: /sound: Read of boolean property 'simple-audio-card,frame-master' with a value. or: OF: /soc/sound@ec500000/ports/port@0/endpoint: Read of boolean property 'bitclock-master' with a value. OF: /soc/sound@ec500000/ports/port@0/endpoint: Read of boolean property 'frame-master' with a value. The use of of_property_read_bool() for non-boolean properties is deprecated in favor of of_property_present() when testing for property presence. Replace testing for presence before calling of_property_read_u32() by testing for an -EINVAL return value from the latter, to simplify the code. Signed-off-by: Geert Uytterhoeven <geert+renesas(a)glider.be> Link: https://patch.msgid.link/db10e96fbda121e7456d70e97a013cbfc9755f4d.173753395… Signed-off-by: Mark Brown <broonie(a)kernel.org> diff --git a/sound/soc/soc-core.c b/sound/soc/soc-core.c index 3c6d8aef4130..26b34b688508 100644 --- a/sound/soc/soc-core.c +++ b/sound/soc/soc-core.c @@ -3046,7 +3046,7 @@ int snd_soc_of_parse_pin_switches(struct snd_soc_card *card, const char *prop) unsigned int i, nb_controls; int ret; - if (!of_property_read_bool(dev->of_node, prop)) + if (!of_property_present(dev->of_node, prop)) return 0; strings = devm_kcalloc(dev, nb_controls_max, @@ -3120,23 +3120,17 @@ int snd_soc_of_parse_tdm_slot(struct device_node *np, if (rx_mask) snd_soc_of_get_slot_mask(np, "dai-tdm-slot-rx-mask", rx_mask); - if (of_property_read_bool(np, "dai-tdm-slot-num")) { - ret = of_property_read_u32(np, "dai-tdm-slot-num", &val); - if (ret) - return ret; + ret = of_property_read_u32(np, "dai-tdm-slot-num", &val); + if (ret && ret != -EINVAL) + return ret; + if (!ret && slots) + *slots = val; - if (slots) - *slots = val; - } - - if (of_property_read_bool(np, "dai-tdm-slot-width")) { - ret = of_property_read_u32(np, "dai-tdm-slot-width", &val); - if (ret) - return ret; - - if (slot_width) - *slot_width = val; - } + ret = of_property_read_u32(np, "dai-tdm-slot-width", &val); + if (ret && ret != -EINVAL) + return ret; + if (!ret && slot_width) + *slot_width = val; return 0; } @@ -3403,12 +3397,12 @@ unsigned int snd_soc_daifmt_parse_clock_provider_raw(struct device_node *np, * check "[prefix]frame-master" */ snprintf(prop, sizeof(prop), "%sbitclock-master", prefix); - bit = of_property_read_bool(np, prop); + bit = of_property_present(np, prop); if (bit && bitclkmaster) *bitclkmaster = of_parse_phandle(np, prop, 0); snprintf(prop, sizeof(prop), "%sframe-master", prefix); - frame = of_property_read_bool(np, prop); + frame = of_property_present(np, prop); if (frame && framemaster) *framemaster = of_parse_phandle(np, prop, 0);

4 weeks, 1 day

1
0
0 0

[PATCH 2/2] xhci: dbc: Avoid event polling busyloop if pending rx transfers are inactive.

by Mathias Nyman

Event polling delay is set to 0 if there are any pending requests in either rx or tx requests lists. Checking for pending requests does not work well for "IN" transfers as the tty driver always queues requests to the list and TRBs to the ring, preparing to receive data from the host. This causes unnecessary busylooping and cpu hogging. Only set the event polling delay to 0 if there are pending tx "write" transfers, or if it was less than 10ms since last active data transfer in any direction. Cc: Łukasz Bartosik <ukaszb(a)chromium.org> Fixes: fb18e5bb9660 ("xhci: dbc: poll at different rate depending on data transfer activity") Cc: stable(a)vger.kernel.org Signed-off-by: Mathias Nyman <mathias.nyman(a)linux.intel.com> --- drivers/usb/host/xhci-dbgcap.c | 19 ++++++++++++++++--- drivers/usb/host/xhci-dbgcap.h | 3 +++ 2 files changed, 19 insertions(+), 3 deletions(-) diff --git a/drivers/usb/host/xhci-dbgcap.c b/drivers/usb/host/xhci-dbgcap.c index fd7895b24367..0d4ce5734165 100644 --- a/drivers/usb/host/xhci-dbgcap.c +++ b/drivers/usb/host/xhci-dbgcap.c @@ -823,6 +823,7 @@ static enum evtreturn xhci_dbc_do_handle_events(struct xhci_dbc *dbc) { dma_addr_t deq; union xhci_trb *evt; + enum evtreturn ret = EVT_DONE; u32 ctrl, portsc; bool update_erdp = false; @@ -909,6 +910,7 @@ static enum evtreturn xhci_dbc_do_handle_events(struct xhci_dbc *dbc) break; case TRB_TYPE(TRB_TRANSFER): dbc_handle_xfer_event(dbc, evt); + ret = EVT_XFER_DONE; break; default: break; @@ -927,7 +929,7 @@ static enum evtreturn xhci_dbc_do_handle_events(struct xhci_dbc *dbc) lo_hi_writeq(deq, &dbc->regs->erdp); } - return EVT_DONE; + return ret; } static void xhci_dbc_handle_events(struct work_struct *work) @@ -936,6 +938,7 @@ static void xhci_dbc_handle_events(struct work_struct *work) struct xhci_dbc *dbc; unsigned long flags; unsigned int poll_interval; + unsigned long busypoll_timelimit; dbc = container_of(to_delayed_work(work), struct xhci_dbc, event_work); poll_interval = dbc->poll_interval; @@ -954,11 +957,21 @@ static void xhci_dbc_handle_events(struct work_struct *work) dbc->driver->disconnect(dbc); break; case EVT_DONE: - /* set fast poll rate if there are pending data transfers */ + /* + * Set fast poll rate if there are pending out transfers, or + * a transfer was recently processed + */ + busypoll_timelimit = dbc->xfer_timestamp + + msecs_to_jiffies(DBC_XFER_INACTIVITY_TIMEOUT); + if (!list_empty(&dbc->eps[BULK_OUT].list_pending) || - !list_empty(&dbc->eps[BULK_IN].list_pending)) + time_is_after_jiffies(busypoll_timelimit)) poll_interval = 0; break; + case EVT_XFER_DONE: + dbc->xfer_timestamp = jiffies; + poll_interval = 0; + break; default: dev_info(dbc->dev, "stop handling dbc events\n"); return; diff --git a/drivers/usb/host/xhci-dbgcap.h b/drivers/usb/host/xhci-dbgcap.h index 9dc8f4d8077c..47ac72c2286d 100644 --- a/drivers/usb/host/xhci-dbgcap.h +++ b/drivers/usb/host/xhci-dbgcap.h @@ -96,6 +96,7 @@ struct dbc_ep { #define DBC_WRITE_BUF_SIZE 8192 #define DBC_POLL_INTERVAL_DEFAULT 64 /* milliseconds */ #define DBC_POLL_INTERVAL_MAX 5000 /* milliseconds */ +#define DBC_XFER_INACTIVITY_TIMEOUT 10 /* milliseconds */ /* * Private structure for DbC hardware state: */ @@ -142,6 +143,7 @@ struct xhci_dbc { enum dbc_state state; struct delayed_work event_work; unsigned int poll_interval; /* ms */ + unsigned long xfer_timestamp; unsigned resume_required:1; struct dbc_ep eps[2]; @@ -187,6 +189,7 @@ struct dbc_request { enum evtreturn { EVT_ERR = -1, EVT_DONE, + EVT_XFER_DONE, EVT_GSER, EVT_DISC, }; -- 2.43.0

4 weeks, 1 day

1
0
0 0

[PATCH] arm64: dts: amlogic: dreambox: fix missing clkc_audio node

by Christian Hewitt

Add the clkc_audio node to fix audio support on Dreambox One/Two. Fixes: 83a6f4c62cb1 ("arm64: dts: meson: add initial support for Dreambox One/Two") CC: <stable(a)vger.kernel.org> Suggested-by: Emanuel Strobel <emanuel.strobel(a)yahoo.com> Signed-off-by: Christian Hewitt <christianshewitt(a)gmail.com> --- arch/arm64/boot/dts/amlogic/meson-g12b-dreambox.dtsi | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/arch/arm64/boot/dts/amlogic/meson-g12b-dreambox.dtsi b/arch/arm64/boot/dts/amlogic/meson-g12b-dreambox.dtsi index de35fa2d7a6d..8e3e3354ed67 100644 --- a/arch/arm64/boot/dts/amlogic/meson-g12b-dreambox.dtsi +++ b/arch/arm64/boot/dts/amlogic/meson-g12b-dreambox.dtsi @@ -116,6 +116,10 @@ &arb { status = "okay"; }; +&clkc_audio { + status = "okay"; +}; + &frddr_a { status = "okay"; }; -- 2.34.1

4 weeks, 1 day

3
2
0 0

[PATCH 6.14.y] btrfs: fix the inode leak in btrfs_iget()

by Penglei Jiang

[BUG] There is a bug report that a syzbot reproducer can lead to the following busy inode at unmount time: BTRFS info (device loop1): last unmount of filesystem 1680000e-3c1e-4c46-84b6-56bd3909af50 VFS: Busy inodes after unmount of loop1 (btrfs) ------------[ cut here ]------------ kernel BUG at fs/super.c:650! Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI CPU: 0 UID: 0 PID: 48168 Comm: syz-executor Not tainted 6.15.0-rc2-00471-g119009db2674 #2 PREEMPT(full) Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 RIP: 0010:generic_shutdown_super+0x2e9/0x390 fs/super.c:650 Call Trace: <TASK> kill_anon_super+0x3a/0x60 fs/super.c:1237 btrfs_kill_super+0x3b/0x50 fs/btrfs/super.c:2099 deactivate_locked_super+0xbe/0x1a0 fs/super.c:473 deactivate_super fs/super.c:506 [inline] deactivate_super+0xe2/0x100 fs/super.c:502 cleanup_mnt+0x21f/0x440 fs/namespace.c:1435 task_work_run+0x14d/0x240 kernel/task_work.c:227 resume_user_mode_work include/linux/resume_user_mode.h:50 [inline] exit_to_user_mode_loop kernel/entry/common.c:114 [inline] exit_to_user_mode_prepare include/linux/entry-common.h:329 [inline] __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline] syscall_exit_to_user_mode+0x269/0x290 kernel/entry/common.c:218 do_syscall_64+0xd4/0x250 arch/x86/entry/syscall_64.c:100 entry_SYSCALL_64_after_hwframe+0x77/0x7f </TASK> [CAUSE] When btrfs_alloc_path() failed, btrfs_iget() directly returned without releasing the inode already allocated by btrfs_iget_locked(). This results the above busy inode and trigger the kernel BUG. [FIX] Fix it by calling iget_failed() if btrfs_alloc_path() failed. If we hit error inside btrfs_read_locked_inode(), it will properly call iget_failed(), so nothing to worry about. Although the iget_failed() cleanup inside btrfs_read_locked_inode() is a break of the normal error handling scheme, let's fix the obvious bug and backport first, then rework the error handling later. Reported-by: Penglei Jiang <superman.xpt(a)gmail.com> Link: https://lore.kernel.org/linux-btrfs/20250421102425.44431-1-superman.xpt@gma… Fixes: 7c855e16ab72 ("btrfs: remove conditional path allocation in btrfs_read_locked_inode()") CC: stable(a)vger.kernel.org # 6.13+ Reviewed-by: Qu Wenruo <wqu(a)suse.com> Signed-off-by: Penglei Jiang <superman.xpt(a)gmail.com> Signed-off-by: David Sterba <dsterba(a)suse.com> (cherry picked from commit 48c1d1bb525b1c44b8bdc8e7ec5629cb6c2b9fc4) --- fs/btrfs/inode.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/fs/btrfs/inode.c b/fs/btrfs/inode.c index 38756f8cef46..ad7009d336fa 100644 --- a/fs/btrfs/inode.c +++ b/fs/btrfs/inode.c @@ -5659,8 +5659,10 @@ struct inode *btrfs_iget(u64 ino, struct btrfs_root *root) return inode; path = btrfs_alloc_path(); - if (!path) + if (!path) { + iget_failed(&inode->vfs_inode); return ERR_PTR(-ENOMEM); + } ret = btrfs_read_locked_inode(inode, path); btrfs_free_path(path); -- 2.17.1

4 weeks, 1 day

1
0
0 0

[PATCH v2 rc] iommu: Skip PASID validation for devices without PASID capability

by Tushar Dave

Generally PASID support requires ACS settings that usually create single device groups, but there are some niche cases where we can get multi-device groups and still have working PASID support. The primary issue is that PCI switches are not required to treat PASID tagged TLPs specially so appropriate ACS settings are required to route all TLPs to the host bridge if PASID is going to work properly. pci_enable_pasid() does check that each device that will use PASID has the proper ACS settings to achieve this routing. However, no-PASID devices can be combined with PASID capable devices within the same topology using non-uniform ACS settings. In this case the no-PASID devices may not have strict route to host ACS flags and end up being grouped with the PASID devices. This configuration fails to allow use of the PASID within the iommu core code which wrongly checks if the no-PASID device supports PASID. Fix this by ignoring no-PASID devices during the PASID validation. They will never issue a PASID TLP anyhow so they can be ignored. Fixes: c404f55c26fc ("iommu: Validate the PASID in iommu_attach_device_pasid()") Cc: stable(a)vger.kernel.org Signed-off-by: Tushar Dave <tdave(a)nvidia.com> --- changes in v2: - added no-pasid check in __iommu_set_group_pasid and __iommu_remove_group_pasid drivers/iommu/iommu.c | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c index 60aed01e54f2..8251b07f4022 100644 --- a/drivers/iommu/iommu.c +++ b/drivers/iommu/iommu.c @@ -3329,8 +3329,9 @@ static int __iommu_set_group_pasid(struct iommu_domain *domain, int ret; for_each_group_device(group, device) { - ret = domain->ops->set_dev_pasid(domain, device->dev, - pasid, NULL); + if (device->dev->iommu->max_pasids > 0) + ret = domain->ops->set_dev_pasid(domain, device->dev, + pasid, NULL); if (ret) goto err_revert; } @@ -3342,7 +3343,8 @@ static int __iommu_set_group_pasid(struct iommu_domain *domain, for_each_group_device(group, device) { if (device == last_gdev) break; - iommu_remove_dev_pasid(device->dev, pasid, domain); + if (device->dev->iommu->max_pasids > 0) + iommu_remove_dev_pasid(device->dev, pasid, domain); } return ret; } @@ -3353,8 +3355,10 @@ static void __iommu_remove_group_pasid(struct iommu_group *group, { struct group_device *device; - for_each_group_device(group, device) - iommu_remove_dev_pasid(device->dev, pasid, domain); + for_each_group_device(group, device) { + if (device->dev->iommu->max_pasids > 0) + iommu_remove_dev_pasid(device->dev, pasid, domain); + } } /* @@ -3391,7 +3395,13 @@ int iommu_attach_device_pasid(struct iommu_domain *domain, mutex_lock(&group->mutex); for_each_group_device(group, device) { - if (pasid >= device->dev->iommu->max_pasids) { + /* + * Skip PASID validation for devices without PASID support + * (max_pasids = 0). These devices cannot issue transactions + * with PASID, so they don't affect group's PASID usage. + */ + if ((device->dev->iommu->max_pasids > 0) && + (pasid >= device->dev->iommu->max_pasids)) { ret = -EINVAL; goto out_unlock; } -- 2.34.1

4 weeks, 1 day

3
4
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror May 2025