June 2025 - Linux-stable-mirror

[PATCH v1 0/4] Fix uprobe pte be overwritten when expanding vma

by Pu Lehui

From: Pu Lehui <pulehui(a)huawei.com> patch 1: the mainly fix for uprobe pte be overwritten issue. patch 2: WARN_ON_ONCE for new_pte not NULL during move_ptes. patch 3: extract some utils function for upcomming selftest. patch 4: selftest related to this series. v1: - limit skip uprobe_mmap to copy_vma flow. - add related selftest. - correct Fixes tag. RFC v2: https://lore.kernel.org/all/20250527132351.2050820-1-pulehui@huaweicloud.co… - skip uprobe_mmap on expanded vma. - add skip_vma_uprobe field to struct vma_prepare and vma_merge_struct. (Lorenzo) - add WARN_ON_ONCE when new_pte is not NULL. (Oleg) - Corrected some of the comments. RFC v1: https://lore.kernel.org/all/20250521092503.3116340-1-pulehui@huaweicloud.co… Pu Lehui (4): mm: Fix uprobe pte be overwritten when expanding vma mm: Expose abnormal new_pte during move_ptes selftests/mm: Extract read_sysfs and write_sysfs into vm_util selftests/mm: Add test about uprobe pte be orphan during vma merge mm/mremap.c | 2 ++ mm/vma.c | 20 ++++++++++-- mm/vma.h | 7 +++++ tools/testing/selftests/mm/ksm_tests.c | 32 ++------------------ tools/testing/selftests/mm/merge.c | 42 ++++++++++++++++++++++++++ tools/testing/selftests/mm/thuge-gen.c | 6 ++-- tools/testing/selftests/mm/vm_util.c | 38 +++++++++++++++++++++++ tools/testing/selftests/mm/vm_util.h | 2 ++ 8 files changed, 113 insertions(+), 36 deletions(-) -- 2.34.1

2 minutes

6
15
0 0

Re: [PATCH v5] virtio_blk: Fix disk deletion hang on device surprise removal

by ALOK TIWARI

On 02-06-2025 08:14, Parav Pandit wrote: > When the PCI device is surprise removed, requests may not complete > the device as the VQ is marked as broken. Due to this, the disk > deletion hangs. > > Fix it by aborting the requests when the VQ is broken. > > With this fix now fio completes swiftly. > An alternative of IO timeout has been considered, however > when the driver knows about unresponsive block device, swiftly clearing > them enables users and upper layers to react quickly. > > Verified with multiple device unplug iterations with pending requests in > virtio used ring and some pending with the device. > > Fixes: 43bb40c5b926 ("virtio_pci: Support surprise removal of virtio pci device") > Cc:stable@vger.kernel.org > Reported-by: Li RongQing<lirongqing(a)baidu.com> > Closes:https://urldefense.com/v3/__https://lore.kernel.org/virtualization/ > c45dd68698cd47238c55fb73ca9b4741(a)baidu.com/__;!!ACWV5N9M2RV99hQ! > OKusQ3sGH7nkVTy9MUDtaIS17UDtjabP3Lby9jTBdT3Ur38XLl2_DOFo0eVzx_dNeh16lD3Ss6ItE9eG$ > Reviewed-by: Max Gurtovoy<mgurtovoy(a)nvidia.com> > Reviewed-by: Israel Rukshin<israelr(a)nvidia.com> > Signed-off-by: Parav Pandit<parav(a)nvidia.com> look good to me. Reviewed-by: Alok Tiwari <alok.a.tiwari(a)oracle.com> Thanks, Alok

11 minutes

1
0
0 0

[PATCH 5.4.y 0/1] Manual Backport of 099606a7b2d5 to 5.4

by Harshvardhan Jha

The patch 099606a7b2d5 didn't cleanly apply to 5.4 due to the significant difference in codebases. I've tried to manually bring it back to 5.4 via some minor conflict resolution but also invoking the newly introduced API using inverted logic as the conditionals present in 5.4 are the opposite of those in 6.1 xen/swiotlib. Harshvardhan Jha (1): xen/swiotlb: relax alignment requirements drivers/xen/swiotlb-xen.c | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) -- 2.47.1

25 minutes

1
1
0 0

[PATCH 5.10.y 0/1] Manual Backport of 099606a7b2d5 to 5.10

by Harshvardhan Jha

The patch 099606a7b2d5 didn't cleanly apply to 5.10 due to the significant difference in codebases. I've tried to manually bring it back to 5.10 via some minor conflict resolution but also invoking the newly introduced API using inverted logic as the conditionals present in 5.10 are the opposite of those in 6.1 xen/swiotlib. Harshvardhan Jha (1): xen/swiotlb: relax alignment requirements drivers/xen/swiotlb-xen.c | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) -- 2.47.1

25 minutes

1
1
0 0

[PATCH 5.10/5.15] perf/arm-cmn: Initialise cmn->cpu earlier

by Robin Murphy

commit 597704e201068db3d104de3c7a4d447ff8209127 upstream. For all the complexity of handling affinity for CPU hotplug, what we've apparently managed to overlook is that arm_cmn_init_irqs() has in fact always been setting the *initial* affinity of all IRQs to CPU 0, not the CPU we subsequently choose for event scheduling. Oh dear. Cc: stable(a)vger.kernel.org Fixes: 0ba64770a2f2 ("perf: Add Arm CMN-600 PMU driver") Signed-off-by: Robin Murphy <robin.murphy(a)arm.com> Reviewed-by: Ilkka Koskinen <ilkka(a)os.amperecomputing.com> Link: https://lore.kernel.org/r/b12fccba6b5b4d2674944f59e4daad91cd63420b.17470699… Signed-off-by: Will Deacon <will(a)kernel.org> [ backport past NUMA changes in 5.17 ] Signed-off-by: Robin Murphy <robin.murphy(a)arm.com> --- drivers/perf/arm-cmn.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/perf/arm-cmn.c b/drivers/perf/arm-cmn.c index e2a055ba0b7a..cabeff8c944b 100644 --- a/drivers/perf/arm-cmn.c +++ b/drivers/perf/arm-cmn.c @@ -1512,6 +1512,7 @@ static int arm_cmn_probe(struct platform_device *pdev) return -ENOMEM; cmn->dev = &pdev->dev; + cmn->cpu = raw_smp_processor_id(); platform_set_drvdata(pdev, cmn); if (has_acpi_companion(cmn->dev)) @@ -1533,7 +1534,6 @@ static int arm_cmn_probe(struct platform_device *pdev) if (err) return err; - cmn->cpu = raw_smp_processor_id(); cmn->pmu = (struct pmu) { .module = THIS_MODULE, .attr_groups = arm_cmn_attr_groups, -- 2.39.2.101.g768bb238c484.dirty

30 minutes

1
0
0 0

[PATCH] iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush

by Sean Nyekjaer

fxls8962af_fifo_flush() uses indio_dev->active_scan_mask (with iio_for_each_active_channel()) without making sure the indio_dev stays in buffer mode. There is a race if indio_dev exits buffer mode in the middle of the interrupt that flushes the fifo. Fix this by calling iio_device_claim_buffer_mode() to ensure indio_dev can't exit buffer mode during the flush. Unable to handle kernel NULL pointer dereference at virtual address 00000000 when read [...] _find_first_bit_le from fxls8962af_fifo_flush+0x17c/0x290 fxls8962af_fifo_flush from fxls8962af_interrupt+0x80/0x178 fxls8962af_interrupt from irq_thread_fn+0x1c/0x7c irq_thread_fn from irq_thread+0x110/0x1f4 irq_thread from kthread+0xe0/0xfc kthread from ret_from_fork+0x14/0x2c Fixes: 79e3a5bdd9ef ("iio: accel: fxls8962af: add hw buffered sampling") Cc: stable(a)vger.kernel.org Signed-off-by: Sean Nyekjaer <sean(a)geanix.com> --- drivers/iio/accel/fxls8962af-core.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/drivers/iio/accel/fxls8962af-core.c b/drivers/iio/accel/fxls8962af-core.c index 6d23da3e7aa22c61f2d9348bb91d70cc5719a732..7db83ebeea823173d79bf8ff484add16f575edfc 100644 --- a/drivers/iio/accel/fxls8962af-core.c +++ b/drivers/iio/accel/fxls8962af-core.c @@ -973,6 +973,9 @@ static int fxls8962af_fifo_flush(struct iio_dev *indio_dev) if (ret) return ret; + if (iio_device_claim_buffer_mode(indio_dev) < 0) + return 0; + /* Demux hw FIFO into kfifo. */ for (i = 0; i < count; i++) { int j, bit; @@ -989,6 +992,8 @@ static int fxls8962af_fifo_flush(struct iio_dev *indio_dev) tstamp += sample_period; } + iio_device_release_buffer_mode(indio_dev); + return count; } --- base-commit: 5c3fcb36c92443a9a037683626a2e43d8825f783 change-id: 20250524-fxlsrace-f4d20e29fb29 Best regards, -- Sean Nyekjaer <sean(a)geanix.com>

1 hour, 8 minutes

4
8
0 0

[PATCH v2 1/2] tty: Register device *after* creating the cdev for a tty

by Max Staudt

This change makes the tty device file available only after the tty's backing character device is ready. Since 6a7e6f78c235975cc14d4e141fa088afffe7062c, the class device is registered before the cdev is created, and userspace may pick it up, yet open() will fail because the backing cdev doesn't exist yet. Userspace is racing the bottom half of tty_register_device_attr() here, specifically the call to tty_cdev_add(). dev_set_uevent_suppress() was used to work around this, but this fails on embedded systems that rely on bare devtmpfs rather than udev. On such systems, the device file is created as part of device_add(), and userspace can pick it up via inotify, irrespective of uevent suppression. So let's undo the existing patch, and create the cdev first, and only afterwards register the class device in the kernel's device tree. However, this restores the original race of the cdev existing before the class device is registered, and an attempt to tty_[k]open() the chardev between these two steps will lead to tty->dev being assigned NULL by alloc_tty_struct(). This will be addressed in a second patch. Fixes: 6a7e6f78c235 ("tty: close race between device register and open") Signed-off-by: Max Staudt <max(a)enpas.org> Cc: <stable(a)vger.kernel.org> --- drivers/tty/tty_io.c | 54 +++++++++++++++++++++++++------------------- 1 file changed, 31 insertions(+), 23 deletions(-) diff --git a/drivers/tty/tty_io.c b/drivers/tty/tty_io.c index ca9b7d7bad2b..e922b84524d2 100644 --- a/drivers/tty/tty_io.c +++ b/drivers/tty/tty_io.c @@ -3245,6 +3245,7 @@ struct device *tty_register_device_attr(struct tty_driver *driver, struct ktermios *tp; struct device *dev; int retval; + bool cdev_added = false; if (index >= driver->num) { pr_err("%s: Attempt to register invalid tty line number (%d)\n", @@ -3257,24 +3258,6 @@ struct device *tty_register_device_attr(struct tty_driver *driver, else tty_line_name(driver, index, name); - dev = kzalloc(sizeof(*dev), GFP_KERNEL); - if (!dev) - return ERR_PTR(-ENOMEM); - - dev->devt = devt; - dev->class = &tty_class; - dev->parent = device; - dev->release = tty_device_create_release; - dev_set_name(dev, "%s", name); - dev->groups = attr_grp; - dev_set_drvdata(dev, drvdata); - - dev_set_uevent_suppress(dev, 1); - - retval = device_register(dev); - if (retval) - goto err_put; - if (!(driver->flags & TTY_DRIVER_DYNAMIC_ALLOC)) { /* * Free any saved termios data so that the termios state is @@ -3288,19 +3271,44 @@ struct device *tty_register_device_attr(struct tty_driver *driver, retval = tty_cdev_add(driver, devt, index, 1); if (retval) - goto err_del; + return ERR_PTR(retval); + + cdev_added = true; + } + + dev = kzalloc(sizeof(*dev), GFP_KERNEL); + if (!dev) { + retval = -ENOMEM; + goto err_del_cdev; } - dev_set_uevent_suppress(dev, 0); - kobject_uevent(&dev->kobj, KOBJ_ADD); + dev->devt = devt; + dev->class = &tty_class; + dev->parent = device; + dev->release = tty_device_create_release; + dev_set_name(dev, "%s", name); + dev->groups = attr_grp; + dev_set_drvdata(dev, drvdata); + + retval = device_register(dev); + if (retval) + goto err_put; return dev; -err_del: - device_del(dev); err_put: + /* + * device_register() calls device_add(), after which + * we must use put_device() instead of kfree(). + */ put_device(dev); +err_del_cdev: + if (cdev_added) { + cdev_del(driver->cdevs[index]); + driver->cdevs[index] = NULL; + } + return ERR_PTR(retval); } EXPORT_SYMBOL_GPL(tty_register_device_attr); -- 2.39.5

1 hour, 26 minutes

2
2
0 0

FAILED: patch "[PATCH] perf/arm-cmn: Initialise cmn->cpu earlier" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x 597704e201068db3d104de3c7a4d447ff8209127 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025060228-pureness-wildcat-f43e@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 597704e201068db3d104de3c7a4d447ff8209127 Mon Sep 17 00:00:00 2001 From: Robin Murphy <robin.murphy(a)arm.com> Date: Mon, 12 May 2025 18:11:54 +0100 Subject: [PATCH] perf/arm-cmn: Initialise cmn->cpu earlier For all the complexity of handling affinity for CPU hotplug, what we've apparently managed to overlook is that arm_cmn_init_irqs() has in fact always been setting the *initial* affinity of all IRQs to CPU 0, not the CPU we subsequently choose for event scheduling. Oh dear. Cc: stable(a)vger.kernel.org Fixes: 0ba64770a2f2 ("perf: Add Arm CMN-600 PMU driver") Signed-off-by: Robin Murphy <robin.murphy(a)arm.com> Reviewed-by: Ilkka Koskinen <ilkka(a)os.amperecomputing.com> Link: https://lore.kernel.org/r/b12fccba6b5b4d2674944f59e4daad91cd63420b.17470699… Signed-off-by: Will Deacon <will(a)kernel.org> diff --git a/drivers/perf/arm-cmn.c b/drivers/perf/arm-cmn.c index 83f4ef985255..668c581e932a 100644 --- a/drivers/perf/arm-cmn.c +++ b/drivers/perf/arm-cmn.c @@ -2551,6 +2551,7 @@ static int arm_cmn_probe(struct platform_device *pdev) cmn->dev = &pdev->dev; cmn->part = (unsigned long)device_get_match_data(cmn->dev); + cmn->cpu = cpumask_local_spread(0, dev_to_node(cmn->dev)); platform_set_drvdata(pdev, cmn); if (cmn->part == PART_CMN600 && has_acpi_companion(cmn->dev)) { @@ -2578,7 +2579,6 @@ static int arm_cmn_probe(struct platform_device *pdev) if (err) return err; - cmn->cpu = cpumask_local_spread(0, dev_to_node(cmn->dev)); cmn->pmu = (struct pmu) { .module = THIS_MODULE, .parent = cmn->dev,

2 hours, 6 minutes

1
0
0 0

FAILED: patch "[PATCH] perf/arm-cmn: Initialise cmn->cpu earlier" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 597704e201068db3d104de3c7a4d447ff8209127 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025060228-output-connected-12d9@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 597704e201068db3d104de3c7a4d447ff8209127 Mon Sep 17 00:00:00 2001 From: Robin Murphy <robin.murphy(a)arm.com> Date: Mon, 12 May 2025 18:11:54 +0100 Subject: [PATCH] perf/arm-cmn: Initialise cmn->cpu earlier For all the complexity of handling affinity for CPU hotplug, what we've apparently managed to overlook is that arm_cmn_init_irqs() has in fact always been setting the *initial* affinity of all IRQs to CPU 0, not the CPU we subsequently choose for event scheduling. Oh dear. Cc: stable(a)vger.kernel.org Fixes: 0ba64770a2f2 ("perf: Add Arm CMN-600 PMU driver") Signed-off-by: Robin Murphy <robin.murphy(a)arm.com> Reviewed-by: Ilkka Koskinen <ilkka(a)os.amperecomputing.com> Link: https://lore.kernel.org/r/b12fccba6b5b4d2674944f59e4daad91cd63420b.17470699… Signed-off-by: Will Deacon <will(a)kernel.org> diff --git a/drivers/perf/arm-cmn.c b/drivers/perf/arm-cmn.c index 83f4ef985255..668c581e932a 100644 --- a/drivers/perf/arm-cmn.c +++ b/drivers/perf/arm-cmn.c @@ -2551,6 +2551,7 @@ static int arm_cmn_probe(struct platform_device *pdev) cmn->dev = &pdev->dev; cmn->part = (unsigned long)device_get_match_data(cmn->dev); + cmn->cpu = cpumask_local_spread(0, dev_to_node(cmn->dev)); platform_set_drvdata(pdev, cmn); if (cmn->part == PART_CMN600 && has_acpi_companion(cmn->dev)) { @@ -2578,7 +2579,6 @@ static int arm_cmn_probe(struct platform_device *pdev) if (err) return err; - cmn->cpu = cpumask_local_spread(0, dev_to_node(cmn->dev)); cmn->pmu = (struct pmu) { .module = THIS_MODULE, .parent = cmn->dev,

2 hours, 6 minutes

1
0
0 0

FAILED: patch "[PATCH] arm64: dts: qcom: x1e80100-crd: mark l12b and l15b always-on" failed to apply to 6.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.14.y git checkout FETCH_HEAD git cherry-pick -x abf89bc4bb09c16a53d693b09ea85225cf57ff39 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025060202-overtake-bankbook-283a@gregkh' --subject-prefix 'PATCH 6.14.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From abf89bc4bb09c16a53d693b09ea85225cf57ff39 Mon Sep 17 00:00:00 2001 From: Johan Hovold <johan+linaro(a)kernel.org> Date: Fri, 14 Mar 2025 15:54:33 +0100 Subject: [PATCH] arm64: dts: qcom: x1e80100-crd: mark l12b and l15b always-on The l12b and l15b supplies are used by components that are not (fully) described (and some never will be) and must never be disabled. Mark the regulators as always-on to prevent them from being disabled, for example, when consumers probe defer or suspend. Fixes: bd50b1f5b6f3 ("arm64: dts: qcom: x1e80100: Add Compute Reference Device") Cc: stable(a)vger.kernel.org # 6.8 Cc: Abel Vesa <abel.vesa(a)linaro.org> Cc: Rajendra Nayak <quic_rjendra(a)quicinc.com> Cc: Sibi Sankar <quic_sibis(a)quicinc.com> Reviewed-by: Konrad Dybcio <konrad.dybcio(a)oss.qualcomm.com> Signed-off-by: Johan Hovold <johan+linaro(a)kernel.org> Link: https://lore.kernel.org/r/20250314145440.11371-2-johan+linaro@kernel.org Signed-off-by: Bjorn Andersson <andersson(a)kernel.org> diff --git a/arch/arm64/boot/dts/qcom/x1-crd.dtsi b/arch/arm64/boot/dts/qcom/x1-crd.dtsi index 5ea7b30983d9..f73f053a46a0 100644 --- a/arch/arm64/boot/dts/qcom/x1-crd.dtsi +++ b/arch/arm64/boot/dts/qcom/x1-crd.dtsi @@ -606,6 +606,7 @@ vreg_l12b_1p2: ldo12 { regulator-min-microvolt = <1200000>; regulator-max-microvolt = <1200000>; regulator-initial-mode = <RPMH_REGULATOR_MODE_HPM>; + regulator-always-on; }; vreg_l13b_3p0: ldo13 { @@ -627,6 +628,7 @@ vreg_l15b_1p8: ldo15 { regulator-min-microvolt = <1800000>; regulator-max-microvolt = <1800000>; regulator-initial-mode = <RPMH_REGULATOR_MODE_HPM>; + regulator-always-on; }; vreg_l16b_2p9: ldo16 {

2 hours, 8 minutes

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror June 2025