- Linux-stable-mirror - lists.linaro.org

[PATCH v5 1/3] drm: adv7511: Fix use-after-free in adv7533_attach_dsi()

by Biju Das

The host_node pointer was assigned and freed in adv7533_parse_dt(), and later, adv7533_attach_dsi() uses the same. Fix this use-after-free issue by dropping of_node_put() in adv7533_parse_dt() and calling of_node_put() in error path of probe() and also in the remove(). Fixes: 1e4d58cd7f88 ("drm/bridge: adv7533: Create a MIPI DSI device") Cc: stable(a)vger.kernel.org Signed-off-by: Biju Das <biju.das.jz(a)bp.renesas.com> --- Changes in v5: - Updated commit description. - restored host_node in struct adv7511. - Dropped of_node_put() in adv7533_parse_dt() and calling of_node_put() in error path of probe() and also in the remove(). Changes in v4: - Updated commit description. - Dropped host_node from struct adv7511 and instead used a local pointer in probe(). Also freeing of host_node pointer after use is done in probe(). Changes in v3: - Replace __free construct with readable of_node_put(). Changes in v2: - Added the tag "Cc: stable(a)vger.kernel.org" in the sign-off area. - Dropped Archit Taneja invalid Mail address --- drivers/gpu/drm/bridge/adv7511/adv7511_drv.c | 5 +++++ drivers/gpu/drm/bridge/adv7511/adv7533.c | 2 -- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/drivers/gpu/drm/bridge/adv7511/adv7511_drv.c b/drivers/gpu/drm/bridge/adv7511/adv7511_drv.c index eb5919b38263..6cfdda04f52f 100644 --- a/drivers/gpu/drm/bridge/adv7511/adv7511_drv.c +++ b/drivers/gpu/drm/bridge/adv7511/adv7511_drv.c @@ -1363,6 +1363,8 @@ static int adv7511_probe(struct i2c_client *i2c) i2c_unregister_device(adv7511->i2c_edid); uninit_regulators: adv7511_uninit_regulators(adv7511); + if (adv7511->host_node) + of_node_put(adv7511->host_node); return ret; } @@ -1371,6 +1373,9 @@ static void adv7511_remove(struct i2c_client *i2c) { struct adv7511 *adv7511 = i2c_get_clientdata(i2c); + if (adv7511->host_node) + of_node_put(adv7511->host_node); + adv7511_uninit_regulators(adv7511); drm_bridge_remove(&adv7511->bridge); diff --git a/drivers/gpu/drm/bridge/adv7511/adv7533.c b/drivers/gpu/drm/bridge/adv7511/adv7533.c index 4481489aaf5e..5f195e91b3e6 100644 --- a/drivers/gpu/drm/bridge/adv7511/adv7533.c +++ b/drivers/gpu/drm/bridge/adv7511/adv7533.c @@ -181,8 +181,6 @@ int adv7533_parse_dt(struct device_node *np, struct adv7511 *adv) if (!adv->host_node) return -ENODEV; - of_node_put(adv->host_node); - adv->use_timing_gen = !of_property_read_bool(np, "adi,disable-timing-generator"); -- 2.43.0

10 months, 1 week

2
2
0 0

[PATCH] ublk: fix error code for unsupported command

by Ming Lei

ENOTSUPP is for kernel use only, and shouldn't be sent to userspace. Fix it by replacing it with EOPNOTSUPP. Cc: stable(a)vger.kernel.org Fixes: bfbcef036396 ("ublk_drv: move ublk_get_device_from_id into ublk_ctrl_uring_cmd") Signed-off-by: Ming Lei <ming.lei(a)redhat.com> --- drivers/block/ublk_drv.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/block/ublk_drv.c b/drivers/block/ublk_drv.c index c6d18cd8af44..d4aed12dd436 100644 --- a/drivers/block/ublk_drv.c +++ b/drivers/block/ublk_drv.c @@ -3041,7 +3041,7 @@ static int ublk_ctrl_uring_cmd(struct io_uring_cmd *cmd, ret = ublk_ctrl_end_recovery(ub, cmd); break; default: - ret = -ENOTSUPP; + ret = -EOPNOTSUPP; break; } -- 2.44.0

10 months, 1 week

2
1
0 0

[PATCH v2] usb: typec: anx7411: fix OF node reference leaks in anx7411_typec_switch_probe()

by Joe Hattori

The refcounts of the OF nodes obtained in by of_get_child_by_name() calls in anx7411_typec_switch_probe() are not decremented, so add fwnode_handle_put() calls to anx7411_unregister_switch() and anx7411_unregister_mux(). Fixes: e45d7337dc0e ("usb: typec: anx7411: Use of_get_child_by_name() instead of of_find_node_by_name()") Cc: stable(a)vger.kernel.org Signed-off-by: Joe Hattori <joe(a)pf.is.s.u-tokyo.ac.jp> --- Changed in v2: - Add the Cc: stable(a)vger.kernel.org tag. --- drivers/usb/typec/anx7411.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/drivers/usb/typec/anx7411.c b/drivers/usb/typec/anx7411.c index cdb7e8273823..d3c5d8f410ca 100644 --- a/drivers/usb/typec/anx7411.c +++ b/drivers/usb/typec/anx7411.c @@ -29,6 +29,8 @@ #include <linux/workqueue.h> #include <linux/power_supply.h> +#include "mux.h" + #define TCPC_ADDRESS1 0x58 #define TCPC_ADDRESS2 0x56 #define TCPC_ADDRESS3 0x54 @@ -1094,6 +1096,7 @@ static void anx7411_unregister_mux(struct anx7411_data *ctx) { if (ctx->typec.typec_mux) { typec_mux_unregister(ctx->typec.typec_mux); + fwnode_handle_put(ctx->typec.typec_mux->dev.fwnode); ctx->typec.typec_mux = NULL; } } @@ -1102,6 +1105,7 @@ static void anx7411_unregister_switch(struct anx7411_data *ctx) { if (ctx->typec.typec_switch) { typec_switch_unregister(ctx->typec.typec_switch); + fwnode_handle_put(ctx->typec.typec_switch->dev.fwnode); ctx->typec.typec_switch = NULL; } } -- 2.34.1

10 months, 1 week

2
1
0 0

[PATCH 6.6.y 0/6] mptcp: fix recent failed backports

by Matthieu Baerts (NGI0)

Greg recently reported 3 patches that could not be applied without conflict in v6.6: - e0266319413d ("mptcp: update local address flags when setting it") - f642c5c4d528 ("mptcp: hold pm lock when deleting entry") - db3eab8110bc ("mptcp: pm: use _rcu variant under rcu_read_lock") Conflicts, if any, have been resolved, and documented in each patch. Note that there are 3 extra patches added to avoid some conflicts: - 14cb0e0bf39b ("mptcp: define more local variables sk") - 06afe09091ee ("mptcp: add userspace_pm_lookup_addr_by_id helper") - af250c27ea1c ("mptcp: drop lookup_by_id in lookup_addr") The Stable-dep-of tags have been added to these patches. Geliang Tang (5): mptcp: define more local variables sk mptcp: add userspace_pm_lookup_addr_by_id helper mptcp: update local address flags when setting it mptcp: hold pm lock when deleting entry mptcp: drop lookup_by_id in lookup_addr Matthieu Baerts (NGI0) (1): mptcp: pm: use _rcu variant under rcu_read_lock net/mptcp/pm_netlink.c | 15 ++++---- net/mptcp/pm_userspace.c | 77 ++++++++++++++++++++++++++-------------- 2 files changed, 58 insertions(+), 34 deletions(-) -- 2.45.2

10 months, 1 week

3
8
0 0

[PATCH 6.1 0/5] Address CVE-2024-49974

by cel＠kernel.org

From: Chuck Lever <chuck.lever(a)oracle.com> Backport the set of upstream patches that cap the number of concurrent background NFSv4.2 COPY operations. Chuck Lever (4): NFSD: Async COPY result needs to return a write verifier NFSD: Limit the number of concurrent async COPY operations NFSD: Initialize struct nfsd4_copy earlier NFSD: Never decrement pending_async_copies on error Dai Ngo (1): NFSD: initialize copy->cp_clp early in nfsd4_copy for use by trace point fs/nfsd/netns.h | 1 + fs/nfsd/nfs4proc.c | 36 +++++++++++++++++------------------- fs/nfsd/nfs4state.c | 1 + fs/nfsd/xdr4.h | 1 + 4 files changed, 20 insertions(+), 19 deletions(-) -- 2.47.0

10 months, 1 week

5
9
0 0

Fix build ID parsing logic in stable trees

by Jiri Olsa

hi, sending fix for buildid parsing that affects only stable trees after merging upstream fix [1]. Upstream then factored out the whole buildid parsing code, so it does not have the problem. I'm sending the fix for affected longterm trees 5.15 6.1 6.6 6.11. thanks, jirka [1] 905415ff3ffb ("lib/buildid: harden build ID parsing logic")

10 months, 1 week

5
17
0 0

[PATCH 6.1.y v2 0/4] fix error handling in mmap_region() and refactor (hotfixes)

by Lorenzo Stoakes

Critical fixes for mmap_region(), backported to 6.1.y. Some notes on differences from upstream: * We do NOT take commit 0fb4a7ad270b ("mm: refactor map_deny_write_exec()"), as this refactors code only introduced in 6.2. * We make reference in "mm: refactor arch_calc_vm_flag_bits() and arm64 MTE handling" to parisc, but the referenced functionality does not exist in this kernel. * In this kernel is_shared_maywrite() does not exist and the code uses VM_SHARED to determine whether mapping_map_writable() / mapping_unmap_writable() should be invoked. This backport therefore follows suit. * The vma_dummy_vm_ops static global doesn't exist in this kernel, so we use a local static variable in mmap_file() and vma_close(). * Each version of these series is confronted by a slightly different mmap_region(), so we must adapt the change for each stable version. The approach remains the same throughout, however, and we correctly avoid closing the VMA part way through any __mmap_region() operation. * This version of the kernel uses mas_preallocate() rather than the vma_iter_prealloc() wrapper and mas_destroy() rather than the vma_iter_free() wrapper, however the logic of rearranging the positioning of these remains the same, as well as avoiding the iterator leak we previously had on some error paths. v2: * Fix 6.1-specific memory leak if second attempt at merge succeeds. v1: https://lore.kernel.org/all/4cb9b846f0c4efcc4a2b21453eea4e4d0136efc8.173167… Lorenzo Stoakes (4): mm: avoid unsafe VMA hook invocation when error arises on mmap hook mm: unconditionally close VMAs on error mm: refactor arch_calc_vm_flag_bits() and arm64 MTE handling mm: resolve faulty mmap_region() error path behaviour arch/arm64/include/asm/mman.h | 10 ++- include/linux/mman.h | 7 +- mm/internal.h | 19 ++++++ mm/mmap.c | 120 ++++++++++++++++++---------------- mm/nommu.c | 9 ++- mm/shmem.c | 3 - mm/util.c | 33 ++++++++++ 7 files changed, 130 insertions(+), 71 deletions(-) -- 2.47.0

10 months, 1 week

3
6
0 0

[PATCH 6.12.y] mm/mmap: fix __mmap_region() error handling in rare merge failure case

by Liam R. Howlett

From: "Liam R. Howlett" <Liam.Howlett(a)Oracle.com> The mmap_region() function tries to install a new vma, which requires a pre-allocation for the maple tree write due to the complex locking scenarios involved. Recent efforts to simplify the error recovery required the relocation of the preallocation of the maple tree nodes (via vma_iter_prealloc() calling mas_preallocate()) higher in the function. The relocation of the preallocation meant that, if there was a file associated with the vma and the driver call (mmap_file()) modified the vma flags, then a new merge of the new vma with existing vmas is attempted. During the attempt to merge the existing vma with the new vma, the vma iterator is used - the same iterator that would be used for the next write attempt to the tree. In the event of needing a further allocation and if the new allocations fails, the vma iterator (and contained maple state) will cleaned up, including freeing all previous allocations and will be reset internally. Upon returning to the __mmap_region() function, the error reason is lost and the function sets the vma iterator limits, and then tries to continue to store the new vma using vma_iter_store() - which expects preallocated nodes. A preallocation should be performed in case the allocations were lost during the failure scenario - there is no risk of over allocating. The range is already set in the vma_iter_store() call below, so it is not necessary. Reported-by: syzbot+bc6bfc25a68b7a020ee1(a)syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/x/log.txt?x=17b0ace8580000 Fixes: 5de195060b2e2 ("mm: resolve faulty mmap_region() error path behaviour") Signed-off-by: Liam R. Howlett <Liam.Howlett(a)Oracle.com> Cc: Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: Jann Horn <jannh(a)google.com> Cc: <stable(a)vger.kernel.org> --- mm/mmap.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/mm/mmap.c b/mm/mmap.c index 79d541f1502b2..5cef9a1981f1b 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -1491,7 +1491,10 @@ static unsigned long __mmap_region(struct file *file, unsigned long addr, vm_flags = vma->vm_flags; goto file_expanded; } - vma_iter_config(&vmi, addr, end); + if (vma_iter_prealloc(&vmi, vma)) { + error = -ENOMEM; + goto unmap_and_free_file_vma; + } } vm_flags = vma->vm_flags; -- 2.43.0

10 months, 1 week

4
6
0 0

[PATCH] usb: typec: anx7411: fix fwnode_handle reference leak

by Joe Hattori

An fwnode_handle is obtained with an incremented refcount in anx7411_typec_port_probe(), however the refcount is not decremented in the error path or in the .remove() function. Therefore call fwnode_handle_put() accordingly. Fixes: fe6d8a9c8e64 ("usb: typec: anx7411: Add Analogix PD ANX7411 support") Cc: stable(a)vger.kernel.org Signed-off-by: Joe Hattori <joe(a)pf.is.s.u-tokyo.ac.jp> --- drivers/usb/typec/anx7411.c | 33 ++++++++++++++++++++++----------- 1 file changed, 22 insertions(+), 11 deletions(-) diff --git a/drivers/usb/typec/anx7411.c b/drivers/usb/typec/anx7411.c index 7e61c3ac8777..d3c5d8f410ca 100644 --- a/drivers/usb/typec/anx7411.c +++ b/drivers/usb/typec/anx7411.c @@ -1023,6 +1023,12 @@ static void anx7411_port_unregister_altmodes(struct typec_altmode **adev) } } +static void anx7411_port_unregister(struct typec_params *typecp) +{ + fwnode_handle_put(typecp->caps.fwnode); + anx7411_port_unregister_altmodes(typecp->port_amode); +} + static int anx7411_usb_mux_set(struct typec_mux_dev *mux, struct typec_mux_state *state) { @@ -1158,34 +1164,34 @@ static int anx7411_typec_port_probe(struct anx7411_data *ctx, ret = fwnode_property_read_string(fwnode, "power-role", &buf); if (ret) { dev_err(dev, "power-role not found: %d\n", ret); - return ret; + goto put_fwnode; } ret = typec_find_port_power_role(buf); if (ret < 0) - return ret; + goto put_fwnode; cap->type = ret; ret = fwnode_property_read_string(fwnode, "data-role", &buf); if (ret) { dev_err(dev, "data-role not found: %d\n", ret); - return ret; + goto put_fwnode; } ret = typec_find_port_data_role(buf); if (ret < 0) - return ret; + goto put_fwnode; cap->data = ret; ret = fwnode_property_read_string(fwnode, "try-power-role", &buf); if (ret) { dev_err(dev, "try-power-role not found: %d\n", ret); - return ret; + goto put_fwnode; } ret = typec_find_power_role(buf); if (ret < 0) - return ret; + goto put_fwnode; cap->prefer_role = ret; /* Get source pdos */ @@ -1197,7 +1203,7 @@ static int anx7411_typec_port_probe(struct anx7411_data *ctx, typecp->src_pdo_nr); if (ret < 0) { dev_err(dev, "source cap validate failed: %d\n", ret); - return -EINVAL; + goto put_fwnode; } typecp->caps_flags |= HAS_SOURCE_CAP; @@ -1211,7 +1217,7 @@ static int anx7411_typec_port_probe(struct anx7411_data *ctx, typecp->sink_pdo_nr); if (ret < 0) { dev_err(dev, "sink cap validate failed: %d\n", ret); - return -EINVAL; + goto put_fwnode; } for (i = 0; i < typecp->sink_pdo_nr; i++) { @@ -1255,13 +1261,18 @@ static int anx7411_typec_port_probe(struct anx7411_data *ctx, ret = PTR_ERR(ctx->typec.port); ctx->typec.port = NULL; dev_err(dev, "Failed to register type c port %d\n", ret); - return ret; + goto put_fwnode; } typec_port_register_altmodes(ctx->typec.port, NULL, ctx, ctx->typec.port_amode, MAX_ALTMODE); return 0; + +put_fwnode: + fwnode_handle_put(fwnode); + + return ret; } static int anx7411_typec_check_connection(struct anx7411_data *ctx) @@ -1528,7 +1539,7 @@ static int anx7411_i2c_probe(struct i2c_client *client) free_typec_port: typec_unregister_port(plat->typec.port); - anx7411_port_unregister_altmodes(plat->typec.port_amode); + anx7411_port_unregister(&plat->typec); free_typec_switch: anx7411_unregister_switch(plat); @@ -1562,7 +1573,7 @@ static void anx7411_i2c_remove(struct i2c_client *client) if (plat->typec.port) typec_unregister_port(plat->typec.port); - anx7411_port_unregister_altmodes(plat->typec.port_amode); + anx7411_port_unregister(&plat->typec); } static const struct i2c_device_id anx7411_id[] = { -- 2.34.1

10 months, 1 week

2
1
0 0

FAILED: patch "[PATCH] mm: revert "mm: shmem: fix data-race in shmem_getattr()"" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x d1aa0c04294e29883d65eac6c2f72fe95cc7c049 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024111702-gonad-immobile-513e@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From d1aa0c04294e29883d65eac6c2f72fe95cc7c049 Mon Sep 17 00:00:00 2001 From: Andrew Morton <akpm(a)linux-foundation.org> Date: Fri, 15 Nov 2024 16:57:24 -0800 Subject: [PATCH] mm: revert "mm: shmem: fix data-race in shmem_getattr()" Revert d949d1d14fa2 ("mm: shmem: fix data-race in shmem_getattr()") as suggested by Chuck [1]. It is causing deadlocks when accessing tmpfs over NFS. As Hugh commented, "added just to silence a syzbot sanitizer splat: added where there has never been any practical problem". Link: https://lkml.kernel.org/r/ZzdxKF39VEmXSSyN@tissot.1015granger.net [1] Fixes: d949d1d14fa2 ("mm: shmem: fix data-race in shmem_getattr()") Acked-by: Hugh Dickins <hughd(a)google.com> Cc: Chuck Lever <chuck.lever(a)oracle.com> Cc: Jeongjun Park <aha310510(a)gmail.com> Cc: Yu Zhao <yuzhao(a)google.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> diff --git a/mm/shmem.c b/mm/shmem.c index e87f5d6799a7..568bb290bdce 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -1166,9 +1166,7 @@ static int shmem_getattr(struct mnt_idmap *idmap, stat->attributes_mask |= (STATX_ATTR_APPEND | STATX_ATTR_IMMUTABLE | STATX_ATTR_NODUMP); - inode_lock_shared(inode); generic_fillattr(idmap, request_mask, inode, stat); - inode_unlock_shared(inode); if (shmem_huge_global_enabled(inode, 0, 0, false, NULL, 0)) stat->blksize = HPAGE_PMD_SIZE;

10 months, 1 week

4
4
0 0

[PATCH 6.6.y 0/5] fix error handling in mmap_region() and refactor (hotfixes)

by Lorenzo Stoakes

Critical fixes for mmap_region(), backported to 6.6.y. Some notes on differences from upstream: * In this kernel is_shared_maywrite() does not exist and the code uses VM_SHARED to determine whether mapping_map_writable() / mapping_unmap_writable() should be invoked. This backport therefore follows suit. * Each version of these series is confronted by a slightly different mmap_region(), so we must adapt the change for each stable version. The approach remains the same throughout, however, and we correctly avoid closing the VMA part way through any __mmap_region() operation. Lorenzo Stoakes (5): mm: avoid unsafe VMA hook invocation when error arises on mmap hook mm: unconditionally close VMAs on error mm: refactor map_deny_write_exec() mm: refactor arch_calc_vm_flag_bits() and arm64 MTE handling mm: resolve faulty mmap_region() error path behaviour arch/arm64/include/asm/mman.h | 10 ++- arch/parisc/include/asm/mman.h | 5 +- include/linux/mman.h | 28 ++++++-- mm/internal.h | 45 ++++++++++++ mm/mmap.c | 128 ++++++++++++++++++--------------- mm/mprotect.c | 2 +- mm/nommu.c | 9 ++- mm/shmem.c | 3 - 8 files changed, 153 insertions(+), 77 deletions(-) -- 2.47.0

10 months, 1 week

5
10
0 0

[PATCH v5 3/3] drm: adv7511: Drop dsi single lane support

by Biju Das

As per [1] and [2], ADV7535/7533 supports only 2-, 3-, or 4-lane. Drop unsupported 1-lane. [1] https://www.analog.com/media/en/technical-documentation/data-sheets/ADV7535… [2] https://www.analog.com/media/en/technical-documentation/data-sheets/ADV7533… Fixes: 1e4d58cd7f88 ("drm/bridge: adv7533: Create a MIPI DSI device") Reported-by: Hien Huynh <hien.huynh.px(a)renesas.com> Cc: stable(a)vger.kernel.org Reviewed-by: Laurent Pinchart <laurent.pinchart+renesas(a)ideasonboard.com> Signed-off-by: Biju Das <biju.das.jz(a)bp.renesas.com> --- Changes in v5: - No change. Changes in v4: - Added link to ADV7533 data sheet. - Collected tags Changes in v3: - Updated commit header and description - Updated fixes tag - Dropped single lane support Changes in v2: - Added the tag "Cc: stable(a)vger.kernel.org" in the sign-off area. - Dropped Archit Taneja invalid Mail address --- drivers/gpu/drm/bridge/adv7511/adv7533.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/gpu/drm/bridge/adv7511/adv7533.c b/drivers/gpu/drm/bridge/adv7511/adv7533.c index 5f195e91b3e6..122ad91e8a32 100644 --- a/drivers/gpu/drm/bridge/adv7511/adv7533.c +++ b/drivers/gpu/drm/bridge/adv7511/adv7533.c @@ -172,7 +172,7 @@ int adv7533_parse_dt(struct device_node *np, struct adv7511 *adv) of_property_read_u32(np, "adi,dsi-lanes", &num_lanes); - if (num_lanes < 1 || num_lanes > 4) + if (num_lanes < 2 || num_lanes > 4) return -EINVAL; adv->num_dsi_lanes = num_lanes; -- 2.43.0

10 months, 1 week

2
1
0 0

[PATCH 6.1 v2] parisc: fix a possible DMA corruption

by Bin Lan

From: Mikulas Patocka <mpatocka(a)redhat.com> [ Upstream commit 7ae04ba36b381bffe2471eff3a93edced843240f ] ARCH_DMA_MINALIGN was defined as 16 - this is too small - it may be possible that two unrelated 16-byte allocations share a cache line. If one of these allocations is written using DMA and the other is written using cached write, the value that was written with DMA may be corrupted. This commit changes ARCH_DMA_MINALIGN to be 128 on PA20 and 32 on PA1.1 - that's the largest possible cache line size. As different parisc microarchitectures have different cache line size, we define arch_slab_minalign(), cache_line_size() and dma_get_cache_alignment() so that the kernel may tune slab cache parameters dynamically, based on the detected cache line size. Signed-off-by: Mikulas Patocka <mpatocka(a)redhat.com> Cc: stable(a)vger.kernel.org Signed-off-by: Helge Deller <deller(a)gmx.de> Signed-off-by: Bin Lan <bin.lan.cn(a)windriver.com> --- arch/parisc/Kconfig | 1 + arch/parisc/include/asm/cache.h | 11 ++++++++++- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/arch/parisc/Kconfig b/arch/parisc/Kconfig index 3341d4a42199..3a32b49d7ad0 100644 --- a/arch/parisc/Kconfig +++ b/arch/parisc/Kconfig @@ -18,6 +18,7 @@ config PARISC select ARCH_SUPPORTS_HUGETLBFS if PA20 select ARCH_SUPPORTS_MEMORY_FAILURE select ARCH_STACKWALK + select ARCH_HAS_CACHE_LINE_SIZE select ARCH_HAS_DEBUG_VM_PGTABLE select HAVE_RELIABLE_STACKTRACE select DMA_OPS diff --git a/arch/parisc/include/asm/cache.h b/arch/parisc/include/asm/cache.h index e23d06b51a20..91e753f08eaa 100644 --- a/arch/parisc/include/asm/cache.h +++ b/arch/parisc/include/asm/cache.h @@ -20,7 +20,16 @@ #define SMP_CACHE_BYTES L1_CACHE_BYTES -#define ARCH_DMA_MINALIGN L1_CACHE_BYTES +#ifdef CONFIG_PA20 +#define ARCH_DMA_MINALIGN 128 +#else +#define ARCH_DMA_MINALIGN 32 +#endif +#define ARCH_KMALLOC_MINALIGN 16 /* ldcw requires 16-byte alignment */ + +#define arch_slab_minalign() ((unsigned)dcache_stride) +#define cache_line_size() dcache_stride +#define dma_get_cache_alignment cache_line_size #define __read_mostly __section(".data..read_mostly") -- 2.43.0

10 months, 1 week

1
0
0 0

FAILED: patch "[PATCH] mm: revert "mm: shmem: fix data-race in shmem_getattr()"" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x d1aa0c04294e29883d65eac6c2f72fe95cc7c049 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024111703-uncork-sincerity-4d6e@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From d1aa0c04294e29883d65eac6c2f72fe95cc7c049 Mon Sep 17 00:00:00 2001 From: Andrew Morton <akpm(a)linux-foundation.org> Date: Fri, 15 Nov 2024 16:57:24 -0800 Subject: [PATCH] mm: revert "mm: shmem: fix data-race in shmem_getattr()" Revert d949d1d14fa2 ("mm: shmem: fix data-race in shmem_getattr()") as suggested by Chuck [1]. It is causing deadlocks when accessing tmpfs over NFS. As Hugh commented, "added just to silence a syzbot sanitizer splat: added where there has never been any practical problem". Link: https://lkml.kernel.org/r/ZzdxKF39VEmXSSyN@tissot.1015granger.net [1] Fixes: d949d1d14fa2 ("mm: shmem: fix data-race in shmem_getattr()") Acked-by: Hugh Dickins <hughd(a)google.com> Cc: Chuck Lever <chuck.lever(a)oracle.com> Cc: Jeongjun Park <aha310510(a)gmail.com> Cc: Yu Zhao <yuzhao(a)google.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> diff --git a/mm/shmem.c b/mm/shmem.c index e87f5d6799a7..568bb290bdce 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -1166,9 +1166,7 @@ static int shmem_getattr(struct mnt_idmap *idmap, stat->attributes_mask |= (STATX_ATTR_APPEND | STATX_ATTR_IMMUTABLE | STATX_ATTR_NODUMP); - inode_lock_shared(inode); generic_fillattr(idmap, request_mask, inode, stat); - inode_unlock_shared(inode); if (shmem_huge_global_enabled(inode, 0, 0, false, NULL, 0)) stat->blksize = HPAGE_PMD_SIZE;

10 months, 1 week

3
2
0 0

[PATCH 6.1] parisc: fix a possible DMA corruption

by Bin Lan

From: Mikulas Patocka <mpatocka(a)redhat.com> ARCH_DMA_MINALIGN was defined as 16 - this is too small - it may be possible that two unrelated 16-byte allocations share a cache line. If one of these allocations is written using DMA and the other is written using cached write, the value that was written with DMA may be corrupted. This commit changes ARCH_DMA_MINALIGN to be 128 on PA20 and 32 on PA1.1 - that's the largest possible cache line size. As different parisc microarchitectures have different cache line size, we define arch_slab_minalign(), cache_line_size() and dma_get_cache_alignment() so that the kernel may tune slab cache parameters dynamically, based on the detected cache line size. Signed-off-by: Mikulas Patocka <mpatocka(a)redhat.com> Cc: stable(a)vger.kernel.org Signed-off-by: Helge Deller <deller(a)gmx.de> Signed-off-by: Bin Lan <bin.lan.cn(a)windriver.com> --- arch/parisc/Kconfig | 1 + arch/parisc/include/asm/cache.h | 11 ++++++++++- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/arch/parisc/Kconfig b/arch/parisc/Kconfig index 3341d4a42199..3a32b49d7ad0 100644 --- a/arch/parisc/Kconfig +++ b/arch/parisc/Kconfig @@ -18,6 +18,7 @@ config PARISC select ARCH_SUPPORTS_HUGETLBFS if PA20 select ARCH_SUPPORTS_MEMORY_FAILURE select ARCH_STACKWALK + select ARCH_HAS_CACHE_LINE_SIZE select ARCH_HAS_DEBUG_VM_PGTABLE select HAVE_RELIABLE_STACKTRACE select DMA_OPS diff --git a/arch/parisc/include/asm/cache.h b/arch/parisc/include/asm/cache.h index e23d06b51a20..91e753f08eaa 100644 --- a/arch/parisc/include/asm/cache.h +++ b/arch/parisc/include/asm/cache.h @@ -20,7 +20,16 @@ #define SMP_CACHE_BYTES L1_CACHE_BYTES -#define ARCH_DMA_MINALIGN L1_CACHE_BYTES +#ifdef CONFIG_PA20 +#define ARCH_DMA_MINALIGN 128 +#else +#define ARCH_DMA_MINALIGN 32 +#endif +#define ARCH_KMALLOC_MINALIGN 16 /* ldcw requires 16-byte alignment */ + +#define arch_slab_minalign() ((unsigned)dcache_stride) +#define cache_line_size() dcache_stride +#define dma_get_cache_alignment cache_line_size #define __read_mostly __section(".data..read_mostly") -- 2.43.0

10 months, 1 week

2
2
0 0

[PATCH 6.1.y 0/2] Backport fix of CVE-2024-36915 to 6.1

by Xiangyu Chen

From: Xiangyu Chen <xiangyu.chen(a)windriver.com> Following series is a backport of CVE-2024-36915 The fix is "nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies" This required 1 extra commit to make sure the picks are clean: net: add copy_safe_from_sockptr() helper Eric Dumazet (2): net: add copy_safe_from_sockptr() helper nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies include/linux/sockptr.h | 25 +++++++++++++++++++++++++ net/nfc/llcp_sock.c | 12 ++++++------ 2 files changed, 31 insertions(+), 6 deletions(-) -- 2.43.0

10 months, 1 week

2
3
0 0

[PATCH v5 2/3] dt-bindings: display: adi,adv7533: Drop single lane support

by Biju Das

As per [1] and [2], ADV7535/7533 supports only 2-, 3-, or 4-lane. Drop unsupported 1-lane from bindings. [1] https://www.analog.com/media/en/technical-documentation/data-sheets/ADV7535… [2] https://www.analog.com/media/en/technical-documentation/data-sheets/ADV7533… Fixes: 1e4d58cd7f88 ("drm/bridge: adv7533: Create a MIPI DSI device") Cc: stable(a)vger.kernel.org Acked-by: Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> Reviewed-by: Geert Uytterhoeven <geert+renesas(a)glider.be> Reviewed-by: Laurent Pinchart <laurent.pinchart+renesas(a)ideasonboard.com> Signed-off-by: Biju Das <biju.das.jz(a)bp.renesas.com> --- v4->v5: * No change. v3->v4: * Added link to ADV7533 data sheet. * Collected tags. v3: * New patch. --- .../devicetree/bindings/display/bridge/adi,adv7533.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Documentation/devicetree/bindings/display/bridge/adi,adv7533.yaml b/Documentation/devicetree/bindings/display/bridge/adi,adv7533.yaml index df20a3c9c744..ec89115c74e4 100644 --- a/Documentation/devicetree/bindings/display/bridge/adi,adv7533.yaml +++ b/Documentation/devicetree/bindings/display/bridge/adi,adv7533.yaml @@ -90,7 +90,7 @@ properties: adi,dsi-lanes: description: Number of DSI data lanes connected to the DSI host. $ref: /schemas/types.yaml#/definitions/uint32 - enum: [ 1, 2, 3, 4 ] + enum: [ 2, 3, 4 ] "#sound-dai-cells": const: 0 -- 2.43.0

10 months, 1 week

1
0
0 0

[PATCH 6.1.y 0/7] mptcp: fix recent failed backports

by Matthieu Baerts (NGI0)

Greg recently reported 3 patches that could not be applied without conflict in v6.1: - e0266319413d ("mptcp: update local address flags when setting it") - f642c5c4d528 ("mptcp: hold pm lock when deleting entry") - db3eab8110bc ("mptcp: pm: use _rcu variant under rcu_read_lock") Conflicts, if any, have been resolved, and documented in each patch. Note that there are 3 extra patches added to avoid some conflicts: - 14cb0e0bf39b ("mptcp: define more local variables sk") - 06afe09091ee ("mptcp: add userspace_pm_lookup_addr_by_id helper") - af250c27ea1c ("mptcp: drop lookup_by_id in lookup_addr") The Stable-dep-of tags have been added to these patches. 1 extra patch has been included, it is supposed to be backported, but it was missing the Cc stable tag and it had conflicts: - ce7356ae3594 ("mptcp: cope racing subflow creation in mptcp_rcv_space_adjust") Geliang Tang (5): mptcp: define more local variables sk mptcp: add userspace_pm_lookup_addr_by_id helper mptcp: update local address flags when setting it mptcp: hold pm lock when deleting entry mptcp: drop lookup_by_id in lookup_addr Matthieu Baerts (NGI0) (1): mptcp: pm: use _rcu variant under rcu_read_lock Paolo Abeni (1): mptcp: cope racing subflow creation in mptcp_rcv_space_adjust net/mptcp/pm_netlink.c | 15 ++++---- net/mptcp/pm_userspace.c | 77 ++++++++++++++++++++++++++-------------- net/mptcp/protocol.c | 3 +- 3 files changed, 60 insertions(+), 35 deletions(-) -- 2.45.2

10 months, 1 week

2
8
0 0

[PATCH 6.11 000/184] 6.11.8-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.11.8 release. There are 184 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu, 14 Nov 2024 10:18:19 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.11.8-rc1… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.11.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.11.8-rc1 Hyunwoo Kim <v4bel(a)theori.io> vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans Hyunwoo Kim <v4bel(a)theori.io> hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer Paul E. McKenney <paulmck(a)kernel.org> xtensa: Emulate one-byte cmpxchg Mingcong Bai <jeffbai(a)aosc.io> ASoC: amd: yc: fix internal mic on Xiaomi Book Pro 14 2022 Nirmoy Das <nirmoy.das(a)intel.com> drm/xe/guc/tlb: Flush g2h worker in case of tlb timeout Nirmoy Das <nirmoy.das(a)intel.com> drm/xe/ufence: Flush xe ordered_wq in case of ufence timeout Nirmoy Das <nirmoy.das(a)intel.com> drm/xe: Move LNL scheduling WA to xe_device.h Badal Nilawar <badal.nilawar(a)intel.com> drm/xe/guc/ct: Flush g2h worker in case of g2h response timeout Christoph Hellwig <hch(a)lst.de> block: fix queue limits checks in blk_rq_map_user_bvec for real Christoph Hellwig <hch(a)lst.de> block: rework bio splitting Johan Hovold <johan+linaro(a)kernel.org> firmware: qcom: scm: suppress download mode error Mukesh Ojha <quic_mojha(a)quicinc.com> firmware: qcom: scm: Refactor code to support multiple dload mode Muhammad Usama Anjum <usama.anjum(a)collabora.com> selftests: hugetlb_dio: check for initial conditions to skip in the start Andrei Vagin <avagin(a)google.com> ucounts: fix counter leak in inc_rlimit_get_ucounts() Andrew Kanner <andrew.kanner(a)gmail.com> ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() Marc Zyngier <maz(a)kernel.org> irqchip/gic-v3: Force propagation of the active state with a read-back Umang Jain <umang.jain(a)ideasonboard.com> staging: vchiq_arm: Use devm_kzalloc() for vchiq_arm_state allocation Umang Jain <umang.jain(a)ideasonboard.com> staging: vchiq_arm: Use devm_kzalloc() for drv_mgmt allocation Mika Westerberg <mika.westerberg(a)linux.intel.com> thunderbolt: Fix connection issue with Pluggable UD-4VPD dock Qiang Yu <quic_qianyu(a)quicinc.com> clk: qcom: gcc-x1e80100: Fix halt_check for pipediv2 clocks Johan Hovold <johan+linaro(a)kernel.org> clk: qcom: videocc-sm8350: use HW_CTRL_TRIGGER for vcodec GDSCs Benoît Monin <benoit.monin(a)gmx.fr> USB: serial: option: add Quectel RG650V Reinhard Speyerer <rspmn(a)arcor.de> USB: serial: option: add Fibocom FG132 0x0112 composition Jack Wu <wojackbb(a)gmail.com> USB: serial: qcserial: add support for Sierra Wireless EM86xx Dan Carpenter <dan.carpenter(a)linaro.org> USB: serial: io_edgeport: fix use after free in debug printk Dan Carpenter <dan.carpenter(a)linaro.org> usb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd() Rex Nie <rex.nie(a)jaguarmicro.com> usb: typec: qcom-pmic: init value of hdr_len/txbuf_len earlier Roger Quadros <rogerq(a)kernel.org> usb: dwc3: fix fault at system suspend if device was already runtime suspended Zijun Hu <quic_zijuhu(a)quicinc.com> usb: musb: sunxi: Fix accessing an released usb phy Mika Westerberg <mika.westerberg(a)linux.intel.com> thunderbolt: Add only on-board retimers when !CONFIG_USB4_DEBUGFS_MARGINING Hugh Dickins <hughd(a)google.com> mm/thp: fix deferred split unqueue naming and locking Wei Yang <richard.weiyang(a)gmail.com> mm/mlock: set the correct prev on failure SeongJae Park <sj(a)kernel.org> mm/damon/core: handle zero schemes apply interval SeongJae Park <sj(a)kernel.org> mm/damon/core: handle zero {aggregation,ops_update} intervals SeongJae Park <sj(a)kernel.org> mm/damon/core: avoid overflow in damon_feed_loop_next_input() Roman Gushchin <roman.gushchin(a)linux.dev> signal: restore the override_rlimit logic Masami Hiramatsu (Google) <mhiramat(a)kernel.org> objpool: fix to make percpu slot allocation more robust Qi Xi <xiqi2(a)huawei.com> fs/proc: fix compile warning about variable 'vmcore_mmap_ops' Barnabás Czémán <barnabas.czeman(a)mainlining.org> clk: qcom: clk-alpha-pll: Fix pll post div mask when width is not set Abel Vesa <abel.vesa(a)linaro.org> clk: qcom: gcc-x1e80100: Fix USB MP SS1 PHY GDSC pwrsts flags Liu Peibao <loven.liu(a)jaguarmicro.com> i2c: designware: do not hold SCL low when I2C_DYNAMIC_TAR_UPDATE is not set Trond Myklebust <trond.myklebust(a)hammerspace.com> filemap: Fix bounds checking in filemap_read() Benoit Sevens <bsevens(a)google.com> media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format Shyam Sundar S K <Shyam-sundar.S-k(a)amd.com> platform/x86/amd/pmf: Add SMU metrics table support for 1Ah family 60h model Shyam Sundar S K <Shyam-sundar.S-k(a)amd.com> platform/x86/amd/pmf: Update SMU metrics table for 1AH family series Shyam Sundar S K <Shyam-sundar.S-k(a)amd.com> platform/x86/amd/pmf: Relocate CPU ID macros to the PMF header Filipe Manana <fdmanana(a)suse.com> btrfs: reinitialize delayed ref list after deleting it from the list Qu Wenruo <wqu(a)suse.com> btrfs: fix per-subvolume RO/RW flags with new mount API Haisu Wang <haisuwang(a)tencent.com> btrfs: fix the length of reserved qgroup to free Pavan Kumar Linga <pavan.kumar.linga(a)intel.com> idpf: fix idpf_vc_core_init error path Pavan Kumar Linga <pavan.kumar.linga(a)intel.com> idpf: avoid vport access in idpf_get_link_ksettings Gautam Menghani <gautam(a)linux.ibm.com> KVM: PPC: Book3S HV: Mask off LPCR_MER for a vCPU before running it to avoid spurious interrupts Koichiro Den <koichiro.den(a)gmail.com> mm/slab: fix warning caused by duplicate kmem_cache creation in kmem_buckets_create Mark Rutland <mark.rutland(a)arm.com> arm64: smccc: Remove broken support for SMCCCv1.3 SVE discard hint Mark Rutland <mark.rutland(a)arm.com> arm64: Kconfig: Make SME depend on BROKEN for now Mark Brown <broonie(a)kernel.org> arm64/sve: Discard stale CPU state when handling SVE traps Geliang Tang <geliang(a)kernel.org> mptcp: use sock_kfree_s instead of kfree Stefan Wahren <wahrenst(a)gmx.net> net: vertexcom: mse102x: Fix possible double free of TX skb Jinjie Ruan <ruanjinjie(a)huawei.com> net: wwan: t7xx: Fix off-by-one error in t7xx_dpmaif_rx_buf_alloc() Kalesh Singh <kaleshsingh(a)google.com> tracing: Fix tracefs mount options Roberto Sassu <roberto.sassu(a)huawei.com> nfs: Fix KMSAN warning in decode_getfattr_attrs() Bart Van Assche <bvanassche(a)acm.org> scsi: ufs: core: Start the RTC update work later Takashi Iwai <tiwai(a)suse.de> ALSA: usb-audio: Add quirk for HP 320 FHD Webcam Matthieu Baerts (NGI0) <matttbe(a)kernel.org> mptcp: no admin perm to list endpoints Mikulas Patocka <mpatocka(a)redhat.com> dm: fix a crash if blk_alloc_disk fails Zichen Xie <zichenxie0106(a)gmail.com> dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow Ming-Hung Tsai <mtsai(a)redhat.com> dm cache: fix potential out-of-bounds access on the first resume Ming-Hung Tsai <mtsai(a)redhat.com> dm cache: optimize dirty bit checking with find_next_bit when resizing Ming-Hung Tsai <mtsai(a)redhat.com> dm cache: fix out-of-bounds access to the dirty bitset when resizing Ming-Hung Tsai <mtsai(a)redhat.com> dm cache: fix flushing uninitialized delayed_work on cache_ctr error Ming-Hung Tsai <mtsai(a)redhat.com> dm cache: correct the number of origin blocks to match the target length David Gstir <david(a)sigma-star.at> KEYS: trusted: dcp: fix NULL dereference in AEAD crypto operation Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> thermal/drivers/qcom/lmh: Remove false lockdep backtrace Antonio Quartulli <antonio(a)mandelbit.com> drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported Lijo Lazar <lijo.lazar(a)amd.com> drm/amdgpu: Fix DPX valid mode check on GC 9.4.3 Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: Adjust debugfs register access permissions Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: Adjust debugfs eviction and IB access permissions Jann Horn <jannh(a)google.com> drm/panthor: Be stricter about IO mapping flags Liviu Dudau <liviu.dudau(a)arm.com> drm/panthor: Lock XArray when getting entries for the VM Aurabindo Pillai <aurabindo.pillai(a)amd.com> drm/amd/display: parse umc_info or vram_info based on ASIC Kenneth Feng <kenneth.feng(a)amd.com> drm/amd/pm: correct the workload setting Brendan King <brendan.king(a)imgtec.com> drm/imagination: Break an object reference loop Brendan King <brendan.king(a)imgtec.com> drm/imagination: Add a per-file PVR context list Tom Chung <chiahsuan.chung(a)amd.com> drm/amd/display: Fix brightness level not retained over reboot Kenneth Feng <kenneth.feng(a)amd.com> drm/amd/pm: always pick the pptable from IFWI Bjorn Andersson <bjorn.andersson(a)oss.qualcomm.com> rpmsg: glink: Handle rejected intent request better Jarkko Sakkinen <jarkko(a)kernel.org> tpm: Lock TPM chip in tpm_pm_suspend() first Erik Schumacher <erik.schumacher(a)iris-sensing.com> pwm: imx-tpm: Use correct MODULO value for EPWM mode Balasubramani Vivekanandan <balasubramani.vivekanandan(a)intel.com> drm/xe: Set mask bits for CCS_MODE register Matthew Brost <matthew.brost(a)intel.com> drm/xe: Drop VM dma-resv lock on xe_sync_in_fence_get failure in exec IOCTL Matthew Brost <matthew.brost(a)intel.com> drm/xe: Fix possible exec queue leak in exec IOCTL Namjae Jeon <linkinjeon(a)kernel.org> ksmbd: fix slab-use-after-free in smb3_preauth_hash_rsp Jinjie Ruan <ruanjinjie(a)huawei.com> ksmbd: Fix the missing xa_store error check Namjae Jeon <linkinjeon(a)kernel.org> ksmbd: check outstanding simultaneous SMB operations Namjae Jeon <linkinjeon(a)kernel.org> ksmbd: fix slab-use-after-free in ksmbd_smb2_session_create Thomas Mühlbacher <tmuehlbacher(a)posteo.net> can: {cc770,sja1000}_isa: allow building on x86_64 Marc Kleine-Budde <mkl(a)pengutronix.de> can: mcp251xfd: mcp251xfd_ring_alloc(): fix coalescing configuration when switching CAN modes Marc Kleine-Budde <mkl(a)pengutronix.de> can: mcp251xfd: mcp251xfd_get_tef_len(): fix length calculation Marc Kleine-Budde <mkl(a)pengutronix.de> can: m_can: m_can_close(): don't call free_irq() for IRQ-less devices Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: v4l2-ctrls-api: fix error handling for v4l2_g_ctrl() Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: v4l2-tpg: prevent the risk of a division by zero Hans Verkuil <hverkuil(a)xs4all.nl> media: vivid: fix buffer overwrite when using > 32 buffers Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: pulse8-cec: fix data timestamp at pulse8_setup() Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: av7110: fix a spectre vulnerability Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: cx24116: prevent overflows on SNR calculus Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: s5p-jpeg: prevent buffer overflows Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: ar0521: don't overflow when checking PLL values Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: mgb4: protect driver against spectre Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: dvb-core: add missing buffer index check Jyri Sarha <jyri.sarha(a)linux.intel.com> ASoC: SOF: sof-client-probes-ipc4: Set param_size extension bits Amelie Delaunay <amelie.delaunay(a)foss.st.com> ASoC: stm32: spdifrx: fix dma channel release in stm32_spdifrx_remove Icenowy Zheng <uwu(a)icenowy.me> thermal/of: support thermal zones w/o trips subnode Emil Dahl Juhl <emdj(a)bang-olufsen.dk> tools/lib/thermal: Fix sampling handler context ptr Murad Masimov <m.masimov(a)maxima.ru> ALSA: firewire-lib: fix return value on fail in amdtp_tscm_init() Johannes Thumshirn <johannes.thumshirn(a)wdc.com> scsi: sd_zbc: Use kvzalloc() to allocate REPORT ZONES buffer Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: adv7604: prevent underflow condition when reporting colorspace Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: dvb_frontend: don't play tricks with underflow values Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: dvbdev: prevent the risk of out of memory access Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: stb0899_algo: initialize cfr before using it Jarosław Janik <jaroslaw.janik(a)gmail.com> Revert "ALSA: hda/conexant: Mute speakers at suspend / shutdown" Wentao Liang <Wentao_liang_g(a)163.com> drivers: net: ionic: add missed debugfs cleanup to ionic_probe() error path Eric Dumazet <edumazet(a)google.com> net/smc: do not leave a dangling sk pointer in __smc_create() David Howells <dhowells(a)redhat.com> rxrpc: Fix missing locking causing hanging calls Johan Jonker <jbx6244(a)gmail.com> net: arc: rockchip: fix emac mdio node support Johan Jonker <jbx6244(a)gmail.com> net: arc: fix the device for dma_map_single/dma_unmap_single Philo Lu <lulie(a)linux.alibaba.com> virtio_net: Update rss when set queue Philo Lu <lulie(a)linux.alibaba.com> virtio_net: Sync rss config to device when virtnet_probe Philo Lu <lulie(a)linux.alibaba.com> virtio_net: Add hash_key_length check Philo Lu <lulie(a)linux.alibaba.com> virtio_net: Support dynamic rss indirection table size Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_tables: wait for rcu grace period on net_device removal Nícolas F. R. A. Prado <nfraprado(a)collabora.com> net: stmmac: Fix unbalanced IRQ wake disable warning on single irq case Diogo Silva <diogompaissilva(a)gmail.com> net: phy: ti: add PHY_RST_AFTER_CLK_EN flag Peiyang Wang <wangpeiyang1(a)huawei.com> net: hns3: fix kernel crash when uninstalling driver Vitaly Lifshits <vitaly.lifshits(a)intel.com> e1000e: Remove Meteor Lake SMBUS workarounds Aleksandr Loktionov <aleksandr.loktionov(a)intel.com> i40e: fix race condition by adding filter's intermediate sync state Mateusz Polchlopek <mateusz.polchlopek(a)intel.com> ice: change q_index variable type to s16 to store -1 value Dario Binacchi <dario.binacchi(a)amarulasolutions.com> can: c_can: fix {rx,tx}_errors statistics Suraj Gupta <suraj.gupta2(a)amd.com> net: xilinx: axienet: Enqueue Tx packets in dql before dmaengine starts Wei Fang <wei.fang(a)nxp.com> net: enetc: allocate vf_state during PF probes Xin Long <lucien.xin(a)gmail.com> sctp: properly validate chunk size in sctp_sf_ootb() Suraj Gupta <suraj.gupta2(a)amd.com> dt-bindings: net: xlnx,axi-ethernet: Correct phy-mode property value Vladimir Oltean <vladimir.oltean(a)nxp.com> net: dpaa_eth: print FD status in CPU endianness in dpaa_eth_fd tracepoint Wei Fang <wei.fang(a)nxp.com> net: enetc: set MAC address to the VF net_device ChiYuan Huang <cy_huang(a)richtek.com> regulator: rtq2208: Fix uninitialized use of regulator_config Chen Ridong <chenridong(a)huawei.com> security/keys: fix slab-out-of-bounds in key_task_permission Mike Snitzer <snitzer(a)kernel.org> nfs: avoid i_lock contention in nfs_clear_invalid_mapping Trond Myklebust <trond.myklebust(a)hammerspace.com> NFS: Further fixes to attribute delegation a/mtime changes Trond Myklebust <trond.myklebust(a)hammerspace.com> NFS: Fix attribute delegation behaviour on exclusive create NeilBrown <neilb(a)suse.de> NFSv3: only use NFS timeout for MOUNT when protocols are compatible NeilBrown <neilb(a)suse.de> sunrpc: handle -ENOTCONN in xs_tcp_setup_socket() Corey Hickey <bugfood-c(a)fatooh.org> platform/x86/amd/pmc: Detect when STB is not available Jiri Kosina <jikos(a)kernel.org> HID: core: zero-initialize the report buffer Diederik de Haas <didi.debian(a)cknow.org> arm64: dts: rockchip: Correct GPIO polarity on brcm BT nodes Heiko Stuebner <heiko(a)sntech.de> ARM: dts: rockchip: Fix the realtek audio codec on rk3036-kylin Heiko Stuebner <heiko(a)sntech.de> ARM: dts: rockchip: Fix the spi controller on rk3036 Heiko Stuebner <heiko(a)sntech.de> ARM: dts: rockchip: drop grf reference from rk3036 hdmi Heiko Stuebner <heiko(a)sntech.de> ARM: dts: rockchip: fix rk3036 acodec node Heiko Stuebner <heiko(a)sntech.de> arm64: dts: rockchip: remove orphaned pinctrl-names from pinephone pro Qingqing Zhou <quic_qqzhou(a)quicinc.com> firmware: qcom: scm: Return -EOPNOTSUPP for unsupported SHM bridge enabling Xinqi Zhang <quic_xinqzhan(a)quicinc.com> firmware: arm_scmi: Fix slab-use-after-free in scmi_bus_notifier() Marek Vasut <marex(a)denx.de> arm64: dts: imx8mp-phyboard-pollux: Set Video PLL1 frequency to 506.8 MHz Peng Fan <peng.fan(a)nxp.com> arm64: dts: imx8mp: correct sdhc ipg clk Alexander Stein <alexander.stein(a)ew.tq-group.com> arm64: dts: imx8-ss-vpu: Fix imx8qm VPU IRQs Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> arm64: dts: qcom: sm8450 fix PIPE clock specification for pcie1 Heiko Stuebner <heiko(a)sntech.de> arm64: dts: rockchip: remove num-slots property from rk3328-nanopi-r2s-plus Heiko Stuebner <heiko(a)sntech.de> arm64: dts: rockchip: Fix LED triggers on rk3308-roc-cc Heiko Stuebner <heiko(a)sntech.de> arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma lion Heiko Stuebner <heiko(a)sntech.de> arm64: dts: rockchip: Remove undocumented supports-emmc property Sergey Bostandzhyan <jin(a)mediatomb.cc> arm64: dts: rockchip: Add DTS for FriendlyARM NanoPi R2S Plus Heiko Stuebner <heiko(a)sntech.de> arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards Heiko Stuebner <heiko(a)sntech.de> arm64: dts: rockchip: Fix bluetooth properties on rk3566 box demo Heiko Stuebner <heiko(a)sntech.de> arm64: dts: rockchip: Drop regulator-init-microvolt from two boards Heiko Stuebner <heiko(a)sntech.de> arm64: dts: rockchip: fix i2c2 pinctrl-names property on anbernic-rg353p/v Diederik de Haas <didi.debian(a)cknow.org> arm64: dts: rockchip: Fix reset-gpios property on brcm BT nodes Diederik de Haas <didi.debian(a)cknow.org> arm64: dts: rockchip: Fix wakeup prop names on PineNote BT node Diederik de Haas <didi.debian(a)cknow.org> arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328 Rajendra Nayak <quic_rjendra(a)quicinc.com> EDAC/qcom: Make irq configuration optional Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> firmware: qcom: scm: fix a NULL-pointer dereference Sam Edwards <cfsworks(a)gmail.com> arm64: dts: rockchip: Designate Turing RK1's system power controller Dragan Simic <dsimic(a)manjaro.org> arm64: dts: rockchip: Start cooling maps numbering from zero on ROCK 5B Dragan Simic <dsimic(a)manjaro.org> arm64: dts: rockchip: Move L3 cache outside CPUs in RK3588(S) SoC dtsi Geert Uytterhoeven <geert+renesas(a)glider.be> arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-sapphire-excavator Geert Uytterhoeven <geert+renesas(a)glider.be> arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-eaidk-610 ------------- Diffstat: .../devicetree/bindings/net/xlnx,axi-ethernet.yaml | 2 +- Documentation/netlink/specs/mptcp_pm.yaml | 1 - Makefile | 4 +- arch/arm/boot/dts/rockchip/rk3036-kylin.dts | 4 +- arch/arm/boot/dts/rockchip/rk3036.dtsi | 14 +- arch/arm64/Kconfig | 1 + arch/arm64/boot/dts/freescale/imx8-ss-vpu.dtsi | 4 +- .../dts/freescale/imx8mp-phyboard-pollux-rdk.dts | 12 ++ arch/arm64/boot/dts/freescale/imx8mp.dtsi | 6 +- arch/arm64/boot/dts/freescale/imx8qxp-ss-vpu.dtsi | 8 ++ arch/arm64/boot/dts/qcom/sm8450.dtsi | 2 +- arch/arm64/boot/dts/rockchip/Makefile | 1 + arch/arm64/boot/dts/rockchip/px30-ringneck.dtsi | 1 - arch/arm64/boot/dts/rockchip/rk3308-roc-cc.dts | 4 +- .../boot/dts/rockchip/rk3328-nanopi-r2s-plus.dts | 30 +++++ arch/arm64/boot/dts/rockchip/rk3328.dtsi | 3 +- arch/arm64/boot/dts/rockchip/rk3368-lion.dtsi | 1 - arch/arm64/boot/dts/rockchip/rk3399-eaidk-610.dts | 2 +- .../boot/dts/rockchip/rk3399-pinephone-pro.dts | 2 - arch/arm64/boot/dts/rockchip/rk3399-rock960.dtsi | 2 +- .../dts/rockchip/rk3399-sapphire-excavator.dts | 2 +- .../boot/dts/rockchip/rk3566-anbernic-rg353p.dts | 2 +- .../boot/dts/rockchip/rk3566-anbernic-rg353v.dts | 2 +- arch/arm64/boot/dts/rockchip/rk3566-box-demo.dts | 6 +- arch/arm64/boot/dts/rockchip/rk3566-lubancat-1.dts | 1 - arch/arm64/boot/dts/rockchip/rk3566-pinenote.dtsi | 6 +- arch/arm64/boot/dts/rockchip/rk3566-radxa-cm3.dtsi | 2 +- arch/arm64/boot/dts/rockchip/rk3568-lubancat-2.dts | 1 - arch/arm64/boot/dts/rockchip/rk3568-roc-pc.dts | 3 - arch/arm64/boot/dts/rockchip/rk3588-base.dtsi | 20 +-- arch/arm64/boot/dts/rockchip/rk3588-rock-5b.dts | 4 +- .../arm64/boot/dts/rockchip/rk3588-toybrick-x0.dts | 1 - .../arm64/boot/dts/rockchip/rk3588-turing-rk1.dtsi | 1 + arch/arm64/kernel/fpsimd.c | 1 + arch/arm64/kernel/smccc-call.S | 35 +---- arch/powerpc/kvm/book3s_hv.c | 12 ++ arch/xtensa/Kconfig | 1 + arch/xtensa/include/asm/cmpxchg.h | 2 + block/blk-map.c | 56 +++----- block/blk-merge.c | 146 ++++++++------------- block/blk-mq.c | 11 +- block/blk.h | 69 ++++++---- drivers/char/tpm/tpm-chip.c | 4 - drivers/char/tpm/tpm-interface.c | 32 +++-- drivers/clk/qcom/clk-alpha-pll.c | 2 +- drivers/clk/qcom/gcc-x1e80100.c | 12 +- drivers/clk/qcom/videocc-sm8350.c | 4 +- drivers/edac/qcom_edac.c | 8 +- drivers/firmware/arm_scmi/bus.c | 7 +- drivers/firmware/qcom/Kconfig | 11 -- drivers/firmware/qcom/qcom_scm.c | 77 +++++++++-- drivers/firmware/smccc/smccc.c | 4 - drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c | 4 +- drivers/gpu/drm/amd/amdgpu/amdgpu_debugfs.c | 10 +- drivers/gpu/drm/amd/amdgpu/aqua_vanjaram.c | 2 +- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 15 +++ drivers/gpu/drm/amd/display/dc/bios/bios_parser2.c | 4 +- drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c | 49 +++++-- drivers/gpu/drm/amd/pm/swsmu/inc/amdgpu_smu.h | 4 +- drivers/gpu/drm/amd/pm/swsmu/smu11/arcturus_ppt.c | 5 +- drivers/gpu/drm/amd/pm/swsmu/smu11/navi10_ppt.c | 5 +- .../drm/amd/pm/swsmu/smu11/sienna_cichlid_ppt.c | 5 +- drivers/gpu/drm/amd/pm/swsmu/smu11/vangogh_ppt.c | 4 +- drivers/gpu/drm/amd/pm/swsmu/smu12/renoir_ppt.c | 4 +- .../gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_0_ppt.c | 20 ++- .../gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_7_ppt.c | 5 +- .../gpu/drm/amd/pm/swsmu/smu14/smu_v14_0_2_ppt.c | 74 +---------- drivers/gpu/drm/amd/pm/swsmu/smu_cmn.c | 8 ++ drivers/gpu/drm/amd/pm/swsmu/smu_cmn.h | 2 + drivers/gpu/drm/imagination/pvr_context.c | 33 +++++ drivers/gpu/drm/imagination/pvr_context.h | 21 +++ drivers/gpu/drm/imagination/pvr_device.h | 10 ++ drivers/gpu/drm/imagination/pvr_drv.c | 3 + drivers/gpu/drm/imagination/pvr_vm.c | 22 +++- drivers/gpu/drm/imagination/pvr_vm.h | 1 + drivers/gpu/drm/panthor/panthor_device.c | 4 + drivers/gpu/drm/panthor/panthor_mmu.c | 2 + drivers/gpu/drm/xe/regs/xe_gt_regs.h | 2 +- drivers/gpu/drm/xe/xe_device.h | 14 ++ drivers/gpu/drm/xe/xe_exec.c | 13 +- drivers/gpu/drm/xe/xe_gt_ccs_mode.c | 6 + drivers/gpu/drm/xe/xe_gt_tlb_invalidation.c | 2 + drivers/gpu/drm/xe/xe_guc_ct.c | 9 ++ drivers/gpu/drm/xe/xe_wait_user_fence.c | 7 + drivers/hid/hid-core.c | 2 +- drivers/i2c/busses/i2c-designware-common.c | 6 +- drivers/i2c/busses/i2c-designware-core.h | 1 + drivers/irqchip/irq-gic-v3.c | 7 + drivers/md/dm-cache-target.c | 59 +++++---- drivers/md/dm-unstripe.c | 4 +- drivers/md/dm.c | 4 +- drivers/media/cec/usb/pulse8/pulse8-cec.c | 2 +- drivers/media/common/v4l2-tpg/v4l2-tpg-core.c | 3 + drivers/media/dvb-core/dvb_frontend.c | 4 +- drivers/media/dvb-core/dvb_vb2.c | 8 +- drivers/media/dvb-core/dvbdev.c | 17 ++- drivers/media/dvb-frontends/cx24116.c | 7 +- drivers/media/dvb-frontends/stb0899_algo.c | 2 +- drivers/media/i2c/adv7604.c | 26 ++-- drivers/media/i2c/ar0521.c | 4 +- drivers/media/pci/mgb4/mgb4_cmt.c | 2 + .../media/platform/samsung/s5p-jpeg/jpeg-core.c | 17 ++- drivers/media/test-drivers/vivid/vivid-core.c | 2 +- drivers/media/test-drivers/vivid/vivid-core.h | 4 +- drivers/media/test-drivers/vivid/vivid-ctrls.c | 2 +- drivers/media/test-drivers/vivid/vivid-vid-cap.c | 2 +- drivers/media/usb/uvc/uvc_driver.c | 2 +- drivers/media/v4l2-core/v4l2-ctrls-api.c | 17 ++- drivers/net/can/c_can/c_can_main.c | 7 +- drivers/net/can/cc770/Kconfig | 2 +- drivers/net/can/m_can/m_can.c | 3 +- drivers/net/can/sja1000/Kconfig | 2 +- drivers/net/can/spi/mcp251xfd/mcp251xfd-ring.c | 8 +- drivers/net/can/spi/mcp251xfd/mcp251xfd-tef.c | 10 +- drivers/net/ethernet/arc/emac_main.c | 27 ++-- drivers/net/ethernet/arc/emac_mdio.c | 9 +- .../net/ethernet/freescale/dpaa/dpaa_eth_trace.h | 2 +- drivers/net/ethernet/freescale/enetc/enetc_pf.c | 18 +-- drivers/net/ethernet/freescale/enetc/enetc_vf.c | 9 +- drivers/net/ethernet/hisilicon/hns3/hnae3.c | 5 +- drivers/net/ethernet/intel/e1000e/ich8lan.c | 17 +-- drivers/net/ethernet/intel/i40e/i40e.h | 1 + drivers/net/ethernet/intel/i40e/i40e_debugfs.c | 1 + drivers/net/ethernet/intel/i40e/i40e_main.c | 12 +- drivers/net/ethernet/intel/ice/ice_ethtool_fdir.c | 3 +- drivers/net/ethernet/intel/ice/ice_fdir.h | 4 +- drivers/net/ethernet/intel/idpf/idpf.h | 4 +- drivers/net/ethernet/intel/idpf/idpf_ethtool.c | 11 +- drivers/net/ethernet/intel/idpf/idpf_lib.c | 5 +- drivers/net/ethernet/intel/idpf/idpf_virtchnl.c | 3 +- .../net/ethernet/pensando/ionic/ionic_bus_pci.c | 1 + drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 1 + drivers/net/ethernet/vertexcom/mse102x.c | 5 +- drivers/net/ethernet/xilinx/xilinx_axienet_main.c | 4 +- drivers/net/phy/dp83848.c | 2 + drivers/net/virtio_net.c | 119 ++++++++++++++--- drivers/net/wwan/t7xx/t7xx_hif_dpmaif_rx.c | 2 +- drivers/platform/x86/amd/pmc/pmc.c | 5 + drivers/platform/x86/amd/pmf/core.c | 21 ++- drivers/platform/x86/amd/pmf/pmf.h | 55 ++++++++ drivers/platform/x86/amd/pmf/spc.c | 52 +++++--- drivers/pwm/pwm-imx-tpm.c | 4 +- drivers/regulator/rtq2208-regulator.c | 2 +- drivers/rpmsg/qcom_glink_native.c | 10 +- drivers/scsi/sd_zbc.c | 3 +- drivers/soc/qcom/llcc-qcom.c | 3 + drivers/staging/media/av7110/av7110.h | 4 +- drivers/staging/media/av7110/av7110_ca.c | 25 ++-- .../vc04_services/interface/vchiq_arm/vchiq_arm.c | 6 +- drivers/thermal/qcom/lmh.c | 7 + drivers/thermal/thermal_of.c | 21 ++- drivers/thunderbolt/retimer.c | 2 + drivers/thunderbolt/usb4.c | 2 +- drivers/ufs/core/ufshcd.c | 10 +- drivers/usb/dwc3/core.c | 25 ++-- drivers/usb/musb/sunxi.c | 2 - drivers/usb/serial/io_edgeport.c | 8 +- drivers/usb/serial/option.c | 6 + drivers/usb/serial/qcserial.c | 2 + .../usb/typec/tcpm/qcom/qcom_pmic_typec_pdphy.c | 8 +- drivers/usb/typec/ucsi/ucsi_ccg.c | 2 + fs/btrfs/bio.c | 30 +++-- fs/btrfs/delayed-ref.c | 2 +- fs/btrfs/inode.c | 2 +- fs/btrfs/super.c | 25 +--- fs/nfs/inode.c | 70 ++++++---- fs/nfs/nfs4proc.c | 4 + fs/nfs/super.c | 10 +- fs/ocfs2/xattr.c | 3 +- fs/proc/vmcore.c | 9 +- fs/smb/server/connection.c | 1 + fs/smb/server/connection.h | 1 + fs/smb/server/mgmt/user_session.c | 15 ++- fs/smb/server/server.c | 20 +-- fs/smb/server/smb_common.c | 10 +- fs/smb/server/smb_common.h | 2 +- fs/tracefs/inode.c | 12 +- include/linux/arm-smccc.h | 32 +---- include/linux/bio.h | 4 +- include/linux/soc/qcom/llcc-qcom.h | 2 + include/linux/user_namespace.h | 3 +- include/net/netfilter/nf_tables.h | 4 + include/trace/events/rxrpc.h | 1 + kernel/signal.c | 3 +- kernel/ucount.c | 9 +- lib/objpool.c | 18 ++- mm/damon/core.c | 42 ++++-- mm/filemap.c | 2 +- mm/huge_memory.c | 35 +++-- mm/internal.h | 10 +- mm/memcontrol-v1.c | 25 ++++ mm/memcontrol.c | 8 +- mm/migrate.c | 4 +- mm/mlock.c | 9 +- mm/page_alloc.c | 1 - mm/slab_common.c | 31 +++-- mm/swap.c | 4 +- mm/vmscan.c | 4 +- net/mptcp/mptcp_pm_gen.c | 1 - net/mptcp/pm_userspace.c | 3 +- net/netfilter/nf_tables_api.c | 41 +++++- net/rxrpc/conn_client.c | 4 + net/sctp/sm_statefuns.c | 2 +- net/smc/af_smc.c | 4 +- net/sunrpc/xprtsock.c | 1 + net/vmw_vsock/hyperv_transport.c | 1 + net/vmw_vsock/virtio_transport_common.c | 1 + security/keys/keyring.c | 7 +- security/keys/trusted-keys/trusted_dcp.c | 9 +- sound/firewire/tascam/amdtp-tascam.c | 2 +- sound/pci/hda/patch_conexant.c | 2 - sound/soc/amd/yc/acp6x-mach.c | 7 + sound/soc/sof/sof-client-probes-ipc4.c | 1 + sound/soc/stm/stm32_spdifrx.c | 2 +- sound/usb/mixer.c | 1 + sound/usb/quirks.c | 2 + tools/lib/thermal/sampling.c | 2 + tools/testing/selftests/mm/hugetlb_dio.c | 19 ++- 218 files changed, 1518 insertions(+), 865 deletions(-)

10 months, 1 week

13
197
0 0

[PATCH 5.15.y] mptcp: cope racing subflow creation in mptcp_rcv_space_adjust

by Matthieu Baerts (NGI0)

From: Paolo Abeni <pabeni(a)redhat.com> commit ce7356ae35943cc6494cc692e62d51a734062b7d upstream. Additional active subflows - i.e. created by the in kernel path manager - are included into the subflow list before starting the 3whs. A racing recvmsg() spooling data received on an already established subflow would unconditionally call tcp_cleanup_rbuf() on all the current subflows, potentially hitting a divide by zero error on the newly created ones. Explicitly check that the subflow is in a suitable state before invoking tcp_cleanup_rbuf(). Fixes: c76c6956566f ("mptcp: call tcp_cleanup_rbuf on subflows") Signed-off-by: Paolo Abeni <pabeni(a)redhat.com> Reviewed-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Link: https://patch.msgid.link/02374660836e1b52afc91966b7535c8c5f7bafb0.173106087… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> [ Conflicts in protocol.c, because commit f410cbea9f3d ("tcp: annotate data-races around tp->window_clamp") has not been backported to this version. The conflict is easy to resolve, because only the context is different, but not the line to modify. ] Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> --- net/mptcp/protocol.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c index 34c98596350e..bcbb1f92ce24 100644 --- a/net/mptcp/protocol.c +++ b/net/mptcp/protocol.c @@ -1986,7 +1986,8 @@ static void mptcp_rcv_space_adjust(struct mptcp_sock *msk, int copied) slow = lock_sock_fast(ssk); WRITE_ONCE(ssk->sk_rcvbuf, rcvbuf); tcp_sk(ssk)->window_clamp = window_clamp; - tcp_cleanup_rbuf(ssk, 1); + if (tcp_can_send_ack(ssk)) + tcp_cleanup_rbuf(ssk, 1); unlock_sock_fast(ssk, slow); } } -- 2.45.2

10 months, 1 week

1
0
0 0

[PATCH 6.1] ipvs: properly dereference pe in ip_vs_add_service

by Bin Lan

From: Chen Hanxiao <chenhx.fnst(a)fujitsu.com> [ Upstream commit cbd070a4ae62f119058973f6d2c984e325bce6e7 ] Use pe directly to resolve sparse warning: net/netfilter/ipvs/ip_vs_ctl.c:1471:27: warning: dereference of noderef expression Fixes: 39b972231536 ("ipvs: handle connections started by real-servers") Signed-off-by: Chen Hanxiao <chenhx.fnst(a)fujitsu.com> Acked-by: Julian Anastasov <ja(a)ssi.bg> Acked-by: Simon Horman <horms(a)kernel.org> Signed-off-by: Pablo Neira Ayuso <pablo(a)netfilter.org> [ Resolve minor conflicts to fix CVE-2024-42322 ] Signed-off-by: Bin Lan <bin.lan.cn(a)windriver.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index 17a1b731a76b..18e37b32a5d6 100644 --- a/net/netfilter/ipvs/ip_vs_ctl.c +++ b/net/netfilter/ipvs/ip_vs_ctl.c @@ -1382,18 +1382,18 @@ ip_vs_add_service(struct netns_ipvs *ipvs, struct ip_vs_service_user_kern *u, sched = NULL; } - /* Bind the ct retriever */ - RCU_INIT_POINTER(svc->pe, pe); - pe = NULL; - /* Update the virtual service counters */ if (svc->port == FTPPORT) atomic_inc(&ipvs->ftpsvc_counter); else if (svc->port == 0) atomic_inc(&ipvs->nullsvc_counter); - if (svc->pe && svc->pe->conn_out) + if (pe && pe->conn_out) atomic_inc(&ipvs->conn_out_counter); + /* Bind the ct retriever */ + RCU_INIT_POINTER(svc->pe, pe); + pe = NULL; + ip_vs_start_estimator(ipvs, &svc->stats); /* Count only IPv4 services for old get/setsockopt interface */ -- 2.43.0

10 months, 1 week

1
0
0 0

[PATCH v4 1/3] drm: adv7511: Fix use-after-free in adv7533_attach_dsi()

by Biju Das

The host_node pointer was assigned and freed in adv7533_parse_dt(), and later, adv7533_attach_dsi() used the same. Fix this use-after-free issue with the below changes: 1. Drop host_node from struct adv7511 and instead use a local pointer in adv7511_probe(). 2. Update adv7533_parse_dt() to return the host_node. 3. Pass the host_node as a parameter to adv7533_attach_dsi(). 4. Call of_node_put() after use. Fixes: 1e4d58cd7f88 ("drm/bridge: adv7533: Create a MIPI DSI device") Cc: stable(a)vger.kernel.org Signed-off-by: Biju Das <biju.das.jz(a)bp.renesas.com> --- Changes in v4: - Updated commit description. - Dropped host_node from struct adv7511 and instead used a local pointer in probe(). Also freeing of host_node pointer after use is done in probe(). Changes in v3: - Replace __free construct with readable of_node_put(). Changes in v2: - Added the tag "Cc: stable(a)vger.kernel.org" in the sign-off area. - Dropped Archit Taneja invalid Mail address --- drivers/gpu/drm/bridge/adv7511/adv7511.h | 6 +++--- drivers/gpu/drm/bridge/adv7511/adv7511_drv.c | 22 ++++++++++++++------ drivers/gpu/drm/bridge/adv7511/adv7533.c | 20 +++++++++--------- 3 files changed, 29 insertions(+), 19 deletions(-) diff --git a/drivers/gpu/drm/bridge/adv7511/adv7511.h b/drivers/gpu/drm/bridge/adv7511/adv7511.h index ec0b7f3d889c..9f3fae7cc597 100644 --- a/drivers/gpu/drm/bridge/adv7511/adv7511.h +++ b/drivers/gpu/drm/bridge/adv7511/adv7511.h @@ -383,7 +383,6 @@ struct adv7511 { struct regulator_bulk_data *supplies; /* ADV7533 DSI RX related params */ - struct device_node *host_node; struct mipi_dsi_device *dsi; u8 num_dsi_lanes; bool use_timing_gen; @@ -417,8 +416,9 @@ enum drm_mode_status adv7533_mode_valid(struct adv7511 *adv, const struct drm_display_mode *mode); int adv7533_patch_registers(struct adv7511 *adv); int adv7533_patch_cec_registers(struct adv7511 *adv); -int adv7533_attach_dsi(struct adv7511 *adv); -int adv7533_parse_dt(struct device_node *np, struct adv7511 *adv); +int adv7533_attach_dsi(struct adv7511 *adv, struct device_node *host_node); +struct device_node *adv7533_parse_dt(struct device_node *np, + struct adv7511 *adv); #ifdef CONFIG_DRM_I2C_ADV7511_AUDIO int adv7511_audio_init(struct device *dev, struct adv7511 *adv7511); diff --git a/drivers/gpu/drm/bridge/adv7511/adv7511_drv.c b/drivers/gpu/drm/bridge/adv7511/adv7511_drv.c index eb5919b38263..3f1f309791a5 100644 --- a/drivers/gpu/drm/bridge/adv7511/adv7511_drv.c +++ b/drivers/gpu/drm/bridge/adv7511/adv7511_drv.c @@ -1209,6 +1209,7 @@ static int adv7511_parse_dt(struct device_node *np, static int adv7511_probe(struct i2c_client *i2c) { struct adv7511_link_config link_config; + struct device_node *host_node = NULL; struct adv7511 *adv7511; struct device *dev = &i2c->dev; unsigned int val; @@ -1233,12 +1234,17 @@ static int adv7511_probe(struct i2c_client *i2c) if (ret && ret != -ENODEV) return ret; - if (adv7511->info->link_config) + if (adv7511->info->link_config) { ret = adv7511_parse_dt(dev->of_node, &link_config); - else - ret = adv7533_parse_dt(dev->of_node, adv7511); - if (ret) - return ret; + if (ret) + return ret; + } + + if (adv7511->info->has_dsi) { + host_node = adv7533_parse_dt(dev->of_node, adv7511); + if (IS_ERR(host_node)) + return PTR_ERR(host_node); + } ret = adv7511_init_regulators(adv7511); if (ret) @@ -1343,9 +1349,11 @@ static int adv7511_probe(struct i2c_client *i2c) } if (adv7511->info->has_dsi) { - ret = adv7533_attach_dsi(adv7511); + ret = adv7533_attach_dsi(adv7511, host_node); if (ret) goto err_unregister_audio; + + of_node_put(host_node); } return 0; @@ -1362,6 +1370,8 @@ static int adv7511_probe(struct i2c_client *i2c) err_i2c_unregister_edid: i2c_unregister_device(adv7511->i2c_edid); uninit_regulators: + if (host_node) + of_node_put(host_node); adv7511_uninit_regulators(adv7511); return ret; diff --git a/drivers/gpu/drm/bridge/adv7511/adv7533.c b/drivers/gpu/drm/bridge/adv7511/adv7533.c index 4481489aaf5e..5d0e55ef4028 100644 --- a/drivers/gpu/drm/bridge/adv7511/adv7533.c +++ b/drivers/gpu/drm/bridge/adv7511/adv7533.c @@ -131,7 +131,7 @@ int adv7533_patch_cec_registers(struct adv7511 *adv) ARRAY_SIZE(adv7533_cec_fixed_registers)); } -int adv7533_attach_dsi(struct adv7511 *adv) +int adv7533_attach_dsi(struct adv7511 *adv, struct device_node *host_node) { struct device *dev = &adv->i2c_main->dev; struct mipi_dsi_host *host; @@ -142,7 +142,7 @@ int adv7533_attach_dsi(struct adv7511 *adv) .node = NULL, }; - host = of_find_mipi_dsi_host_by_node(adv->host_node); + host = of_find_mipi_dsi_host_by_node(host_node); if (!host) return dev_err_probe(dev, -EPROBE_DEFER, "failed to find dsi host\n"); @@ -166,22 +166,22 @@ int adv7533_attach_dsi(struct adv7511 *adv) return 0; } -int adv7533_parse_dt(struct device_node *np, struct adv7511 *adv) +struct device_node *adv7533_parse_dt(struct device_node *np, + struct adv7511 *adv) { + struct device_node *host_node; u32 num_lanes; of_property_read_u32(np, "adi,dsi-lanes", &num_lanes); if (num_lanes < 1 || num_lanes > 4) - return -EINVAL; + return ERR_PTR(-EINVAL); adv->num_dsi_lanes = num_lanes; - adv->host_node = of_graph_get_remote_node(np, 0, 0); - if (!adv->host_node) - return -ENODEV; - - of_node_put(adv->host_node); + host_node = of_graph_get_remote_node(np, 0, 0); + if (!host_node) + return ERR_PTR(-ENODEV); adv->use_timing_gen = !of_property_read_bool(np, "adi,disable-timing-generator"); @@ -190,5 +190,5 @@ int adv7533_parse_dt(struct device_node *np, struct adv7511 *adv) adv->rgb = true; adv->embedded_sync = false; - return 0; + return host_node; } -- 2.43.0

10 months, 1 week

2
2
0 0

[Patch v] drivers/card_reader/rtsx_usb: Restore interrupt based detection

by Sean Rhodes

This commit reintroduces interrupt-based card detection previously used in the rts5139 driver. This functionality was removed in commit 00d8521dcd23 ("staging: remove rts5139 driver code"). Reintroducing this mechanism fixes presence detection for certain card readers, which with the current driver, will taken approximately 20 seconds to enter S3 as `mmc_rescan` has to be frozen. Fixes: 00d8521dcd23 ("staging: remove rts5139 driver code") Cc: stable(a)vger.kernel.org Cc: Arnd Bergmann <arnd(a)arndb.de> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Signed-off-by: Sean Rhodes <sean(a)starlabs.systems> --- drivers/misc/cardreader/rtsx_usb.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/drivers/misc/cardreader/rtsx_usb.c b/drivers/misc/cardreader/rtsx_usb.c index f150d8769f19..285a748748d7 100644 --- a/drivers/misc/cardreader/rtsx_usb.c +++ b/drivers/misc/cardreader/rtsx_usb.c @@ -286,6 +286,7 @@ static int rtsx_usb_get_status_with_bulk(struct rtsx_ucr *ucr, u16 *status) int rtsx_usb_get_card_status(struct rtsx_ucr *ucr, u16 *status) { int ret; + u8 interrupt_val = 0; u16 *buf; if (!status) @@ -308,6 +309,20 @@ int rtsx_usb_get_card_status(struct rtsx_ucr *ucr, u16 *status) ret = rtsx_usb_get_status_with_bulk(ucr, status); } + rtsx_usb_read_register(ucr, CARD_INT_PEND, &interrupt_val); + /* Cross check presence with interrupts */ + if (*status & XD_CD) + if (!(interrupt_val & XD_INT)) + *status &= ~XD_CD; + + if (*status & SD_CD) + if (!(interrupt_val & SD_INT)) + *status &= ~SD_CD; + + if (*status & MS_CD) + if (!(interrupt_val & MS_INT)) + *status &= ~MS_CD; + /* usb_control_msg may return positive when success */ if (ret < 0) return ret; -- 2.45.2

10 months, 1 week

1
0
0 0

[PATCH 6.1.y 0/2] Backport to fix CVE-2024-36478

by Xiangyu Chen

From: Xiangyu Chen <xiangyu.chen(a)windriver.com> Backport to fix CVE-2024-36478 https://lore.kernel.org/linux-cve-announce/2024062136-CVE-2024-36478-d249@g… The CVE fix is "null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues'" This required 1 extra commit to make sure the picks are clean: null_blk: Remove usage of the deprecated ida_simple_xx() API Christophe JAILLET (1): null_blk: Remove usage of the deprecated ida_simple_xx() API Yu Kuai (1): null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' drivers/block/null_blk/main.c | 44 ++++++++++++++++++++++------------- 1 file changed, 28 insertions(+), 16 deletions(-) -- 2.43.0

10 months, 1 week

2
4
0 0

[PATCH 6.6] leds: mlxreg: Use devm_mutex_init() for mutex initialization

by Bin Lan

From: George Stark <gnstark(a)salutedevices.com> [ Upstream commit efc347b9efee1c2b081f5281d33be4559fa50a16 ] In this driver LEDs are registered using devm_led_classdev_register() so they are automatically unregistered after module's remove() is done. led_classdev_unregister() calls module's led_set_brightness() to turn off the LEDs and that callback uses mutex which was destroyed already in module's remove() so use devm API instead. Signed-off-by: George Stark <gnstark(a)salutedevices.com> Reviewed-by: Andy Shevchenko <andy.shevchenko(a)gmail.com> Link: https://lore.kernel.org/r/20240411161032.609544-8-gnstark@salutedevices.com Signed-off-by: Lee Jones <lee(a)kernel.org> [ Resolve minor conflicts to fix CVE-2024-42129 ] Signed-off-by: Bin Lan <bin.lan.cn(a)windriver.com> --- drivers/leds/leds-mlxreg.c | 16 +++++----------- 1 file changed, 5 insertions(+), 11 deletions(-) diff --git a/drivers/leds/leds-mlxreg.c b/drivers/leds/leds-mlxreg.c index 39210653acf7..b1510cd32e47 100644 --- a/drivers/leds/leds-mlxreg.c +++ b/drivers/leds/leds-mlxreg.c @@ -257,6 +257,7 @@ static int mlxreg_led_probe(struct platform_device *pdev) { struct mlxreg_core_platform_data *led_pdata; struct mlxreg_led_priv_data *priv; + int err; led_pdata = dev_get_platdata(&pdev->dev); if (!led_pdata) { @@ -268,28 +269,21 @@ static int mlxreg_led_probe(struct platform_device *pdev) if (!priv) return -ENOMEM; - mutex_init(&priv->access_lock); + err = devm_mutex_init(&pdev->dev, &priv->access_lock); + if (err) + return err; + priv->pdev = pdev; priv->pdata = led_pdata; return mlxreg_led_config(priv); } -static int mlxreg_led_remove(struct platform_device *pdev) -{ - struct mlxreg_led_priv_data *priv = dev_get_drvdata(&pdev->dev); - - mutex_destroy(&priv->access_lock); - - return 0; -} - static struct platform_driver mlxreg_led_driver = { .driver = { .name = "leds-mlxreg", }, .probe = mlxreg_led_probe, - .remove = mlxreg_led_remove, }; module_platform_driver(mlxreg_led_driver); -- 2.43.0

10 months, 1 week

1
0
0 0

[PATCH 6.1.y] net/sched: taprio: extend minimum interval restriction to entire cycle too

by Xiangyu Chen

From: Vladimir Oltean <vladimir.oltean(a)nxp.com> [ Upstream commit fb66df20a7201e60f2b13d7f95d031b31a8831d3 ] It is possible for syzbot to side-step the restriction imposed by the blamed commit in the Fixes: tag, because the taprio UAPI permits a cycle-time different from (and potentially shorter than) the sum of entry intervals. We need one more restriction, which is that the cycle time itself must be larger than N * ETH_ZLEN bit times, where N is the number of schedule entries. This restriction needs to apply regardless of whether the cycle time came from the user or was the implicit, auto-calculated value, so we move the existing "cycle == 0" check outside the "if "(!new->cycle_time)" branch. This way covers both conditions and scenarios. Add a selftest which illustrates the issue triggered by syzbot. Fixes: b5b73b26b3ca ("taprio: Fix allowing too small intervals") Reported-by: syzbot+a7d2b1d5d1af83035567(a)syzkaller.appspotmail.com Closes: https://lore.kernel.org/netdev/0000000000007d66bc06196e7c66@google.com/ Signed-off-by: Vladimir Oltean <vladimir.oltean(a)nxp.com> Link: https://lore.kernel.org/r/20240527153955.553333-2-vladimir.oltean@nxp.com Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> Signed-off-by: Xiangyu Chen <xiangyu.chen(a)windriver.com> --- net/sched/sch_taprio.c | 10 ++++----- .../tc-testing/tc-tests/qdiscs/taprio.json | 22 +++++++++++++++++++ 2 files changed, 27 insertions(+), 5 deletions(-) diff --git a/net/sched/sch_taprio.c b/net/sched/sch_taprio.c index 1d5cdc987abd..62219f23f76a 100644 --- a/net/sched/sch_taprio.c +++ b/net/sched/sch_taprio.c @@ -915,11 +915,6 @@ static int parse_taprio_schedule(struct taprio_sched *q, struct nlattr **tb, list_for_each_entry(entry, &new->entries, list) cycle = ktime_add_ns(cycle, entry->interval); - if (!cycle) { - NL_SET_ERR_MSG(extack, "'cycle_time' can never be 0"); - return -EINVAL; - } - if (cycle < 0 || cycle > INT_MAX) { NL_SET_ERR_MSG(extack, "'cycle_time' is too big"); return -EINVAL; @@ -928,6 +923,11 @@ static int parse_taprio_schedule(struct taprio_sched *q, struct nlattr **tb, new->cycle_time = cycle; } + if (new->cycle_time < new->num_entries * length_to_duration(q, ETH_ZLEN)) { + NL_SET_ERR_MSG(extack, "'cycle_time' is too small"); + return -EINVAL; + } + return 0; } diff --git a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/taprio.json b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/taprio.json index 08d4861c2e78..d04fed83332c 100644 --- a/tools/testing/selftests/tc-testing/tc-tests/qdiscs/taprio.json +++ b/tools/testing/selftests/tc-testing/tc-tests/qdiscs/taprio.json @@ -132,6 +132,28 @@ "echo \"1\" > /sys/bus/netdevsim/del_device" ] }, + { + "id": "831f", + "name": "Add taprio Qdisc with too short cycle-time", + "category": [ + "qdisc", + "taprio" + ], + "plugins": { + "requires": "nsPlugin" + }, + "setup": [ + "echo \"1 1 8\" > /sys/bus/netdevsim/new_device" + ], + "cmdUnderTest": "$TC qdisc add dev $ETH root handle 1: taprio num_tc 2 queues 1@0 1@1 sched-entry S 01 200000 sched-entry S 02 200000 cycle-time 100 clockid CLOCK_TAI", + "expExitCode": "2", + "verifyCmd": "$TC qdisc show dev $ETH", + "matchPattern": "qdisc taprio 1: root refcnt", + "matchCount": "0", + "teardown": [ + "echo \"1\" > /sys/bus/netdevsim/del_device" + ] + }, { "id": "3e1e", "name": "Add taprio Qdisc with an invalid cycle-time", -- 2.43.0

10 months, 1 week

1
0
0 0

[PATCH 6.1.y] net: fec: remove .ndo_poll_controller to avoid deadlocks

by Xiangyu Chen

From: Wei Fang <wei.fang(a)nxp.com> [ Upstream commit c2e0c58b25a0a0c37ec643255558c5af4450c9f5 ] There is a deadlock issue found in sungem driver, please refer to the commit ac0a230f719b ("eth: sungem: remove .ndo_poll_controller to avoid deadlocks"). The root cause of the issue is that netpoll is in atomic context and disable_irq() is called by .ndo_poll_controller interface of sungem driver, however, disable_irq() might sleep. After analyzing the implementation of fec_poll_controller(), the fec driver should have the same issue. Due to the fec driver uses NAPI for TX completions, the .ndo_poll_controller is unnecessary to be implemented in the fec driver, so fec_poll_controller() can be safely removed. Fixes: 7f5c6addcdc0 ("net/fec: add poll controller function for fec nic") Signed-off-by: Wei Fang <wei.fang(a)nxp.com> Link: https://lore.kernel.org/r/20240511062009.652918-1-wei.fang@nxp.com Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> Signed-off-by: Xiangyu Chen <xiangyu.chen(a)windriver.com> --- drivers/net/ethernet/freescale/fec_main.c | 26 ----------------------- 1 file changed, 26 deletions(-) diff --git a/drivers/net/ethernet/freescale/fec_main.c b/drivers/net/ethernet/freescale/fec_main.c index 0a5c3d27ed3b..aeab6c28892f 100644 --- a/drivers/net/ethernet/freescale/fec_main.c +++ b/drivers/net/ethernet/freescale/fec_main.c @@ -3508,29 +3508,6 @@ fec_set_mac_address(struct net_device *ndev, void *p) return 0; } -#ifdef CONFIG_NET_POLL_CONTROLLER -/** - * fec_poll_controller - FEC Poll controller function - * @dev: The FEC network adapter - * - * Polled functionality used by netconsole and others in non interrupt mode - * - */ -static void fec_poll_controller(struct net_device *dev) -{ - int i; - struct fec_enet_private *fep = netdev_priv(dev); - - for (i = 0; i < FEC_IRQ_NUM; i++) { - if (fep->irq[i] > 0) { - disable_irq(fep->irq[i]); - fec_enet_interrupt(fep->irq[i], dev); - enable_irq(fep->irq[i]); - } - } -} -#endif - static inline void fec_enet_set_netdev_features(struct net_device *netdev, netdev_features_t features) { @@ -3604,9 +3581,6 @@ static const struct net_device_ops fec_netdev_ops = { .ndo_tx_timeout = fec_timeout, .ndo_set_mac_address = fec_set_mac_address, .ndo_eth_ioctl = fec_enet_ioctl, -#ifdef CONFIG_NET_POLL_CONTROLLER - .ndo_poll_controller = fec_poll_controller, -#endif .ndo_set_features = fec_set_features, }; -- 2.43.0

10 months, 1 week

1
0
0 0

[PATCHSET] xfs: bug fixes for 6.13

by Darrick J. Wong

Hi all, Bug fixes for 6.13. If you're going to start using this code, I strongly recommend pulling from my git trees, which are linked below. With a bit of luck, this should all go splendidly. Comments and questions are, as always, welcome. --D kernel git tree: https://git.kernel.org/cgit/linux/kernel/git/djwong/xfs-linux.git/log/?h=xf… --- Commits in this patchset: * xfs: fix off-by-one error in fsmap's end_daddr usage * xfs: metapath scrubber should use the already loaded inodes * xfs: keep quota directory inode loaded * xfs: return a 64-bit block count from xfs_btree_count_blocks * xfs: don't drop errno values when we fail to ficlone the entire range * xfs: separate healthy clearing mask during repair * xfs: set XFS_SICK_INO_SYMLINK_ZAPPED explicitly when zapping a symlink * xfs: mark metadir repair tempfiles with IRECOVERY * xfs: fix null bno_hint handling in xfs_rtallocate_rtg * xfs: fix error bailout in xfs_rtginode_create --- fs/xfs/libxfs/xfs_btree.c | 4 +- fs/xfs/libxfs/xfs_btree.h | 2 + fs/xfs/libxfs/xfs_ialloc_btree.c | 4 ++ fs/xfs/libxfs/xfs_rtgroup.c | 2 + fs/xfs/scrub/agheader.c | 6 ++- fs/xfs/scrub/agheader_repair.c | 6 ++- fs/xfs/scrub/fscounters.c | 2 + fs/xfs/scrub/health.c | 57 ++++++++++++++++++-------------- fs/xfs/scrub/ialloc.c | 4 +- fs/xfs/scrub/metapath.c | 68 +++++++++++++++----------------------- fs/xfs/scrub/refcount.c | 2 + fs/xfs/scrub/scrub.h | 6 +++ fs/xfs/scrub/symlink_repair.c | 3 +- fs/xfs/scrub/tempfile.c | 10 ++++-- fs/xfs/xfs_bmap_util.c | 2 + fs/xfs/xfs_file.c | 8 ++++ fs/xfs/xfs_fsmap.c | 38 ++++++++++++--------- fs/xfs/xfs_inode.h | 2 + fs/xfs/xfs_qm.c | 47 ++++++++++++++------------ fs/xfs/xfs_qm.h | 1 + fs/xfs/xfs_rtalloc.c | 2 + 21 files changed, 151 insertions(+), 125 deletions(-)

10 months, 1 week

2
11
0 0

[PATCH 0/2] Backport fix of CVE-2024-36923 to 6.1 and 6.6

by Xiangyu Chen

From: Xiangyu Chen <xiangyu.chen(a)windriver.com> Following series is a backport of CVE-2024-36923 One for kernel 6.1 with [PATCH 6.1.y] header One for kernel 6.6 with [PATCH 6.6.y] header Eric Van Hensbergen (1): fs/9p: fix uninitialized values during inode evict fs/9p/vfs_inode.c | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) -- 2.43.0

10 months, 1 week

1
2
0 0

[PATCH 5.10 0/5] Address CVE-2024-49974

by cel＠kernel.org

From: Chuck Lever <chuck.lever(a)oracle.com> Backport the set of upstream patches that cap the number of concurrent background NFSv4.2 COPY operations. Chuck Lever (4): NFSD: Async COPY result needs to return a write verifier NFSD: Limit the number of concurrent async COPY operations NFSD: Initialize struct nfsd4_copy earlier NFSD: Never decrement pending_async_copies on error Dai Ngo (1): NFSD: initialize copy->cp_clp early in nfsd4_copy for use by trace point fs/nfsd/netns.h | 1 + fs/nfsd/nfs4proc.c | 36 +++++++++++++++++------------------- fs/nfsd/nfs4state.c | 1 + fs/nfsd/xdr4.h | 1 + 4 files changed, 20 insertions(+), 19 deletions(-) -- 2.47.0

10 months, 1 week

1
5
0 0

[PATCH] mm: Respect mmap hint address when aligning for THP

by Kalesh Singh

Commit efa7df3e3bb5 ("mm: align larger anonymous mappings on THP boundaries") updated __get_unmapped_area() to align the start address for the VMA to a PMD boundary if CONFIG_TRANSPARENT_HUGEPAGE=y. It does this by effectively looking up a region that is of size, request_size + PMD_SIZE, and aligning up the start to a PMD boundary. Commit 4ef9ad19e176 ("mm: huge_memory: don't force huge page alignment on 32 bit") opted out of this for 32bit due to regressions in mmap base randomization. Commit d4148aeab412 ("mm, mmap: limit THP alignment of anonymous mappings to PMD-aligned sizes") restricted this to only mmap sizes that are multiples of the PMD_SIZE due to reported regressions in some performance benchmarks -- which seemed mostly due to the reduced spatial locality of related mappings due to the forced PMD-alignment. Another unintended side effect has emerged: When a user specifies an mmap hint address, the THP alignment logic modifies the behavior, potentially ignoring the hint even if a sufficiently large gap exists at the requested hint location. Example Scenario: Consider the following simplified virtual address (VA) space: ... 0x200000-0x400000 --- VMA A 0x400000-0x600000 --- Hole 0x600000-0x800000 --- VMA B ... A call to mmap() with hint=0x400000 and len=0x200000 behaves differently: - Before THP alignment: The requested region (size 0x200000) fits into the gap at 0x400000, so the hint is respected. - After alignment: The logic searches for a region of size 0x400000 (len + PMD_SIZE) starting at 0x400000. This search fails due to the mapping at 0x600000 (VMA B), and the hint is ignored, falling back to arch_get_unmapped_area[_topdown](). In general the hint is effectively ignored, if there is any existing mapping in the below range: [mmap_hint + mmap_size, mmap_hint + mmap_size + PMD_SIZE) This changes the semantics of mmap hint; from ""Respect the hint if a sufficiently large gap exists at the requested location" to "Respect the hint only if an additional PMD-sized gap exists beyond the requested size". This has performance implications for allocators that allocate their heap using mmap but try to keep it "as contiguous as possible" by using the end of the exisiting heap as the address hint. With the new behavior it's more likely to get a much less contiguous heap, adding extra fragmentation and performance overhead. To restore the expected behavior; don't use thp_get_unmapped_area_vmflags() when the user provided a hint address. Cc: Andrew Morton <akpm(a)linux-foundation.org> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: Yang Shi <yang(a)os.amperecomputing.com> Cc: Rik van Riel <riel(a)surriel.com> Cc: Ryan Roberts <ryan.roberts(a)arm.com> Cc: Suren Baghdasaryan <surenb(a)google.com> Cc: Minchan Kim <minchan(a)kernel.org> Cc: Hans Boehm <hboehm(a)google.com> Cc: Lokesh Gidra <lokeshgidra(a)google.com> Cc: <stable(a)vger.kernel.org> Fixes: efa7df3e3bb5 ("mm: align larger anonymous mappings on THP boundaries") Signed-off-by: Kalesh Singh <kaleshsingh(a)google.com> --- mm/mmap.c | 1 + 1 file changed, 1 insertion(+) diff --git a/mm/mmap.c b/mm/mmap.c index 79d541f1502b..2f01f1a8e304 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -901,6 +901,7 @@ __get_unmapped_area(struct file *file, unsigned long addr, unsigned long len, if (get_area) { addr = get_area(file, addr, len, pgoff, flags); } else if (IS_ENABLED(CONFIG_TRANSPARENT_HUGEPAGE) + && !addr /* no hint */ && IS_ALIGNED(len, PMD_SIZE)) { /* Ensures that larger anonymous mappings are THP aligned. */ addr = thp_get_unmapped_area_vmflags(file, addr, len, base-commit: 2d5404caa8c7bb5c4e0435f94b28834ae5456623 -- 2.47.0.338.g60cca15819-goog

10 months, 1 week

4
8
0 0

[PATCH 5.15 0/5] Address CVE-2024-49974

by cel＠kernel.org

From: Chuck Lever <chuck.lever(a)oracle.com> Backport the set of upstream patches that cap the number of concurrent background NFSv4.2 COPY operations. Chuck Lever (4): NFSD: Async COPY result needs to return a write verifier NFSD: Limit the number of concurrent async COPY operations NFSD: Initialize struct nfsd4_copy earlier NFSD: Never decrement pending_async_copies on error Dai Ngo (1): NFSD: initialize copy->cp_clp early in nfsd4_copy for use by trace point fs/nfsd/netns.h | 1 + fs/nfsd/nfs4proc.c | 36 +++++++++++++++++------------------- fs/nfsd/nfs4state.c | 1 + fs/nfsd/xdr4.h | 1 + 4 files changed, 20 insertions(+), 19 deletions(-) -- 2.47.0

10 months, 1 week

1
5
0 0

[PATCH 5.15 0/5] Address CVE-2024-49974

by cel＠kernel.org

From: Chuck Lever <chuck.lever(a)oracle.com> Backport the set of upstream patches that cap the number of concurrent background NFSv4.2 COPY operations. Chuck Lever (4): NFSD: Async COPY result needs to return a write verifier NFSD: Limit the number of concurrent async COPY operations NFSD: Initialize struct nfsd4_copy earlier NFSD: Never decrement pending_async_copies on error Dai Ngo (1): NFSD: initialize copy->cp_clp early in nfsd4_copy for use by trace point fs/nfsd/netns.h | 1 + fs/nfsd/nfs4proc.c | 36 +++++++++++++++++------------------- fs/nfsd/nfs4state.c | 1 + fs/nfsd/xdr4.h | 1 + 4 files changed, 20 insertions(+), 19 deletions(-) -- 2.47.0

10 months, 1 week

2
19
0 0

[PATCH 6.6 0/5] Address CVE-2024-49974

by cel＠kernel.org

From: Chuck Lever <chuck.lever(a)oracle.com> Backport the set of upstream patches that cap the number of concurrent background NFSv4.2 COPY operations. Chuck Lever (4): NFSD: Async COPY result needs to return a write verifier NFSD: Limit the number of concurrent async COPY operations NFSD: Initialize struct nfsd4_copy earlier NFSD: Never decrement pending_async_copies on error Dai Ngo (1): NFSD: initialize copy->cp_clp early in nfsd4_copy for use by trace point fs/nfsd/netns.h | 1 + fs/nfsd/nfs4proc.c | 36 +++++++++++++++++------------------- fs/nfsd/nfs4state.c | 1 + fs/nfsd/xdr4.h | 1 + 4 files changed, 20 insertions(+), 19 deletions(-) -- 2.47.0

10 months, 1 week

1
5
0 0

[RFC PATCH 1/2] libfs: Return ENOSPC when the directory offset range is exhausted

by cel＠kernel.org

From: Chuck Lever <chuck.lever(a)oracle.com> Testing shows that the EBUSY error return from mtree_alloc_cyclic() leaks into user space. The ERRORS section of "man creat(2)" says: > EBUSY O_EXCL was specified in flags and pathname refers > to a block device that is in use by the system > (e.g., it is mounted). ENOSPC is closer to what applications expect in this situation. Note that the normal range of simple directory offset values is 2..2^63, so hitting this error is going to be rare to impossible. Fixes: 6faddda69f62 ("libfs: Add directory operations for stable offsets") Cc: <stable(a)vger.kernel.org> # v6.9+ Signed-off-by: Chuck Lever <chuck.lever(a)oracle.com> --- fs/libfs.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/fs/libfs.c b/fs/libfs.c index 46966fd8bcf9..bf67954b525b 100644 --- a/fs/libfs.c +++ b/fs/libfs.c @@ -288,7 +288,9 @@ int simple_offset_add(struct offset_ctx *octx, struct dentry *dentry) ret = mtree_alloc_cyclic(&octx->mt, &offset, dentry, DIR_OFFSET_MIN, LONG_MAX, &octx->next_offset, GFP_KERNEL); - if (ret < 0) + if (unlikely(ret == -EBUSY)) + return -ENOSPC; + if (unlikely(ret < 0)) return ret; offset_set(dentry, offset); -- 2.47.0

10 months, 1 week

2
1
0 0

[PATCH v2] usb: dwc3: xilinx: make sure pipe clock is deselected in usb2 only mode

by Radhey Shyam Pandey

From: Neal Frager <neal.frager(a)amd.com> When the USB3 PHY is not defined in the Linux device tree, there could still be a case where there is a USB3 PHY is active on the board and enabled by the first stage bootloader. If serdes clock is being used then the USB will fail to enumerate devices in 2.0 only mode. To solve this, make sure that the PIPE clock is deselected whenever the USB3 PHY is not defined and guarantees that the USB2 only mode will work in all cases. Fixes: 9678f3361afc ("usb: dwc3: xilinx: Skip resets and USB3 register settings for USB2.0 mode") Cc: stable(a)vger.kernel.org Signed-off-by: Neal Frager <neal.frager(a)amd.com> Signed-off-by: Radhey Shyam Pandey <radhey.shyam.pandey(a)amd.com> --- Changes for v2: - Add stable(a)vger.kernel.org in CC. --- drivers/usb/dwc3/dwc3-xilinx.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/drivers/usb/dwc3/dwc3-xilinx.c b/drivers/usb/dwc3/dwc3-xilinx.c index e3738e1610db..a33a42ba0249 100644 --- a/drivers/usb/dwc3/dwc3-xilinx.c +++ b/drivers/usb/dwc3/dwc3-xilinx.c @@ -121,8 +121,11 @@ static int dwc3_xlnx_init_zynqmp(struct dwc3_xlnx *priv_data) * in use but the usb3-phy entry is missing from the device tree. * Therefore, skip these operations in this case. */ - if (!priv_data->usb3_phy) + if (!priv_data->usb3_phy) { + /* Deselect the PIPE Clock Select bit in FPD PIPE Clock register */ + writel(PIPE_CLK_DESELECT, priv_data->regs + XLNX_USB_FPD_PIPE_CLK); goto skip_usb3_phy; + } crst = devm_reset_control_get_exclusive(dev, "usb_crst"); if (IS_ERR(crst)) { base-commit: 744cf71b8bdfcdd77aaf58395e068b7457634b2c -- 2.34.1

10 months, 1 week

2
1
0 0

FAILED: patch "[PATCH] drm/xe: improve hibernation on igpu" failed to apply to 6.11-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.11-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.11.y git checkout FETCH_HEAD git cherry-pick -x 46f1f4b0f3c2a2dff9887de7c66ccc7ef482bd83 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024111758-jumbo-neon-1b3c@gregkh' --subject-prefix 'PATCH 6.11.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 46f1f4b0f3c2a2dff9887de7c66ccc7ef482bd83 Mon Sep 17 00:00:00 2001 From: Matthew Auld <matthew.auld(a)intel.com> Date: Fri, 1 Nov 2024 17:01:57 +0000 Subject: [PATCH] drm/xe: improve hibernation on igpu The GGTT looks to be stored inside stolen memory on igpu which is not treated as normal RAM. The core kernel skips this memory range when creating the hibernation image, therefore when coming back from hibernation the GGTT programming is lost. This seems to cause issues with broken resume where GuC FW fails to load: [drm] *ERROR* GT0: load failed: status = 0x400000A0, time = 10ms, freq = 1250MHz (req 1300MHz), done = -1 [drm] *ERROR* GT0: load failed: status: Reset = 0, BootROM = 0x50, UKernel = 0x00, MIA = 0x00, Auth = 0x01 [drm] *ERROR* GT0: firmware signature verification failed [drm] *ERROR* CRITICAL: Xe has declared device 0000:00:02.0 as wedged. Current GGTT users are kernel internal and tracked as pinned, so it should be possible to hook into the existing save/restore logic that we use for dgpu, where the actual evict is skipped but on restore we importantly restore the GGTT programming. This has been confirmed to fix hibernation on at least ADL and MTL, though likely all igpu platforms are affected. This also means we have a hole in our testing, where the existing s4 tests only really test the driver hooks, and don't go as far as actually rebooting and restoring from the hibernation image and in turn powering down RAM (and therefore losing the contents of stolen). v2 (Brost) - Remove extra newline and drop unnecessary parentheses. Fixes: dd08ebf6c352 ("drm/xe: Introduce a new DRM driver for Intel GPUs") Link: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/3275 Signed-off-by: Matthew Auld <matthew.auld(a)intel.com> Cc: Matthew Brost <matthew.brost(a)intel.com> Cc: <stable(a)vger.kernel.org> # v6.8+ Reviewed-by: Matthew Brost <matthew.brost(a)intel.com> Reviewed-by: Lucas De Marchi <lucas.demarchi(a)intel.com> Signed-off-by: Matthew Brost <matthew.brost(a)intel.com> Link: https://patchwork.freedesktop.org/patch/msgid/20241101170156.213490-2-matth… (cherry picked from commit f2a6b8e396666d97ada8e8759dfb6a69d8df6380) Signed-off-by: Lucas De Marchi <lucas.demarchi(a)intel.com> diff --git a/drivers/gpu/drm/xe/xe_bo.c b/drivers/gpu/drm/xe/xe_bo.c index 74f68289f74c..2a093540354e 100644 --- a/drivers/gpu/drm/xe/xe_bo.c +++ b/drivers/gpu/drm/xe/xe_bo.c @@ -948,7 +948,10 @@ int xe_bo_restore_pinned(struct xe_bo *bo) if (WARN_ON(!xe_bo_is_pinned(bo))) return -EINVAL; - if (WARN_ON(xe_bo_is_vram(bo) || !bo->ttm.ttm)) + if (WARN_ON(xe_bo_is_vram(bo))) + return -EINVAL; + + if (WARN_ON(!bo->ttm.ttm && !xe_bo_is_stolen(bo))) return -EINVAL; if (!mem_type_is_vram(place->mem_type)) @@ -1723,6 +1726,7 @@ int xe_bo_pin_external(struct xe_bo *bo) int xe_bo_pin(struct xe_bo *bo) { + struct ttm_place *place = &bo->placements[0]; struct xe_device *xe = xe_bo_device(bo); int err; @@ -1753,8 +1757,6 @@ int xe_bo_pin(struct xe_bo *bo) */ if (IS_DGFX(xe) && !(IS_ENABLED(CONFIG_DRM_XE_DEBUG) && bo->flags & XE_BO_FLAG_INTERNAL_TEST)) { - struct ttm_place *place = &(bo->placements[0]); - if (mem_type_is_vram(place->mem_type)) { xe_assert(xe, place->flags & TTM_PL_FLAG_CONTIGUOUS); @@ -1762,13 +1764,12 @@ int xe_bo_pin(struct xe_bo *bo) vram_region_gpu_offset(bo->ttm.resource)) >> PAGE_SHIFT; place->lpfn = place->fpfn + (bo->size >> PAGE_SHIFT); } + } - if (mem_type_is_vram(place->mem_type) || - bo->flags & XE_BO_FLAG_GGTT) { - spin_lock(&xe->pinned.lock); - list_add_tail(&bo->pinned_link, &xe->pinned.kernel_bo_present); - spin_unlock(&xe->pinned.lock); - } + if (mem_type_is_vram(place->mem_type) || bo->flags & XE_BO_FLAG_GGTT) { + spin_lock(&xe->pinned.lock); + list_add_tail(&bo->pinned_link, &xe->pinned.kernel_bo_present); + spin_unlock(&xe->pinned.lock); } ttm_bo_pin(&bo->ttm); @@ -1816,24 +1817,18 @@ void xe_bo_unpin_external(struct xe_bo *bo) void xe_bo_unpin(struct xe_bo *bo) { + struct ttm_place *place = &bo->placements[0]; struct xe_device *xe = xe_bo_device(bo); xe_assert(xe, !bo->ttm.base.import_attach); xe_assert(xe, xe_bo_is_pinned(bo)); - if (IS_DGFX(xe) && !(IS_ENABLED(CONFIG_DRM_XE_DEBUG) && - bo->flags & XE_BO_FLAG_INTERNAL_TEST)) { - struct ttm_place *place = &(bo->placements[0]); - - if (mem_type_is_vram(place->mem_type) || - bo->flags & XE_BO_FLAG_GGTT) { - spin_lock(&xe->pinned.lock); - xe_assert(xe, !list_empty(&bo->pinned_link)); - list_del_init(&bo->pinned_link); - spin_unlock(&xe->pinned.lock); - } + if (mem_type_is_vram(place->mem_type) || bo->flags & XE_BO_FLAG_GGTT) { + spin_lock(&xe->pinned.lock); + xe_assert(xe, !list_empty(&bo->pinned_link)); + list_del_init(&bo->pinned_link); + spin_unlock(&xe->pinned.lock); } - ttm_bo_unpin(&bo->ttm); } diff --git a/drivers/gpu/drm/xe/xe_bo_evict.c b/drivers/gpu/drm/xe/xe_bo_evict.c index 32043e1e5a86..b01bc20eb90b 100644 --- a/drivers/gpu/drm/xe/xe_bo_evict.c +++ b/drivers/gpu/drm/xe/xe_bo_evict.c @@ -34,9 +34,6 @@ int xe_bo_evict_all(struct xe_device *xe) u8 id; int ret; - if (!IS_DGFX(xe)) - return 0; - /* User memory */ for (mem_type = XE_PL_VRAM0; mem_type <= XE_PL_VRAM1; ++mem_type) { struct ttm_resource_manager *man = @@ -125,9 +122,6 @@ int xe_bo_restore_kernel(struct xe_device *xe) struct xe_bo *bo; int ret; - if (!IS_DGFX(xe)) - return 0; - spin_lock(&xe->pinned.lock); for (;;) { bo = list_first_entry_or_null(&xe->pinned.evicted,

10 months, 1 week

3
2
0 0

[PATCH v2] ACPI: platform-profile: Fix CFI violation when accessing sysfs files

by Nathan Chancellor

When an attribute group is created with sysfs_create_group(), the ->sysfs_ops() callback is set to kobj_sysfs_ops, which sets the ->show() and ->store() callbacks to kobj_attr_show() and kobj_attr_store() respectively. These functions use container_of() to get the respective callback from the passed attribute, meaning that these callbacks need to be the same type as the callbacks in 'struct kobj_attribute'. However, the platform_profile sysfs functions have the type of the ->show() and ->store() callbacks in 'struct device_attribute', which results a CFI violation when accessing platform_profile or platform_profile_choices under /sys/firmware/acpi because the types do not match: CFI failure at kobj_attr_show+0x19/0x30 (target: platform_profile_choices_show+0x0/0x140; expected type: 0x7a69590c) There is no functional issue from the type mismatch because the layout of 'struct kobj_attribute' and 'struct device_attribute' are the same, so the container_of() cast does not break anything aside from CFI. Change the type of platform_profile_choices_show() and platform_profile_{show,store}() to match the callbacks in 'struct kobj_attribute' and update the attribute variables to match, which resolves the CFI violation. Cc: stable(a)vger.kernel.org Fixes: a2ff95e018f1 ("ACPI: platform: Add platform profile support") Reported-by: John Rowley <lkml(a)johnrowley.me> Closes: https://github.com/ClangBuiltLinux/linux/issues/2047 Tested-by: John Rowley <lkml(a)johnrowley.me> Reviewed-by: Sami Tolvanen <samitolvanen(a)google.com> Signed-off-by: Nathan Chancellor <nathan(a)kernel.org> --- John reminded me that this is still an issue in 6.12: https://github.com/ClangBuiltLinux/linux/issues/2047#issuecomment-2482635093 I know Greg said this driver should be using a 'struct device' but I am not familiar with that conversion and there was never any follow up to me asking how it should be done. I think it would be best to pick this change up now and have that conversion be done properly by someone who is more familiar with this driver later. Changes in v2: - Rebase on linux-pm/acpi - Pick up Sami's reviewed-by tag - Adjust wording around why there is no functional issue from the mismatched types - Link to v1: https://lore.kernel.org/r/20240819-acpi-platform_profile-fix-cfi-violation-… --- drivers/acpi/platform_profile.c | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/drivers/acpi/platform_profile.c b/drivers/acpi/platform_profile.c index d2f7fd7743a13df1dac3100c885208f4418218a5..11278f785526d48243e16659cd78d0b717846a7f 100644 --- a/drivers/acpi/platform_profile.c +++ b/drivers/acpi/platform_profile.c @@ -22,8 +22,8 @@ static const char * const profile_names[] = { }; static_assert(ARRAY_SIZE(profile_names) == PLATFORM_PROFILE_LAST); -static ssize_t platform_profile_choices_show(struct device *dev, - struct device_attribute *attr, +static ssize_t platform_profile_choices_show(struct kobject *kobj, + struct kobj_attribute *attr, char *buf) { int len = 0; @@ -49,8 +49,8 @@ static ssize_t platform_profile_choices_show(struct device *dev, return len; } -static ssize_t platform_profile_show(struct device *dev, - struct device_attribute *attr, +static ssize_t platform_profile_show(struct kobject *kobj, + struct kobj_attribute *attr, char *buf) { enum platform_profile_option profile = PLATFORM_PROFILE_BALANCED; @@ -77,8 +77,8 @@ static ssize_t platform_profile_show(struct device *dev, return sysfs_emit(buf, "%s\n", profile_names[profile]); } -static ssize_t platform_profile_store(struct device *dev, - struct device_attribute *attr, +static ssize_t platform_profile_store(struct kobject *kobj, + struct kobj_attribute *attr, const char *buf, size_t count) { int err, i; @@ -115,12 +115,12 @@ static ssize_t platform_profile_store(struct device *dev, return count; } -static DEVICE_ATTR_RO(platform_profile_choices); -static DEVICE_ATTR_RW(platform_profile); +static struct kobj_attribute attr_platform_profile_choices = __ATTR_RO(platform_profile_choices); +static struct kobj_attribute attr_platform_profile = __ATTR_RW(platform_profile); static struct attribute *platform_profile_attrs[] = { - &dev_attr_platform_profile_choices.attr, - &dev_attr_platform_profile.attr, + &attr_platform_profile_choices.attr, + &attr_platform_profile.attr, NULL }; --- base-commit: d47a60e487fbb65bbbca3d99e59009f0a4acf34d change-id: 20240819-acpi-platform_profile-fix-cfi-violation-de278753bd5f Best regards, -- Nathan Chancellor <nathan(a)kernel.org>

10 months, 1 week

1
0
0 0

[PATCH] Revert "drm/amd/pm: correct the workload setting"

by Alex Deucher

This reverts commit 4a18810d0b6fb2b853b75d21117040a783f2ab66. This causes a regression in the workload selection. A more extensive fix is being worked on for mainline. For stable, revert. Link: https://gitlab.freedesktop.org/drm/amd/-/issues/3618 Signed-off-by: Alex Deucher <alexander.deucher(a)amd.com> Cc: stable(a)vger.kernel.org # 6.11.x --- drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c | 49 ++++++------------- drivers/gpu/drm/amd/pm/swsmu/inc/amdgpu_smu.h | 4 +- .../gpu/drm/amd/pm/swsmu/smu11/arcturus_ppt.c | 5 +- .../gpu/drm/amd/pm/swsmu/smu11/navi10_ppt.c | 5 +- .../amd/pm/swsmu/smu11/sienna_cichlid_ppt.c | 5 +- .../gpu/drm/amd/pm/swsmu/smu11/vangogh_ppt.c | 4 +- .../gpu/drm/amd/pm/swsmu/smu12/renoir_ppt.c | 4 +- .../drm/amd/pm/swsmu/smu13/smu_v13_0_0_ppt.c | 20 ++------ .../drm/amd/pm/swsmu/smu13/smu_v13_0_7_ppt.c | 5 +- .../drm/amd/pm/swsmu/smu14/smu_v14_0_2_ppt.c | 9 ++-- drivers/gpu/drm/amd/pm/swsmu/smu_cmn.c | 8 --- drivers/gpu/drm/amd/pm/swsmu/smu_cmn.h | 2 - 12 files changed, 36 insertions(+), 84 deletions(-) diff --git a/drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c b/drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c index ee1bcfaae3e3..80e60ea2d11e 100644 --- a/drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c +++ b/drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c @@ -1259,33 +1259,26 @@ static int smu_sw_init(void *handle) smu->watermarks_bitmap = 0; smu->power_profile_mode = PP_SMC_POWER_PROFILE_BOOTUP_DEFAULT; smu->default_power_profile_mode = PP_SMC_POWER_PROFILE_BOOTUP_DEFAULT; - smu->user_dpm_profile.user_workload_mask = 0; atomic_set(&smu->smu_power.power_gate.vcn_gated, 1); atomic_set(&smu->smu_power.power_gate.jpeg_gated, 1); atomic_set(&smu->smu_power.power_gate.vpe_gated, 1); atomic_set(&smu->smu_power.power_gate.umsch_mm_gated, 1); - smu->workload_priority[PP_SMC_POWER_PROFILE_BOOTUP_DEFAULT] = 0; - smu->workload_priority[PP_SMC_POWER_PROFILE_FULLSCREEN3D] = 1; - smu->workload_priority[PP_SMC_POWER_PROFILE_POWERSAVING] = 2; - smu->workload_priority[PP_SMC_POWER_PROFILE_VIDEO] = 3; - smu->workload_priority[PP_SMC_POWER_PROFILE_VR] = 4; - smu->workload_priority[PP_SMC_POWER_PROFILE_COMPUTE] = 5; - smu->workload_priority[PP_SMC_POWER_PROFILE_CUSTOM] = 6; + smu->workload_prority[PP_SMC_POWER_PROFILE_BOOTUP_DEFAULT] = 0; + smu->workload_prority[PP_SMC_POWER_PROFILE_FULLSCREEN3D] = 1; + smu->workload_prority[PP_SMC_POWER_PROFILE_POWERSAVING] = 2; + smu->workload_prority[PP_SMC_POWER_PROFILE_VIDEO] = 3; + smu->workload_prority[PP_SMC_POWER_PROFILE_VR] = 4; + smu->workload_prority[PP_SMC_POWER_PROFILE_COMPUTE] = 5; + smu->workload_prority[PP_SMC_POWER_PROFILE_CUSTOM] = 6; if (smu->is_apu || - !smu_is_workload_profile_available(smu, PP_SMC_POWER_PROFILE_FULLSCREEN3D)) { - smu->driver_workload_mask = - 1 << smu->workload_priority[PP_SMC_POWER_PROFILE_BOOTUP_DEFAULT]; - } else { - smu->driver_workload_mask = - 1 << smu->workload_priority[PP_SMC_POWER_PROFILE_FULLSCREEN3D]; - smu->default_power_profile_mode = PP_SMC_POWER_PROFILE_FULLSCREEN3D; - } + !smu_is_workload_profile_available(smu, PP_SMC_POWER_PROFILE_FULLSCREEN3D)) + smu->workload_mask = 1 << smu->workload_prority[PP_SMC_POWER_PROFILE_BOOTUP_DEFAULT]; + else + smu->workload_mask = 1 << smu->workload_prority[PP_SMC_POWER_PROFILE_FULLSCREEN3D]; - smu->workload_mask = smu->driver_workload_mask | - smu->user_dpm_profile.user_workload_mask; smu->workload_setting[0] = PP_SMC_POWER_PROFILE_BOOTUP_DEFAULT; smu->workload_setting[1] = PP_SMC_POWER_PROFILE_FULLSCREEN3D; smu->workload_setting[2] = PP_SMC_POWER_PROFILE_POWERSAVING; @@ -2355,20 +2348,17 @@ static int smu_switch_power_profile(void *handle, return -EINVAL; if (!en) { - smu->driver_workload_mask &= ~(1 << smu->workload_priority[type]); + smu->workload_mask &= ~(1 << smu->workload_prority[type]); index = fls(smu->workload_mask); index = index > 0 && index <= WORKLOAD_POLICY_MAX ? index - 1 : 0; workload[0] = smu->workload_setting[index]; } else { - smu->driver_workload_mask |= (1 << smu->workload_priority[type]); + smu->workload_mask |= (1 << smu->workload_prority[type]); index = fls(smu->workload_mask); index = index <= WORKLOAD_POLICY_MAX ? index - 1 : 0; workload[0] = smu->workload_setting[index]; } - smu->workload_mask = smu->driver_workload_mask | - smu->user_dpm_profile.user_workload_mask; - if (smu_dpm_ctx->dpm_level != AMD_DPM_FORCED_LEVEL_MANUAL && smu_dpm_ctx->dpm_level != AMD_DPM_FORCED_LEVEL_PERF_DETERMINISM) smu_bump_power_profile_mode(smu, workload, 0); @@ -3059,23 +3049,12 @@ static int smu_set_power_profile_mode(void *handle, uint32_t param_size) { struct smu_context *smu = handle; - int ret; if (!smu->pm_enabled || !smu->adev->pm.dpm_enabled || !smu->ppt_funcs->set_power_profile_mode) return -EOPNOTSUPP; - if (smu->user_dpm_profile.user_workload_mask & - (1 << smu->workload_priority[param[param_size]])) - return 0; - - smu->user_dpm_profile.user_workload_mask = - (1 << smu->workload_priority[param[param_size]]); - smu->workload_mask = smu->user_dpm_profile.user_workload_mask | - smu->driver_workload_mask; - ret = smu_bump_power_profile_mode(smu, param, param_size); - - return ret; + return smu_bump_power_profile_mode(smu, param, param_size); } static int smu_get_fan_control_mode(void *handle, u32 *fan_mode) diff --git a/drivers/gpu/drm/amd/pm/swsmu/inc/amdgpu_smu.h b/drivers/gpu/drm/amd/pm/swsmu/inc/amdgpu_smu.h index d60d9a12a47e..b44a185d07e8 100644 --- a/drivers/gpu/drm/amd/pm/swsmu/inc/amdgpu_smu.h +++ b/drivers/gpu/drm/amd/pm/swsmu/inc/amdgpu_smu.h @@ -240,7 +240,6 @@ struct smu_user_dpm_profile { /* user clock state information */ uint32_t clk_mask[SMU_CLK_COUNT]; uint32_t clk_dependency; - uint32_t user_workload_mask; }; #define SMU_TABLE_INIT(tables, table_id, s, a, d) \ @@ -558,8 +557,7 @@ struct smu_context { bool disable_uclk_switch; uint32_t workload_mask; - uint32_t driver_workload_mask; - uint32_t workload_priority[WORKLOAD_POLICY_MAX]; + uint32_t workload_prority[WORKLOAD_POLICY_MAX]; uint32_t workload_setting[WORKLOAD_POLICY_MAX]; uint32_t power_profile_mode; uint32_t default_power_profile_mode; diff --git a/drivers/gpu/drm/amd/pm/swsmu/smu11/arcturus_ppt.c b/drivers/gpu/drm/amd/pm/swsmu/smu11/arcturus_ppt.c index 31fe512028f4..c0f6b59369b7 100644 --- a/drivers/gpu/drm/amd/pm/swsmu/smu11/arcturus_ppt.c +++ b/drivers/gpu/drm/amd/pm/swsmu/smu11/arcturus_ppt.c @@ -1455,6 +1455,7 @@ static int arcturus_set_power_profile_mode(struct smu_context *smu, return -EINVAL; } + if ((profile_mode == PP_SMC_POWER_PROFILE_CUSTOM) && (smu->smc_fw_version >= 0x360d00)) { if (size != 10) @@ -1522,14 +1523,14 @@ static int arcturus_set_power_profile_mode(struct smu_context *smu, ret = smu_cmn_send_smc_msg_with_param(smu, SMU_MSG_SetWorkloadMask, - smu->workload_mask, + 1 << workload_type, NULL); if (ret) { dev_err(smu->adev->dev, "Fail to set workload type %d\n", workload_type); return ret; } - smu_cmn_assign_power_profile(smu); + smu->power_profile_mode = profile_mode; return 0; } diff --git a/drivers/gpu/drm/amd/pm/swsmu/smu11/navi10_ppt.c b/drivers/gpu/drm/amd/pm/swsmu/smu11/navi10_ppt.c index bb4ae529ae20..076620fa3ef5 100644 --- a/drivers/gpu/drm/amd/pm/swsmu/smu11/navi10_ppt.c +++ b/drivers/gpu/drm/amd/pm/swsmu/smu11/navi10_ppt.c @@ -2081,13 +2081,10 @@ static int navi10_set_power_profile_mode(struct smu_context *smu, long *input, u smu->power_profile_mode); if (workload_type < 0) return -EINVAL; - ret = smu_cmn_send_smc_msg_with_param(smu, SMU_MSG_SetWorkloadMask, - smu->workload_mask, NULL); + 1 << workload_type, NULL); if (ret) dev_err(smu->adev->dev, "[%s] Failed to set work load mask!", __func__); - else - smu_cmn_assign_power_profile(smu); return ret; } diff --git a/drivers/gpu/drm/amd/pm/swsmu/smu11/sienna_cichlid_ppt.c b/drivers/gpu/drm/amd/pm/swsmu/smu11/sienna_cichlid_ppt.c index ca94c52663c0..0d3e1a121b67 100644 --- a/drivers/gpu/drm/amd/pm/swsmu/smu11/sienna_cichlid_ppt.c +++ b/drivers/gpu/drm/amd/pm/swsmu/smu11/sienna_cichlid_ppt.c @@ -1786,13 +1786,10 @@ static int sienna_cichlid_set_power_profile_mode(struct smu_context *smu, long * smu->power_profile_mode); if (workload_type < 0) return -EINVAL; - ret = smu_cmn_send_smc_msg_with_param(smu, SMU_MSG_SetWorkloadMask, - smu->workload_mask, NULL); + 1 << workload_type, NULL); if (ret) dev_err(smu->adev->dev, "[%s] Failed to set work load mask!", __func__); - else - smu_cmn_assign_power_profile(smu); return ret; } diff --git a/drivers/gpu/drm/amd/pm/swsmu/smu11/vangogh_ppt.c b/drivers/gpu/drm/amd/pm/swsmu/smu11/vangogh_ppt.c index 952ee22cbc90..1fe020f1f4db 100644 --- a/drivers/gpu/drm/amd/pm/swsmu/smu11/vangogh_ppt.c +++ b/drivers/gpu/drm/amd/pm/swsmu/smu11/vangogh_ppt.c @@ -1079,7 +1079,7 @@ static int vangogh_set_power_profile_mode(struct smu_context *smu, long *input, } ret = smu_cmn_send_smc_msg_with_param(smu, SMU_MSG_ActiveProcessNotify, - smu->workload_mask, + 1 << workload_type, NULL); if (ret) { dev_err_once(smu->adev->dev, "Fail to set workload type %d\n", @@ -1087,7 +1087,7 @@ static int vangogh_set_power_profile_mode(struct smu_context *smu, long *input, return ret; } - smu_cmn_assign_power_profile(smu); + smu->power_profile_mode = profile_mode; return 0; } diff --git a/drivers/gpu/drm/amd/pm/swsmu/smu12/renoir_ppt.c b/drivers/gpu/drm/amd/pm/swsmu/smu12/renoir_ppt.c index 62316a6707ef..cc0504b063fa 100644 --- a/drivers/gpu/drm/amd/pm/swsmu/smu12/renoir_ppt.c +++ b/drivers/gpu/drm/amd/pm/swsmu/smu12/renoir_ppt.c @@ -890,14 +890,14 @@ static int renoir_set_power_profile_mode(struct smu_context *smu, long *input, u } ret = smu_cmn_send_smc_msg_with_param(smu, SMU_MSG_ActiveProcessNotify, - smu->workload_mask, + 1 << workload_type, NULL); if (ret) { dev_err_once(smu->adev->dev, "Fail to set workload type %d\n", workload_type); return ret; } - smu_cmn_assign_power_profile(smu); + smu->power_profile_mode = profile_mode; return 0; } diff --git a/drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_0_ppt.c b/drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_0_ppt.c index 5dd7ceca64fe..d53e162dcd8d 100644 --- a/drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_0_ppt.c +++ b/drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_0_ppt.c @@ -2485,7 +2485,7 @@ static int smu_v13_0_0_set_power_profile_mode(struct smu_context *smu, DpmActivityMonitorCoeffInt_t *activity_monitor = &(activity_monitor_external.DpmActivityMonitorCoeffInt); int workload_type, ret = 0; - u32 workload_mask; + u32 workload_mask, selected_workload_mask; smu->power_profile_mode = input[size]; @@ -2552,7 +2552,7 @@ static int smu_v13_0_0_set_power_profile_mode(struct smu_context *smu, if (workload_type < 0) return -EINVAL; - workload_mask = 1 << workload_type; + selected_workload_mask = workload_mask = 1 << workload_type; /* Add optimizations for SMU13.0.0/10. Reuse the power saving profile */ if ((amdgpu_ip_version(smu->adev, MP1_HWIP, 0) == IP_VERSION(13, 0, 0) && @@ -2567,22 +2567,12 @@ static int smu_v13_0_0_set_power_profile_mode(struct smu_context *smu, workload_mask |= 1 << workload_type; } - smu->workload_mask |= workload_mask; ret = smu_cmn_send_smc_msg_with_param(smu, SMU_MSG_SetWorkloadMask, - smu->workload_mask, + workload_mask, NULL); - if (!ret) { - smu_cmn_assign_power_profile(smu); - if (smu->power_profile_mode == PP_SMC_POWER_PROFILE_POWERSAVING) { - workload_type = smu_cmn_to_asic_specific_index(smu, - CMN2ASIC_MAPPING_WORKLOAD, - PP_SMC_POWER_PROFILE_FULLSCREEN3D); - smu->power_profile_mode = smu->workload_mask & (1 << workload_type) - ? PP_SMC_POWER_PROFILE_FULLSCREEN3D - : PP_SMC_POWER_PROFILE_BOOTUP_DEFAULT; - } - } + if (!ret) + smu->workload_mask = selected_workload_mask; return ret; } diff --git a/drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_7_ppt.c b/drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_7_ppt.c index 9d0b19419de0..b891a5e0a396 100644 --- a/drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_7_ppt.c +++ b/drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_7_ppt.c @@ -2499,14 +2499,13 @@ static int smu_v13_0_7_set_power_profile_mode(struct smu_context *smu, long *inp smu->power_profile_mode); if (workload_type < 0) return -EINVAL; - ret = smu_cmn_send_smc_msg_with_param(smu, SMU_MSG_SetWorkloadMask, - smu->workload_mask, NULL); + 1 << workload_type, NULL); if (ret) dev_err(smu->adev->dev, "[%s] Failed to set work load mask!", __func__); else - smu_cmn_assign_power_profile(smu); + smu->workload_mask = (1 << workload_type); return ret; } diff --git a/drivers/gpu/drm/amd/pm/swsmu/smu14/smu_v14_0_2_ppt.c b/drivers/gpu/drm/amd/pm/swsmu/smu14/smu_v14_0_2_ppt.c index d9f0e7f81ed7..eaf80c5b3e4d 100644 --- a/drivers/gpu/drm/amd/pm/swsmu/smu14/smu_v14_0_2_ppt.c +++ b/drivers/gpu/drm/amd/pm/swsmu/smu14/smu_v14_0_2_ppt.c @@ -1508,11 +1508,12 @@ static int smu_v14_0_2_set_power_profile_mode(struct smu_context *smu, if (workload_type < 0) return -EINVAL; - ret = smu_cmn_send_smc_msg_with_param(smu, SMU_MSG_SetWorkloadMask, - smu->workload_mask, NULL); - + ret = smu_cmn_send_smc_msg_with_param(smu, + SMU_MSG_SetWorkloadMask, + 1 << workload_type, + NULL); if (!ret) - smu_cmn_assign_power_profile(smu); + smu->workload_mask = 1 << workload_type; return ret; } diff --git a/drivers/gpu/drm/amd/pm/swsmu/smu_cmn.c b/drivers/gpu/drm/amd/pm/swsmu/smu_cmn.c index bdfc5e617333..91ad434bcdae 100644 --- a/drivers/gpu/drm/amd/pm/swsmu/smu_cmn.c +++ b/drivers/gpu/drm/amd/pm/swsmu/smu_cmn.c @@ -1138,14 +1138,6 @@ int smu_cmn_set_mp1_state(struct smu_context *smu, return ret; } -void smu_cmn_assign_power_profile(struct smu_context *smu) -{ - uint32_t index; - index = fls(smu->workload_mask); - index = index > 0 && index <= WORKLOAD_POLICY_MAX ? index - 1 : 0; - smu->power_profile_mode = smu->workload_setting[index]; -} - bool smu_cmn_is_audio_func_enabled(struct amdgpu_device *adev) { struct pci_dev *p = NULL; diff --git a/drivers/gpu/drm/amd/pm/swsmu/smu_cmn.h b/drivers/gpu/drm/amd/pm/swsmu/smu_cmn.h index 8a801e389659..1de685defe85 100644 --- a/drivers/gpu/drm/amd/pm/swsmu/smu_cmn.h +++ b/drivers/gpu/drm/amd/pm/swsmu/smu_cmn.h @@ -130,8 +130,6 @@ void smu_cmn_init_soft_gpu_metrics(void *table, uint8_t frev, uint8_t crev); int smu_cmn_set_mp1_state(struct smu_context *smu, enum pp_mp1_state mp1_state); -void smu_cmn_assign_power_profile(struct smu_context *smu); - /* * Helper function to make sysfs_emit_at() happy. Align buf to * the current page boundary and record the offset. -- 2.47.0

10 months, 1 week

2
7
0 0

[PATCH v3 00/15] media: stm32: introduction of CSI / DCMIPP for STM32MP25

by Alain Volmat

This series introduces the camera pipeline support for the STM32MP25 SOC. The STM32MP25 has 3 pipelines, fed from a single camera input which can be either parallel or csi. This series adds the basic support for the 1st pipe (dump) which, in term of features is same as the one featured on the STM32MP13 SOC. It focuses on introduction of the CSI input stage for the DCMIPP, and the CSI specific new control code for the DCMIPP. One of the subdev of the DCMIPP, dcmipp_parallel is now renamed as dcmipp_input since it allows to not only control the parallel but also the csi interface. Signed-off-by: Alain Volmat <alain.volmat(a)foss.st.com> --- Changes in v3: * stm32-csi: use clk_bulk api * stm32-csiL perform reset control within the probe - Link to v2: https://lore.kernel.org/r/20241105-csi_dcmipp_mp25-v2-0-b9fc8a7273c2@foss.s… --- Alain Volmat (15): media: stm32: dcmipp: correct dma_set_mask_and_coherent mask value dt-bindings: media: add description of stm32 csi media: stm32: csi: addition of the STM32 CSI driver media: stm32: dcmipp: use v4l2_subdev_is_streaming media: stm32: dcmipp: replace s_stream with enable/disable_streams media: stm32: dcmipp: rename dcmipp_parallel into dcmipp_input media: stm32: dcmipp: add support for csi input into dcmipp-input media: stm32: dcmipp: add bayer 10~14 bits formats media: stm32: dcmipp: add 1X16 RGB / YUV formats support media: stm32: dcmipp: avoid duplicated format on enum in bytecap media: stm32: dcmipp: fill media ctl hw_revision field dt-bindings: media: add the stm32mp25 compatible of DCMIPP media: stm32: dcmipp: add core support for the stm32mp25 arm64: dts: st: add csi & dcmipp node in stm32mp25 arm64: dts: st: enable imx335/csi/dcmipp pipeline on stm32mp257f-ev1 .../devicetree/bindings/media/st,stm32-dcmipp.yaml | 53 +- .../bindings/media/st,stm32mp25-csi.yaml | 125 +++ MAINTAINERS | 8 + arch/arm64/boot/dts/st/stm32mp251.dtsi | 23 + arch/arm64/boot/dts/st/stm32mp257f-ev1.dts | 85 ++ drivers/media/platform/st/stm32/Kconfig | 14 + drivers/media/platform/st/stm32/Makefile | 1 + drivers/media/platform/st/stm32/stm32-csi.c | 1137 ++++++++++++++++++++ .../media/platform/st/stm32/stm32-dcmipp/Makefile | 2 +- .../st/stm32/stm32-dcmipp/dcmipp-bytecap.c | 128 ++- .../st/stm32/stm32-dcmipp/dcmipp-byteproc.c | 119 +- .../platform/st/stm32/stm32-dcmipp/dcmipp-common.h | 4 +- .../platform/st/stm32/stm32-dcmipp/dcmipp-core.c | 116 +- .../platform/st/stm32/stm32-dcmipp/dcmipp-input.c | 540 ++++++++++ .../st/stm32/stm32-dcmipp/dcmipp-parallel.c | 440 -------- 15 files changed, 2219 insertions(+), 576 deletions(-) --- base-commit: 9852d85ec9d492ebef56dc5f229416c925758edc change-id: 20241007-csi_dcmipp_mp25-7779601f57da Best regards, -- Alain Volmat <alain.volmat(a)foss.st.com>

10 months, 1 week

1
1
0 0

[PATCH] arm64: uaccess: Restrict user access to kernel memory in __copy_user_flushcache()

by Gax-c

From: Zichen Xie <zichenxie0106(a)gmail.com> raw_copy_from_user() do not call access_ok(), so this code allowed userspace to access any virtual memory address. Change it to copy_from_user(). Fixes: 9e94fdade4d8 ("arm64: uaccess: simplify __copy_user_flushcache()") Signed-off-by: Zichen Xie <zichenxie0106(a)gmail.com> Cc: stable(a)vger.kernel.org --- arch/arm64/lib/uaccess_flushcache.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm64/lib/uaccess_flushcache.c b/arch/arm64/lib/uaccess_flushcache.c index 7510d1a23124..fb138a3934db 100644 --- a/arch/arm64/lib/uaccess_flushcache.c +++ b/arch/arm64/lib/uaccess_flushcache.c @@ -24,7 +24,7 @@ unsigned long __copy_user_flushcache(void *to, const void __user *from, { unsigned long rc; - rc = raw_copy_from_user(to, from, n); + rc = copy_from_user(to, from, n); /* See above */ dcache_clean_pop((unsigned long)to, (unsigned long)to + n - rc); -- 2.34.1

10 months, 1 week

3
2
0 0

[PATCH] perf: arm-ni: Fix attribute_group definition syntax

by Thomas Weißschuh

The sentinel NULL value does not make sense and is a syntax error in a structure definition. Remove it. Fixes: 4d5a7680f2b4 ("perf: Add driver for Arm NI-700 interconnect PMU") Cc: stable(a)vger.kernel.org Signed-off-by: Thomas Weißschuh <linux(a)weissschuh.net> --- Cc stable because although this commit is not yet released, it most likely will be by the time it hits mainline. --- drivers/perf/arm-ni.c | 1 - 1 file changed, 1 deletion(-) diff --git a/drivers/perf/arm-ni.c b/drivers/perf/arm-ni.c index 90fcfe693439ef3e18e23c6351433ac3c5ea78b5..fd7a5e60e96302fada29cd44e7bf9c582e93e4ce 100644 --- a/drivers/perf/arm-ni.c +++ b/drivers/perf/arm-ni.c @@ -247,7 +247,6 @@ static struct attribute *arm_ni_other_attrs[] = { static const struct attribute_group arm_ni_other_attr_group = { .attrs = arm_ni_other_attrs, - NULL }; static const struct attribute_group *arm_ni_attr_groups[] = { --- base-commit: 4a5df37964673effcd9f84041f7423206a5ae5f2 change-id: 20241117-arm-ni-syntax-250a83058529 Best regards, -- Thomas Weißschuh <linux(a)weissschuh.net>

10 months, 1 week

2
2
0 0

[PATCH 6.1.y 0/3] ext4: Fix warning related to siphash and ext4 filesystem mounting

by Vasiliy Kovalev

Found by syzbot (https://syzkaller.appspot.com/bug?extid=9177d065333561cd6fd0): EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode EXT4-fs (loop0): 1 truncate cleaned up EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" ------------[ cut here ]------------ WARNING: CPU: 1 PID: 4245 at fs/crypto/fname.c:567 fscrypt_fname_siphash+0xb9/0xf0 Modules linked in: CPU: 1 PID: 4245 Comm: syz-executor375 Not tainted 6.1.116-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 RIP: 0010:fscrypt_fname_siphash+0xb9/0xf0 fs/crypto/fname.c:567 Call Trace: <TASK> __ext4fs_dirhash+0xdd2/0x14c0 fs/ext4/hash.c:268 ext4fs_dirhash+0x1b8/0x320 fs/ext4/hash.c:322 htree_dirblock_to_tree+0x723/0x10d0 fs/ext4/namei.c:1125 ext4_htree_fill_tree+0x73d/0x13f0 fs/ext4/namei.c:1220 ext4_dx_readdir fs/ext4/dir.c:605 [inline] ext4_readdir+0x2e87/0x3880 fs/ext4/dir.c:142 iterate_dir+0x224/0x560 __do_sys_getdents64 fs/readdir.c:369 [inline] __se_sys_getdents64+0x209/0x4f0 fs/readdir.c:354 do_syscall_x64 arch/x86/entry/common.c:51 [inline] do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:81 </TASK> These patches address a warning encountered when mounting ext4 filesystems with the default hash version set to SIPHASH while the casefold feature is not enabled. The warning occurs due to incorrect error handling and setup of the default hash version. [PATCH 1/3 ] ext4: factor out ext4_hash_info_init() Simplifies the ext4 filesystem setup by factoring out the ext4_hash_info_init function, with no functional change. [PATCH 2/3] ext4: filesystems without casefold feature cannot be mounted with siphash Ensures that ext4 filesystems with the default hash set to SIPHASH cannot be mounted if the casefold feature is not enabled. [PATCH 3/3] ext4: fix error message when rejecting the default hash Corrects the error message logic for rejecting filesystems with the default SIPHASH hash version, ensuring the error message doesn't incorrectly reference the casefold setup. Also moves the check to ext4_hash_info_init to ensure consistency.

10 months, 1 week

1
3
0 0

[PATCH 6.6.y 0/2] ext4: Fix warning related to siphash and ext4 filesystem mounting

by Vasiliy Kovalev

Found by syzbot (https://syzkaller.appspot.com/bug?extid=340581ba9dceb7e06fb3) log (6.6.61): EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode EXT4-fs (loop0): 1 truncate cleaned up EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" ------------[ cut here ]------------ WARNING: CPU: 0 PID: 3775 at fs/crypto/fname.c:567 fscrypt_fname_siphash (fs/crypto/fname.c:567) CPU: 0 PID: 3775 Comm: fscrypt_fname_s Not tainted 6.6.61-un-def-alt1.kasan #1 RIP: 0010:fscrypt_fname_siphash (fs/crypto/fname.c:567 (discriminator 1)) Call Trace: <TASK> __ext4fs_dirhash (fs/ext4/hash.c:268) ext4fs_dirhash (fs/ext4/hash.c:322) htree_dirblock_to_tree (fs/ext4/namei.c:1127) ext4_htree_fill_tree (fs/ext4/namei.c:1222) ext4_readdir (fs/ext4/dir.c:608 fs/ext4/dir.c:142) iterate_dir (fs/readdir.c:106) __x64_sys_getdents64 (fs/readdir.c:406 fs/readdir.c:390 fs/readdir.c:390) do_syscall_64 (arch/x86/entry/common.c:51 arch/x86/entry/common.c:81) ... </TASK> These patches address a warning encountered when mounting ext4 filesystems with the default hash version set to SIPHASH while the casefold feature is not enabled. The warning occurs due to incorrect error handling and setup of the default hash version. [PATCH 1/2] ext4: filesystems without casefold feature cannot be mounted with siphash Ensures that ext4 filesystems with the default hash set to SIPHASH cannot be mounted if the casefold feature is not enabled. [PATCH 2/2] ext4: fix error message when rejecting the default hash Corrects the error message logic for rejecting filesystems with the default SIPHASH hash version, ensuring the error message doesn't incorrectly reference the casefold setup. Also moves the check to ext4_hash_info_init to ensure consistency.

10 months, 1 week

1
2
0 0

[PATCH 6.1.y 0/4] fix error handling in mmap_region() and refactor (hotfixes)

by Lorenzo Stoakes

Critical fixes for mmap_region(), backported to 6.1.y. Some notes on differences from upstream: * We do NOT take commit 0fb4a7ad270b ("mm: refactor map_deny_write_exec()"), as this refactors code only introduced in 6.2. * We make reference in "mm: refactor arch_calc_vm_flag_bits() and arm64 MTE handling" to parisc, but the referenced functionality does not exist in this kernel. * In this kernel is_shared_maywrite() does not exist and the code uses VM_SHARED to determine whether mapping_map_writable() / mapping_unmap_writable() should be invoked. This backport therefore follows suit. * The vma_dummy_vm_ops static global doesn't exist in this kernel, so we use a local static variable in mmap_file() and vma_close(). * Each version of these series is confronted by a slightly different mmap_region(), so we must adapt the change for each stable version. The approach remains the same throughout, however, and we correctly avoid closing the VMA part way through any __mmap_region() operation. * This version of the kernel uses mas_preallocate() rather than the vma_iter_prealloc() wrapper and mas_destroy() rather than the vma_iter_free() wrapper, however the logic of rearranging the positioning of these remains the same, as well as avoiding the iterator leak we previously had on some error paths. Lorenzo Stoakes (4): mm: avoid unsafe VMA hook invocation when error arises on mmap hook mm: unconditionally close VMAs on error mm: refactor arch_calc_vm_flag_bits() and arm64 MTE handling mm: resolve faulty mmap_region() error path behaviour arch/arm64/include/asm/mman.h | 10 ++- include/linux/mman.h | 7 +- mm/internal.h | 19 ++++++ mm/mmap.c | 119 ++++++++++++++++++---------------- mm/nommu.c | 9 ++- mm/shmem.c | 3 - mm/util.c | 33 ++++++++++ 7 files changed, 129 insertions(+), 71 deletions(-) -- 2.47.0

10 months, 1 week

4
11
0 0

[PATCH 6.1] fs/ntfs3: Add rough attr alloc_size check

by Bin Lan

From: Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> [ Upstream commit c4a8ba334262e9a5c158d618a4820e1b9c12495c ] Reported-by: syzbot+c6d94bedd910a8216d25(a)syzkaller.appspotmail.com Signed-off-by: Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> Signed-off-by: Bin Lan <bin.lan.cn(a)windriver.com> --- fs/ntfs3/record.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/fs/ntfs3/record.c b/fs/ntfs3/record.c index 7ab452710572..0cdff04d084b 100644 --- a/fs/ntfs3/record.c +++ b/fs/ntfs3/record.c @@ -329,6 +329,9 @@ struct ATTRIB *mi_enum_attr(struct mft_inode *mi, struct ATTRIB *attr) if (attr->nres.c_unit) return NULL; + + if (alloc_size > mi->sbi->volume.size) + return NULL; } return attr; -- 2.43.0

10 months, 1 week

1
0
0 0

[PATCH 6.1.y] hv_netvsc: Don't free decrypted memory

by Xiangyu Chen

From: Rick Edgecombe <rick.p.edgecombe(a)intel.com> [ Upstream commit bbf9ac34677b57506a13682b31a2a718934c0e31 ] In CoCo VMs it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned and the resulting memory is shared. Callers need to take care to handle these errors to avoid returning decrypted (shared) memory to the page allocator, which could lead to functional or security issues. The netvsc driver could free decrypted/shared pages if set_memory_decrypted() fails. Check the decrypted field in the gpadl to decide whether to free the memory. Signed-off-by: Rick Edgecombe <rick.p.edgecombe(a)intel.com> Signed-off-by: Michael Kelley <mhklinux(a)outlook.com> Reviewed-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy(a)linux.intel.com> Acked-by: Kirill A. Shutemov <kirill.shutemov(a)linux.intel.com> Link: https://lore.kernel.org/r/20240311161558.1310-4-mhklinux@outlook.com Signed-off-by: Wei Liu <wei.liu(a)kernel.org> Message-ID: <20240311161558.1310-4-mhklinux(a)outlook.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> [Xiangyu: Bp to fix CVE: CVE-2024-36911 resolved the conflicts] Signed-off-by: Xiangyu Chen <xiangyu.chen(a)windriver.com> --- drivers/net/hyperv/netvsc.c | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/drivers/net/hyperv/netvsc.c b/drivers/net/hyperv/netvsc.c index 3a834d4e1c84..3735bfbd9e8e 100644 --- a/drivers/net/hyperv/netvsc.c +++ b/drivers/net/hyperv/netvsc.c @@ -155,15 +155,19 @@ static void free_netvsc_device(struct rcu_head *head) kfree(nvdev->extension); - if (nvdev->recv_original_buf) - vfree(nvdev->recv_original_buf); - else - vfree(nvdev->recv_buf); + if (!nvdev->recv_buf_gpadl_handle.decrypted) { + if (nvdev->recv_original_buf) + vfree(nvdev->recv_original_buf); + else + vfree(nvdev->recv_buf); + } - if (nvdev->send_original_buf) - vfree(nvdev->send_original_buf); - else - vfree(nvdev->send_buf); + if (!nvdev->send_buf_gpadl_handle.decrypted) { + if (nvdev->send_original_buf) + vfree(nvdev->send_original_buf); + else + vfree(nvdev->send_buf); + } bitmap_free(nvdev->send_section_map); -- 2.43.0

10 months, 1 week

1
0
0 0

[PATCH 6.1] gpiolib: cdev: Fix use after free in lineinfo_changed_notify

by Xiangyu Chen

From: Zhongqiu Han <quic_zhonhan(a)quicinc.com> [ Upstream commit 02f6b0e1ec7e0e7d059dddc893645816552039da ] The use-after-free issue occurs as follows: when the GPIO chip device file is being closed by invoking gpio_chrdev_release(), watched_lines is freed by bitmap_free(), but the unregistration of lineinfo_changed_nb notifier chain failed due to waiting write rwsem. Additionally, one of the GPIO chip's lines is also in the release process and holds the notifier chain's read rwsem. Consequently, a race condition leads to the use-after-free of watched_lines. Here is the typical stack when issue happened: [free] gpio_chrdev_release() --> bitmap_free(cdev->watched_lines) <-- freed --> blocking_notifier_chain_unregister() --> down_write(&nh->rwsem) <-- waiting rwsem --> __down_write_common() --> rwsem_down_write_slowpath() --> schedule_preempt_disabled() --> schedule() [use] st54spi_gpio_dev_release() --> gpio_free() --> gpiod_free() --> gpiod_free_commit() --> gpiod_line_state_notify() --> blocking_notifier_call_chain() --> down_read(&nh->rwsem); <-- held rwsem --> notifier_call_chain() --> lineinfo_changed_notify() --> test_bit(xxxx, cdev->watched_lines) <-- use after free The side effect of the use-after-free issue is that a GPIO line event is being generated for userspace where it shouldn't. However, since the chrdev is being closed, userspace won't have the chance to read that event anyway. To fix the issue, call the bitmap_free() function after the unregistration of lineinfo_changed_nb notifier chain. Fixes: 51c1064e82e7 ("gpiolib: add new ioctl() for monitoring changes in line info") Signed-off-by: Zhongqiu Han <quic_zhonhan(a)quicinc.com> Link: https://lore.kernel.org/r/20240505141156.2944912-1-quic_zhonhan@quicinc.com Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> Signed-off-by: Xiangyu Chen <xiangyu.chen(a)windriver.com> --- drivers/gpio/gpiolib-cdev.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/gpio/gpiolib-cdev.c b/drivers/gpio/gpiolib-cdev.c index 55f640ef3fee..897d20996a8c 100644 --- a/drivers/gpio/gpiolib-cdev.c +++ b/drivers/gpio/gpiolib-cdev.c @@ -2860,9 +2860,9 @@ static int gpio_chrdev_release(struct inode *inode, struct file *file) struct gpio_chardev_data *cdev = file->private_data; struct gpio_device *gdev = cdev->gdev; - bitmap_free(cdev->watched_lines); blocking_notifier_chain_unregister(&gdev->notifier, &cdev->lineinfo_changed_nb); + bitmap_free(cdev->watched_lines); put_device(&gdev->dev); kfree(cdev); -- 2.43.0

10 months, 1 week

1
0
0 0

[PATCH 6.6] drm/amd/pm: Vangogh: Fix kernel memory out of bounds write

by Bin Lan

From: Tvrtko Ursulin <tvrtko.ursulin(a)igalia.com> [ Upstream commit 4aa923a6e6406b43566ef6ac35a3d9a3197fa3e8 ] KASAN reports that the GPU metrics table allocated in vangogh_tables_init() is not large enough for the memset done in smu_cmn_init_soft_gpu_metrics(). Condensed report follows: [ 33.861314] BUG: KASAN: slab-out-of-bounds in smu_cmn_init_soft_gpu_metrics+0x73/0x200 [amdgpu] [ 33.861799] Write of size 168 at addr ffff888129f59500 by task mangoapp/1067 ... [ 33.861808] CPU: 6 UID: 1000 PID: 1067 Comm: mangoapp Tainted: G W 6.12.0-rc4 #356 1a56f59a8b5182eeaf67eb7cb8b13594dd23b544 [ 33.861816] Tainted: [W]=WARN [ 33.861818] Hardware name: Valve Galileo/Galileo, BIOS F7G0107 12/01/2023 [ 33.861822] Call Trace: [ 33.861826] <TASK> [ 33.861829] dump_stack_lvl+0x66/0x90 [ 33.861838] print_report+0xce/0x620 [ 33.861853] kasan_report+0xda/0x110 [ 33.862794] kasan_check_range+0xfd/0x1a0 [ 33.862799] __asan_memset+0x23/0x40 [ 33.862803] smu_cmn_init_soft_gpu_metrics+0x73/0x200 [amdgpu 13b1bc364ec578808f676eba412c20eaab792779] [ 33.863306] vangogh_get_gpu_metrics_v2_4+0x123/0xad0 [amdgpu 13b1bc364ec578808f676eba412c20eaab792779] [ 33.864257] vangogh_common_get_gpu_metrics+0xb0c/0xbc0 [amdgpu 13b1bc364ec578808f676eba412c20eaab792779] [ 33.865682] amdgpu_dpm_get_gpu_metrics+0xcc/0x110 [amdgpu 13b1bc364ec578808f676eba412c20eaab792779] [ 33.866160] amdgpu_get_gpu_metrics+0x154/0x2d0 [amdgpu 13b1bc364ec578808f676eba412c20eaab792779] [ 33.867135] dev_attr_show+0x43/0xc0 [ 33.867147] sysfs_kf_seq_show+0x1f1/0x3b0 [ 33.867155] seq_read_iter+0x3f8/0x1140 [ 33.867173] vfs_read+0x76c/0xc50 [ 33.867198] ksys_read+0xfb/0x1d0 [ 33.867214] do_syscall_64+0x90/0x160 ... [ 33.867353] Allocated by task 378 on cpu 7 at 22.794876s: [ 33.867358] kasan_save_stack+0x33/0x50 [ 33.867364] kasan_save_track+0x17/0x60 [ 33.867367] __kasan_kmalloc+0x87/0x90 [ 33.867371] vangogh_init_smc_tables+0x3f9/0x840 [amdgpu] [ 33.867835] smu_sw_init+0xa32/0x1850 [amdgpu] [ 33.868299] amdgpu_device_init+0x467b/0x8d90 [amdgpu] [ 33.868733] amdgpu_driver_load_kms+0x19/0xf0 [amdgpu] [ 33.869167] amdgpu_pci_probe+0x2d6/0xcd0 [amdgpu] [ 33.869608] local_pci_probe+0xda/0x180 [ 33.869614] pci_device_probe+0x43f/0x6b0 Empirically we can confirm that the former allocates 152 bytes for the table, while the latter memsets the 168 large block. Root cause appears that when GPU metrics tables for v2_4 parts were added it was not considered to enlarge the table to fit. The fix in this patch is rather "brute force" and perhaps later should be done in a smarter way, by extracting and consolidating the part version to size logic to a common helper, instead of brute forcing the largest possible allocation. Nevertheless, for now this works and fixes the out of bounds write. v2: * Drop impossible v3_0 case. (Mario) Signed-off-by: Tvrtko Ursulin <tvrtko.ursulin(a)igalia.com> Fixes: 41cec40bc9ba ("drm/amd/pm: Vangogh: Add new gpu_metrics_v2_4 to acquire gpu_metrics") Cc: Mario Limonciello <mario.limonciello(a)amd.com> Cc: Evan Quan <evan.quan(a)amd.com> Cc: Wenyou Yang <WenYou.Yang(a)amd.com> Cc: Alex Deucher <alexander.deucher(a)amd.com> Reviewed-by: Mario Limonciello <mario.limonciello(a)amd.com> Link: https://lore.kernel.org/r/20241025145639.19124-1-tursulin@igalia.com Signed-off-by: Mario Limonciello <mario.limonciello(a)amd.com> Signed-off-by: Alex Deucher <alexander.deucher(a)amd.com> (cherry picked from commit 0880f58f9609f0200483a49429af0f050d281703) Cc: stable(a)vger.kernel.org # v6.6+ Signed-off-by: Bin Lan <bin.lan.cn(a)windriver.com> --- drivers/gpu/drm/amd/pm/swsmu/smu11/vangogh_ppt.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/drivers/gpu/drm/amd/pm/swsmu/smu11/vangogh_ppt.c b/drivers/gpu/drm/amd/pm/swsmu/smu11/vangogh_ppt.c index f46cda889483..454216bd6f1d 100644 --- a/drivers/gpu/drm/amd/pm/swsmu/smu11/vangogh_ppt.c +++ b/drivers/gpu/drm/amd/pm/swsmu/smu11/vangogh_ppt.c @@ -256,10 +256,9 @@ static int vangogh_tables_init(struct smu_context *smu) goto err0_out; smu_table->metrics_time = 0; - if (smu_version >= 0x043F3E00) - smu_table->gpu_metrics_table_size = sizeof(struct gpu_metrics_v2_3); - else - smu_table->gpu_metrics_table_size = sizeof(struct gpu_metrics_v2_2); + smu_table->gpu_metrics_table_size = sizeof(struct gpu_metrics_v2_2); + smu_table->gpu_metrics_table_size = max(smu_table->gpu_metrics_table_size, sizeof(struct gpu_metrics_v2_3)); + smu_table->gpu_metrics_table_size = max(smu_table->gpu_metrics_table_size, sizeof(struct gpu_metrics_v2_4)); smu_table->gpu_metrics_table = kzalloc(smu_table->gpu_metrics_table_size, GFP_KERNEL); if (!smu_table->gpu_metrics_table) goto err1_out; -- 2.43.0

10 months, 1 week

1
0
0 0

[PATCH 2/2] docs: media: update location of the media patches

by Mauro Carvalho Chehab

Due to recent changes on the way we're maintaining media, the location of the main tree was updated. Change docs accordingly. Cc: stable(a)vger.kernel.org Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> --- Documentation/admin-guide/media/building.rst | 2 +- Documentation/admin-guide/media/saa7134.rst | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Documentation/admin-guide/media/building.rst b/Documentation/admin-guide/media/building.rst index a06473429916..7a413ba07f93 100644 --- a/Documentation/admin-guide/media/building.rst +++ b/Documentation/admin-guide/media/building.rst @@ -15,7 +15,7 @@ Please notice, however, that, if: you should use the main media development tree ``master`` branch: - https://git.linuxtv.org/media_tree.git/ + https://git.linuxtv.org/media.git/ In this case, you may find some useful information at the `LinuxTv wiki pages <https://linuxtv.org/wiki>`_: diff --git a/Documentation/admin-guide/media/saa7134.rst b/Documentation/admin-guide/media/saa7134.rst index 51eae7eb5ab7..18d7cbc897db 100644 --- a/Documentation/admin-guide/media/saa7134.rst +++ b/Documentation/admin-guide/media/saa7134.rst @@ -67,7 +67,7 @@ Changes / Fixes Please mail to linux-media AT vger.kernel.org unified diffs against the linux media git tree: - https://git.linuxtv.org/media_tree.git/ + https://git.linuxtv.org/media.git/ This is done by committing a patch at a clone of the git tree and submitting the patch using ``git send-email``. Don't forget to -- 2.47.0

10 months, 1 week

2
1
0 0

[PATCH 6.1] Bluetooth: ISO: Fix not validating setsockopt user input

by Xiangyu Chen

From: Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> [ Upstream commit 9e8742cdfc4b0e65266bb4a901a19462bda9285e ] Check user input length before copying data. Fixes: ccf74f2390d6 ("Bluetooth: Add BTPROTO_ISO socket type") Fixes: 0731c5ab4d51 ("Bluetooth: ISO: Add support for BT_PKT_STATUS") Fixes: f764a6c2c1e4 ("Bluetooth: ISO: Add broadcast support") Signed-off-by: Eric Dumazet <edumazet(a)google.com> Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> [Xiangyu: Bp to fix CVE: CVE-2024-35964 resolved minor conflicts] Signed-off-by: Xiangyu Chen <xiangyu.chen(a)windriver.com> --- net/bluetooth/iso.c | 32 ++++++++++---------------------- 1 file changed, 10 insertions(+), 22 deletions(-) diff --git a/net/bluetooth/iso.c b/net/bluetooth/iso.c index 27efca5dc7bb..ff15d5192768 100644 --- a/net/bluetooth/iso.c +++ b/net/bluetooth/iso.c @@ -1189,7 +1189,7 @@ static int iso_sock_setsockopt(struct socket *sock, int level, int optname, sockptr_t optval, unsigned int optlen) { struct sock *sk = sock->sk; - int len, err = 0; + int err = 0; struct bt_iso_qos qos; u32 opt; @@ -1204,10 +1204,9 @@ static int iso_sock_setsockopt(struct socket *sock, int level, int optname, break; } - if (copy_from_sockptr(&opt, optval, sizeof(u32))) { - err = -EFAULT; + err = bt_copy_from_sockptr(&opt, sizeof(opt), optval, optlen); + if (err) break; - } if (opt) set_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags); @@ -1222,18 +1221,9 @@ static int iso_sock_setsockopt(struct socket *sock, int level, int optname, break; } - len = min_t(unsigned int, sizeof(qos), optlen); - if (len != sizeof(qos)) { - err = -EINVAL; - break; - } - - memset(&qos, 0, sizeof(qos)); - - if (copy_from_sockptr(&qos, optval, len)) { - err = -EFAULT; + err = bt_copy_from_sockptr(&qos, sizeof(qos), optval, optlen); + if (err) break; - } if (!check_qos(&qos)) { err = -EINVAL; @@ -1252,18 +1242,16 @@ static int iso_sock_setsockopt(struct socket *sock, int level, int optname, } if (optlen > sizeof(iso_pi(sk)->base)) { - err = -EOVERFLOW; + err = -EINVAL; break; } - len = min_t(unsigned int, sizeof(iso_pi(sk)->base), optlen); - - if (copy_from_sockptr(iso_pi(sk)->base, optval, len)) { - err = -EFAULT; + err = bt_copy_from_sockptr(iso_pi(sk)->base, optlen, optval, + optlen); + if (err) break; - } - iso_pi(sk)->base_len = len; + iso_pi(sk)->base_len = optlen; break; -- 2.43.0

10 months, 1 week

1
0
0 0

[PATCH 1/2] MAINTAINERS: update location of media main tree

by Mauro Carvalho Chehab

There were some recent changes on the way we're handling media patches. Now, the official tree is located at: https://git.linuxtv.org/media.git/ Update it at MAINTAINERS file. Cc: stable(a)vger.kernel.org Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> --- MAINTAINERS | 332 ++++++++++++++++++++++++++-------------------------- 1 file changed, 166 insertions(+), 166 deletions(-) diff --git a/MAINTAINERS b/MAINTAINERS index b599693deb13..aab0827938b6 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -701,7 +701,7 @@ M: Hans Verkuil <hverkuil(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Maintained W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/radio/radio-aimslab* AIO @@ -809,7 +809,7 @@ ALLWINNER A10 CSI DRIVER M: Maxime Ripard <mripard(a)kernel.org> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/allwinner,sun4i-a10-csi.yaml F: drivers/media/platform/sunxi/sun4i-csi/ @@ -818,7 +818,7 @@ M: Yong Deng <yong.deng(a)magewell.com> M: Paul Kocialkowski <paul.kocialkowski(a)bootlin.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/allwinner,sun6i-a31-csi.yaml F: drivers/media/platform/sunxi/sun6i-csi/ @@ -826,7 +826,7 @@ ALLWINNER A31 ISP DRIVER M: Paul Kocialkowski <paul.kocialkowski(a)bootlin.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/allwinner,sun6i-a31-isp.yaml F: drivers/staging/media/sunxi/sun6i-isp/ F: drivers/staging/media/sunxi/sun6i-isp/uapi/sun6i-isp-config.h @@ -835,7 +835,7 @@ ALLWINNER A31 MIPI CSI-2 BRIDGE DRIVER M: Paul Kocialkowski <paul.kocialkowski(a)bootlin.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/allwinner,sun6i-a31-mipi-csi2.yaml F: drivers/media/platform/sunxi/sun6i-mipi-csi2/ @@ -3348,7 +3348,7 @@ ASAHI KASEI AK7375 LENS VOICE COIL DRIVER M: Tianshu Qiu <tian.shu.qiu(a)intel.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/asahi-kasei,ak7375.yaml F: drivers/media/i2c/ak7375.c @@ -3765,7 +3765,7 @@ M: Mauro Carvalho Chehab <mchehab(a)kernel.org> L: linux-media(a)vger.kernel.org S: Maintained W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/usb/dvb-usb-v2/az6007.c AZTECH FM RADIO RECEIVER DRIVER @@ -3773,7 +3773,7 @@ M: Hans Verkuil <hverkuil(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Maintained W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/radio/radio-aztech* B43 WIRELESS DRIVER @@ -3857,7 +3857,7 @@ M: Fabien Dessenne <fabien.dessenne(a)foss.st.com> L: linux-media(a)vger.kernel.org S: Supported W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/platform/st/sti/bdisp BECKHOFF CX5020 ETHERCAT MASTER DRIVER @@ -4865,7 +4865,7 @@ M: Mauro Carvalho Chehab <mchehab(a)kernel.org> L: linux-media(a)vger.kernel.org S: Odd fixes W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/driver-api/media/drivers/bttv* F: drivers/media/pci/bt8xx/bttv* @@ -4979,13 +4979,13 @@ M: Hans Verkuil <hverkuil(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Maintained W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/radio/radio-cadet* CAFE CMOS INTEGRATED CAMERA CONTROLLER DRIVER L: linux-media(a)vger.kernel.org S: Orphan -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/admin-guide/media/cafe_ccic* F: drivers/media/platform/marvell/ @@ -5169,7 +5169,7 @@ M: Hans Verkuil <hverkuil-cisco(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Supported W: http://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/ABI/testing/debugfs-cec-error-inj F: Documentation/devicetree/bindings/media/cec/cec-common.yaml F: Documentation/driver-api/media/cec-core.rst @@ -5186,7 +5186,7 @@ M: Hans Verkuil <hverkuil-cisco(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Supported W: http://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/cec/cec-gpio.yaml F: drivers/media/cec/platform/cec-gpio/ @@ -5393,7 +5393,7 @@ CHRONTEL CH7322 CEC DRIVER M: Joe Tessler <jrt(a)google.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/chrontel,ch7322.yaml F: drivers/media/cec/i2c/ch7322.c @@ -5582,7 +5582,7 @@ M: Hans Verkuil <hverkuil-cisco(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Supported W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/pci/cobalt/ COCCINELLE/Semantic Patches (SmPL) @@ -6026,7 +6026,7 @@ M: Hans Verkuil <hverkuil(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Odd Fixes W: http://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/i2c/cs3308.c CS5535 Audio ALSA driver @@ -6057,7 +6057,7 @@ M: Andy Walls <awalls(a)md.metrocast.net> L: linux-media(a)vger.kernel.org S: Maintained W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/pci/cx18/ F: include/uapi/linux/ivtv* @@ -6066,7 +6066,7 @@ M: Hans Verkuil <hverkuil(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Maintained W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/common/cx2341x* F: include/media/drv-intf/cx2341x.h @@ -6084,7 +6084,7 @@ M: Mauro Carvalho Chehab <mchehab(a)kernel.org> L: linux-media(a)vger.kernel.org S: Odd fixes W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/driver-api/media/drivers/cx88* F: drivers/media/pci/cx88/ @@ -6320,7 +6320,7 @@ DEINTERLACE DRIVERS FOR ALLWINNER H3 M: Jernej Skrabec <jernej.skrabec(a)gmail.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/allwinner,sun8i-h3-deinterlace.yaml F: drivers/media/platform/sunxi/sun8i-di/ @@ -6447,7 +6447,7 @@ M: Hugues Fruchet <hugues.fruchet(a)foss.st.com> L: linux-media(a)vger.kernel.org S: Supported W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/platform/st/sti/delta DENALI NAND DRIVER @@ -6855,7 +6855,7 @@ DONGWOON DW9714 LENS VOICE COIL DRIVER M: Sakari Ailus <sakari.ailus(a)linux.intel.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/dongwoon,dw9714.yaml F: drivers/media/i2c/dw9714.c @@ -6863,13 +6863,13 @@ DONGWOON DW9719 LENS VOICE COIL DRIVER M: Daniel Scally <djrscally(a)gmail.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/i2c/dw9719.c DONGWOON DW9768 LENS VOICE COIL DRIVER L: linux-media(a)vger.kernel.org S: Orphan -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/dongwoon,dw9768.yaml F: drivers/media/i2c/dw9768.c @@ -6877,7 +6877,7 @@ DONGWOON DW9807 LENS VOICE COIL DRIVER M: Sakari Ailus <sakari.ailus(a)linux.intel.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/dongwoon,dw9807-vcm.yaml F: drivers/media/i2c/dw9807-vcm.c @@ -7860,7 +7860,7 @@ DSBR100 USB FM RADIO DRIVER M: Alexey Klimov <alexey.klimov(a)linaro.org> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/radio/dsbr100.c DT3155 MEDIA DRIVER @@ -7868,7 +7868,7 @@ M: Hans Verkuil <hverkuil(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Odd Fixes W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/pci/dt3155/ DVB_USB_AF9015 MEDIA DRIVER @@ -7913,7 +7913,7 @@ S: Maintained W: https://linuxtv.org W: http://github.com/mkrufky Q: http://patchwork.linuxtv.org/project/linux-media/list/ -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/usb/dvb-usb/cxusb* DVB_USB_EC168 MEDIA DRIVER @@ -8282,7 +8282,7 @@ M: Mauro Carvalho Chehab <mchehab(a)kernel.org> L: linux-media(a)vger.kernel.org S: Maintained W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/admin-guide/media/em28xx* F: drivers/media/usb/em28xx/ @@ -8578,7 +8578,7 @@ EXTRON DA HD 4K PLUS CEC DRIVER M: Hans Verkuil <hverkuil(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/cec/usb/extron-da-hd-4k-plus/ EXYNOS DP DRIVER @@ -9400,7 +9400,7 @@ GALAXYCORE GC2145 SENSOR DRIVER M: Alain Volmat <alain.volmat(a)foss.st.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/galaxycore,gc2145.yaml F: drivers/media/i2c/gc2145.c @@ -9448,7 +9448,7 @@ M: Hans Verkuil <hverkuil(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Maintained W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/radio/radio-gemtek* GENERIC ARCHITECTURE TOPOLOGY @@ -9830,56 +9830,56 @@ GS1662 VIDEO SERIALIZER M: Charles-Antoine Couret <charles-antoine.couret(a)nexvision.fr> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/spi/gs1662.c GSPCA FINEPIX SUBDRIVER M: Frank Zago <frank(a)zago.net> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/usb/gspca/finepix.c GSPCA GL860 SUBDRIVER M: Olivier Lorin <o.lorin(a)laposte.net> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/usb/gspca/gl860/ GSPCA M5602 SUBDRIVER M: Erik Andren <erik.andren(a)gmail.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/usb/gspca/m5602/ GSPCA PAC207 SONIXB SUBDRIVER M: Hans Verkuil <hverkuil(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Odd Fixes -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/usb/gspca/pac207.c GSPCA SN9C20X SUBDRIVER M: Brian Johnson <brijohn(a)gmail.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/usb/gspca/sn9c20x.c GSPCA T613 SUBDRIVER M: Leandro Costantino <lcostantino(a)gmail.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/usb/gspca/t613.c GSPCA USB WEBCAM DRIVER M: Hans Verkuil <hverkuil(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Odd Fixes -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/usb/gspca/ GTP (GPRS Tunneling Protocol) @@ -9996,7 +9996,7 @@ M: Hans Verkuil <hverkuil(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Odd Fixes W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/usb/hdpvr/ HEWLETT PACKARD ENTERPRISE ILO CHIF DRIVER @@ -10503,7 +10503,7 @@ M: Jean-Christophe Trotin <jean-christophe.trotin(a)foss.st.com> L: linux-media(a)vger.kernel.org S: Supported W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/platform/st/sti/hva HWPOISON MEMORY FAILURE HANDLING @@ -10531,7 +10531,7 @@ HYNIX HI556 SENSOR DRIVER M: Sakari Ailus <sakari.ailus(a)linux.intel.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/i2c/hi556.c HYNIX HI846 SENSOR DRIVER @@ -11502,7 +11502,7 @@ M: Dan Scally <djrscally(a)gmail.com> R: Tianshu Qiu <tian.shu.qiu(a)intel.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/userspace-api/media/v4l/pixfmt-srggb10-ipu3.rst F: drivers/media/pci/intel/ipu3/ @@ -11523,7 +11523,7 @@ M: Bingbu Cao <bingbu.cao(a)intel.com> R: Tianshu Qiu <tian.shu.qiu(a)intel.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/admin-guide/media/ipu6-isys.rst F: drivers/media/pci/intel/ipu6/ @@ -12036,7 +12036,7 @@ M: Hans Verkuil <hverkuil(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Maintained W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/radio/radio-isa* ISAPNP @@ -12138,7 +12138,7 @@ M: Andy Walls <awalls(a)md.metrocast.net> L: linux-media(a)vger.kernel.org S: Maintained W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/admin-guide/media/ivtv* F: drivers/media/pci/ivtv/ F: include/uapi/linux/ivtv* @@ -12286,7 +12286,7 @@ M: Hans Verkuil <hverkuil(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Maintained W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/radio/radio-keene* KERNEL AUTOMOUNTER @@ -13573,7 +13573,7 @@ MA901 MASTERKIT USB FM RADIO DRIVER M: Alexey Klimov <alexey.klimov(a)linaro.org> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/radio/radio-ma901.c MAC80211 @@ -13868,7 +13868,7 @@ MAX2175 SDR TUNER DRIVER M: Ramesh Shanmugasundaram <rashanmu(a)gmail.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/max2175.txt F: Documentation/userspace-api/media/drivers/max2175.rst F: drivers/media/i2c/max2175* @@ -14048,7 +14048,7 @@ M: Hans Verkuil <hverkuil(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Maintained W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/radio/radio-maxiradio* MAXLINEAR ETHERNET PHY DRIVER @@ -14131,7 +14131,7 @@ M: Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> L: linux-media(a)vger.kernel.org S: Supported W: https://www.linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/mc/ F: include/media/media-*.h F: include/uapi/linux/media.h @@ -14140,7 +14140,7 @@ MEDIA DRIVER FOR FREESCALE IMX PXP M: Philipp Zabel <p.zabel(a)pengutronix.de> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/platform/nxp/imx-pxp.[ch] MEDIA DRIVERS FOR ASCOT2E @@ -14149,7 +14149,7 @@ L: linux-media(a)vger.kernel.org S: Supported W: https://linuxtv.org W: http://netup.tv/ -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/dvb-frontends/ascot2e* MEDIA DRIVERS FOR CXD2099AR CI CONTROLLERS @@ -14157,7 +14157,7 @@ M: Jasmin Jessich <jasmin(a)anw.at> L: linux-media(a)vger.kernel.org S: Maintained W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/dvb-frontends/cxd2099* MEDIA DRIVERS FOR CXD2841ER @@ -14166,7 +14166,7 @@ L: linux-media(a)vger.kernel.org S: Supported W: https://linuxtv.org W: http://netup.tv/ -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/dvb-frontends/cxd2841er* MEDIA DRIVERS FOR CXD2880 @@ -14174,7 +14174,7 @@ M: Yasunari Takiguchi <Yasunari.Takiguchi(a)sony.com> L: linux-media(a)vger.kernel.org S: Supported W: http://linuxtv.org/ -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/dvb-frontends/cxd2880/* F: drivers/media/spi/cxd2880* @@ -14182,7 +14182,7 @@ MEDIA DRIVERS FOR DIGITAL DEVICES PCIE DEVICES L: linux-media(a)vger.kernel.org S: Orphan W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/pci/ddbridge/* MEDIA DRIVERS FOR FREESCALE IMX @@ -14190,7 +14190,7 @@ M: Steve Longerbeam <slongerbeam(a)gmail.com> M: Philipp Zabel <p.zabel(a)pengutronix.de> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/admin-guide/media/imx.rst F: Documentation/devicetree/bindings/media/imx.txt F: drivers/staging/media/imx/ @@ -14204,7 +14204,7 @@ M: Martin Kepplinger <martin.kepplinger(a)puri.sm> R: Purism Kernel Team <kernel(a)puri.sm> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/admin-guide/media/imx7.rst F: Documentation/devicetree/bindings/media/nxp,imx-mipi-csi2.yaml F: Documentation/devicetree/bindings/media/nxp,imx7-csi.yaml @@ -14219,7 +14219,7 @@ L: linux-media(a)vger.kernel.org S: Supported W: https://linuxtv.org W: http://netup.tv/ -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/dvb-frontends/helene* MEDIA DRIVERS FOR HORUS3A @@ -14228,7 +14228,7 @@ L: linux-media(a)vger.kernel.org S: Supported W: https://linuxtv.org W: http://netup.tv/ -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/dvb-frontends/horus3a* MEDIA DRIVERS FOR LNBH25 @@ -14237,14 +14237,14 @@ L: linux-media(a)vger.kernel.org S: Supported W: https://linuxtv.org W: http://netup.tv/ -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/dvb-frontends/lnbh25* MEDIA DRIVERS FOR MXL5XX TUNER DEMODULATORS L: linux-media(a)vger.kernel.org S: Orphan W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/dvb-frontends/mxl5xx* MEDIA DRIVERS FOR NETUP PCI UNIVERSAL DVB devices @@ -14253,7 +14253,7 @@ L: linux-media(a)vger.kernel.org S: Supported W: https://linuxtv.org W: http://netup.tv/ -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/pci/netup_unidvb/* MEDIA DRIVERS FOR NVIDIA TEGRA - VDE @@ -14261,7 +14261,7 @@ M: Dmitry Osipenko <digetx(a)gmail.com> L: linux-media(a)vger.kernel.org L: linux-tegra(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/nvidia,tegra-vde.yaml F: drivers/media/platform/nvidia/tegra-vde/ @@ -14270,7 +14270,7 @@ M: Jacopo Mondi <jacopo(a)jmondi.org> L: linux-media(a)vger.kernel.org L: linux-renesas-soc(a)vger.kernel.org S: Supported -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/renesas,ceu.yaml F: drivers/media/platform/renesas/renesas-ceu.c F: include/media/drv-intf/renesas-ceu.h @@ -14280,7 +14280,7 @@ M: Fabrizio Castro <fabrizio.castro.jz(a)renesas.com> L: linux-media(a)vger.kernel.org L: linux-renesas-soc(a)vger.kernel.org S: Supported -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/renesas,drif.yaml F: drivers/media/platform/renesas/rcar_drif.c @@ -14289,7 +14289,7 @@ M: Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> L: linux-media(a)vger.kernel.org L: linux-renesas-soc(a)vger.kernel.org S: Supported -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/renesas,fcp.yaml F: drivers/media/platform/renesas/rcar-fcp.c F: include/media/rcar-fcp.h @@ -14299,7 +14299,7 @@ M: Kieran Bingham <kieran.bingham+renesas(a)ideasonboard.com> L: linux-media(a)vger.kernel.org L: linux-renesas-soc(a)vger.kernel.org S: Supported -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/renesas,fdp1.yaml F: drivers/media/platform/renesas/rcar_fdp1.c @@ -14308,7 +14308,7 @@ M: Niklas Söderlund <niklas.soderlund(a)ragnatech.se> L: linux-media(a)vger.kernel.org L: linux-renesas-soc(a)vger.kernel.org S: Supported -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/renesas,csi2.yaml F: Documentation/devicetree/bindings/media/renesas,isp.yaml F: Documentation/devicetree/bindings/media/renesas,vin.yaml @@ -14322,7 +14322,7 @@ M: Kieran Bingham <kieran.bingham+renesas(a)ideasonboard.com> L: linux-media(a)vger.kernel.org L: linux-renesas-soc(a)vger.kernel.org S: Supported -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/renesas,vsp1.yaml F: drivers/media/platform/renesas/vsp1/ @@ -14330,14 +14330,14 @@ MEDIA DRIVERS FOR ST STV0910 DEMODULATOR ICs L: linux-media(a)vger.kernel.org S: Orphan W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/dvb-frontends/stv0910* MEDIA DRIVERS FOR ST STV6111 TUNER ICs L: linux-media(a)vger.kernel.org S: Orphan W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/dvb-frontends/stv6111* MEDIA DRIVERS FOR STM32 - DCMI / DCMIPP @@ -14345,7 +14345,7 @@ M: Hugues Fruchet <hugues.fruchet(a)foss.st.com> M: Alain Volmat <alain.volmat(a)foss.st.com> L: linux-media(a)vger.kernel.org S: Supported -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/st,stm32-dcmi.yaml F: Documentation/devicetree/bindings/media/st,stm32-dcmipp.yaml F: drivers/media/platform/st/stm32/stm32-dcmi.c @@ -14357,7 +14357,7 @@ L: linux-media(a)vger.kernel.org S: Maintained W: https://linuxtv.org Q: http://patchwork.kernel.org/project/linux-media/list/ -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/admin-guide/media/ F: Documentation/devicetree/bindings/media/ F: Documentation/driver-api/media/ @@ -14933,7 +14933,7 @@ L: linux-media(a)vger.kernel.org L: linux-amlogic(a)lists.infradead.org S: Supported W: http://linux-meson.com/ -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/cec/amlogic,meson-gx-ao-cec.yaml F: drivers/media/cec/platform/meson/ao-cec-g12a.c F: drivers/media/cec/platform/meson/ao-cec.c @@ -14943,7 +14943,7 @@ M: Neil Armstrong <neil.armstrong(a)linaro.org> L: linux-media(a)vger.kernel.org L: linux-amlogic(a)lists.infradead.org S: Supported -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/amlogic,axg-ge2d.yaml F: drivers/media/platform/amlogic/meson-ge2d/ @@ -14959,7 +14959,7 @@ M: Neil Armstrong <neil.armstrong(a)linaro.org> L: linux-media(a)vger.kernel.org L: linux-amlogic(a)lists.infradead.org S: Supported -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/amlogic,gx-vdec.yaml F: drivers/staging/media/meson/vdec/ @@ -15557,7 +15557,7 @@ M: Hans Verkuil <hverkuil(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Odd Fixes W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/radio/radio-miropcm20* MITSUMI MM8013 FG DRIVER @@ -15709,7 +15709,7 @@ MR800 AVERMEDIA USB FM RADIO DRIVER M: Alexey Klimov <alexey.klimov(a)linaro.org> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/radio/radio-mr800.c MRF24J40 IEEE 802.15.4 RADIO DRIVER @@ -15776,7 +15776,7 @@ MT9M114 ONSEMI SENSOR DRIVER M: Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/onnn,mt9m114.yaml F: drivers/media/i2c/mt9m114.c @@ -15784,7 +15784,7 @@ MT9P031 APTINA CAMERA SENSOR M: Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/aptina,mt9p031.yaml F: drivers/media/i2c/mt9p031.c @@ -15792,7 +15792,7 @@ MT9T112 APTINA CAMERA SENSOR M: Jacopo Mondi <jacopo(a)jmondi.org> L: linux-media(a)vger.kernel.org S: Odd Fixes -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/i2c/mt9t112.c F: include/media/i2c/mt9t112.h @@ -15800,7 +15800,7 @@ MT9V032 APTINA CAMERA SENSOR M: Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/mt9v032.txt F: drivers/media/i2c/mt9v032.c F: include/media/i2c/mt9v032.h @@ -15809,7 +15809,7 @@ MT9V111 APTINA CAMERA SENSOR M: Jacopo Mondi <jacopo(a)jmondi.org> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/aptina,mt9v111.yaml F: drivers/media/i2c/mt9v111.c @@ -16996,13 +16996,13 @@ OMNIVISION OV01A10 SENSOR DRIVER M: Bingbu Cao <bingbu.cao(a)intel.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/i2c/ov01a10.c OMNIVISION OV02A10 SENSOR DRIVER L: linux-media(a)vger.kernel.org S: Orphan -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/ovti,ov02a10.yaml F: drivers/media/i2c/ov02a10.c @@ -17010,14 +17010,14 @@ OMNIVISION OV08D10 SENSOR DRIVER M: Jimmy Su <jimmy.su(a)intel.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/i2c/ov08d10.c OMNIVISION OV08X40 SENSOR DRIVER M: Jason Chen <jason.z.chen(a)intel.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/i2c/ov08x40.c F: Documentation/devicetree/bindings/media/i2c/ovti,ov08x40.yaml @@ -17025,14 +17025,14 @@ OMNIVISION OV13858 SENSOR DRIVER M: Sakari Ailus <sakari.ailus(a)linux.intel.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/i2c/ov13858.c OMNIVISION OV13B10 SENSOR DRIVER M: Arec Kao <arec.kao(a)intel.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/i2c/ov13b10.c OMNIVISION OV2680 SENSOR DRIVER @@ -17040,7 +17040,7 @@ M: Rui Miguel Silva <rmfrfs(a)gmail.com> M: Hans de Goede <hansg(a)kernel.org> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/ovti,ov2680.yaml F: drivers/media/i2c/ov2680.c @@ -17048,7 +17048,7 @@ OMNIVISION OV2685 SENSOR DRIVER M: Shunqian Zheng <zhengsq(a)rock-chips.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/ovti,ov2685.yaml F: drivers/media/i2c/ov2685.c @@ -17058,14 +17058,14 @@ R: Sakari Ailus <sakari.ailus(a)linux.intel.com> R: Bingbu Cao <bingbu.cao(a)intel.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/i2c/ov2740.c OMNIVISION OV4689 SENSOR DRIVER M: Mikhail Rudenko <mike.rudenko(a)gmail.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/ovti,ov4689.yaml F: drivers/media/i2c/ov4689.c @@ -17073,7 +17073,7 @@ OMNIVISION OV5640 SENSOR DRIVER M: Steve Longerbeam <slongerbeam(a)gmail.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/i2c/ov5640.c OMNIVISION OV5647 SENSOR DRIVER @@ -17081,7 +17081,7 @@ M: Dave Stevenson <dave.stevenson(a)raspberrypi.com> M: Jacopo Mondi <jacopo(a)jmondi.org> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/ovti,ov5647.yaml F: drivers/media/i2c/ov5647.c @@ -17089,7 +17089,7 @@ OMNIVISION OV5670 SENSOR DRIVER M: Sakari Ailus <sakari.ailus(a)linux.intel.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/ovti,ov5670.yaml F: drivers/media/i2c/ov5670.c @@ -17097,7 +17097,7 @@ OMNIVISION OV5675 SENSOR DRIVER M: Sakari Ailus <sakari.ailus(a)linux.intel.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/ovti,ov5675.yaml F: drivers/media/i2c/ov5675.c @@ -17105,7 +17105,7 @@ OMNIVISION OV5693 SENSOR DRIVER M: Daniel Scally <djrscally(a)gmail.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/ovti,ov5693.yaml F: drivers/media/i2c/ov5693.c @@ -17113,21 +17113,21 @@ OMNIVISION OV5695 SENSOR DRIVER M: Shunqian Zheng <zhengsq(a)rock-chips.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/i2c/ov5695.c OMNIVISION OV64A40 SENSOR DRIVER M: Jacopo Mondi <jacopo.mondi(a)ideasonboard.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/ovti,ov64a40.yaml F: drivers/media/i2c/ov64a40.c OMNIVISION OV7670 SENSOR DRIVER L: linux-media(a)vger.kernel.org S: Orphan -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/ov7670.txt F: drivers/media/i2c/ov7670.c @@ -17135,7 +17135,7 @@ OMNIVISION OV772x SENSOR DRIVER M: Jacopo Mondi <jacopo(a)jmondi.org> L: linux-media(a)vger.kernel.org S: Odd fixes -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/ovti,ov772x.yaml F: drivers/media/i2c/ov772x.c F: include/media/i2c/ov772x.h @@ -17143,7 +17143,7 @@ F: include/media/i2c/ov772x.h OMNIVISION OV7740 SENSOR DRIVER L: linux-media(a)vger.kernel.org S: Orphan -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/ov7740.txt F: drivers/media/i2c/ov7740.c @@ -17151,7 +17151,7 @@ OMNIVISION OV8856 SENSOR DRIVER M: Sakari Ailus <sakari.ailus(a)linux.intel.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/ovti,ov8856.yaml F: drivers/media/i2c/ov8856.c @@ -17160,7 +17160,7 @@ M: Jacopo Mondi <jacopo.mondi(a)ideasonboard.com> M: Nicholas Roth <nicholas(a)rothemail.net> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/ovti,ov8858.yaml F: drivers/media/i2c/ov8858.c @@ -17168,7 +17168,7 @@ OMNIVISION OV9282 SENSOR DRIVER M: Dave Stevenson <dave.stevenson(a)raspberrypi.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/ovti,ov9282.yaml F: drivers/media/i2c/ov9282.c @@ -17184,7 +17184,7 @@ R: Akinobu Mita <akinobu.mita(a)gmail.com> R: Sylwester Nawrocki <s.nawrocki(a)samsung.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/ov9650.txt F: drivers/media/i2c/ov9650.c @@ -17193,7 +17193,7 @@ M: Tianshu Qiu <tian.shu.qiu(a)intel.com> R: Bingbu Cao <bingbu.cao(a)intel.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/i2c/ov9734.c ONBOARD USB HUB DRIVER @@ -18638,7 +18638,7 @@ PULSE8-CEC DRIVER M: Hans Verkuil <hverkuil(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/cec/usb/pulse8/ PURELIFI PLFXLC DRIVER @@ -18653,7 +18653,7 @@ L: pvrusb2(a)isely.net (subscribers-only) L: linux-media(a)vger.kernel.org S: Maintained W: http://www.isely.net/pvrusb2/ -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/driver-api/media/drivers/pvrusb2* F: drivers/media/usb/pvrusb2/ @@ -18661,7 +18661,7 @@ PWC WEBCAM DRIVER M: Hans Verkuil <hverkuil(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Odd Fixes -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/usb/pwc/* F: include/trace/events/pwc.h @@ -19165,7 +19165,7 @@ R: Bryan O'Donoghue <bryan.odonoghue(a)linaro.org> L: linux-media(a)vger.kernel.org L: linux-arm-msm(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/*venus* F: drivers/media/platform/qcom/venus/ @@ -19210,14 +19210,14 @@ RADIOSHARK RADIO DRIVER M: Hans Verkuil <hverkuil(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/radio/radio-shark.c RADIOSHARK2 RADIO DRIVER M: Hans Verkuil <hverkuil(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/radio/radio-shark2.c F: drivers/media/radio/radio-tea5777.c @@ -19241,7 +19241,7 @@ RAINSHADOW-CEC DRIVER M: Hans Verkuil <hverkuil(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/cec/usb/rainshadow/ RALINK MIPS ARCHITECTURE @@ -19332,7 +19332,7 @@ M: Sean Young <sean(a)mess.org> L: linux-media(a)vger.kernel.org S: Maintained W: http://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/driver-api/media/rc-core.rst F: Documentation/userspace-api/media/rc/ F: drivers/media/rc/ @@ -20046,7 +20046,7 @@ ROTATION DRIVER FOR ALLWINNER A83T M: Jernej Skrabec <jernej.skrabec(a)gmail.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/allwinner,sun8i-a83t-de2-rotate.yaml F: drivers/media/platform/sunxi/sun8i-rotate/ @@ -20300,7 +20300,7 @@ M: Hans Verkuil <hverkuil(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Odd Fixes W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/i2c/saa6588* SAA7134 VIDEO4LINUX DRIVER @@ -20308,7 +20308,7 @@ M: Mauro Carvalho Chehab <mchehab(a)kernel.org> L: linux-media(a)vger.kernel.org S: Odd fixes W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/driver-api/media/drivers/saa7134* F: drivers/media/pci/saa7134/ @@ -20316,7 +20316,7 @@ SAA7146 VIDEO4LINUX-2 DRIVER M: Hans Verkuil <hverkuil(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/common/saa7146/ F: drivers/media/pci/saa7146/ F: include/media/drv-intf/saa7146* @@ -20934,7 +20934,7 @@ SHARP RJ54N1CB0C SENSOR DRIVER M: Jacopo Mondi <jacopo(a)jmondi.org> L: linux-media(a)vger.kernel.org S: Odd fixes -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/i2c/rj54n1cb0c.c F: include/media/i2c/rj54n1cb0c.h @@ -20984,7 +20984,7 @@ M: Hans Verkuil <hverkuil(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Odd Fixes W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/silabs,si470x.yaml F: drivers/media/radio/si470x/radio-si470x-i2c.c @@ -20993,7 +20993,7 @@ M: Hans Verkuil <hverkuil(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Maintained W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/radio/si470x/radio-si470x-common.c F: drivers/media/radio/si470x/radio-si470x-usb.c F: drivers/media/radio/si470x/radio-si470x.h @@ -21003,7 +21003,7 @@ M: Eduardo Valentin <edubezval(a)gmail.com> L: linux-media(a)vger.kernel.org S: Odd Fixes W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/radio/si4713/si4713.? SI4713 FM RADIO TRANSMITTER PLATFORM DRIVER @@ -21011,7 +21011,7 @@ M: Eduardo Valentin <edubezval(a)gmail.com> L: linux-media(a)vger.kernel.org S: Odd Fixes W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/radio/si4713/radio-platform-si4713.c SI4713 FM RADIO TRANSMITTER USB DRIVER @@ -21019,7 +21019,7 @@ M: Hans Verkuil <hverkuil(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Maintained W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/radio/si4713/radio-usb-si4713.c SIANO DVB DRIVER @@ -21027,7 +21027,7 @@ M: Mauro Carvalho Chehab <mchehab(a)kernel.org> L: linux-media(a)vger.kernel.org S: Odd fixes W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/common/siano/ F: drivers/media/mmc/siano/ F: drivers/media/usb/siano/ @@ -21403,14 +21403,14 @@ SONY IMX208 SENSOR DRIVER M: Sakari Ailus <sakari.ailus(a)linux.intel.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/i2c/imx208.c SONY IMX214 SENSOR DRIVER M: Ricardo Ribalda <ribalda(a)kernel.org> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/sony,imx214.yaml F: drivers/media/i2c/imx214.c @@ -21418,7 +21418,7 @@ SONY IMX219 SENSOR DRIVER M: Dave Stevenson <dave.stevenson(a)raspberrypi.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/imx219.yaml F: drivers/media/i2c/imx219.c @@ -21426,7 +21426,7 @@ SONY IMX258 SENSOR DRIVER M: Sakari Ailus <sakari.ailus(a)linux.intel.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/sony,imx258.yaml F: drivers/media/i2c/imx258.c @@ -21434,7 +21434,7 @@ SONY IMX274 SENSOR DRIVER M: Leon Luo <leonl(a)leopardimaging.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/sony,imx274.yaml F: drivers/media/i2c/imx274.c @@ -21443,7 +21443,7 @@ M: Kieran Bingham <kieran.bingham(a)ideasonboard.com> M: Umang Jain <umang.jain(a)ideasonboard.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/sony,imx283.yaml F: drivers/media/i2c/imx283.c @@ -21451,7 +21451,7 @@ SONY IMX290 SENSOR DRIVER M: Manivannan Sadhasivam <manivannan.sadhasivam(a)linaro.org> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/sony,imx290.yaml F: drivers/media/i2c/imx290.c @@ -21460,7 +21460,7 @@ M: Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> M: Manivannan Sadhasivam <manivannan.sadhasivam(a)linaro.org> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/sony,imx296.yaml F: drivers/media/i2c/imx296.c @@ -21468,20 +21468,20 @@ SONY IMX319 SENSOR DRIVER M: Bingbu Cao <bingbu.cao(a)intel.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/i2c/imx319.c SONY IMX334 SENSOR DRIVER L: linux-media(a)vger.kernel.org S: Orphan -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/sony,imx334.yaml F: drivers/media/i2c/imx334.c SONY IMX335 SENSOR DRIVER L: linux-media(a)vger.kernel.org S: Orphan -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/sony,imx335.yaml F: drivers/media/i2c/imx335.c @@ -21489,13 +21489,13 @@ SONY IMX355 SENSOR DRIVER M: Tianshu Qiu <tian.shu.qiu(a)intel.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/i2c/imx355.c SONY IMX412 SENSOR DRIVER L: linux-media(a)vger.kernel.org S: Orphan -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/sony,imx412.yaml F: drivers/media/i2c/imx412.c @@ -21503,7 +21503,7 @@ SONY IMX415 SENSOR DRIVER M: Michael Riesch <michael.riesch(a)wolfvision.net> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/sony,imx415.yaml F: drivers/media/i2c/imx415.c @@ -21792,7 +21792,7 @@ M: Benjamin Mugnier <benjamin.mugnier(a)foss.st.com> M: Sylvain Petinot <sylvain.petinot(a)foss.st.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/st,st-mipid02.yaml F: drivers/media/i2c/st-mipid02.c @@ -21828,7 +21828,7 @@ M: Benjamin Mugnier <benjamin.mugnier(a)foss.st.com> M: Sylvain Petinot <sylvain.petinot(a)foss.st.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/st,st-vgxy61.yaml F: Documentation/userspace-api/media/drivers/vgxy61.rst F: drivers/media/i2c/vgxy61.c @@ -22118,7 +22118,7 @@ STK1160 USB VIDEO CAPTURE DRIVER M: Ezequiel Garcia <ezequiel(a)vanguardiasur.com.ar> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/usb/stk1160/ STM32 AUDIO (ASoC) DRIVERS @@ -22555,7 +22555,7 @@ L: linux-media(a)vger.kernel.org S: Maintained W: https://linuxtv.org Q: http://patchwork.linuxtv.org/project/linux-media/list/ -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/tuners/tda18250* TDA18271 MEDIA DRIVER @@ -22601,7 +22601,7 @@ M: Hans Verkuil <hverkuil(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Maintained W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/i2c/tda9840* TEA5761 TUNER DRIVER @@ -22609,7 +22609,7 @@ M: Mauro Carvalho Chehab <mchehab(a)kernel.org> L: linux-media(a)vger.kernel.org S: Odd fixes W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/tuners/tea5761.* TEA5767 TUNER DRIVER @@ -22617,7 +22617,7 @@ M: Mauro Carvalho Chehab <mchehab(a)kernel.org> L: linux-media(a)vger.kernel.org S: Maintained W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/tuners/tea5767.* TEA6415C MEDIA DRIVER @@ -22625,7 +22625,7 @@ M: Hans Verkuil <hverkuil(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Maintained W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/i2c/tea6415c* TEA6420 MEDIA DRIVER @@ -22633,7 +22633,7 @@ M: Hans Verkuil <hverkuil(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Maintained W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/i2c/tea6420* TEAM DRIVER @@ -22921,7 +22921,7 @@ M: Hans Verkuil <hverkuil(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Maintained W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/radio/radio-raremono.c THERMAL @@ -22997,7 +22997,7 @@ M: Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> M: Paul Elder <paul.elder(a)ideasonboard.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/i2c/thine,thp7312.yaml F: Documentation/userspace-api/media/drivers/thp7312.rst F: drivers/media/i2c/thp7312.c @@ -23584,7 +23584,7 @@ M: Hans Verkuil <hverkuil(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Odd Fixes W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/pci/tw68/ TW686X VIDEO4LINUX DRIVER @@ -23592,7 +23592,7 @@ M: Ezequiel Garcia <ezequiel(a)vanguardiasur.com.ar> L: linux-media(a)vger.kernel.org S: Maintained W: http://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/pci/tw686x/ U-BOOT ENVIRONMENT VARIABLES @@ -24076,7 +24076,7 @@ M: Hans de Goede <hdegoede(a)redhat.com> L: linux-media(a)vger.kernel.org S: Maintained W: http://www.ideasonboard.org/uvc/ -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/usb/uvc/ F: include/uapi/linux/uvcvideo.h @@ -24182,7 +24182,7 @@ V4L2 ASYNC AND FWNODE FRAMEWORKS M: Sakari Ailus <sakari.ailus(a)linux.intel.com> L: linux-media(a)vger.kernel.org S: Maintained -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/v4l2-core/v4l2-async.c F: drivers/media/v4l2-core/v4l2-fwnode.c F: include/media/v4l2-async.h @@ -24348,7 +24348,7 @@ M: Hans Verkuil <hverkuil-cisco(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Maintained W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/test-drivers/vicodec/* VIDEO I2C POLLING DRIVER @@ -24376,7 +24376,7 @@ M: Daniel W. S. Almeida <dwlsalmeida(a)gmail.com> L: linux-media(a)vger.kernel.org S: Maintained W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/test-drivers/vidtv/* VIMC VIRTUAL MEDIA CONTROLLER DRIVER @@ -24385,7 +24385,7 @@ R: Kieran Bingham <kieran.bingham(a)ideasonboard.com> L: linux-media(a)vger.kernel.org S: Maintained W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/test-drivers/vimc/* VIRT LIB @@ -24633,7 +24633,7 @@ M: Hans Verkuil <hverkuil(a)xs4all.nl> L: linux-media(a)vger.kernel.org S: Maintained W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/test-drivers/vivid/* VM SOCKETS (AF_VSOCK) @@ -25187,7 +25187,7 @@ M: Mauro Carvalho Chehab <mchehab(a)kernel.org> L: linux-media(a)vger.kernel.org S: Maintained W: https://linuxtv.org -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: drivers/media/tuners/xc2028.* XDP (eXpress Data Path) @@ -25411,7 +25411,7 @@ XILINX VIDEO IP CORES M: Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> L: linux-media(a)vger.kernel.org S: Supported -T: git git://linuxtv.org/media_tree.git +T: git git://linuxtv.org/media.git F: Documentation/devicetree/bindings/media/xilinx/ F: drivers/media/platform/xilinx/ F: include/uapi/linux/xilinx-v4l2-controls.h -- 2.47.0

10 months, 1 week

1
0
0 0

[PATCH 6.1.y] net: phy: phy_device: Prevent nullptr exceptions on ISR

by Xiangyu Chen

From: Andre Werner <andre.werner(a)systec-electronic.com> [ Upstream commit 61c81872815f46006982bb80460c0c80a949b35b ] If phydev->irq is set unconditionally, check for valid interrupt handler or fall back to polling mode to prevent nullptr exceptions in interrupt service routine. Signed-off-by: Andre Werner <andre.werner(a)systec-electronic.com> Reviewed-by: Andrew Lunn <andrew(a)lunn.ch> Link: https://lore.kernel.org/r/20240129135734.18975-2-andre.werner@systec-electr… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> Signed-off-by: Xiangyu Chen <xiangyu.chen(a)windriver.com> --- drivers/net/phy/phy_device.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/drivers/net/phy/phy_device.c b/drivers/net/phy/phy_device.c index f25b0d338ca8..b165f92db51c 100644 --- a/drivers/net/phy/phy_device.c +++ b/drivers/net/phy/phy_device.c @@ -1378,6 +1378,11 @@ int phy_sfp_probe(struct phy_device *phydev, } EXPORT_SYMBOL(phy_sfp_probe); +static bool phy_drv_supports_irq(struct phy_driver *phydrv) +{ + return phydrv->config_intr && phydrv->handle_interrupt; +} + /** * phy_attach_direct - attach a network device to a given PHY device pointer * @dev: network device to attach @@ -1487,6 +1492,9 @@ int phy_attach_direct(struct net_device *dev, struct phy_device *phydev, phydev->interrupts = PHY_INTERRUPT_DISABLED; + if (!phy_drv_supports_irq(phydev->drv) && phy_interrupt_is_valid(phydev)) + phydev->irq = PHY_POLL; + /* Port is set to PORT_TP by default and the actual PHY driver will set * it to different value depending on the PHY configuration. If we have * the generic PHY driver we can't figure it out, thus set the old @@ -2926,11 +2934,6 @@ s32 phy_get_internal_delay(struct phy_device *phydev, struct device *dev, } EXPORT_SYMBOL(phy_get_internal_delay); -static bool phy_drv_supports_irq(struct phy_driver *phydrv) -{ - return phydrv->config_intr && phydrv->handle_interrupt; -} - /** * fwnode_mdio_find_device - Given a fwnode, find the mdio_device * @fwnode: pointer to the mdio_device's fwnode -- 2.43.0

10 months, 1 week

1
0
0 0

[PATCH 2/2] jffs2: initialize inocache earlier

by Fedor Pchelkin

Inside jffs2_new_inode() there is a small gap when jffs2_init_acl_pre() or jffs2_do_new_inode() may fail e.g. due to a memory allocation error while uninit inocache field is touched upon subsequent inode eviction. general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] PREEMPT SMP KASAN NOPTI KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f] CPU: 0 PID: 10592 Comm: syz-executor.1 Not tainted 5.10.209-syzkaller #0 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 RIP: 0010:jffs2_xattr_delete_inode+0x35/0x130 fs/jffs2/xattr.c:602 Call Trace: jffs2_do_clear_inode+0x4c/0x570 fs/jffs2/readinode.c:1418 evict+0x281/0x6b0 fs/inode.c:577 iput_final fs/inode.c:1697 [inline] iput.part.0+0x4df/0x6d0 fs/inode.c:1723 iput+0x58/0x80 fs/inode.c:1713 jffs2_new_inode+0xb12/0xdb0 fs/jffs2/fs.c:469 jffs2_create+0x90/0x400 fs/jffs2/dir.c:177 lookup_open.isra.0+0xead/0x1260 fs/namei.c:3169 open_last_lookups fs/namei.c:3239 [inline] path_openat+0x96c/0x2670 fs/namei.c:3428 do_filp_open+0x1a4/0x3f0 fs/namei.c:3458 do_sys_openat2+0x171/0x420 fs/open.c:1186 do_sys_open fs/open.c:1202 [inline] __do_sys_openat fs/open.c:1218 [inline] __se_sys_openat fs/open.c:1213 [inline] __x64_sys_openat+0x13c/0x1f0 fs/open.c:1213 do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46 Initialize the inocache pointer to a NULL value while preparing an inode in jffs2_init_inode_info(). jffs2_xattr_delete_inode() will handle it later just fine. Found by Linux Verification Center (linuxtesting.org) with Syzkaller. Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Cc: stable(a)vger.kernel.org Signed-off-by: Fedor Pchelkin <pchelkin(a)ispras.ru> --- fs/jffs2/os-linux.h | 1 + 1 file changed, 1 insertion(+) diff --git a/fs/jffs2/os-linux.h b/fs/jffs2/os-linux.h index 86ab014a349c..39b6565f10c9 100644 --- a/fs/jffs2/os-linux.h +++ b/fs/jffs2/os-linux.h @@ -55,6 +55,7 @@ static inline void jffs2_init_inode_info(struct jffs2_inode_info *f) f->metadata = NULL; f->dents = NULL; f->target = NULL; + f->inocache = NULL; f->flags = 0; f->usercompr = 0; } -- 2.39.5

10 months, 1 week

2
1
0 0

FAILED: patch "[PATCH] mm: revert "mm: shmem: fix data-race in shmem_getattr()"" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x d1aa0c04294e29883d65eac6c2f72fe95cc7c049 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024111701-film-pantyhose-59de@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From d1aa0c04294e29883d65eac6c2f72fe95cc7c049 Mon Sep 17 00:00:00 2001 From: Andrew Morton <akpm(a)linux-foundation.org> Date: Fri, 15 Nov 2024 16:57:24 -0800 Subject: [PATCH] mm: revert "mm: shmem: fix data-race in shmem_getattr()" Revert d949d1d14fa2 ("mm: shmem: fix data-race in shmem_getattr()") as suggested by Chuck [1]. It is causing deadlocks when accessing tmpfs over NFS. As Hugh commented, "added just to silence a syzbot sanitizer splat: added where there has never been any practical problem". Link: https://lkml.kernel.org/r/ZzdxKF39VEmXSSyN@tissot.1015granger.net [1] Fixes: d949d1d14fa2 ("mm: shmem: fix data-race in shmem_getattr()") Acked-by: Hugh Dickins <hughd(a)google.com> Cc: Chuck Lever <chuck.lever(a)oracle.com> Cc: Jeongjun Park <aha310510(a)gmail.com> Cc: Yu Zhao <yuzhao(a)google.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> diff --git a/mm/shmem.c b/mm/shmem.c index e87f5d6799a7..568bb290bdce 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -1166,9 +1166,7 @@ static int shmem_getattr(struct mnt_idmap *idmap, stat->attributes_mask |= (STATX_ATTR_APPEND | STATX_ATTR_IMMUTABLE | STATX_ATTR_NODUMP); - inode_lock_shared(inode); generic_fillattr(idmap, request_mask, inode, stat); - inode_unlock_shared(inode); if (shmem_huge_global_enabled(inode, 0, 0, false, NULL, 0)) stat->blksize = HPAGE_PMD_SIZE;

10 months, 1 week

2
1
0 0

[PATCH 6.1] wifi: rtw89: fix null pointer access when abort scan

by Xiangyu Chen

From: Po-Hao Huang <phhuang(a)realtek.com> [ Upstream commit 7e11a2966f51695c0af0b1f976a32d64dee243b2 ] During cancel scan we might use vif that weren't scanning. Fix this by using the actual scanning vif. Signed-off-by: Po-Hao Huang <phhuang(a)realtek.com> Signed-off-by: Ping-Ke Shih <pkshih(a)realtek.com> Signed-off-by: Kalle Valo <kvalo(a)kernel.org> Link: https://msgid.link/20240119081501.25223-6-pkshih@realtek.com Signed-off-by: Sasha Levin <sashal(a)kernel.org> [Xiangyu: Bp to fix CVE: CVE-2024-35946 resolved minor conflicts] Signed-off-by: Xiangyu Chen <xiangyu.chen(a)windriver.com> --- drivers/net/wireless/realtek/rtw89/mac80211.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/wireless/realtek/rtw89/mac80211.c b/drivers/net/wireless/realtek/rtw89/mac80211.c index 3a108b13aa59..4909de5cd0ea 100644 --- a/drivers/net/wireless/realtek/rtw89/mac80211.c +++ b/drivers/net/wireless/realtek/rtw89/mac80211.c @@ -381,7 +381,7 @@ static void rtw89_ops_bss_info_changed(struct ieee80211_hw *hw, * when disconnected by peer */ if (rtwdev->scanning) - rtw89_hw_scan_abort(rtwdev, vif); + rtw89_hw_scan_abort(rtwdev, rtwdev->scan_info.scanning_vif); } } -- 2.43.0

10 months, 1 week

1
0
0 0

[PATCH 6.1] fs/ntfs3: Additional check in ntfs_file_release

by Bin Lan

From: Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> [ Upstream commit 031d6f608290c847ba6378322d0986d08d1a645a ] Reported-by: syzbot+8c652f14a0fde76ff11d(a)syzkaller.appspotmail.com Signed-off-by: Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> Signed-off-by: Bin Lan <bin.lan.cn(a)windriver.com> --- fs/ntfs3/file.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/fs/ntfs3/file.c b/fs/ntfs3/file.c index aedd4f5f459e..70b38465aee3 100644 --- a/fs/ntfs3/file.c +++ b/fs/ntfs3/file.c @@ -1214,8 +1214,16 @@ static int ntfs_file_release(struct inode *inode, struct file *file) int err = 0; /* If we are last writer on the inode, drop the block reservation. */ - if (sbi->options->prealloc && ((file->f_mode & FMODE_WRITE) && - atomic_read(&inode->i_writecount) == 1)) { + if (sbi->options->prealloc && + ((file->f_mode & FMODE_WRITE) && + atomic_read(&inode->i_writecount) == 1) + /* + * The only file when inode->i_fop = &ntfs_file_operations and + * init_rwsem(&ni->file.run_lock) is not called explicitly is MFT. + * + * Add additional check here. + */ + && inode->i_ino != MFT_REC_MFT) { ni_lock(ni); down_write(&ni->file.run_lock); -- 2.43.0

10 months, 1 week

1
0
0 0

[PATCH v6.1 0/2] ksmbd: fix potencial out-of-bounds when buffer offset is invalid

by Vamsi Krishna Brahmajosyula

The dependent patch (slab-out-of-bounds) is backported from 6.7 instead of 6.6. In the 6.6 commit (9e4937cbc150f), the upstream commit id points to an incorrect one. Namjae Jeon (2): ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() ksmbd: fix potencial out-of-bounds when buffer offset is invalid fs/smb/server/smb2misc.c | 26 ++++++++++++++++------ fs/smb/server/smb2pdu.c | 48 ++++++++++++++++++++++------------------ 2 files changed, 45 insertions(+), 29 deletions(-) -- 2.39.4

10 months, 1 week

2
3
0 0

[PATCH] wifi: rtlwifi: rtl8821ae: phy: restore removed code to fix infinite loop

by Colin Ian King

A previous clean-up fix removed the assignment of v2 inside a while loop that turned it into an infinite loop. Fix this by restoring the assignment of v2 from array[] so that v2 is updated inside the loop. Fixes: cda37445718d ("wifi: rtlwifi: rtl8821ae: phy: remove some useless code") Signed-off-by: Colin Ian King <colin.i.king(a)gmail.com> --- drivers/net/wireless/realtek/rtlwifi/rtl8821ae/phy.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/net/wireless/realtek/rtlwifi/rtl8821ae/phy.c b/drivers/net/wireless/realtek/rtlwifi/rtl8821ae/phy.c index 1be51ea3f3c8..0d4d787e8be5 100644 --- a/drivers/net/wireless/realtek/rtlwifi/rtl8821ae/phy.c +++ b/drivers/net/wireless/realtek/rtlwifi/rtl8821ae/phy.c @@ -2033,8 +2033,10 @@ static bool _rtl8821ae_phy_config_bb_with_pgheaderfile(struct ieee80211_hw *hw, if (!_rtl8821ae_check_condition(hw, v1)) { i += 2; /* skip the pair of expression*/ v2 = array[i+1]; - while (v2 != 0xDEAD) + while (v2 != 0xDEAD) { i += 3; + v2 = array[i + 1]; + } } } } -- 2.39.5

10 months, 1 week

4
4
0 0

[PATCH 2/2] net/niu: niu requires MSIX ENTRY_DATA fields touch before entry reads

by dullfire＠yahoo.com

From: Jonathan Currier <dullfire(a)yahoo.com> Fix niu_try_msix() to not cause a fatal trap on sparc systems. Set PCI_DEV_FLAGS_MSIX_TOUCH_ENTRY_DATA_FIRST on the struct pci_dev to work around a bug in the hardware or firmware. For each vector entry in the msix table, niu chips will cause a fatal trap if any registers in that entry are read before that entries' ENTRY_DATA register is written to. Testing indicates writes to other registers are not sufficient to prevent the fatal trap, however the value does not appear to matter. This only needs to happen once after power up, so simply rebooting into a kernel lacking this fix will NOT cause the trap. NON-RESUMABLE ERROR: Reporting on cpu 64 NON-RESUMABLE ERROR: TPC [0x00000000005f6900] <msix_prepare_msi_desc+0x90/0xa0> NON-RESUMABLE ERROR: RAW [4010000000000016:00000e37f93e32ff:0000000202000080:ffffffffffffffff NON-RESUMABLE ERROR: 0000000800000000:0000000000000000:0000000000000000:0000000000000000] NON-RESUMABLE ERROR: handle [0x4010000000000016] stick [0x00000e37f93e32ff] NON-RESUMABLE ERROR: type [precise nonresumable] NON-RESUMABLE ERROR: attrs [0x02000080] < ASI sp-faulted priv > NON-RESUMABLE ERROR: raddr [0xffffffffffffffff] NON-RESUMABLE ERROR: insn effective address [0x000000c50020000c] NON-RESUMABLE ERROR: size [0x8] NON-RESUMABLE ERROR: asi [0x00] CPU: 64 UID: 0 PID: 745 Comm: kworker/64:1 Not tainted 6.11.5 #63 Workqueue: events work_for_cpu_fn TSTATE: 0000000011001602 TPC: 00000000005f6900 TNPC: 00000000005f6904 Y: 00000000 Not tainted TPC: <msix_prepare_msi_desc+0x90/0xa0> g0: 00000000000002e9 g1: 000000000000000c g2: 000000c50020000c g3: 0000000000000100 g4: ffff8000470307c0 g5: ffff800fec5be000 g6: ffff800047a08000 g7: 0000000000000000 o0: ffff800014feb000 o1: ffff800047a0b620 o2: 0000000000000011 o3: ffff800047a0b620 o4: 0000000000000080 o5: 0000000000000011 sp: ffff800047a0ad51 ret_pc: 00000000005f7128 RPC: <__pci_enable_msix_range+0x3cc/0x460> l0: 000000000000000d l1: 000000000000c01f l2: ffff800014feb0a8 l3: 0000000000000020 l4: 000000000000c000 l5: 0000000000000001 l6: 0000000020000000 l7: ffff800047a0b734 i0: ffff800014feb000 i1: ffff800047a0b730 i2: 0000000000000001 i3: 000000000000000d i4: 0000000000000000 i5: 0000000000000000 i6: ffff800047a0ae81 i7: 00000000101888b0 I7: <niu_try_msix.constprop.0+0xc0/0x130 [niu]> Call Trace: [<00000000101888b0>] niu_try_msix.constprop.0+0xc0/0x130 [niu] [<000000001018f840>] niu_get_invariants+0x183c/0x207c [niu] [<00000000101902fc>] niu_pci_init_one+0x27c/0x2fc [niu] [<00000000005ef3e4>] local_pci_probe+0x28/0x74 [<0000000000469240>] work_for_cpu_fn+0x8/0x1c [<000000000046b008>] process_scheduled_works+0x144/0x210 [<000000000046b518>] worker_thread+0x13c/0x1c0 [<00000000004710e0>] kthread+0xb8/0xc8 [<00000000004060c8>] ret_from_fork+0x1c/0x2c [<0000000000000000>] 0x0 Kernel panic - not syncing: Non-resumable error. Fixes: 7d5ec3d36123 ("PCI/MSI: Mask all unused MSI-X entries") Cc: stable(a)vger.kernel.org Signed-off-by: Jonathan Currier <dullfire(a)yahoo.com> --- drivers/net/ethernet/sun/niu.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/net/ethernet/sun/niu.c b/drivers/net/ethernet/sun/niu.c index 41a27ae58ced..f5449b73b9a7 100644 --- a/drivers/net/ethernet/sun/niu.c +++ b/drivers/net/ethernet/sun/niu.c @@ -9058,6 +9058,8 @@ static void niu_try_msix(struct niu *np, u8 *ldg_num_map) msi_vec[i].entry = i; } + pdev->dev_flags |= PCI_DEV_FLAGS_MSIX_TOUCH_ENTRY_DATA_FIRST; + num_irqs = pci_enable_msix_range(pdev, msi_vec, 1, num_irqs); if (num_irqs < 0) { np->flags &= ~NIU_FLAGS_MSIX; -- 2.45.2

10 months, 1 week

1
0
0 0

[PATCH 1/2] PCI/MSI: Add MSIX option to write to ENTRY_DATA before any reads

by dullfire＠yahoo.com

From: Jonathan Currier <dullfire(a)yahoo.com> Commit 7d5ec3d36123 ("PCI/MSI: Mask all unused MSI-X entries") introduces a readl() from ENTRY_VECTOR_CTRL before the writel() to ENTRY_DATA. This is correct, however some hardware, like the Sun Neptune chips, the niu module, will cause an error and/or fatal trap if any MSIX table entry is read before the corresponding ENTRY_DATA field is written to. This patch adds an optional early writel() in msix_prepare_msi_desc(). Cc: stable(a)vger.kernel.org Signed-off-by: Jonathan Currier <dullfire(a)yahoo.com> --- drivers/pci/msi/msi.c | 2 ++ include/linux/pci.h | 2 ++ 2 files changed, 4 insertions(+) diff --git a/drivers/pci/msi/msi.c b/drivers/pci/msi/msi.c index 3a45879d85db..50d87fb5e37f 100644 --- a/drivers/pci/msi/msi.c +++ b/drivers/pci/msi/msi.c @@ -611,6 +611,8 @@ void msix_prepare_msi_desc(struct pci_dev *dev, struct msi_desc *desc) if (desc->pci.msi_attrib.can_mask) { void __iomem *addr = pci_msix_desc_addr(desc); + if (dev->dev_flags & PCI_DEV_FLAGS_MSIX_TOUCH_ENTRY_DATA_FIRST) + writel(0, addr + PCI_MSIX_ENTRY_DATA); desc->pci.msix_ctrl = readl(addr + PCI_MSIX_ENTRY_VECTOR_CTRL); } } diff --git a/include/linux/pci.h b/include/linux/pci.h index 37d97bef060f..b8b95b58d522 100644 --- a/include/linux/pci.h +++ b/include/linux/pci.h @@ -245,6 +245,8 @@ enum pci_dev_flags { PCI_DEV_FLAGS_NO_RELAXED_ORDERING = (__force pci_dev_flags_t) (1 << 11), /* Device does honor MSI masking despite saying otherwise */ PCI_DEV_FLAGS_HAS_MSI_MASKING = (__force pci_dev_flags_t) (1 << 12), + /* Device requires write to PCI_MSIX_ENTRY_DATA before any MSIX reads */ + PCI_DEV_FLAGS_MSIX_TOUCH_ENTRY_DATA_FIRST = (__force pci_dev_flags_t) (1 << 13), }; enum pci_irq_reroute_variant { -- 2.45.2

10 months, 1 week

1
0
0 0

FAILED: patch "[PATCH] mm/gup: avoid an unnecessary allocation call for" failed to apply to 6.11-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.11-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.11.y git checkout FETCH_HEAD git cherry-pick -x 94efde1d15399f5c88e576923db9bcd422d217f2 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024111754-stamina-flyer-1e05@gregkh' --subject-prefix 'PATCH 6.11.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 94efde1d15399f5c88e576923db9bcd422d217f2 Mon Sep 17 00:00:00 2001 From: John Hubbard <jhubbard(a)nvidia.com> Date: Mon, 4 Nov 2024 19:29:44 -0800 Subject: [PATCH] mm/gup: avoid an unnecessary allocation call for FOLL_LONGTERM cases commit 53ba78de064b ("mm/gup: introduce check_and_migrate_movable_folios()") created a new constraint on the pin_user_pages*() API family: a potentially large internal allocation must now occur, for FOLL_LONGTERM cases. A user-visible consequence has now appeared: user space can no longer pin more than 2GB of memory anymore on x86_64. That's because, on a 4KB PAGE_SIZE system, when user space tries to (indirectly, via a device driver that calls pin_user_pages()) pin 2GB, this requires an allocation of a folio pointers array of MAX_PAGE_ORDER size, which is the limit for kmalloc(). In addition to the directly visible effect described above, there is also the problem of adding an unnecessary allocation. The **pages array argument has already been allocated, and there is no need for a redundant **folios array allocation in this case. Fix this by avoiding the new allocation entirely. This is done by referring to either the original page[i] within **pages, or to the associated folio. Thanks to David Hildenbrand for suggesting this approach and for providing the initial implementation (which I've tested and adjusted slightly) as well. [jhubbard(a)nvidia.com: whitespace tweak, per David] Link: https://lkml.kernel.org/r/131cf9c8-ebc0-4cbb-b722-22fa8527bf3c@nvidia.com [jhubbard(a)nvidia.com: bypass pofs_get_folio(), per Oscar] Link: https://lkml.kernel.org/r/c1587c7f-9155-45be-bd62-1e36c0dd6923@nvidia.com Link: https://lkml.kernel.org/r/20241105032944.141488-2-jhubbard@nvidia.com Fixes: 53ba78de064b ("mm/gup: introduce check_and_migrate_movable_folios()") Signed-off-by: John Hubbard <jhubbard(a)nvidia.com> Suggested-by: David Hildenbrand <david(a)redhat.com> Acked-by: David Hildenbrand <david(a)redhat.com> Reviewed-by: Oscar Salvador <osalvador(a)suse.de> Cc: Vivek Kasireddy <vivek.kasireddy(a)intel.com> Cc: Dave Airlie <airlied(a)redhat.com> Cc: Gerd Hoffmann <kraxel(a)redhat.com> Cc: Matthew Wilcox <willy(a)infradead.org> Cc: Christoph Hellwig <hch(a)infradead.org> Cc: Jason Gunthorpe <jgg(a)nvidia.com> Cc: Peter Xu <peterx(a)redhat.com> Cc: Arnd Bergmann <arnd(a)arndb.de> Cc: Daniel Vetter <daniel.vetter(a)ffwll.ch> Cc: Dongwon Kim <dongwon.kim(a)intel.com> Cc: Hugh Dickins <hughd(a)google.com> Cc: Junxiao Chang <junxiao.chang(a)intel.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> diff --git a/mm/gup.c b/mm/gup.c index 4637dab7b54f..ad0c8922dac3 100644 --- a/mm/gup.c +++ b/mm/gup.c @@ -2273,20 +2273,57 @@ struct page *get_dump_page(unsigned long addr) #endif /* CONFIG_ELF_CORE */ #ifdef CONFIG_MIGRATION + +/* + * An array of either pages or folios ("pofs"). Although it may seem tempting to + * avoid this complication, by simply interpreting a list of folios as a list of + * pages, that approach won't work in the longer term, because eventually the + * layouts of struct page and struct folio will become completely different. + * Furthermore, this pof approach avoids excessive page_folio() calls. + */ +struct pages_or_folios { + union { + struct page **pages; + struct folio **folios; + void **entries; + }; + bool has_folios; + long nr_entries; +}; + +static struct folio *pofs_get_folio(struct pages_or_folios *pofs, long i) +{ + if (pofs->has_folios) + return pofs->folios[i]; + return page_folio(pofs->pages[i]); +} + +static void pofs_clear_entry(struct pages_or_folios *pofs, long i) +{ + pofs->entries[i] = NULL; +} + +static void pofs_unpin(struct pages_or_folios *pofs) +{ + if (pofs->has_folios) + unpin_folios(pofs->folios, pofs->nr_entries); + else + unpin_user_pages(pofs->pages, pofs->nr_entries); +} + /* * Returns the number of collected folios. Return value is always >= 0. */ static unsigned long collect_longterm_unpinnable_folios( - struct list_head *movable_folio_list, - unsigned long nr_folios, - struct folio **folios) + struct list_head *movable_folio_list, + struct pages_or_folios *pofs) { unsigned long i, collected = 0; struct folio *prev_folio = NULL; bool drain_allow = true; - for (i = 0; i < nr_folios; i++) { - struct folio *folio = folios[i]; + for (i = 0; i < pofs->nr_entries; i++) { + struct folio *folio = pofs_get_folio(pofs, i); if (folio == prev_folio) continue; @@ -2327,16 +2364,15 @@ static unsigned long collect_longterm_unpinnable_folios( * Returns -EAGAIN if all folios were successfully migrated or -errno for * failure (or partial success). */ -static int migrate_longterm_unpinnable_folios( - struct list_head *movable_folio_list, - unsigned long nr_folios, - struct folio **folios) +static int +migrate_longterm_unpinnable_folios(struct list_head *movable_folio_list, + struct pages_or_folios *pofs) { int ret; unsigned long i; - for (i = 0; i < nr_folios; i++) { - struct folio *folio = folios[i]; + for (i = 0; i < pofs->nr_entries; i++) { + struct folio *folio = pofs_get_folio(pofs, i); if (folio_is_device_coherent(folio)) { /* @@ -2344,7 +2380,7 @@ static int migrate_longterm_unpinnable_folios( * convert the pin on the source folio to a normal * reference. */ - folios[i] = NULL; + pofs_clear_entry(pofs, i); folio_get(folio); gup_put_folio(folio, 1, FOLL_PIN); @@ -2363,8 +2399,8 @@ static int migrate_longterm_unpinnable_folios( * calling folio_isolate_lru() which takes a reference so the * folio won't be freed if it's migrating. */ - unpin_folio(folios[i]); - folios[i] = NULL; + unpin_folio(folio); + pofs_clear_entry(pofs, i); } if (!list_empty(movable_folio_list)) { @@ -2387,12 +2423,26 @@ static int migrate_longterm_unpinnable_folios( return -EAGAIN; err: - unpin_folios(folios, nr_folios); + pofs_unpin(pofs); putback_movable_pages(movable_folio_list); return ret; } +static long +check_and_migrate_movable_pages_or_folios(struct pages_or_folios *pofs) +{ + LIST_HEAD(movable_folio_list); + unsigned long collected; + + collected = collect_longterm_unpinnable_folios(&movable_folio_list, + pofs); + if (!collected) + return 0; + + return migrate_longterm_unpinnable_folios(&movable_folio_list, pofs); +} + /* * Check whether all folios are *allowed* to be pinned indefinitely (long term). * Rather confusingly, all folios in the range are required to be pinned via @@ -2417,16 +2467,13 @@ static int migrate_longterm_unpinnable_folios( static long check_and_migrate_movable_folios(unsigned long nr_folios, struct folio **folios) { - unsigned long collected; - LIST_HEAD(movable_folio_list); + struct pages_or_folios pofs = { + .folios = folios, + .has_folios = true, + .nr_entries = nr_folios, + }; - collected = collect_longterm_unpinnable_folios(&movable_folio_list, - nr_folios, folios); - if (!collected) - return 0; - - return migrate_longterm_unpinnable_folios(&movable_folio_list, - nr_folios, folios); + return check_and_migrate_movable_pages_or_folios(&pofs); } /* @@ -2436,22 +2483,13 @@ static long check_and_migrate_movable_folios(unsigned long nr_folios, static long check_and_migrate_movable_pages(unsigned long nr_pages, struct page **pages) { - struct folio **folios; - long i, ret; + struct pages_or_folios pofs = { + .pages = pages, + .has_folios = false, + .nr_entries = nr_pages, + }; - folios = kmalloc_array(nr_pages, sizeof(*folios), GFP_KERNEL); - if (!folios) { - unpin_user_pages(pages, nr_pages); - return -ENOMEM; - } - - for (i = 0; i < nr_pages; i++) - folios[i] = page_folio(pages[i]); - - ret = check_and_migrate_movable_folios(nr_pages, folios); - - kfree(folios); - return ret; + return check_and_migrate_movable_pages_or_folios(&pofs); } #else static long check_and_migrate_movable_pages(unsigned long nr_pages,

10 months, 1 week

3
5
0 0

[PATCH] mm/gup: avoid an unnecessary allocation call for FOLL_LONGTERM cases

by John Hubbard

commit 53ba78de064b ("mm/gup: introduce check_and_migrate_movable_folios()") created a new constraint on the pin_user_pages*() API family: a potentially large internal allocation must now occur, for FOLL_LONGTERM cases. A user-visible consequence has now appeared: user space can no longer pin more than 2GB of memory anymore on x86_64. That's because, on a 4KB PAGE_SIZE system, when user space tries to (indirectly, via a device driver that calls pin_user_pages()) pin 2GB, this requires an allocation of a folio pointers array of MAX_PAGE_ORDER size, which is the limit for kmalloc(). In addition to the directly visible effect described above, there is also the problem of adding an unnecessary allocation. The **pages array argument has already been allocated, and there is no need for a redundant **folios array allocation in this case. Fix this by avoiding the new allocation entirely. This is done by referring to either the original page[i] within **pages, or to the associated folio. Thanks to David Hildenbrand for suggesting this approach and for providing the initial implementation (which I've tested and adjusted slightly) as well. [jhubbard(a)nvidia.com]: tweaked the patch to apply to linux-stable/6.11.y [jhubbard(a)nvidia.com: whitespace tweak, per David] Link: https://lkml.kernel.org/r/131cf9c8-ebc0-4cbb-b722-22fa8527bf3c@nvidia.com [jhubbard(a)nvidia.com: bypass pofs_get_folio(), per Oscar] Link: https://lkml.kernel.org/r/c1587c7f-9155-45be-bd62-1e36c0dd6923@nvidia.com Link: https://lkml.kernel.org/r/20241105032944.141488-2-jhubbard@nvidia.com Fixes: 53ba78de064b ("mm/gup: introduce check_and_migrate_movable_folios()") Signed-off-by: John Hubbard <jhubbard(a)nvidia.com> Suggested-by: David Hildenbrand <david(a)redhat.com> Acked-by: David Hildenbrand <david(a)redhat.com> Reviewed-by: Oscar Salvador <osalvador(a)suse.de> Cc: Vivek Kasireddy <vivek.kasireddy(a)intel.com> Cc: Dave Airlie <airlied(a)redhat.com> Cc: Gerd Hoffmann <kraxel(a)redhat.com> Cc: Matthew Wilcox <willy(a)infradead.org> Cc: Christoph Hellwig <hch(a)infradead.org> Cc: Jason Gunthorpe <jgg(a)nvidia.com> Cc: Peter Xu <peterx(a)redhat.com> Cc: Arnd Bergmann <arnd(a)arndb.de> Cc: Daniel Vetter <daniel.vetter(a)ffwll.ch> Cc: Dongwon Kim <dongwon.kim(a)intel.com> Cc: Hugh Dickins <hughd(a)google.com> Cc: Junxiao Chang <junxiao.chang(a)intel.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/gup.c | 114 +++++++++++++++++++++++++++++++++++++------------------ 1 file changed, 77 insertions(+), 37 deletions(-) diff --git a/mm/gup.c b/mm/gup.c index 947881ff5e8f..fd3d7900c24b 100644 --- a/mm/gup.c +++ b/mm/gup.c @@ -2282,20 +2282,57 @@ struct page *get_dump_page(unsigned long addr) #endif /* CONFIG_ELF_CORE */ #ifdef CONFIG_MIGRATION + +/* + * An array of either pages or folios ("pofs"). Although it may seem tempting to + * avoid this complication, by simply interpreting a list of folios as a list of + * pages, that approach won't work in the longer term, because eventually the + * layouts of struct page and struct folio will become completely different. + * Furthermore, this pof approach avoids excessive page_folio() calls. + */ +struct pages_or_folios { + union { + struct page **pages; + struct folio **folios; + void **entries; + }; + bool has_folios; + long nr_entries; +}; + +static struct folio *pofs_get_folio(struct pages_or_folios *pofs, long i) +{ + if (pofs->has_folios) + return pofs->folios[i]; + return page_folio(pofs->pages[i]); +} + +static void pofs_clear_entry(struct pages_or_folios *pofs, long i) +{ + pofs->entries[i] = NULL; +} + +static void pofs_unpin(struct pages_or_folios *pofs) +{ + if (pofs->has_folios) + unpin_folios(pofs->folios, pofs->nr_entries); + else + unpin_user_pages(pofs->pages, pofs->nr_entries); +} + /* * Returns the number of collected folios. Return value is always >= 0. */ static unsigned long collect_longterm_unpinnable_folios( - struct list_head *movable_folio_list, - unsigned long nr_folios, - struct folio **folios) + struct list_head *movable_folio_list, + struct pages_or_folios *pofs) { unsigned long i, collected = 0; struct folio *prev_folio = NULL; bool drain_allow = true; - for (i = 0; i < nr_folios; i++) { - struct folio *folio = folios[i]; + for (i = 0; i < pofs->nr_entries; i++) { + struct folio *folio = pofs_get_folio(pofs, i); if (folio == prev_folio) continue; @@ -2336,16 +2373,15 @@ static unsigned long collect_longterm_unpinnable_folios( * Returns -EAGAIN if all folios were successfully migrated or -errno for * failure (or partial success). */ -static int migrate_longterm_unpinnable_folios( - struct list_head *movable_folio_list, - unsigned long nr_folios, - struct folio **folios) +static int +migrate_longterm_unpinnable_folios(struct list_head *movable_folio_list, + struct pages_or_folios *pofs) { int ret; unsigned long i; - for (i = 0; i < nr_folios; i++) { - struct folio *folio = folios[i]; + for (i = 0; i < pofs->nr_entries; i++) { + struct folio *folio = pofs_get_folio(pofs, i); if (folio_is_device_coherent(folio)) { /* @@ -2353,7 +2389,7 @@ static int migrate_longterm_unpinnable_folios( * convert the pin on the source folio to a normal * reference. */ - folios[i] = NULL; + pofs_clear_entry(pofs, i); folio_get(folio); gup_put_folio(folio, 1, FOLL_PIN); @@ -2372,8 +2408,8 @@ static int migrate_longterm_unpinnable_folios( * calling folio_isolate_lru() which takes a reference so the * folio won't be freed if it's migrating. */ - unpin_folio(folios[i]); - folios[i] = NULL; + unpin_folio(folio); + pofs_clear_entry(pofs, i); } if (!list_empty(movable_folio_list)) { @@ -2396,12 +2432,26 @@ static int migrate_longterm_unpinnable_folios( return -EAGAIN; err: - unpin_folios(folios, nr_folios); + pofs_unpin(pofs); putback_movable_pages(movable_folio_list); return ret; } +static long +check_and_migrate_movable_pages_or_folios(struct pages_or_folios *pofs) +{ + LIST_HEAD(movable_folio_list); + unsigned long collected; + + collected = collect_longterm_unpinnable_folios(&movable_folio_list, + pofs); + if (!collected) + return 0; + + return migrate_longterm_unpinnable_folios(&movable_folio_list, pofs); +} + /* * Check whether all folios are *allowed* to be pinned indefinitely (longterm). * Rather confusingly, all folios in the range are required to be pinned via @@ -2421,16 +2471,13 @@ static int migrate_longterm_unpinnable_folios( static long check_and_migrate_movable_folios(unsigned long nr_folios, struct folio **folios) { - unsigned long collected; - LIST_HEAD(movable_folio_list); + struct pages_or_folios pofs = { + .folios = folios, + .has_folios = true, + .nr_entries = nr_folios, + }; - collected = collect_longterm_unpinnable_folios(&movable_folio_list, - nr_folios, folios); - if (!collected) - return 0; - - return migrate_longterm_unpinnable_folios(&movable_folio_list, - nr_folios, folios); + return check_and_migrate_movable_pages_or_folios(&pofs); } /* @@ -2442,20 +2489,13 @@ static long check_and_migrate_movable_folios(unsigned long nr_folios, static long check_and_migrate_movable_pages(unsigned long nr_pages, struct page **pages) { - struct folio **folios; - long i, ret; + struct pages_or_folios pofs = { + .pages = pages, + .has_folios = false, + .nr_entries = nr_pages, + }; - folios = kmalloc_array(nr_pages, sizeof(*folios), GFP_KERNEL); - if (!folios) - return -ENOMEM; - - for (i = 0; i < nr_pages; i++) - folios[i] = page_folio(pages[i]); - - ret = check_and_migrate_movable_folios(nr_pages, folios); - - kfree(folios); - return ret; + return check_and_migrate_movable_pages_or_folios(&pofs); } #else static long check_and_migrate_movable_pages(unsigned long nr_pages, -- 2.47.0

10 months, 1 week

1
0
0 0

Additional panel replay fixes for 6.11

by Mario Limonciello

Hi, A few more panel replay fixes have been made for issues reported on 6.11.y commit 17e68f89132b ("drm/amd/display: Run idle optimizations at end of vblank handler") commit b8d9d5fef4915 ("drm/amd/display: Change some variable name of psr") commit bd8a957661743 ("drm/amd/display: Fix Panel Replay not update screen correctly") There were tested by Tested-By: James Courtier-Dutton <james.dutton(a)gmail.com> on 6.11.8 base. Can you please backport? Thanks,

10 months, 1 week

2
2
0 0

mmc: core: add devm_mmc_alloc_host (5.10.y)

by Dan Carpenter

Hi Sasha, The 5.10.y kernel backported commit 80df83c2c57e ("mmc: core: add devm_mmc_alloc_host") but not the fix for it. 71d04535e853 ("mmc: core: fix return value check in devm_mmc_alloc_host()") The 6.6.y kernel was released with both commits so it's not affected and none of the other stable trees include the buggy commit so they're not affected either. Only 5.10.y needs to be fixed. regards, dan carpenter

10 months, 1 week

3
4
0 0

FAILED: patch "[PATCH] drm/amdgpu: fix check in gmc_v9_0_get_vm_pte()" failed to apply to 6.6-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.6-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y git checkout FETCH_HEAD git cherry-pick -x 0e5ac88fb918297a7484b67f2b484d43bed3fbbe # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024111738-jalapeno-unknown-3db3@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 0e5ac88fb918297a7484b67f2b484d43bed3fbbe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= <christian.koenig(a)amd.com> Date: Thu, 31 Oct 2024 10:04:17 +0100 Subject: [PATCH] drm/amdgpu: fix check in gmc_v9_0_get_vm_pte() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The coherency flags can only be determined when the BO is locked and that in turn is only guaranteed when the mapping is validated. Fix the check, move the resource check into the function and add an assert that the BO is locked. Signed-off-by: Christian König <christian.koenig(a)amd.com> Fixes: d1a372af1c3d ("drm/amdgpu: Set MTYPE in PTE based on BO flags") Acked-by: Alex Deucher <alexander.deucher(a)amd.com> Signed-off-by: Alex Deucher <alexander.deucher(a)amd.com> (cherry picked from commit 1b4ca8546f5b5c482717bedb8e031227b1541539) Cc: stable(a)vger.kernel.org diff --git a/drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c b/drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c index c76ac0dfe572..7a45f3fdc734 100644 --- a/drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c +++ b/drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c @@ -1124,8 +1124,10 @@ static void gmc_v9_0_get_coherence_flags(struct amdgpu_device *adev, uint64_t *flags) { struct amdgpu_device *bo_adev = amdgpu_ttm_adev(bo->tbo.bdev); - bool is_vram = bo->tbo.resource->mem_type == TTM_PL_VRAM; - bool coherent = bo->flags & (AMDGPU_GEM_CREATE_COHERENT | AMDGPU_GEM_CREATE_EXT_COHERENT); + bool is_vram = bo->tbo.resource && + bo->tbo.resource->mem_type == TTM_PL_VRAM; + bool coherent = bo->flags & (AMDGPU_GEM_CREATE_COHERENT | + AMDGPU_GEM_CREATE_EXT_COHERENT); bool ext_coherent = bo->flags & AMDGPU_GEM_CREATE_EXT_COHERENT; bool uncached = bo->flags & AMDGPU_GEM_CREATE_UNCACHED; struct amdgpu_vm *vm = mapping->bo_va->base.vm; @@ -1133,6 +1135,8 @@ static void gmc_v9_0_get_coherence_flags(struct amdgpu_device *adev, bool snoop = false; bool is_local; + dma_resv_assert_held(bo->tbo.base.resv); + switch (amdgpu_ip_version(adev, GC_HWIP, 0)) { case IP_VERSION(9, 4, 1): case IP_VERSION(9, 4, 2): @@ -1251,9 +1255,8 @@ static void gmc_v9_0_get_vm_pte(struct amdgpu_device *adev, *flags &= ~AMDGPU_PTE_VALID; } - if (bo && bo->tbo.resource) - gmc_v9_0_get_coherence_flags(adev, mapping->bo_va->base.bo, - mapping, flags); + if ((*flags & AMDGPU_PTE_VALID) && bo) + gmc_v9_0_get_coherence_flags(adev, bo, mapping, flags); } static void gmc_v9_0_override_vm_pte_flags(struct amdgpu_device *adev,

10 months, 1 week

1
0
0 0

FAILED: patch "[PATCH] pmdomain: core: Add GENPD_FLAG_DEV_NAME_FW flag" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 899f44531fe6cac4b024710fec647ecc127724b8 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024111736-chihuahua-linguini-7bcb@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 899f44531fe6cac4b024710fec647ecc127724b8 Mon Sep 17 00:00:00 2001 From: Sibi Sankar <quic_sibis(a)quicinc.com> Date: Wed, 30 Oct 2024 18:25:10 +0530 Subject: [PATCH] pmdomain: core: Add GENPD_FLAG_DEV_NAME_FW flag Introduce GENPD_FLAG_DEV_NAME_FW flag which instructs genpd to generate an unique device name using ida. It is aimed to be used by genpd providers which derive their names directly from FW making them susceptible to debugfs node creation failures. Reported-by: Johan Hovold <johan+linaro(a)kernel.org> Closes: https://lore.kernel.org/lkml/ZoQjAWse2YxwyRJv@hovoldconsulting.com/ Fixes: 718072ceb211 ("PM: domains: create debugfs nodes when adding power domains") Suggested-by: Ulf Hansson <ulf.hansson(a)linaro.org> Suggested-by: Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> Signed-off-by: Sibi Sankar <quic_sibis(a)quicinc.com> Cc: stable(a)vger.kernel.org Message-ID: <20241030125512.2884761-5-quic_sibis(a)quicinc.com> Signed-off-by: Ulf Hansson <ulf.hansson(a)linaro.org> diff --git a/drivers/pmdomain/core.c b/drivers/pmdomain/core.c index 5ede0f7eda09..29ad510e881c 100644 --- a/drivers/pmdomain/core.c +++ b/drivers/pmdomain/core.c @@ -7,6 +7,7 @@ #define pr_fmt(fmt) "PM: " fmt #include <linux/delay.h> +#include <linux/idr.h> #include <linux/kernel.h> #include <linux/io.h> #include <linux/platform_device.h> @@ -23,6 +24,9 @@ #include <linux/cpu.h> #include <linux/debugfs.h> +/* Provides a unique ID for each genpd device */ +static DEFINE_IDA(genpd_ida); + #define GENPD_RETRY_MAX_MS 250 /* Approximate */ #define GENPD_DEV_CALLBACK(genpd, type, callback, dev) \ @@ -171,6 +175,7 @@ static const struct genpd_lock_ops genpd_raw_spin_ops = { #define genpd_is_cpu_domain(genpd) (genpd->flags & GENPD_FLAG_CPU_DOMAIN) #define genpd_is_rpm_always_on(genpd) (genpd->flags & GENPD_FLAG_RPM_ALWAYS_ON) #define genpd_is_opp_table_fw(genpd) (genpd->flags & GENPD_FLAG_OPP_TABLE_FW) +#define genpd_is_dev_name_fw(genpd) (genpd->flags & GENPD_FLAG_DEV_NAME_FW) static inline bool irq_safe_dev_in_sleep_domain(struct device *dev, const struct generic_pm_domain *genpd) @@ -189,7 +194,7 @@ static inline bool irq_safe_dev_in_sleep_domain(struct device *dev, if (ret) dev_warn_once(dev, "PM domain %s will not be powered off\n", - genpd->name); + dev_name(&genpd->dev)); return ret; } @@ -274,7 +279,7 @@ static void genpd_debug_remove(struct generic_pm_domain *genpd) if (!genpd_debugfs_dir) return; - debugfs_lookup_and_remove(genpd->name, genpd_debugfs_dir); + debugfs_lookup_and_remove(dev_name(&genpd->dev), genpd_debugfs_dir); } static void genpd_update_accounting(struct generic_pm_domain *genpd) @@ -731,7 +736,7 @@ static int _genpd_power_on(struct generic_pm_domain *genpd, bool timed) genpd->states[state_idx].power_on_latency_ns = elapsed_ns; genpd->gd->max_off_time_changed = true; pr_debug("%s: Power-%s latency exceeded, new value %lld ns\n", - genpd->name, "on", elapsed_ns); + dev_name(&genpd->dev), "on", elapsed_ns); out: raw_notifier_call_chain(&genpd->power_notifiers, GENPD_NOTIFY_ON, NULL); @@ -782,7 +787,7 @@ static int _genpd_power_off(struct generic_pm_domain *genpd, bool timed) genpd->states[state_idx].power_off_latency_ns = elapsed_ns; genpd->gd->max_off_time_changed = true; pr_debug("%s: Power-%s latency exceeded, new value %lld ns\n", - genpd->name, "off", elapsed_ns); + dev_name(&genpd->dev), "off", elapsed_ns); out: raw_notifier_call_chain(&genpd->power_notifiers, GENPD_NOTIFY_OFF, @@ -1940,7 +1945,7 @@ int dev_pm_genpd_add_notifier(struct device *dev, struct notifier_block *nb) if (ret) { dev_warn(dev, "failed to add notifier for PM domain %s\n", - genpd->name); + dev_name(&genpd->dev)); return ret; } @@ -1987,7 +1992,7 @@ int dev_pm_genpd_remove_notifier(struct device *dev) if (ret) { dev_warn(dev, "failed to remove notifier for PM domain %s\n", - genpd->name); + dev_name(&genpd->dev)); return ret; } @@ -2013,7 +2018,7 @@ static int genpd_add_subdomain(struct generic_pm_domain *genpd, */ if (!genpd_is_irq_safe(genpd) && genpd_is_irq_safe(subdomain)) { WARN(1, "Parent %s of subdomain %s must be IRQ safe\n", - genpd->name, subdomain->name); + dev_name(&genpd->dev), subdomain->name); return -EINVAL; } @@ -2088,7 +2093,7 @@ int pm_genpd_remove_subdomain(struct generic_pm_domain *genpd, if (!list_empty(&subdomain->parent_links) || subdomain->device_count) { pr_warn("%s: unable to remove subdomain %s\n", - genpd->name, subdomain->name); + dev_name(&genpd->dev), subdomain->name); ret = -EBUSY; goto out; } @@ -2225,6 +2230,7 @@ int pm_genpd_init(struct generic_pm_domain *genpd, genpd->status = is_off ? GENPD_STATE_OFF : GENPD_STATE_ON; genpd->device_count = 0; genpd->provider = NULL; + genpd->device_id = -ENXIO; genpd->has_provider = false; genpd->accounting_time = ktime_get_mono_fast_ns(); genpd->domain.ops.runtime_suspend = genpd_runtime_suspend; @@ -2265,7 +2271,18 @@ int pm_genpd_init(struct generic_pm_domain *genpd, return ret; device_initialize(&genpd->dev); - dev_set_name(&genpd->dev, "%s", genpd->name); + + if (!genpd_is_dev_name_fw(genpd)) { + dev_set_name(&genpd->dev, "%s", genpd->name); + } else { + ret = ida_alloc(&genpd_ida, GFP_KERNEL); + if (ret < 0) { + put_device(&genpd->dev); + return ret; + } + genpd->device_id = ret; + dev_set_name(&genpd->dev, "%s_%u", genpd->name, genpd->device_id); + } mutex_lock(&gpd_list_lock); list_add(&genpd->gpd_list_node, &gpd_list); @@ -2287,13 +2304,13 @@ static int genpd_remove(struct generic_pm_domain *genpd) if (genpd->has_provider) { genpd_unlock(genpd); - pr_err("Provider present, unable to remove %s\n", genpd->name); + pr_err("Provider present, unable to remove %s\n", dev_name(&genpd->dev)); return -EBUSY; } if (!list_empty(&genpd->parent_links) || genpd->device_count) { genpd_unlock(genpd); - pr_err("%s: unable to remove %s\n", __func__, genpd->name); + pr_err("%s: unable to remove %s\n", __func__, dev_name(&genpd->dev)); return -EBUSY; } @@ -2307,9 +2324,11 @@ static int genpd_remove(struct generic_pm_domain *genpd) genpd_unlock(genpd); genpd_debug_remove(genpd); cancel_work_sync(&genpd->power_off_work); + if (genpd->device_id != -ENXIO) + ida_free(&genpd_ida, genpd->device_id); genpd_free_data(genpd); - pr_debug("%s: removed %s\n", __func__, genpd->name); + pr_debug("%s: removed %s\n", __func__, dev_name(&genpd->dev)); return 0; } @@ -3272,12 +3291,12 @@ static int genpd_summary_one(struct seq_file *s, else snprintf(state, sizeof(state), "%s", status_lookup[genpd->status]); - seq_printf(s, "%-30s %-30s %u", genpd->name, state, genpd->performance_state); + seq_printf(s, "%-30s %-30s %u", dev_name(&genpd->dev), state, genpd->performance_state); /* * Modifications on the list require holding locks on both * parent and child, so we are safe. - * Also genpd->name is immutable. + * Also the device name is immutable. */ list_for_each_entry(link, &genpd->parent_links, parent_node) { if (list_is_first(&link->parent_node, &genpd->parent_links)) @@ -3502,7 +3521,7 @@ static void genpd_debug_add(struct generic_pm_domain *genpd) if (!genpd_debugfs_dir) return; - d = debugfs_create_dir(genpd->name, genpd_debugfs_dir); + d = debugfs_create_dir(dev_name(&genpd->dev), genpd_debugfs_dir); debugfs_create_file("current_state", 0444, d, genpd, &status_fops); diff --git a/include/linux/pm_domain.h b/include/linux/pm_domain.h index b637ec14025f..cf4b11be3709 100644 --- a/include/linux/pm_domain.h +++ b/include/linux/pm_domain.h @@ -92,6 +92,10 @@ struct dev_pm_domain_list { * GENPD_FLAG_OPP_TABLE_FW: The genpd provider supports performance states, * but its corresponding OPP tables are not * described in DT, but are given directly by FW. + * + * GENPD_FLAG_DEV_NAME_FW: Instructs genpd to generate an unique device name + * using ida. It is used by genpd providers which + * get their genpd-names directly from FW. */ #define GENPD_FLAG_PM_CLK (1U << 0) #define GENPD_FLAG_IRQ_SAFE (1U << 1) @@ -101,6 +105,7 @@ struct dev_pm_domain_list { #define GENPD_FLAG_RPM_ALWAYS_ON (1U << 5) #define GENPD_FLAG_MIN_RESIDENCY (1U << 6) #define GENPD_FLAG_OPP_TABLE_FW (1U << 7) +#define GENPD_FLAG_DEV_NAME_FW (1U << 8) enum gpd_status { GENPD_STATE_ON = 0, /* PM domain is on */ @@ -163,6 +168,7 @@ struct generic_pm_domain { atomic_t sd_count; /* Number of subdomains with power "on" */ enum gpd_status status; /* Current state of the domain */ unsigned int device_count; /* Number of devices */ + unsigned int device_id; /* unique device id */ unsigned int suspended_count; /* System suspend device counter */ unsigned int prepared_count; /* Suspend counter of prepared devices */ unsigned int performance_state; /* Aggregated max performance state */

10 months, 1 week

1
0
0 0

FAILED: patch "[PATCH] pmdomain: core: Add GENPD_FLAG_DEV_NAME_FW flag" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 899f44531fe6cac4b024710fec647ecc127724b8 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024111733-trio-unpinned-dc91@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 899f44531fe6cac4b024710fec647ecc127724b8 Mon Sep 17 00:00:00 2001 From: Sibi Sankar <quic_sibis(a)quicinc.com> Date: Wed, 30 Oct 2024 18:25:10 +0530 Subject: [PATCH] pmdomain: core: Add GENPD_FLAG_DEV_NAME_FW flag Introduce GENPD_FLAG_DEV_NAME_FW flag which instructs genpd to generate an unique device name using ida. It is aimed to be used by genpd providers which derive their names directly from FW making them susceptible to debugfs node creation failures. Reported-by: Johan Hovold <johan+linaro(a)kernel.org> Closes: https://lore.kernel.org/lkml/ZoQjAWse2YxwyRJv@hovoldconsulting.com/ Fixes: 718072ceb211 ("PM: domains: create debugfs nodes when adding power domains") Suggested-by: Ulf Hansson <ulf.hansson(a)linaro.org> Suggested-by: Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> Signed-off-by: Sibi Sankar <quic_sibis(a)quicinc.com> Cc: stable(a)vger.kernel.org Message-ID: <20241030125512.2884761-5-quic_sibis(a)quicinc.com> Signed-off-by: Ulf Hansson <ulf.hansson(a)linaro.org> diff --git a/drivers/pmdomain/core.c b/drivers/pmdomain/core.c index 5ede0f7eda09..29ad510e881c 100644 --- a/drivers/pmdomain/core.c +++ b/drivers/pmdomain/core.c @@ -7,6 +7,7 @@ #define pr_fmt(fmt) "PM: " fmt #include <linux/delay.h> +#include <linux/idr.h> #include <linux/kernel.h> #include <linux/io.h> #include <linux/platform_device.h> @@ -23,6 +24,9 @@ #include <linux/cpu.h> #include <linux/debugfs.h> +/* Provides a unique ID for each genpd device */ +static DEFINE_IDA(genpd_ida); + #define GENPD_RETRY_MAX_MS 250 /* Approximate */ #define GENPD_DEV_CALLBACK(genpd, type, callback, dev) \ @@ -171,6 +175,7 @@ static const struct genpd_lock_ops genpd_raw_spin_ops = { #define genpd_is_cpu_domain(genpd) (genpd->flags & GENPD_FLAG_CPU_DOMAIN) #define genpd_is_rpm_always_on(genpd) (genpd->flags & GENPD_FLAG_RPM_ALWAYS_ON) #define genpd_is_opp_table_fw(genpd) (genpd->flags & GENPD_FLAG_OPP_TABLE_FW) +#define genpd_is_dev_name_fw(genpd) (genpd->flags & GENPD_FLAG_DEV_NAME_FW) static inline bool irq_safe_dev_in_sleep_domain(struct device *dev, const struct generic_pm_domain *genpd) @@ -189,7 +194,7 @@ static inline bool irq_safe_dev_in_sleep_domain(struct device *dev, if (ret) dev_warn_once(dev, "PM domain %s will not be powered off\n", - genpd->name); + dev_name(&genpd->dev)); return ret; } @@ -274,7 +279,7 @@ static void genpd_debug_remove(struct generic_pm_domain *genpd) if (!genpd_debugfs_dir) return; - debugfs_lookup_and_remove(genpd->name, genpd_debugfs_dir); + debugfs_lookup_and_remove(dev_name(&genpd->dev), genpd_debugfs_dir); } static void genpd_update_accounting(struct generic_pm_domain *genpd) @@ -731,7 +736,7 @@ static int _genpd_power_on(struct generic_pm_domain *genpd, bool timed) genpd->states[state_idx].power_on_latency_ns = elapsed_ns; genpd->gd->max_off_time_changed = true; pr_debug("%s: Power-%s latency exceeded, new value %lld ns\n", - genpd->name, "on", elapsed_ns); + dev_name(&genpd->dev), "on", elapsed_ns); out: raw_notifier_call_chain(&genpd->power_notifiers, GENPD_NOTIFY_ON, NULL); @@ -782,7 +787,7 @@ static int _genpd_power_off(struct generic_pm_domain *genpd, bool timed) genpd->states[state_idx].power_off_latency_ns = elapsed_ns; genpd->gd->max_off_time_changed = true; pr_debug("%s: Power-%s latency exceeded, new value %lld ns\n", - genpd->name, "off", elapsed_ns); + dev_name(&genpd->dev), "off", elapsed_ns); out: raw_notifier_call_chain(&genpd->power_notifiers, GENPD_NOTIFY_OFF, @@ -1940,7 +1945,7 @@ int dev_pm_genpd_add_notifier(struct device *dev, struct notifier_block *nb) if (ret) { dev_warn(dev, "failed to add notifier for PM domain %s\n", - genpd->name); + dev_name(&genpd->dev)); return ret; } @@ -1987,7 +1992,7 @@ int dev_pm_genpd_remove_notifier(struct device *dev) if (ret) { dev_warn(dev, "failed to remove notifier for PM domain %s\n", - genpd->name); + dev_name(&genpd->dev)); return ret; } @@ -2013,7 +2018,7 @@ static int genpd_add_subdomain(struct generic_pm_domain *genpd, */ if (!genpd_is_irq_safe(genpd) && genpd_is_irq_safe(subdomain)) { WARN(1, "Parent %s of subdomain %s must be IRQ safe\n", - genpd->name, subdomain->name); + dev_name(&genpd->dev), subdomain->name); return -EINVAL; } @@ -2088,7 +2093,7 @@ int pm_genpd_remove_subdomain(struct generic_pm_domain *genpd, if (!list_empty(&subdomain->parent_links) || subdomain->device_count) { pr_warn("%s: unable to remove subdomain %s\n", - genpd->name, subdomain->name); + dev_name(&genpd->dev), subdomain->name); ret = -EBUSY; goto out; } @@ -2225,6 +2230,7 @@ int pm_genpd_init(struct generic_pm_domain *genpd, genpd->status = is_off ? GENPD_STATE_OFF : GENPD_STATE_ON; genpd->device_count = 0; genpd->provider = NULL; + genpd->device_id = -ENXIO; genpd->has_provider = false; genpd->accounting_time = ktime_get_mono_fast_ns(); genpd->domain.ops.runtime_suspend = genpd_runtime_suspend; @@ -2265,7 +2271,18 @@ int pm_genpd_init(struct generic_pm_domain *genpd, return ret; device_initialize(&genpd->dev); - dev_set_name(&genpd->dev, "%s", genpd->name); + + if (!genpd_is_dev_name_fw(genpd)) { + dev_set_name(&genpd->dev, "%s", genpd->name); + } else { + ret = ida_alloc(&genpd_ida, GFP_KERNEL); + if (ret < 0) { + put_device(&genpd->dev); + return ret; + } + genpd->device_id = ret; + dev_set_name(&genpd->dev, "%s_%u", genpd->name, genpd->device_id); + } mutex_lock(&gpd_list_lock); list_add(&genpd->gpd_list_node, &gpd_list); @@ -2287,13 +2304,13 @@ static int genpd_remove(struct generic_pm_domain *genpd) if (genpd->has_provider) { genpd_unlock(genpd); - pr_err("Provider present, unable to remove %s\n", genpd->name); + pr_err("Provider present, unable to remove %s\n", dev_name(&genpd->dev)); return -EBUSY; } if (!list_empty(&genpd->parent_links) || genpd->device_count) { genpd_unlock(genpd); - pr_err("%s: unable to remove %s\n", __func__, genpd->name); + pr_err("%s: unable to remove %s\n", __func__, dev_name(&genpd->dev)); return -EBUSY; } @@ -2307,9 +2324,11 @@ static int genpd_remove(struct generic_pm_domain *genpd) genpd_unlock(genpd); genpd_debug_remove(genpd); cancel_work_sync(&genpd->power_off_work); + if (genpd->device_id != -ENXIO) + ida_free(&genpd_ida, genpd->device_id); genpd_free_data(genpd); - pr_debug("%s: removed %s\n", __func__, genpd->name); + pr_debug("%s: removed %s\n", __func__, dev_name(&genpd->dev)); return 0; } @@ -3272,12 +3291,12 @@ static int genpd_summary_one(struct seq_file *s, else snprintf(state, sizeof(state), "%s", status_lookup[genpd->status]); - seq_printf(s, "%-30s %-30s %u", genpd->name, state, genpd->performance_state); + seq_printf(s, "%-30s %-30s %u", dev_name(&genpd->dev), state, genpd->performance_state); /* * Modifications on the list require holding locks on both * parent and child, so we are safe. - * Also genpd->name is immutable. + * Also the device name is immutable. */ list_for_each_entry(link, &genpd->parent_links, parent_node) { if (list_is_first(&link->parent_node, &genpd->parent_links)) @@ -3502,7 +3521,7 @@ static void genpd_debug_add(struct generic_pm_domain *genpd) if (!genpd_debugfs_dir) return; - d = debugfs_create_dir(genpd->name, genpd_debugfs_dir); + d = debugfs_create_dir(dev_name(&genpd->dev), genpd_debugfs_dir); debugfs_create_file("current_state", 0444, d, genpd, &status_fops); diff --git a/include/linux/pm_domain.h b/include/linux/pm_domain.h index b637ec14025f..cf4b11be3709 100644 --- a/include/linux/pm_domain.h +++ b/include/linux/pm_domain.h @@ -92,6 +92,10 @@ struct dev_pm_domain_list { * GENPD_FLAG_OPP_TABLE_FW: The genpd provider supports performance states, * but its corresponding OPP tables are not * described in DT, but are given directly by FW. + * + * GENPD_FLAG_DEV_NAME_FW: Instructs genpd to generate an unique device name + * using ida. It is used by genpd providers which + * get their genpd-names directly from FW. */ #define GENPD_FLAG_PM_CLK (1U << 0) #define GENPD_FLAG_IRQ_SAFE (1U << 1) @@ -101,6 +105,7 @@ struct dev_pm_domain_list { #define GENPD_FLAG_RPM_ALWAYS_ON (1U << 5) #define GENPD_FLAG_MIN_RESIDENCY (1U << 6) #define GENPD_FLAG_OPP_TABLE_FW (1U << 7) +#define GENPD_FLAG_DEV_NAME_FW (1U << 8) enum gpd_status { GENPD_STATE_ON = 0, /* PM domain is on */ @@ -163,6 +168,7 @@ struct generic_pm_domain { atomic_t sd_count; /* Number of subdomains with power "on" */ enum gpd_status status; /* Current state of the domain */ unsigned int device_count; /* Number of devices */ + unsigned int device_id; /* unique device id */ unsigned int suspended_count; /* System suspend device counter */ unsigned int prepared_count; /* Suspend counter of prepared devices */ unsigned int performance_state; /* Aggregated max performance state */

10 months, 1 week

1
0
0 0

FAILED: patch "[PATCH] pmdomain: core: Add GENPD_FLAG_DEV_NAME_FW flag" failed to apply to 6.6-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.6-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y git checkout FETCH_HEAD git cherry-pick -x 899f44531fe6cac4b024710fec647ecc127724b8 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024111731-overheat-eraser-3483@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 899f44531fe6cac4b024710fec647ecc127724b8 Mon Sep 17 00:00:00 2001 From: Sibi Sankar <quic_sibis(a)quicinc.com> Date: Wed, 30 Oct 2024 18:25:10 +0530 Subject: [PATCH] pmdomain: core: Add GENPD_FLAG_DEV_NAME_FW flag Introduce GENPD_FLAG_DEV_NAME_FW flag which instructs genpd to generate an unique device name using ida. It is aimed to be used by genpd providers which derive their names directly from FW making them susceptible to debugfs node creation failures. Reported-by: Johan Hovold <johan+linaro(a)kernel.org> Closes: https://lore.kernel.org/lkml/ZoQjAWse2YxwyRJv@hovoldconsulting.com/ Fixes: 718072ceb211 ("PM: domains: create debugfs nodes when adding power domains") Suggested-by: Ulf Hansson <ulf.hansson(a)linaro.org> Suggested-by: Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> Signed-off-by: Sibi Sankar <quic_sibis(a)quicinc.com> Cc: stable(a)vger.kernel.org Message-ID: <20241030125512.2884761-5-quic_sibis(a)quicinc.com> Signed-off-by: Ulf Hansson <ulf.hansson(a)linaro.org> diff --git a/drivers/pmdomain/core.c b/drivers/pmdomain/core.c index 5ede0f7eda09..29ad510e881c 100644 --- a/drivers/pmdomain/core.c +++ b/drivers/pmdomain/core.c @@ -7,6 +7,7 @@ #define pr_fmt(fmt) "PM: " fmt #include <linux/delay.h> +#include <linux/idr.h> #include <linux/kernel.h> #include <linux/io.h> #include <linux/platform_device.h> @@ -23,6 +24,9 @@ #include <linux/cpu.h> #include <linux/debugfs.h> +/* Provides a unique ID for each genpd device */ +static DEFINE_IDA(genpd_ida); + #define GENPD_RETRY_MAX_MS 250 /* Approximate */ #define GENPD_DEV_CALLBACK(genpd, type, callback, dev) \ @@ -171,6 +175,7 @@ static const struct genpd_lock_ops genpd_raw_spin_ops = { #define genpd_is_cpu_domain(genpd) (genpd->flags & GENPD_FLAG_CPU_DOMAIN) #define genpd_is_rpm_always_on(genpd) (genpd->flags & GENPD_FLAG_RPM_ALWAYS_ON) #define genpd_is_opp_table_fw(genpd) (genpd->flags & GENPD_FLAG_OPP_TABLE_FW) +#define genpd_is_dev_name_fw(genpd) (genpd->flags & GENPD_FLAG_DEV_NAME_FW) static inline bool irq_safe_dev_in_sleep_domain(struct device *dev, const struct generic_pm_domain *genpd) @@ -189,7 +194,7 @@ static inline bool irq_safe_dev_in_sleep_domain(struct device *dev, if (ret) dev_warn_once(dev, "PM domain %s will not be powered off\n", - genpd->name); + dev_name(&genpd->dev)); return ret; } @@ -274,7 +279,7 @@ static void genpd_debug_remove(struct generic_pm_domain *genpd) if (!genpd_debugfs_dir) return; - debugfs_lookup_and_remove(genpd->name, genpd_debugfs_dir); + debugfs_lookup_and_remove(dev_name(&genpd->dev), genpd_debugfs_dir); } static void genpd_update_accounting(struct generic_pm_domain *genpd) @@ -731,7 +736,7 @@ static int _genpd_power_on(struct generic_pm_domain *genpd, bool timed) genpd->states[state_idx].power_on_latency_ns = elapsed_ns; genpd->gd->max_off_time_changed = true; pr_debug("%s: Power-%s latency exceeded, new value %lld ns\n", - genpd->name, "on", elapsed_ns); + dev_name(&genpd->dev), "on", elapsed_ns); out: raw_notifier_call_chain(&genpd->power_notifiers, GENPD_NOTIFY_ON, NULL); @@ -782,7 +787,7 @@ static int _genpd_power_off(struct generic_pm_domain *genpd, bool timed) genpd->states[state_idx].power_off_latency_ns = elapsed_ns; genpd->gd->max_off_time_changed = true; pr_debug("%s: Power-%s latency exceeded, new value %lld ns\n", - genpd->name, "off", elapsed_ns); + dev_name(&genpd->dev), "off", elapsed_ns); out: raw_notifier_call_chain(&genpd->power_notifiers, GENPD_NOTIFY_OFF, @@ -1940,7 +1945,7 @@ int dev_pm_genpd_add_notifier(struct device *dev, struct notifier_block *nb) if (ret) { dev_warn(dev, "failed to add notifier for PM domain %s\n", - genpd->name); + dev_name(&genpd->dev)); return ret; } @@ -1987,7 +1992,7 @@ int dev_pm_genpd_remove_notifier(struct device *dev) if (ret) { dev_warn(dev, "failed to remove notifier for PM domain %s\n", - genpd->name); + dev_name(&genpd->dev)); return ret; } @@ -2013,7 +2018,7 @@ static int genpd_add_subdomain(struct generic_pm_domain *genpd, */ if (!genpd_is_irq_safe(genpd) && genpd_is_irq_safe(subdomain)) { WARN(1, "Parent %s of subdomain %s must be IRQ safe\n", - genpd->name, subdomain->name); + dev_name(&genpd->dev), subdomain->name); return -EINVAL; } @@ -2088,7 +2093,7 @@ int pm_genpd_remove_subdomain(struct generic_pm_domain *genpd, if (!list_empty(&subdomain->parent_links) || subdomain->device_count) { pr_warn("%s: unable to remove subdomain %s\n", - genpd->name, subdomain->name); + dev_name(&genpd->dev), subdomain->name); ret = -EBUSY; goto out; } @@ -2225,6 +2230,7 @@ int pm_genpd_init(struct generic_pm_domain *genpd, genpd->status = is_off ? GENPD_STATE_OFF : GENPD_STATE_ON; genpd->device_count = 0; genpd->provider = NULL; + genpd->device_id = -ENXIO; genpd->has_provider = false; genpd->accounting_time = ktime_get_mono_fast_ns(); genpd->domain.ops.runtime_suspend = genpd_runtime_suspend; @@ -2265,7 +2271,18 @@ int pm_genpd_init(struct generic_pm_domain *genpd, return ret; device_initialize(&genpd->dev); - dev_set_name(&genpd->dev, "%s", genpd->name); + + if (!genpd_is_dev_name_fw(genpd)) { + dev_set_name(&genpd->dev, "%s", genpd->name); + } else { + ret = ida_alloc(&genpd_ida, GFP_KERNEL); + if (ret < 0) { + put_device(&genpd->dev); + return ret; + } + genpd->device_id = ret; + dev_set_name(&genpd->dev, "%s_%u", genpd->name, genpd->device_id); + } mutex_lock(&gpd_list_lock); list_add(&genpd->gpd_list_node, &gpd_list); @@ -2287,13 +2304,13 @@ static int genpd_remove(struct generic_pm_domain *genpd) if (genpd->has_provider) { genpd_unlock(genpd); - pr_err("Provider present, unable to remove %s\n", genpd->name); + pr_err("Provider present, unable to remove %s\n", dev_name(&genpd->dev)); return -EBUSY; } if (!list_empty(&genpd->parent_links) || genpd->device_count) { genpd_unlock(genpd); - pr_err("%s: unable to remove %s\n", __func__, genpd->name); + pr_err("%s: unable to remove %s\n", __func__, dev_name(&genpd->dev)); return -EBUSY; } @@ -2307,9 +2324,11 @@ static int genpd_remove(struct generic_pm_domain *genpd) genpd_unlock(genpd); genpd_debug_remove(genpd); cancel_work_sync(&genpd->power_off_work); + if (genpd->device_id != -ENXIO) + ida_free(&genpd_ida, genpd->device_id); genpd_free_data(genpd); - pr_debug("%s: removed %s\n", __func__, genpd->name); + pr_debug("%s: removed %s\n", __func__, dev_name(&genpd->dev)); return 0; } @@ -3272,12 +3291,12 @@ static int genpd_summary_one(struct seq_file *s, else snprintf(state, sizeof(state), "%s", status_lookup[genpd->status]); - seq_printf(s, "%-30s %-30s %u", genpd->name, state, genpd->performance_state); + seq_printf(s, "%-30s %-30s %u", dev_name(&genpd->dev), state, genpd->performance_state); /* * Modifications on the list require holding locks on both * parent and child, so we are safe. - * Also genpd->name is immutable. + * Also the device name is immutable. */ list_for_each_entry(link, &genpd->parent_links, parent_node) { if (list_is_first(&link->parent_node, &genpd->parent_links)) @@ -3502,7 +3521,7 @@ static void genpd_debug_add(struct generic_pm_domain *genpd) if (!genpd_debugfs_dir) return; - d = debugfs_create_dir(genpd->name, genpd_debugfs_dir); + d = debugfs_create_dir(dev_name(&genpd->dev), genpd_debugfs_dir); debugfs_create_file("current_state", 0444, d, genpd, &status_fops); diff --git a/include/linux/pm_domain.h b/include/linux/pm_domain.h index b637ec14025f..cf4b11be3709 100644 --- a/include/linux/pm_domain.h +++ b/include/linux/pm_domain.h @@ -92,6 +92,10 @@ struct dev_pm_domain_list { * GENPD_FLAG_OPP_TABLE_FW: The genpd provider supports performance states, * but its corresponding OPP tables are not * described in DT, but are given directly by FW. + * + * GENPD_FLAG_DEV_NAME_FW: Instructs genpd to generate an unique device name + * using ida. It is used by genpd providers which + * get their genpd-names directly from FW. */ #define GENPD_FLAG_PM_CLK (1U << 0) #define GENPD_FLAG_IRQ_SAFE (1U << 1) @@ -101,6 +105,7 @@ struct dev_pm_domain_list { #define GENPD_FLAG_RPM_ALWAYS_ON (1U << 5) #define GENPD_FLAG_MIN_RESIDENCY (1U << 6) #define GENPD_FLAG_OPP_TABLE_FW (1U << 7) +#define GENPD_FLAG_DEV_NAME_FW (1U << 8) enum gpd_status { GENPD_STATE_ON = 0, /* PM domain is on */ @@ -163,6 +168,7 @@ struct generic_pm_domain { atomic_t sd_count; /* Number of subdomains with power "on" */ enum gpd_status status; /* Current state of the domain */ unsigned int device_count; /* Number of devices */ + unsigned int device_id; /* unique device id */ unsigned int suspended_count; /* System suspend device counter */ unsigned int prepared_count; /* Suspend counter of prepared devices */ unsigned int performance_state; /* Aggregated max performance state */

10 months, 1 week

1
0
0 0

FAILED: patch "[PATCH] pmdomain: imx93-blk-ctrl: correct remove path" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x f7c7c5aa556378a2c8da72c1f7f238b6648f95fb # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024111700-overhang-copied-323b@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From f7c7c5aa556378a2c8da72c1f7f238b6648f95fb Mon Sep 17 00:00:00 2001 From: Peng Fan <peng.fan(a)nxp.com> Date: Fri, 1 Nov 2024 18:12:51 +0800 Subject: [PATCH] pmdomain: imx93-blk-ctrl: correct remove path The check condition should be 'i < bc->onecell_data.num_domains', not 'bc->onecell_data.num_domains' which will make the look never finish and cause kernel panic. Also disable runtime to address "imx93-blk-ctrl 4ac10000.system-controller: Unbalanced pm_runtime_enable!" Fixes: e9aa77d413c9 ("soc: imx: add i.MX93 media blk ctrl driver") Signed-off-by: Peng Fan <peng.fan(a)nxp.com> Reviewed-by: Stefan Wahren <wahrenst(a)gmx.net> Cc: stable(a)vger.kernel.org Message-ID: <20241101101252.1448466-1-peng.fan(a)oss.nxp.com> Signed-off-by: Ulf Hansson <ulf.hansson(a)linaro.org> diff --git a/drivers/pmdomain/imx/imx93-blk-ctrl.c b/drivers/pmdomain/imx/imx93-blk-ctrl.c index 904ffa55b8f4..b10348ac10f0 100644 --- a/drivers/pmdomain/imx/imx93-blk-ctrl.c +++ b/drivers/pmdomain/imx/imx93-blk-ctrl.c @@ -313,7 +313,9 @@ static void imx93_blk_ctrl_remove(struct platform_device *pdev) of_genpd_del_provider(pdev->dev.of_node); - for (i = 0; bc->onecell_data.num_domains; i++) { + pm_runtime_disable(&pdev->dev); + + for (i = 0; i < bc->onecell_data.num_domains; i++) { struct imx93_blk_ctrl_domain *domain = &bc->domains[i]; pm_genpd_remove(&domain->genpd);

10 months, 1 week

1
0
0 0

FAILED: patch "[PATCH] mmc: sunxi-mmc: Fix A100 compatible description" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 85b580afc2c215394e08974bf033de9face94955 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024111734-aneurism-aroma-9f52@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 85b580afc2c215394e08974bf033de9face94955 Mon Sep 17 00:00:00 2001 From: Andre Przywara <andre.przywara(a)arm.com> Date: Thu, 7 Nov 2024 01:42:40 +0000 Subject: [PATCH] mmc: sunxi-mmc: Fix A100 compatible description It turns out that the Allwinner A100/A133 SoC only supports 8K DMA blocks (13 bits wide), for both the SD/SDIO and eMMC instances. And while this alone would make a trivial fix, the H616 falls back to the A100 compatible string, so we have to now match the H616 compatible string explicitly against the description advertising 64K DMA blocks. As the A100 is now compatible with the D1 description, let the A100 compatible string point to that block instead, and introduce an explicit match against the H616 string, pointing to the old description. Also remove the redundant setting of clk_delays to NULL on the way. Fixes: 3536b82e5853 ("mmc: sunxi: add support for A100 mmc controller") Cc: stable(a)vger.kernel.org Signed-off-by: Andre Przywara <andre.przywara(a)arm.com> Tested-by: Parthiban Nallathambi <parthiban(a)linumiz.com> Reviewed-by: Chen-Yu Tsai <wens(a)csie.org> Message-ID: <20241107014240.24669-1-andre.przywara(a)arm.com> Signed-off-by: Ulf Hansson <ulf.hansson(a)linaro.org> diff --git a/drivers/mmc/host/sunxi-mmc.c b/drivers/mmc/host/sunxi-mmc.c index d3bd0ac99ec4..e0ab5fd635e6 100644 --- a/drivers/mmc/host/sunxi-mmc.c +++ b/drivers/mmc/host/sunxi-mmc.c @@ -1191,10 +1191,9 @@ static const struct sunxi_mmc_cfg sun50i_a64_emmc_cfg = { .needs_new_timings = true, }; -static const struct sunxi_mmc_cfg sun50i_a100_cfg = { +static const struct sunxi_mmc_cfg sun50i_h616_cfg = { .idma_des_size_bits = 16, .idma_des_shift = 2, - .clk_delays = NULL, .can_calibrate = true, .mask_data0 = true, .needs_new_timings = true, @@ -1217,8 +1216,9 @@ static const struct of_device_id sunxi_mmc_of_match[] = { { .compatible = "allwinner,sun20i-d1-mmc", .data = &sun20i_d1_cfg }, { .compatible = "allwinner,sun50i-a64-mmc", .data = &sun50i_a64_cfg }, { .compatible = "allwinner,sun50i-a64-emmc", .data = &sun50i_a64_emmc_cfg }, - { .compatible = "allwinner,sun50i-a100-mmc", .data = &sun50i_a100_cfg }, + { .compatible = "allwinner,sun50i-a100-mmc", .data = &sun20i_d1_cfg }, { .compatible = "allwinner,sun50i-a100-emmc", .data = &sun50i_a100_emmc_cfg }, + { .compatible = "allwinner,sun50i-h616-mmc", .data = &sun50i_h616_cfg }, { /* sentinel */ } }; MODULE_DEVICE_TABLE(of, sunxi_mmc_of_match);

10 months, 1 week

1
0
0 0

FAILED: patch "[PATCH] mptcp: pm: use _rcu variant under rcu_read_lock" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x db3eab8110bc0520416101b6a5b52f44a43fb4cf # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024111723-vacate-gaining-55ae@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From db3eab8110bc0520416101b6a5b52f44a43fb4cf Mon Sep 17 00:00:00 2001 From: "Matthieu Baerts (NGI0)" <matttbe(a)kernel.org> Date: Tue, 12 Nov 2024 20:18:35 +0100 Subject: [PATCH] mptcp: pm: use _rcu variant under rcu_read_lock In mptcp_pm_create_subflow_or_signal_addr(), rcu_read_(un)lock() are used as expected to iterate over the list of local addresses, but list_for_each_entry() was used instead of list_for_each_entry_rcu() in __lookup_addr(). It is important to use this variant which adds the required READ_ONCE() (and diagnostic checks if enabled). Because __lookup_addr() is also used in mptcp_pm_nl_set_flags() where it is called under the pernet->lock and not rcu_read_lock(), an extra condition is then passed to help the diagnostic checks making sure either the associated spin lock or the RCU lock is held. Fixes: 86e39e04482b ("mptcp: keep track of local endpoint still available for each msk") Cc: stable(a)vger.kernel.org Reviewed-by: Geliang Tang <geliang(a)kernel.org> Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Link: https://patch.msgid.link/20241112-net-mptcp-misc-6-12-pm-v1-3-b835580cefa8@… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c index db586a5b3866..45a2b5f05d38 100644 --- a/net/mptcp/pm_netlink.c +++ b/net/mptcp/pm_netlink.c @@ -524,7 +524,8 @@ __lookup_addr(struct pm_nl_pernet *pernet, const struct mptcp_addr_info *info) { struct mptcp_pm_addr_entry *entry; - list_for_each_entry(entry, &pernet->local_addr_list, list) { + list_for_each_entry_rcu(entry, &pernet->local_addr_list, list, + lockdep_is_held(&pernet->lock)) { if (mptcp_addresses_equal(&entry->addr, info, entry->addr.port)) return entry; }

10 months, 1 week

1
0
0 0

FAILED: patch "[PATCH] mptcp: pm: use _rcu variant under rcu_read_lock" failed to apply to 6.6-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.6-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y git checkout FETCH_HEAD git cherry-pick -x db3eab8110bc0520416101b6a5b52f44a43fb4cf # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024111722-mandate-unzip-8568@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From db3eab8110bc0520416101b6a5b52f44a43fb4cf Mon Sep 17 00:00:00 2001 From: "Matthieu Baerts (NGI0)" <matttbe(a)kernel.org> Date: Tue, 12 Nov 2024 20:18:35 +0100 Subject: [PATCH] mptcp: pm: use _rcu variant under rcu_read_lock In mptcp_pm_create_subflow_or_signal_addr(), rcu_read_(un)lock() are used as expected to iterate over the list of local addresses, but list_for_each_entry() was used instead of list_for_each_entry_rcu() in __lookup_addr(). It is important to use this variant which adds the required READ_ONCE() (and diagnostic checks if enabled). Because __lookup_addr() is also used in mptcp_pm_nl_set_flags() where it is called under the pernet->lock and not rcu_read_lock(), an extra condition is then passed to help the diagnostic checks making sure either the associated spin lock or the RCU lock is held. Fixes: 86e39e04482b ("mptcp: keep track of local endpoint still available for each msk") Cc: stable(a)vger.kernel.org Reviewed-by: Geliang Tang <geliang(a)kernel.org> Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Link: https://patch.msgid.link/20241112-net-mptcp-misc-6-12-pm-v1-3-b835580cefa8@… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c index db586a5b3866..45a2b5f05d38 100644 --- a/net/mptcp/pm_netlink.c +++ b/net/mptcp/pm_netlink.c @@ -524,7 +524,8 @@ __lookup_addr(struct pm_nl_pernet *pernet, const struct mptcp_addr_info *info) { struct mptcp_pm_addr_entry *entry; - list_for_each_entry(entry, &pernet->local_addr_list, list) { + list_for_each_entry_rcu(entry, &pernet->local_addr_list, list, + lockdep_is_held(&pernet->lock)) { if (mptcp_addresses_equal(&entry->addr, info, entry->addr.port)) return entry; }

10 months, 1 week

1
0
0 0

FAILED: patch "[PATCH] mptcp: hold pm lock when deleting entry" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x f642c5c4d528d11bd78b6c6f84f541cd3c0bea86 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024111712-unnerving-implicate-ad47@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From f642c5c4d528d11bd78b6c6f84f541cd3c0bea86 Mon Sep 17 00:00:00 2001 From: Geliang Tang <geliang(a)kernel.org> Date: Tue, 12 Nov 2024 20:18:34 +0100 Subject: [PATCH] mptcp: hold pm lock when deleting entry When traversing userspace_pm_local_addr_list and deleting an entry from it in mptcp_pm_nl_remove_doit(), msk->pm.lock should be held. This patch holds this lock before mptcp_userspace_pm_lookup_addr_by_id() and releases it after list_move() in mptcp_pm_nl_remove_doit(). Fixes: d9a4594edabf ("mptcp: netlink: Add MPTCP_PM_CMD_REMOVE") Cc: stable(a)vger.kernel.org Signed-off-by: Geliang Tang <tanggeliang(a)kylinos.cn> Reviewed-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Link: https://patch.msgid.link/20241112-net-mptcp-misc-6-12-pm-v1-2-b835580cefa8@… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> diff --git a/net/mptcp/pm_userspace.c b/net/mptcp/pm_userspace.c index 3f888bfe1462..e35178f5205f 100644 --- a/net/mptcp/pm_userspace.c +++ b/net/mptcp/pm_userspace.c @@ -308,14 +308,17 @@ int mptcp_pm_nl_remove_doit(struct sk_buff *skb, struct genl_info *info) lock_sock(sk); + spin_lock_bh(&msk->pm.lock); match = mptcp_userspace_pm_lookup_addr_by_id(msk, id_val); if (!match) { GENL_SET_ERR_MSG(info, "address with specified id not found"); + spin_unlock_bh(&msk->pm.lock); release_sock(sk); goto out; } list_move(&match->list, &free_list); + spin_unlock_bh(&msk->pm.lock); mptcp_pm_remove_addrs(msk, &free_list);

10 months, 1 week

1
0
0 0

FAILED: patch "[PATCH] mptcp: hold pm lock when deleting entry" failed to apply to 6.6-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.6-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y git checkout FETCH_HEAD git cherry-pick -x f642c5c4d528d11bd78b6c6f84f541cd3c0bea86 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024111711-buffed-reason-f96e@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From f642c5c4d528d11bd78b6c6f84f541cd3c0bea86 Mon Sep 17 00:00:00 2001 From: Geliang Tang <geliang(a)kernel.org> Date: Tue, 12 Nov 2024 20:18:34 +0100 Subject: [PATCH] mptcp: hold pm lock when deleting entry When traversing userspace_pm_local_addr_list and deleting an entry from it in mptcp_pm_nl_remove_doit(), msk->pm.lock should be held. This patch holds this lock before mptcp_userspace_pm_lookup_addr_by_id() and releases it after list_move() in mptcp_pm_nl_remove_doit(). Fixes: d9a4594edabf ("mptcp: netlink: Add MPTCP_PM_CMD_REMOVE") Cc: stable(a)vger.kernel.org Signed-off-by: Geliang Tang <tanggeliang(a)kylinos.cn> Reviewed-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Link: https://patch.msgid.link/20241112-net-mptcp-misc-6-12-pm-v1-2-b835580cefa8@… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> diff --git a/net/mptcp/pm_userspace.c b/net/mptcp/pm_userspace.c index 3f888bfe1462..e35178f5205f 100644 --- a/net/mptcp/pm_userspace.c +++ b/net/mptcp/pm_userspace.c @@ -308,14 +308,17 @@ int mptcp_pm_nl_remove_doit(struct sk_buff *skb, struct genl_info *info) lock_sock(sk); + spin_lock_bh(&msk->pm.lock); match = mptcp_userspace_pm_lookup_addr_by_id(msk, id_val); if (!match) { GENL_SET_ERR_MSG(info, "address with specified id not found"); + spin_unlock_bh(&msk->pm.lock); release_sock(sk); goto out; } list_move(&match->list, &free_list); + spin_unlock_bh(&msk->pm.lock); mptcp_pm_remove_addrs(msk, &free_list);

10 months, 1 week

1
0
0 0

FAILED: patch "[PATCH] mptcp: update local address flags when setting it" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x e0266319413d5d687ba7b6df7ca99e4b9724a4f2 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024111759-tummy-survey-9bee@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From e0266319413d5d687ba7b6df7ca99e4b9724a4f2 Mon Sep 17 00:00:00 2001 From: Geliang Tang <geliang(a)kernel.org> Date: Tue, 12 Nov 2024 20:18:33 +0100 Subject: [PATCH] mptcp: update local address flags when setting it Just like in-kernel pm, when userspace pm does set_flags, it needs to send out MP_PRIO signal, and also modify the flags of the corresponding address entry in the local address list. This patch implements the missing logic. Traverse all address entries on userspace_pm_local_addr_list to find the local address entry, if bkup is true, set the flags of this entry with FLAG_BACKUP, otherwise, clear FLAG_BACKUP. Fixes: 892f396c8e68 ("mptcp: netlink: issue MP_PRIO signals from userspace PMs") Cc: stable(a)vger.kernel.org Signed-off-by: Geliang Tang <tanggeliang(a)kylinos.cn> Reviewed-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Link: https://patch.msgid.link/20241112-net-mptcp-misc-6-12-pm-v1-1-b835580cefa8@… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> diff --git a/net/mptcp/pm_userspace.c b/net/mptcp/pm_userspace.c index 56dfea9862b7..3f888bfe1462 100644 --- a/net/mptcp/pm_userspace.c +++ b/net/mptcp/pm_userspace.c @@ -560,6 +560,7 @@ int mptcp_userspace_pm_set_flags(struct sk_buff *skb, struct genl_info *info) struct nlattr *token = info->attrs[MPTCP_PM_ATTR_TOKEN]; struct nlattr *attr = info->attrs[MPTCP_PM_ATTR_ADDR]; struct net *net = sock_net(skb->sk); + struct mptcp_pm_addr_entry *entry; struct mptcp_sock *msk; int ret = -EINVAL; struct sock *sk; @@ -601,6 +602,17 @@ int mptcp_userspace_pm_set_flags(struct sk_buff *skb, struct genl_info *info) if (loc.flags & MPTCP_PM_ADDR_FLAG_BACKUP) bkup = 1; + spin_lock_bh(&msk->pm.lock); + list_for_each_entry(entry, &msk->pm.userspace_pm_local_addr_list, list) { + if (mptcp_addresses_equal(&entry->addr, &loc.addr, false)) { + if (bkup) + entry->flags |= MPTCP_PM_ADDR_FLAG_BACKUP; + else + entry->flags &= ~MPTCP_PM_ADDR_FLAG_BACKUP; + } + } + spin_unlock_bh(&msk->pm.lock); + lock_sock(sk); ret = mptcp_pm_nl_mp_prio_send_ack(msk, &loc.addr, &rem.addr, bkup); release_sock(sk);

10 months, 1 week

1
0
0 0

FAILED: patch "[PATCH] mptcp: update local address flags when setting it" failed to apply to 6.6-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.6-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y git checkout FETCH_HEAD git cherry-pick -x e0266319413d5d687ba7b6df7ca99e4b9724a4f2 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024111758-headcount-securely-4e49@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From e0266319413d5d687ba7b6df7ca99e4b9724a4f2 Mon Sep 17 00:00:00 2001 From: Geliang Tang <geliang(a)kernel.org> Date: Tue, 12 Nov 2024 20:18:33 +0100 Subject: [PATCH] mptcp: update local address flags when setting it Just like in-kernel pm, when userspace pm does set_flags, it needs to send out MP_PRIO signal, and also modify the flags of the corresponding address entry in the local address list. This patch implements the missing logic. Traverse all address entries on userspace_pm_local_addr_list to find the local address entry, if bkup is true, set the flags of this entry with FLAG_BACKUP, otherwise, clear FLAG_BACKUP. Fixes: 892f396c8e68 ("mptcp: netlink: issue MP_PRIO signals from userspace PMs") Cc: stable(a)vger.kernel.org Signed-off-by: Geliang Tang <tanggeliang(a)kylinos.cn> Reviewed-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> Link: https://patch.msgid.link/20241112-net-mptcp-misc-6-12-pm-v1-1-b835580cefa8@… Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> diff --git a/net/mptcp/pm_userspace.c b/net/mptcp/pm_userspace.c index 56dfea9862b7..3f888bfe1462 100644 --- a/net/mptcp/pm_userspace.c +++ b/net/mptcp/pm_userspace.c @@ -560,6 +560,7 @@ int mptcp_userspace_pm_set_flags(struct sk_buff *skb, struct genl_info *info) struct nlattr *token = info->attrs[MPTCP_PM_ATTR_TOKEN]; struct nlattr *attr = info->attrs[MPTCP_PM_ATTR_ADDR]; struct net *net = sock_net(skb->sk); + struct mptcp_pm_addr_entry *entry; struct mptcp_sock *msk; int ret = -EINVAL; struct sock *sk; @@ -601,6 +602,17 @@ int mptcp_userspace_pm_set_flags(struct sk_buff *skb, struct genl_info *info) if (loc.flags & MPTCP_PM_ADDR_FLAG_BACKUP) bkup = 1; + spin_lock_bh(&msk->pm.lock); + list_for_each_entry(entry, &msk->pm.userspace_pm_local_addr_list, list) { + if (mptcp_addresses_equal(&entry->addr, &loc.addr, false)) { + if (bkup) + entry->flags |= MPTCP_PM_ADDR_FLAG_BACKUP; + else + entry->flags &= ~MPTCP_PM_ADDR_FLAG_BACKUP; + } + } + spin_unlock_bh(&msk->pm.lock); + lock_sock(sk); ret = mptcp_pm_nl_mp_prio_send_ack(msk, &loc.addr, &rem.addr, bkup); release_sock(sk);

10 months, 1 week

1
0
0 0

FAILED: patch "[PATCH] mm: page_alloc: move mlocked flag clearance into" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 66edc3a5894c74f8887c8af23b97593a0dd0df4d # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024111716-active-chess-e47f@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 66edc3a5894c74f8887c8af23b97593a0dd0df4d Mon Sep 17 00:00:00 2001 From: Roman Gushchin <roman.gushchin(a)linux.dev> Date: Wed, 6 Nov 2024 19:53:54 +0000 Subject: [PATCH] mm: page_alloc: move mlocked flag clearance into free_pages_prepare() Syzbot reported a bad page state problem caused by a page being freed using free_page() still having a mlocked flag at free_pages_prepare() stage: BUG: Bad page state in process syz.5.504 pfn:61f45 page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x61f45 flags: 0xfff00000080204(referenced|workingset|mlocked|node=0|zone=1|lastcpupid=0x7ff) raw: 00fff00000080204 0000000000000000 dead000000000122 0000000000000000 raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set page_owner tracks the page as allocated page last allocated via order 0, migratetype Unmovable, gfp_mask 0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), pid 8443, tgid 8442 (syz.5.504), ts 201884660643, free_ts 201499827394 set_page_owner include/linux/page_owner.h:32 [inline] post_alloc_hook+0x1f3/0x230 mm/page_alloc.c:1537 prep_new_page mm/page_alloc.c:1545 [inline] get_page_from_freelist+0x303f/0x3190 mm/page_alloc.c:3457 __alloc_pages_noprof+0x292/0x710 mm/page_alloc.c:4733 alloc_pages_mpol_noprof+0x3e8/0x680 mm/mempolicy.c:2265 kvm_coalesced_mmio_init+0x1f/0xf0 virt/kvm/coalesced_mmio.c:99 kvm_create_vm virt/kvm/kvm_main.c:1235 [inline] kvm_dev_ioctl_create_vm virt/kvm/kvm_main.c:5488 [inline] kvm_dev_ioctl+0x12dc/0x2240 virt/kvm/kvm_main.c:5530 __do_compat_sys_ioctl fs/ioctl.c:1007 [inline] __se_compat_sys_ioctl+0x510/0xc90 fs/ioctl.c:950 do_syscall_32_irqs_on arch/x86/entry/common.c:165 [inline] __do_fast_syscall_32+0xb4/0x110 arch/x86/entry/common.c:386 do_fast_syscall_32+0x34/0x80 arch/x86/entry/common.c:411 entry_SYSENTER_compat_after_hwframe+0x84/0x8e page last free pid 8399 tgid 8399 stack trace: reset_page_owner include/linux/page_owner.h:25 [inline] free_pages_prepare mm/page_alloc.c:1108 [inline] free_unref_folios+0xf12/0x18d0 mm/page_alloc.c:2686 folios_put_refs+0x76c/0x860 mm/swap.c:1007 free_pages_and_swap_cache+0x5c8/0x690 mm/swap_state.c:335 __tlb_batch_free_encoded_pages mm/mmu_gather.c:136 [inline] tlb_batch_pages_flush mm/mmu_gather.c:149 [inline] tlb_flush_mmu_free mm/mmu_gather.c:366 [inline] tlb_flush_mmu+0x3a3/0x680 mm/mmu_gather.c:373 tlb_finish_mmu+0xd4/0x200 mm/mmu_gather.c:465 exit_mmap+0x496/0xc40 mm/mmap.c:1926 __mmput+0x115/0x390 kernel/fork.c:1348 exit_mm+0x220/0x310 kernel/exit.c:571 do_exit+0x9b2/0x28e0 kernel/exit.c:926 do_group_exit+0x207/0x2c0 kernel/exit.c:1088 __do_sys_exit_group kernel/exit.c:1099 [inline] __se_sys_exit_group kernel/exit.c:1097 [inline] __x64_sys_exit_group+0x3f/0x40 kernel/exit.c:1097 x64_sys_call+0x2634/0x2640 arch/x86/include/generated/asm/syscalls_64.h:232 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Modules linked in: CPU: 0 UID: 0 PID: 8442 Comm: syz.5.504 Not tainted 6.12.0-rc6-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 Call Trace: <TASK> __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 bad_page+0x176/0x1d0 mm/page_alloc.c:501 free_page_is_bad mm/page_alloc.c:918 [inline] free_pages_prepare mm/page_alloc.c:1100 [inline] free_unref_page+0xed0/0xf20 mm/page_alloc.c:2638 kvm_destroy_vm virt/kvm/kvm_main.c:1327 [inline] kvm_put_kvm+0xc75/0x1350 virt/kvm/kvm_main.c:1386 kvm_vcpu_release+0x54/0x60 virt/kvm/kvm_main.c:4143 __fput+0x23f/0x880 fs/file_table.c:431 task_work_run+0x24f/0x310 kernel/task_work.c:239 exit_task_work include/linux/task_work.h:43 [inline] do_exit+0xa2f/0x28e0 kernel/exit.c:939 do_group_exit+0x207/0x2c0 kernel/exit.c:1088 __do_sys_exit_group kernel/exit.c:1099 [inline] __se_sys_exit_group kernel/exit.c:1097 [inline] __ia32_sys_exit_group+0x3f/0x40 kernel/exit.c:1097 ia32_sys_call+0x2624/0x2630 arch/x86/include/generated/asm/syscalls_32.h:253 do_syscall_32_irqs_on arch/x86/entry/common.c:165 [inline] __do_fast_syscall_32+0xb4/0x110 arch/x86/entry/common.c:386 do_fast_syscall_32+0x34/0x80 arch/x86/entry/common.c:411 entry_SYSENTER_compat_after_hwframe+0x84/0x8e RIP: 0023:0xf745d579 Code: Unable to access opcode bytes at 0xf745d54f. RSP: 002b:00000000f75afd6c EFLAGS: 00000206 ORIG_RAX: 00000000000000fc RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 00000000ffffff9c RDI: 00000000f744cff4 RBP: 00000000f717ae61 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 </TASK> The problem was originally introduced by commit b109b87050df ("mm/munlock: replace clear_page_mlock() by final clearance"): it was focused on handling pagecache and anonymous memory and wasn't suitable for lower level get_page()/free_page() API's used for example by KVM, as with this reproducer. Fix it by moving the mlocked flag clearance down to free_page_prepare(). The bug itself if fairly old and harmless (aside from generating these warnings), aside from a small memory leak - "bad" pages are stopped from being allocated again. Link: https://lkml.kernel.org/r/20241106195354.270757-1-roman.gushchin@linux.dev Fixes: b109b87050df ("mm/munlock: replace clear_page_mlock() by final clearance") Signed-off-by: Roman Gushchin <roman.gushchin(a)linux.dev> Reported-by: syzbot+e985d3026c4fd041578e(a)syzkaller.appspotmail.com Closes: https://lore.kernel.org/all/6729f475.050a0220.701a.0019.GAE@google.com Acked-by: Hugh Dickins <hughd(a)google.com> Cc: Matthew Wilcox <willy(a)infradead.org> Cc: Sean Christopherson <seanjc(a)google.com> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> diff --git a/mm/page_alloc.c b/mm/page_alloc.c index c6c7bb3ea71b..216fbbfbedcf 100644 --- a/mm/page_alloc.c +++ b/mm/page_alloc.c @@ -1048,6 +1048,7 @@ __always_inline bool free_pages_prepare(struct page *page, bool skip_kasan_poison = should_skip_kasan_poison(page); bool init = want_init_on_free(); bool compound = PageCompound(page); + struct folio *folio = page_folio(page); VM_BUG_ON_PAGE(PageTail(page), page); @@ -1057,6 +1058,20 @@ __always_inline bool free_pages_prepare(struct page *page, if (memcg_kmem_online() && PageMemcgKmem(page)) __memcg_kmem_uncharge_page(page, order); + /* + * In rare cases, when truncation or holepunching raced with + * munlock after VM_LOCKED was cleared, Mlocked may still be + * found set here. This does not indicate a problem, unless + * "unevictable_pgs_cleared" appears worryingly large. + */ + if (unlikely(folio_test_mlocked(folio))) { + long nr_pages = folio_nr_pages(folio); + + __folio_clear_mlocked(folio); + zone_stat_mod_folio(folio, NR_MLOCK, -nr_pages); + count_vm_events(UNEVICTABLE_PGCLEARED, nr_pages); + } + if (unlikely(PageHWPoison(page)) && !order) { /* Do not let hwpoison pages hit pcplists/buddy */ reset_page_owner(page, order); diff --git a/mm/swap.c b/mm/swap.c index b8e3259ea2c4..59f30a981c6f 100644 --- a/mm/swap.c +++ b/mm/swap.c @@ -78,20 +78,6 @@ static void __page_cache_release(struct folio *folio, struct lruvec **lruvecp, lruvec_del_folio(*lruvecp, folio); __folio_clear_lru_flags(folio); } - - /* - * In rare cases, when truncation or holepunching raced with - * munlock after VM_LOCKED was cleared, Mlocked may still be - * found set here. This does not indicate a problem, unless - * "unevictable_pgs_cleared" appears worryingly large. - */ - if (unlikely(folio_test_mlocked(folio))) { - long nr_pages = folio_nr_pages(folio); - - __folio_clear_mlocked(folio); - zone_stat_mod_folio(folio, NR_MLOCK, -nr_pages); - count_vm_events(UNEVICTABLE_PGCLEARED, nr_pages); - } } /*

10 months, 1 week

1
0
0 0

FAILED: patch "[PATCH] KVM: nVMX: Treat vpid01 as current if L2 is active, but with" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x 2657b82a78f18528bef56dc1b017158490970873 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024111738-mystified-chunk-c6a7@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 2657b82a78f18528bef56dc1b017158490970873 Mon Sep 17 00:00:00 2001 From: Sean Christopherson <seanjc(a)google.com> Date: Thu, 31 Oct 2024 13:20:11 -0700 Subject: [PATCH] KVM: nVMX: Treat vpid01 as current if L2 is active, but with VPID disabled When getting the current VPID, e.g. to emulate a guest TLB flush, return vpid01 if L2 is running but with VPID disabled, i.e. if VPID is disabled in vmcs12. Architecturally, if VPID is disabled, then the guest and host effectively share VPID=0. KVM emulates this behavior by using vpid01 when running an L2 with VPID disabled (see prepare_vmcs02_early_rare()), and so KVM must also treat vpid01 as the current VPID while L2 is active. Unconditionally treating vpid02 as the current VPID when L2 is active causes KVM to flush TLB entries for vpid02 instead of vpid01, which results in TLB entries from L1 being incorrectly preserved across nested VM-Enter to L2 (L2=>L1 isn't problematic, because the TLB flush after nested VM-Exit flushes vpid01). The bug manifests as failures in the vmx_apicv_test KVM-Unit-Test, as KVM incorrectly retains TLB entries for the APIC-access page across a nested VM-Enter. Opportunisticaly add comments at various touchpoints to explain the architectural requirements, and also why KVM uses vpid01 instead of vpid02. All credit goes to Chao, who root caused the issue and identified the fix. Link: https://lore.kernel.org/all/ZwzczkIlYGX+QXJz@intel.com Fixes: 2b4a5a5d5688 ("KVM: nVMX: Flush current VPID (L1 vs. L2) for KVM_REQ_TLB_FLUSH_GUEST") Cc: stable(a)vger.kernel.org Cc: Like Xu <like.xu.linux(a)gmail.com> Debugged-by: Chao Gao <chao.gao(a)intel.com> Reviewed-by: Chao Gao <chao.gao(a)intel.com> Tested-by: Chao Gao <chao.gao(a)intel.com> Link: https://lore.kernel.org/r/20241031202011.1580522-1-seanjc@google.com Signed-off-by: Sean Christopherson <seanjc(a)google.com> diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index a8e7bc04d9bf..931a7361c30f 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -1197,11 +1197,14 @@ static void nested_vmx_transition_tlb_flush(struct kvm_vcpu *vcpu, kvm_hv_nested_transtion_tlb_flush(vcpu, enable_ept); /* - * If vmcs12 doesn't use VPID, L1 expects linear and combined mappings - * for *all* contexts to be flushed on VM-Enter/VM-Exit, i.e. it's a - * full TLB flush from the guest's perspective. This is required even - * if VPID is disabled in the host as KVM may need to synchronize the - * MMU in response to the guest TLB flush. + * If VPID is disabled, then guest TLB accesses use VPID=0, i.e. the + * same VPID as the host, and so architecturally, linear and combined + * mappings for VPID=0 must be flushed at VM-Enter and VM-Exit. KVM + * emulates L2 sharing L1's VPID=0 by using vpid01 while running L2, + * and so KVM must also emulate TLB flush of VPID=0, i.e. vpid01. This + * is required if VPID is disabled in KVM, as a TLB flush (there are no + * VPIDs) still occurs from L1's perspective, and KVM may need to + * synchronize the MMU in response to the guest TLB flush. * * Note, using TLB_FLUSH_GUEST is correct even if nested EPT is in use. * EPT is a special snowflake, as guest-physical mappings aren't @@ -2315,6 +2318,17 @@ static void prepare_vmcs02_early_rare(struct vcpu_vmx *vmx, vmcs_write64(VMCS_LINK_POINTER, INVALID_GPA); + /* + * If VPID is disabled, then guest TLB accesses use VPID=0, i.e. the + * same VPID as the host. Emulate this behavior by using vpid01 for L2 + * if VPID is disabled in vmcs12. Note, if VPID is disabled, VM-Enter + * and VM-Exit are architecturally required to flush VPID=0, but *only* + * VPID=0. I.e. using vpid02 would be ok (so long as KVM emulates the + * required flushes), but doing so would cause KVM to over-flush. E.g. + * if L1 runs L2 X with VPID12=1, then runs L2 Y with VPID12 disabled, + * and then runs L2 X again, then KVM can and should retain TLB entries + * for VPID12=1. + */ if (enable_vpid) { if (nested_cpu_has_vpid(vmcs12) && vmx->nested.vpid02) vmcs_write16(VIRTUAL_PROCESSOR_ID, vmx->nested.vpid02); @@ -5950,6 +5964,12 @@ static int handle_invvpid(struct kvm_vcpu *vcpu) return nested_vmx_fail(vcpu, VMXERR_INVALID_OPERAND_TO_INVEPT_INVVPID); + /* + * Always flush the effective vpid02, i.e. never flush the current VPID + * and never explicitly flush vpid01. INVVPID targets a VPID, not a + * VMCS, and so whether or not the current vmcs12 has VPID enabled is + * irrelevant (and there may not be a loaded vmcs12). + */ vpid02 = nested_get_vpid02(vcpu); switch (type) { case VMX_VPID_EXTENT_INDIVIDUAL_ADDR: diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 81ed596e4454..9886d67d9512 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -3216,7 +3216,7 @@ void vmx_flush_tlb_all(struct kvm_vcpu *vcpu) static inline int vmx_get_current_vpid(struct kvm_vcpu *vcpu) { - if (is_guest_mode(vcpu)) + if (is_guest_mode(vcpu) && nested_cpu_has_vpid(get_vmcs12(vcpu))) return nested_get_vpid02(vcpu); return to_vmx(vcpu)->vpid; }

10 months, 1 week

1
0
0 0

FAILED: patch "[PATCH] mm: revert "mm: shmem: fix data-race in shmem_getattr()"" failed to apply to 4.19-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.19-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-4.19.y git checkout FETCH_HEAD git cherry-pick -x d1aa0c04294e29883d65eac6c2f72fe95cc7c049 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024111704-operator-cusp-93c5@gregkh' --subject-prefix 'PATCH 4.19.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From d1aa0c04294e29883d65eac6c2f72fe95cc7c049 Mon Sep 17 00:00:00 2001 From: Andrew Morton <akpm(a)linux-foundation.org> Date: Fri, 15 Nov 2024 16:57:24 -0800 Subject: [PATCH] mm: revert "mm: shmem: fix data-race in shmem_getattr()" Revert d949d1d14fa2 ("mm: shmem: fix data-race in shmem_getattr()") as suggested by Chuck [1]. It is causing deadlocks when accessing tmpfs over NFS. As Hugh commented, "added just to silence a syzbot sanitizer splat: added where there has never been any practical problem". Link: https://lkml.kernel.org/r/ZzdxKF39VEmXSSyN@tissot.1015granger.net [1] Fixes: d949d1d14fa2 ("mm: shmem: fix data-race in shmem_getattr()") Acked-by: Hugh Dickins <hughd(a)google.com> Cc: Chuck Lever <chuck.lever(a)oracle.com> Cc: Jeongjun Park <aha310510(a)gmail.com> Cc: Yu Zhao <yuzhao(a)google.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> diff --git a/mm/shmem.c b/mm/shmem.c index e87f5d6799a7..568bb290bdce 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -1166,9 +1166,7 @@ static int shmem_getattr(struct mnt_idmap *idmap, stat->attributes_mask |= (STATX_ATTR_APPEND | STATX_ATTR_IMMUTABLE | STATX_ATTR_NODUMP); - inode_lock_shared(inode); generic_fillattr(idmap, request_mask, inode, stat); - inode_unlock_shared(inode); if (shmem_huge_global_enabled(inode, 0, 0, false, NULL, 0)) stat->blksize = HPAGE_PMD_SIZE;

10 months, 1 week

1
0
0 0

FAILED: patch "[PATCH] mm: revert "mm: shmem: fix data-race in shmem_getattr()"" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x d1aa0c04294e29883d65eac6c2f72fe95cc7c049 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024111703-shopper-overtly-8e35@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From d1aa0c04294e29883d65eac6c2f72fe95cc7c049 Mon Sep 17 00:00:00 2001 From: Andrew Morton <akpm(a)linux-foundation.org> Date: Fri, 15 Nov 2024 16:57:24 -0800 Subject: [PATCH] mm: revert "mm: shmem: fix data-race in shmem_getattr()" Revert d949d1d14fa2 ("mm: shmem: fix data-race in shmem_getattr()") as suggested by Chuck [1]. It is causing deadlocks when accessing tmpfs over NFS. As Hugh commented, "added just to silence a syzbot sanitizer splat: added where there has never been any practical problem". Link: https://lkml.kernel.org/r/ZzdxKF39VEmXSSyN@tissot.1015granger.net [1] Fixes: d949d1d14fa2 ("mm: shmem: fix data-race in shmem_getattr()") Acked-by: Hugh Dickins <hughd(a)google.com> Cc: Chuck Lever <chuck.lever(a)oracle.com> Cc: Jeongjun Park <aha310510(a)gmail.com> Cc: Yu Zhao <yuzhao(a)google.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> diff --git a/mm/shmem.c b/mm/shmem.c index e87f5d6799a7..568bb290bdce 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -1166,9 +1166,7 @@ static int shmem_getattr(struct mnt_idmap *idmap, stat->attributes_mask |= (STATX_ATTR_APPEND | STATX_ATTR_IMMUTABLE | STATX_ATTR_NODUMP); - inode_lock_shared(inode); generic_fillattr(idmap, request_mask, inode, stat); - inode_unlock_shared(inode); if (shmem_huge_global_enabled(inode, 0, 0, false, NULL, 0)) stat->blksize = HPAGE_PMD_SIZE;

10 months, 1 week

1
0
0 0

[PATCH 1/4] KVM: arm64: vgic-v3: Sanitise guest writes to GICR_INVLPIR

by Marc Zyngier

Make sure we filter out non-LPI invalidation when handling writes to GICR_INVLPIR. Fixes: 4645d11f4a553 ("KVM: arm64: vgic-v3: Implement MMIO-based LPI invalidation") Reported-by: Alexander Potapenko <glider(a)google.com> Tested-by: Alexander Potapenko <glider(a)google.com> Signed-off-by: Marc Zyngier <maz(a)kernel.org> Cc: stable(a)vger.kernel.org --- arch/arm64/kvm/vgic/vgic-mmio-v3.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/arch/arm64/kvm/vgic/vgic-mmio-v3.c b/arch/arm64/kvm/vgic/vgic-mmio-v3.c index 9e50928f5d7df..70a44852cbafe 100644 --- a/arch/arm64/kvm/vgic/vgic-mmio-v3.c +++ b/arch/arm64/kvm/vgic/vgic-mmio-v3.c @@ -530,6 +530,7 @@ static void vgic_mmio_write_invlpi(struct kvm_vcpu *vcpu, unsigned long val) { struct vgic_irq *irq; + u32 intid; /* * If the guest wrote only to the upper 32bit part of the @@ -541,9 +542,13 @@ static void vgic_mmio_write_invlpi(struct kvm_vcpu *vcpu, if ((addr & 4) || !vgic_lpis_enabled(vcpu)) return; + intid = lower_32_bits(val); + if (intid < VGIC_MIN_LPI) + return; + vgic_set_rdist_busy(vcpu, true); - irq = vgic_get_irq(vcpu->kvm, NULL, lower_32_bits(val)); + irq = vgic_get_irq(vcpu->kvm, NULL, intid); if (irq) { vgic_its_inv_lpi(vcpu->kvm, irq); vgic_put_irq(vcpu->kvm, irq); -- 2.39.2

10 months, 1 week

1
0
0 0

Linux 6.11.9

by Greg Kroah-Hartman

I'm announcing the release of the 6.11.9 kernel. All users of the 6.11 kernel series must upgrade. The updated 6.11.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.11.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/loongarch/include/asm/loongarch.h | 2 arch/loongarch/kvm/timer.c | 7 - arch/loongarch/kvm/vcpu.c | 2 arch/powerpc/platforms/powernv/opal-irqchip.c | 1 arch/riscv/kvm/aia_imsic.c | 8 - block/elevator.c | 4 crypto/algapi.c | 2 drivers/crypto/marvell/cesa/hash.c | 12 +- drivers/gpu/drm/amd/amdkfd/kfd_chardev.c | 6 - drivers/gpu/drm/amd/amdkfd/kfd_priv.h | 2 drivers/gpu/drm/amd/amdkfd/kfd_process.c | 4 drivers/gpu/drm/amd/amdkfd/kfd_svm.c | 26 +++++ drivers/gpu/drm/vmwgfx/vmwgfx_drv.h | 4 drivers/gpu/drm/vmwgfx/vmwgfx_kms.c | 4 drivers/gpu/drm/vmwgfx/vmwgfx_kms.h | 3 drivers/gpu/drm/xe/xe_device.c | 2 drivers/gpu/drm/xe/xe_force_wake.c | 12 +- drivers/gpu/drm/xe/xe_guc_ct.c | 18 +++ drivers/gpu/drm/xe/xe_guc_submit.c | 14 ++ drivers/gpu/drm/xe/xe_query.c | 6 - drivers/gpu/drm/xe/xe_sync.c | 3 drivers/hid/hid-ids.h | 2 drivers/hid/hid-lenovo.c | 8 + drivers/hid/hid-multitouch.c | 13 ++ drivers/hid/i2c-hid/i2c-hid-core.c | 10 + drivers/infiniband/sw/siw/siw_qp_tx.c | 2 drivers/iommu/arm/arm-smmu/arm-smmu-impl.c | 4 drivers/irqchip/irq-mscc-ocelot.c | 4 drivers/net/mdio/mdio-bcm-unimac.c | 1 drivers/net/usb/qmi_wwan.c | 1 drivers/nvme/host/core.c | 52 +++++----- drivers/nvme/host/multipath.c | 33 ++++++ drivers/nvme/host/nvme.h | 1 drivers/nvme/host/tcp.c | 7 - drivers/nvme/target/loop.c | 13 ++ drivers/nvme/target/passthru.c | 6 - drivers/pinctrl/intel/Kconfig | 1 drivers/pinctrl/pinctrl-aw9523.c | 6 - drivers/s390/crypto/ap_bus.c | 3 drivers/s390/crypto/ap_bus.h | 2 drivers/s390/crypto/ap_queue.c | 28 +++-- drivers/vdpa/ifcvf/ifcvf_base.c | 2 drivers/virtio/virtio_pci_common.c | 24 +++- drivers/virtio/virtio_pci_common.h | 1 drivers/virtio/virtio_pci_modern.c | 12 -- fs/9p/fid.c | 5 fs/afs/internal.h | 2 fs/afs/rxrpc.c | 83 +++++++++++----- fs/netfs/locking.c | 3 fs/ocfs2/file.c | 9 + fs/smb/client/connect.c | 14 ++ include/net/tls.h | 12 +- kernel/bpf/syscall.c | 14 +- kernel/bpf/verifier.c | 4 mm/slab_common.c | 2 net/9p/client.c | 12 ++ net/core/filter.c | 2 samples/landlock/sandboxer.c | 32 +++++- sound/Kconfig | 2 sound/pci/hda/patch_realtek.c | 29 +++++ sound/soc/amd/yc/acp6x-mach.c | 14 ++ sound/soc/codecs/aw88399.c | 2 sound/soc/codecs/lpass-rx-macro.c | 15 +- sound/soc/codecs/rt722-sdca-sdw.c | 2 sound/soc/fsl/fsl_micfil.c | 38 +++++++ sound/soc/intel/avs/core.c | 3 sound/soc/intel/avs/pcm.c | 19 +++ sound/soc/intel/avs/pcm.h | 16 +++ sound/soc/intel/common/soc-acpi-intel-lnl-match.c | 38 +++++++ tools/testing/selftests/bpf/prog_tests/fill_link_info.c | 9 + tools/testing/selftests/bpf/progs/verifier_scalar_ids.c | 67 ++++++++++++ 72 files changed, 664 insertions(+), 164 deletions(-) Alessandro Zanni (1): fs: Fix uninitialized value issue in from_kuid and from_kgid Alexey Klimov (1): ASoC: codecs: lpass-rx-macro: fix RXn(rx,n) macro for DSM_CTL and SEC7 regs Amadeusz Sławiński (1): ASoC: Intel: avs: Update stream status in a separate thread Andy Shevchenko (1): pinctrl: intel: platform: Add Panther Lake to the list of supported Badal Nilawar (1): drm/xe/guc/ct: Flush g2h worker in case of g2h response timeout Baojun Xu (1): ALSA: hda/tas2781: Add new quirk for Lenovo, ASUS, Dell projects Bartłomiej Maryńczak (1): HID: i2c-hid: Delayed i2c resume wakeup for 0x0d42 Goodix touchpad Breno Leitao (1): nvme/host: Fix RCU list traversal to use SRCU primitive Christian Heusel (1): ASoC: amd: yc: Add quirk for ASUS Vivobook S15 M3502RA Cyan Yang (1): RISCV: KVM: use raw_spinlock for critical section in imsic David Howells (2): netfs: Downgrade i_rwsem for a buffered write afs: Fix lock recursion Derek Fang (1): ASoC: Intel: soc-acpi: lnl: Add match entry for TM2 laptops Dominique Martinet (1): 9p: v9fs_fid_find: also lookup by inode if not found dentry Eduard Zingerman (1): selftests/bpf: Verify that sync_linked_regs preserves subreg_def Feng Liu (1): virtio_pci: Fix admin vq cleanup by using correct info pointer Greg Joyce (1): nvme: disable CC.CRIME (NVME_CC_CRIME) Greg Kroah-Hartman (1): Linux 6.11.9 Hannes Reinecke (1): nvme: tcp: avoid race between queue_lock lock and destroy Hans de Goede (1): HID: lenovo: Add support for Thinkpad X1 Tablet Gen 3 keyboard Harald Freudenberger (1): s390/ap: Fix CCA crypto card behavior within protected execution environment Herbert Xu (2): crypto: api - Fix liveliness check in crypto_alg_tested crypto: marvell/cesa - Disable hash algorithms Hou Tao (1): bpf: Check validity of link->type in bpf_link_show_fdinfo() Huacai Chen (1): LoongArch: KVM: Mark hrtimer to expire in hard interrupt context Ian Forbes (1): drm/vmwgfx: Limit display layout ioctl array size to VMWGFX_NUM_DISPLAY_UNITS Ilya Dudikov (1): ASoC: amd: yc: Fix non-functional mic on ASUS E1404FA Jack Yu (1): ASoC: rt722-sdca: increase clk_stop_timeout to fix clock stop issue Jiawei Ye (1): bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 Julian Vetter (1): sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML Keith Busch (1): nvme-multipath: defer partition scanning Kenneth Albanowski (1): HID: multitouch: Add quirk for Logitech Bolt receiver w/ Casa touchpad Kuniyuki Iwashima (1): smb: client: Fix use-after-free of network namespace. Linus Torvalds (1): 9p: fix slab cache name creation for real Linus Walleij (1): net: phy: mdio-bcm-unimac: Add BCM6846 support Lucas De Marchi (1): drm/xe/query: Increase timestamp width Matthieu Buffet (1): samples/landlock: Fix port parsing in sandboxer Michael Ellerman (1): powerpc/powernv: Free name on error in opal_event_init() Nilay Shroff (3): nvmet-passthru: clear EUID/NGUID/UUID while using loop target nvme-loop: flush off pending I/O while shutting down loop controller nvme: make keep-alive synchronous operation Nirmoy Das (2): drm/xe/ufence: Prefetch ufence addr to catch bogus address drm/xe: Don't restart parallel queues multiple times on GT reset Pedro Falcato (1): 9p: Avoid creating multiple slab caches with the same name Philip Yang (1): drm/amdkfd: Accounting pdd vram_usage for svm Qun-Wei Lin (1): mm: krealloc: Fix MTE false alarm in __do_krealloc Reinhard Speyerer (1): net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition Rik van Riel (1): bpf: use kvzmalloc to allocate BPF verifier environment Robin Murphy (1): iommu/arm-smmu: Clarify MMU-500 CPRE workaround Rosen Penev (1): pinctrl: aw9523: add missing mutex_destroy Sergey Matsievskiy (1): irqchip/ocelot: Fix trigger register address Shengjiu Wang (1): ASoC: fsl_micfil: Add sample rate constraint Showrya M N (1): RDMA/siw: Add sendpage_ok() check to disable MSG_SPLICE_PAGES Shuicheng Lin (2): drm/xe: Enlarge the invalidation timeout from 150 to 500 drm/xe: Handle unreliable MMIO reads during forcewake Stefan Blum (1): HID: multitouch: Add support for B2402FVA track point SurajSonawane2415 (1): block: Fix elevator_get_default() checking for NULL q->tag_set Tyrone Wu (1): selftests/bpf: Assert link info uprobe_multi count & path_size if unset WangYuli (1): HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad Yanteng Si (1): LoongArch: Use "Exception return address" to comment ERA Yuan Can (1): vDPA/ifcvf: Fix pci_read_config_byte() return code handling Zhu Jun (1): ASoC: codecs: Fix error handling in aw_dev_get_dsp_status function Zijian Zhang (1): bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx

10 months, 1 week

1
1
0 0

Linux 6.6.62

by Greg Kroah-Hartman

I'm announcing the release of the 6.6.62 kernel. All users of the 6.6 kernel series must upgrade. The updated 6.6.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.6.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/loongarch/include/asm/loongarch.h | 2 arch/powerpc/platforms/powernv/opal-irqchip.c | 1 arch/riscv/kvm/aia_imsic.c | 8 - block/elevator.c | 4 crypto/algapi.c | 2 drivers/crypto/marvell/cesa/hash.c | 12 +- drivers/gpu/drm/amd/amdkfd/kfd_chardev.c | 6 - drivers/gpu/drm/amd/amdkfd/kfd_priv.h | 2 drivers/gpu/drm/amd/amdkfd/kfd_process.c | 4 drivers/gpu/drm/amd/amdkfd/kfd_svm.c | 26 ++++++ drivers/gpu/drm/vmwgfx/vmwgfx_drv.h | 4 drivers/gpu/drm/vmwgfx/vmwgfx_kms.c | 4 drivers/gpu/drm/vmwgfx/vmwgfx_kms.h | 3 drivers/hid/hid-ids.h | 1 drivers/hid/hid-lenovo.c | 8 + drivers/hid/hid-multitouch.c | 13 +++ drivers/infiniband/sw/siw/siw_qp_tx.c | 2 drivers/iommu/arm/arm-smmu/arm-smmu-impl.c | 4 drivers/irqchip/irq-mscc-ocelot.c | 4 drivers/net/mdio/mdio-bcm-unimac.c | 1 drivers/net/usb/qmi_wwan.c | 1 drivers/nvme/host/core.c | 52 ++++++------ drivers/nvme/host/multipath.c | 33 +++++++ drivers/nvme/host/nvme.h | 1 drivers/nvme/host/tcp.c | 7 - drivers/nvme/target/loop.c | 13 +++ drivers/vdpa/ifcvf/ifcvf_base.c | 2 fs/9p/fid.c | 5 - fs/ocfs2/file.c | 9 +- fs/smb/client/connect.c | 14 ++- include/net/tls.h | 12 ++ io_uring/io_uring.c | 5 + kernel/bpf/syscall.c | 14 ++- kernel/bpf/verifier.c | 4 mm/filemap.c | 2 mm/huge_memory.c | 59 ++++++++------ mm/hugetlb.c | 1 mm/internal.h | 27 ++++++ mm/memcontrol.c | 29 ++++++ mm/mempolicy.c | 17 ---- mm/page_alloc.c | 21 +---- mm/readahead.c | 11 -- mm/slab_common.c | 2 net/9p/client.c | 12 ++ net/core/filter.c | 2 sound/Kconfig | 2 sound/soc/amd/yc/acp6x-mach.c | 14 +++ sound/soc/codecs/rt722-sdca-sdw.c | 2 sound/soc/fsl/fsl_micfil.c | 38 +++++++++ tools/testing/selftests/bpf/progs/verifier_scalar_ids.c | 67 ++++++++++++++++ 51 files changed, 450 insertions(+), 141 deletions(-) Alessandro Zanni (1): fs: Fix uninitialized value issue in from_kuid and from_kgid Breno Leitao (1): nvme/host: Fix RCU list traversal to use SRCU primitive Christian Heusel (1): ASoC: amd: yc: Add quirk for ASUS Vivobook S15 M3502RA Cyan Yang (1): RISCV: KVM: use raw_spinlock for critical section in imsic Dominique Martinet (1): 9p: v9fs_fid_find: also lookup by inode if not found dentry Eduard Zingerman (1): selftests/bpf: Verify that sync_linked_regs preserves subreg_def Greg Joyce (1): nvme: disable CC.CRIME (NVME_CC_CRIME) Greg Kroah-Hartman (1): Linux 6.6.62 Hagar Hemdan (1): io_uring: fix possible deadlock in io_register_iowq_max_workers() Hannes Reinecke (1): nvme: tcp: avoid race between queue_lock lock and destroy Hans de Goede (1): HID: lenovo: Add support for Thinkpad X1 Tablet Gen 3 keyboard Herbert Xu (2): crypto: api - Fix liveliness check in crypto_alg_tested crypto: marvell/cesa - Disable hash algorithms Hou Tao (1): bpf: Check validity of link->type in bpf_link_show_fdinfo() Hugh Dickins (2): mm: add page_rmappable_folio() wrapper mm/thp: fix deferred split unqueue naming and locking Ian Forbes (1): drm/vmwgfx: Limit display layout ioctl array size to VMWGFX_NUM_DISPLAY_UNITS Ilya Dudikov (1): ASoC: amd: yc: Fix non-functional mic on ASUS E1404FA Jack Yu (1): ASoC: rt722-sdca: increase clk_stop_timeout to fix clock stop issue Jiawei Ye (1): bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 Julian Vetter (1): sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML Kefeng Wang (1): mm: refactor folio_undo_large_rmappable() Keith Busch (1): nvme-multipath: defer partition scanning Kenneth Albanowski (1): HID: multitouch: Add quirk for Logitech Bolt receiver w/ Casa touchpad Kuniyuki Iwashima (1): smb: client: Fix use-after-free of network namespace. Linus Torvalds (1): 9p: fix slab cache name creation for real Linus Walleij (1): net: phy: mdio-bcm-unimac: Add BCM6846 support Matthew Wilcox (Oracle) (2): mm: support order-1 folios in the page cache mm: always initialise folio->_deferred_list Michael Ellerman (1): powerpc/powernv: Free name on error in opal_event_init() Nilay Shroff (2): nvme-loop: flush off pending I/O while shutting down loop controller nvme: make keep-alive synchronous operation Pedro Falcato (1): 9p: Avoid creating multiple slab caches with the same name Philip Yang (1): drm/amdkfd: Accounting pdd vram_usage for svm Qun-Wei Lin (1): mm: krealloc: Fix MTE false alarm in __do_krealloc Reinhard Speyerer (1): net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition Rik van Riel (1): bpf: use kvzmalloc to allocate BPF verifier environment Robin Murphy (1): iommu/arm-smmu: Clarify MMU-500 CPRE workaround Ryan Roberts (1): mm/readahead: do not allow order-1 folio Sergey Matsievskiy (1): irqchip/ocelot: Fix trigger register address Shengjiu Wang (1): ASoC: fsl_micfil: Add sample rate constraint Showrya M N (1): RDMA/siw: Add sendpage_ok() check to disable MSG_SPLICE_PAGES Stefan Blum (1): HID: multitouch: Add support for B2402FVA track point SurajSonawane2415 (1): block: Fix elevator_get_default() checking for NULL q->tag_set WangYuli (1): HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad Yanteng Si (1): LoongArch: Use "Exception return address" to comment ERA Yuan Can (1): vDPA/ifcvf: Fix pci_read_config_byte() return code handling Zijian Zhang (1): bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx

10 months, 1 week

1
1
0 0

Linux 6.1.118

by Greg Kroah-Hartman

I'm announcing the release of the 6.1.118 kernel. All users of the 6.1 kernel series must upgrade. The updated 6.1.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.1.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/loongarch/include/asm/loongarch.h | 2 arch/powerpc/platforms/powernv/opal-irqchip.c | 1 block/elevator.c | 4 crypto/algapi.c | 2 drivers/crypto/marvell/cesa/hash.c | 12 - drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd.c | 14 - drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd.h | 2 drivers/gpu/drm/amd/amdkfd/kfd_chardev.c | 2 drivers/gpu/drm/amd/amdkfd/kfd_device.c | 4 drivers/gpu/drm/amd/amdkfd/kfd_device_queue_manager.c | 2 drivers/gpu/drm/amd/amdkfd/kfd_mqd_manager.c | 2 drivers/gpu/drm/amd/amdkfd/kfd_process.c | 2 drivers/gpu/drm/amd/amdkfd/kfd_process_queue_manager.c | 4 drivers/gpu/drm/vmwgfx/vmwgfx_drv.h | 4 drivers/gpu/drm/vmwgfx/vmwgfx_kms.c | 4 drivers/gpu/drm/vmwgfx/vmwgfx_kms.h | 3 drivers/hid/hid-ids.h | 1 drivers/hid/hid-lenovo.c | 8 drivers/hid/hid-multitouch.c | 13 + drivers/irqchip/irq-mscc-ocelot.c | 4 drivers/md/raid10.c | 23 +- drivers/net/usb/qmi_wwan.c | 1 drivers/nvme/host/core.c | 31 +-- drivers/nvme/host/multipath.c | 33 +++ drivers/nvme/host/nvme.h | 1 drivers/nvme/host/tcp.c | 7 drivers/platform/x86/x86-android-tablets.c | 3 drivers/vdpa/ifcvf/ifcvf_base.c | 2 fs/ext4/super.c | 2 fs/ntfs3/inode.c | 9 fs/ocfs2/file.c | 9 include/net/bluetooth/hci_core.h | 3 io_uring/io_uring.c | 5 kernel/bpf/verifier.c | 4 kernel/trace/trace_uprobe.c | 86 +++++---- mm/slab_common.c | 2 net/9p/client.c | 12 + net/bluetooth/af_bluetooth.c | 10 - net/bluetooth/hci_conn.c | 154 +++++++++++++---- net/bluetooth/hci_core.c | 50 +---- net/bluetooth/hci_event.c | 20 +- net/bluetooth/hci_sync.c | 44 +--- net/bluetooth/l2cap_core.c | 9 net/bluetooth/mgmt.c | 15 + net/core/filter.c | 2 sound/Kconfig | 2 47 files changed, 393 insertions(+), 238 deletions(-) Alessandro Zanni (1): fs: Fix uninitialized value issue in from_kuid and from_kgid Andrii Nakryiko (1): uprobes: encapsulate preparation of uprobe args buffer Greg Joyce (1): nvme: disable CC.CRIME (NVME_CC_CRIME) Greg Kroah-Hartman (6): Revert "Bluetooth: fix use-after-free in accessing skb after sending it" Revert "Bluetooth: hci_sync: Fix overwriting request callback" Revert "Bluetooth: af_bluetooth: Fix deadlock" Revert "Bluetooth: hci_core: Fix possible buffer overflow" Revert "Bluetooth: hci_conn: Consolidate code for aborting connections" Linux 6.1.118 Hagar Hemdan (1): io_uring: fix possible deadlock in io_register_iowq_max_workers() Hannes Reinecke (1): nvme: tcp: avoid race between queue_lock lock and destroy Hans de Goede (2): HID: lenovo: Add support for Thinkpad X1 Tablet Gen 3 keyboard platform/x86: x86-android-tablets: Fix use after free on platform_device_register() errors Herbert Xu (2): crypto: api - Fix liveliness check in crypto_alg_tested crypto: marvell/cesa - Disable hash algorithms Ian Forbes (1): drm/vmwgfx: Limit display layout ioctl array size to VMWGFX_NUM_DISPLAY_UNITS Jiawei Ye (1): bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 Julian Vetter (1): sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML Keith Busch (1): nvme-multipath: defer partition scanning Kenneth Albanowski (1): HID: multitouch: Add quirk for Logitech Bolt receiver w/ Casa touchpad Konstantin Komarov (1): fs/ntfs3: Fix general protection fault in run_is_mapped_full Li Nan (1): md/raid10: improve code of mrdev in raid10_sync_request Linus Torvalds (1): 9p: fix slab cache name creation for real Luiz Augusto von Dentz (1): Bluetooth: L2CAP: Fix uaf in l2cap_connect Michael Ellerman (1): powerpc/powernv: Free name on error in opal_event_init() Nilay Shroff (1): nvme: make keep-alive synchronous operation Pedro Falcato (1): 9p: Avoid creating multiple slab caches with the same name Philip Yang (1): drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer Qiao Ma (1): uprobe: avoid out-of-bounds memory access of fetching args Qun-Wei Lin (1): mm: krealloc: Fix MTE false alarm in __do_krealloc Reinhard Speyerer (1): net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition Rik van Riel (1): bpf: use kvzmalloc to allocate BPF verifier environment Sergey Matsievskiy (1): irqchip/ocelot: Fix trigger register address Stefan Blum (1): HID: multitouch: Add support for B2402FVA track point SurajSonawane2415 (1): block: Fix elevator_get_default() checking for NULL q->tag_set WangYuli (1): HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad Xiaxi Shen (1): ext4: fix timer use-after-free on failed mount Yanteng Si (1): LoongArch: Use "Exception return address" to comment ERA Yuan Can (1): vDPA/ifcvf: Fix pci_read_config_byte() return code handling

10 months, 1 week

1
1
0 0

Linux 5.15.173

by Greg Kroah-Hartman

I'm announcing the release of the 5.15.173 kernel. All users of the 5.15 kernel series must upgrade. The updated 5.15.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.15.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 - arch/powerpc/platforms/powernv/opal-irqchip.c | 1 block/elevator.c | 4 +-- drivers/crypto/marvell/cesa/hash.c | 12 +++++------ drivers/gpu/drm/vmwgfx/vmwgfx_drv.h | 4 +-- drivers/gpu/drm/vmwgfx/vmwgfx_kms.c | 4 ++- drivers/gpu/drm/vmwgfx/vmwgfx_kms.h | 3 -- drivers/hid/hid-ids.h | 1 drivers/hid/hid-lenovo.c | 8 +++++++ drivers/hid/hid-multitouch.c | 13 ++++++++++++ drivers/irqchip/irq-mscc-ocelot.c | 4 +-- drivers/md/raid10.c | 23 +++++++++++----------- drivers/net/usb/qmi_wwan.c | 1 drivers/vdpa/ifcvf/ifcvf_base.c | 2 - fs/ocfs2/file.c | 9 +++++--- fs/udf/directory.c | 27 ++++++++++++++++++-------- fs/udf/udfdecl.h | 2 - io_uring/io_uring.c | 5 ++++ kernel/bpf/verifier.c | 4 +-- mm/memory.c | 11 ++++++++++ mm/slab_common.c | 2 - net/9p/client.c | 12 ++++++++++- sound/Kconfig | 2 - 23 files changed, 110 insertions(+), 46 deletions(-) Alessandro Zanni (1): fs: Fix uninitialized value issue in from_kuid and from_kgid Greg Kroah-Hartman (1): Linux 5.15.173 Hagar Hemdan (1): io_uring: fix possible deadlock in io_register_iowq_max_workers() Hans de Goede (1): HID: lenovo: Add support for Thinkpad X1 Tablet Gen 3 keyboard Herbert Xu (1): crypto: marvell/cesa - Disable hash algorithms Ian Forbes (1): drm/vmwgfx: Limit display layout ioctl array size to VMWGFX_NUM_DISPLAY_UNITS Jan Kara (2): udf: Allocate name buffer in directory iterator on heap udf: Avoid directory type conversion failure due to ENOMEM Julian Vetter (1): sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML Kenneth Albanowski (1): HID: multitouch: Add quirk for Logitech Bolt receiver w/ Casa touchpad Li Nan (1): md/raid10: improve code of mrdev in raid10_sync_request Linus Torvalds (1): 9p: fix slab cache name creation for real Michael Ellerman (1): powerpc/powernv: Free name on error in opal_event_init() Pedro Falcato (1): 9p: Avoid creating multiple slab caches with the same name Qun-Wei Lin (1): mm: krealloc: Fix MTE false alarm in __do_krealloc Reinhard Speyerer (1): net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition Rik van Riel (1): bpf: use kvzmalloc to allocate BPF verifier environment Sergey Matsievskiy (1): irqchip/ocelot: Fix trigger register address Stefan Blum (1): HID: multitouch: Add support for B2402FVA track point SurajSonawane2415 (1): block: Fix elevator_get_default() checking for NULL q->tag_set WangYuli (1): HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad Yuan Can (1): vDPA/ifcvf: Fix pci_read_config_byte() return code handling Yuanzheng Song (1): mm/memory: add non-anonymous page check in the copy_present_page()

10 months, 1 week

1
1
0 0

Linux 5.10.230

by Greg Kroah-Hartman

I'm announcing the release of the 5.10.230 kernel. All users of the 5.10 kernel series must upgrade. The updated 5.10.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.10.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arm/boot/dts/rk3036-kylin.dts | 4 arch/arm/boot/dts/rk3036.dtsi | 14 - arch/arm64/boot/dts/freescale/imx8mp.dtsi | 6 arch/arm64/boot/dts/rockchip/rk3308-roc-cc.dts | 4 arch/arm64/boot/dts/rockchip/rk3328.dtsi | 3 arch/arm64/boot/dts/rockchip/rk3368-lion.dtsi | 1 arch/arm64/boot/dts/rockchip/rk3399-rock960.dtsi | 2 arch/arm64/boot/dts/rockchip/rk3399-sapphire-excavator.dts | 2 arch/powerpc/platforms/powernv/opal-irqchip.c | 1 drivers/crypto/marvell/cesa/hash.c | 12 drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c | 4 drivers/gpu/drm/amd/amdgpu/amdgpu_debugfs.c | 2 drivers/hid/hid-core.c | 2 drivers/hid/hid-multitouch.c | 5 drivers/irqchip/irq-gic-v3.c | 7 drivers/md/dm-cache-target.c | 35 +- drivers/md/dm-unstripe.c | 4 drivers/md/raid10.c | 23 - drivers/media/cec/usb/pulse8/pulse8-cec.c | 2 drivers/media/common/v4l2-tpg/v4l2-tpg-core.c | 3 drivers/media/dvb-core/dvb_frontend.c | 4 drivers/media/dvb-core/dvbdev.c | 17 + drivers/media/dvb-frontends/cx24116.c | 7 drivers/media/dvb-frontends/stb0899_algo.c | 2 drivers/media/i2c/adv7604.c | 26 + drivers/media/platform/s5p-jpeg/jpeg-core.c | 17 - drivers/media/usb/uvc/uvc_driver.c | 2 drivers/net/can/c_can/c_can.c | 7 drivers/net/ethernet/arc/emac_main.c | 27 +- drivers/net/ethernet/freescale/enetc/enetc_vf.c | 9 drivers/net/ethernet/hisilicon/hns3/hnae3.c | 5 drivers/net/phy/dp83640.c | 27 ++ drivers/net/phy/dp83822.c | 38 ++ drivers/net/phy/dp83848.c | 35 ++ drivers/net/phy/dp83867.c | 25 + drivers/net/phy/dp83869.c | 25 + drivers/net/phy/dp83tc811.c | 45 +++ drivers/net/phy/phy.c | 6 drivers/net/usb/qmi_wwan.c | 1 drivers/pwm/pwm-imx-tpm.c | 4 drivers/scsi/sd_zbc.c | 3 drivers/spi/spi.c | 27 -- drivers/usb/musb/sunxi.c | 2 drivers/usb/serial/io_edgeport.c | 8 drivers/usb/serial/option.c | 6 drivers/usb/serial/qcserial.c | 2 drivers/usb/typec/ucsi/ucsi_ccg.c | 2 drivers/vdpa/ifcvf/ifcvf_base.c | 2 fs/btrfs/delayed-ref.c | 2 fs/nfs/inode.c | 1 fs/ocfs2/file.c | 9 fs/ocfs2/xattr.c | 3 fs/proc/vmcore.c | 9 fs/splice.c | 9 include/linux/fs.h | 35 ++ include/linux/phy.h | 2 include/linux/spi/spi.h | 3 io_uring/io_uring.c | 55 ++-- kernel/bpf/verifier.c | 4 mm/slab_common.c | 2 net/9p/client.c | 12 net/bridge/br_device.c | 5 net/core/dst.c | 17 - net/sctp/sm_statefuns.c | 2 net/vmw_vsock/hyperv_transport.c | 1 net/vmw_vsock/virtio_transport_common.c | 1 security/keys/keyring.c | 7 sound/Kconfig | 2 sound/firewire/tascam/amdtp-tascam.c | 2 sound/pci/hda/patch_conexant.c | 2 sound/soc/stm/stm32_spdifrx.c | 2 sound/usb/mixer_quirks.c | 170 +++++++++++++ tools/perf/util/hist.c | 10 tools/perf/util/session.c | 5 75 files changed, 702 insertions(+), 189 deletions(-) Alessandro Zanni (1): fs: Fix uninitialized value issue in from_kuid and from_kgid Alex Deucher (1): drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() Amelie Delaunay (1): ASoC: stm32: spdifrx: fix dma channel release in stm32_spdifrx_remove Amir Goldstein (3): io_uring: rename kiocb_end_write() local helper fs: create kiocb_{start,end}_write() helpers io_uring: use kiocb_{start,end}_write() helpers Andrew Kanner (1): ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() Antonio Quartulli (1): drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported Benoit Sevens (1): media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format Benoît Monin (1): USB: serial: option: add Quectel RG650V Chen Ridong (1): security/keys: fix slab-out-of-bounds in key_task_permission Dan Carpenter (2): usb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd() USB: serial: io_edgeport: fix use after free in debug printk Dario Binacchi (1): can: c_can: fix {rx,tx}_errors statistics Diederik de Haas (1): arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328 Diogo Silva (1): net: phy: ti: add PHY_RST_AFTER_CLK_EN flag Eric Dumazet (1): net: do not delay dst_entries_add() in dst_release() Erik Schumacher (1): pwm: imx-tpm: Use correct MODULO value for EPWM mode Filipe Manana (1): btrfs: reinitialize delayed ref list after deleting it from the list Geert Uytterhoeven (1): arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-sapphire-excavator Greg Kroah-Hartman (1): Linux 5.10.230 Hagar Hemdan (1): io_uring: fix possible deadlock in io_register_iowq_max_workers() Heiko Stuebner (7): arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma lion arm64: dts: rockchip: Fix LED triggers on rk3308-roc-cc ARM: dts: rockchip: fix rk3036 acodec node ARM: dts: rockchip: drop grf reference from rk3036 hdmi ARM: dts: rockchip: Fix the spi controller on rk3036 ARM: dts: rockchip: Fix the realtek audio codec on rk3036-kylin Herbert Xu (1): crypto: marvell/cesa - Disable hash algorithms Hyunwoo Kim (2): hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans Ioana Ciornei (3): net: phy: export phy_error and phy_trigger_machine net: phy: ti: implement generic .handle_interrupt() callback net: phy: ti: take into account all possible interrupt sources Jack Wu (1): USB: serial: qcserial: add support for Sierra Wireless EM86xx Jan Schär (3): ALSA: usb-audio: Support jack detection on Dell dock ALSA: usb-audio: Add quirks for Dell WD19 dock ALSA: usb-audio: Add endianness annotations Jarosław Janik (1): Revert "ALSA: hda/conexant: Mute speakers at suspend / shutdown" Jens Axboe (1): io_uring/rw: fix missing NOWAIT check for O_DIRECT start write Jiri Kosina (1): HID: core: zero-initialize the report buffer Johan Jonker (1): net: arc: fix the device for dma_map_single/dma_unmap_single Johannes Thumshirn (1): scsi: sd_zbc: Use kvzalloc() to allocate REPORT ZONES buffer Julian Vetter (1): sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML Li Nan (1): md/raid10: improve code of mrdev in raid10_sync_request Linus Torvalds (1): 9p: fix slab cache name creation for real Marc Zyngier (1): irqchip/gic-v3: Force propagation of the active state with a read-back Mark Brown (1): spi: Fix deadlock when adding SPI controllers on SPI buses Mauro Carvalho Chehab (8): media: stb0899_algo: initialize cfr before using it media: dvbdev: prevent the risk of out of memory access media: dvb_frontend: don't play tricks with underflow values media: adv7604: prevent underflow condition when reporting colorspace media: s5p-jpeg: prevent buffer overflows media: cx24116: prevent overflows on SNR calculus media: pulse8-cec: fix data timestamp at pulse8_setup() media: v4l2-tpg: prevent the risk of a division by zero Michael Ellerman (1): powerpc/powernv: Free name on error in opal_event_init() Michael Walle (1): spi: fix use-after-free of the add_lock mutex Ming-Hung Tsai (4): dm cache: correct the number of origin blocks to match the target length dm cache: fix out-of-bounds access to the dirty bitset when resizing dm cache: optimize dirty bit checking with find_next_bit when resizing dm cache: fix potential out-of-bounds access on the first resume Murad Masimov (1): ALSA: firewire-lib: fix return value on fail in amdtp_tscm_init() Nikolay Aleksandrov (1): net: bridge: xmit: make sure we have at least eth header len bytes Pavel Begunkov (1): splice: don't generate zero-len segement bvecs Pedro Falcato (1): 9p: Avoid creating multiple slab caches with the same name Peiyang Wang (1): net: hns3: fix kernel crash when uninstalling driver Peng Fan (1): arm64: dts: imx8mp: correct sdhc ipg clk Qi Xi (1): fs/proc: fix compile warning about variable 'vmcore_mmap_ops' Qun-Wei Lin (1): mm: krealloc: Fix MTE false alarm in __do_krealloc Reinhard Speyerer (2): USB: serial: option: add Fibocom FG132 0x0112 composition net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition Riccardo Mancini (1): perf session: Add missing evlist__delete when deleting a session Rik van Riel (1): bpf: use kvzmalloc to allocate BPF verifier environment Roberto Sassu (1): nfs: Fix KMSAN warning in decode_getfattr_attrs() Shuai Xue (1): Revert "perf hist: Add missing puts to hist__account_cycles" WangYuli (1): HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad Wei Fang (1): net: enetc: set MAC address to the VF net_device Xin Long (1): sctp: properly validate chunk size in sctp_sf_ootb() Yuan Can (1): vDPA/ifcvf: Fix pci_read_config_byte() return code handling Zichen Xie (1): dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow Zijun Hu (1): usb: musb: sunxi: Fix accessing an released usb phy

10 months, 1 week

1
1
0 0

Linux 5.4.286

by Greg Kroah-Hartman

I'm announcing the release of the 5.4.286 kernel. All users of the 5.4 kernel series must upgrade. The updated 5.4.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.4.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arm/boot/dts/rk3036-kylin.dts | 4 arch/arm/boot/dts/rk3036.dtsi | 14 - arch/arm64/boot/dts/rockchip/rk3328.dtsi | 3 arch/arm64/boot/dts/rockchip/rk3368-lion.dtsi | 1 arch/arm64/boot/dts/rockchip/rk3399-rock960.dtsi | 2 arch/arm64/boot/dts/rockchip/rk3399-sapphire-excavator.dts | 2 arch/powerpc/platforms/powernv/opal-irqchip.c | 1 drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c | 4 drivers/gpu/drm/amd/amdgpu/amdgpu_debugfs.c | 2 drivers/hid/hid-core.c | 2 drivers/hid/hid-multitouch.c | 5 drivers/irqchip/irq-gic-v3.c | 7 drivers/md/dm-cache-target.c | 35 +- drivers/md/dm-unstripe.c | 4 drivers/md/raid10.c | 23 - drivers/media/common/v4l2-tpg/v4l2-tpg-core.c | 3 drivers/media/dvb-core/dvb_frontend.c | 4 drivers/media/dvb-core/dvbdev.c | 17 + drivers/media/dvb-frontends/cx24116.c | 7 drivers/media/dvb-frontends/stb0899_algo.c | 2 drivers/media/i2c/adv7604.c | 26 + drivers/media/platform/s5p-jpeg/jpeg-core.c | 17 - drivers/media/usb/uvc/uvc_driver.c | 2 drivers/mtd/nand/raw/nand_base.c | 44 +-- drivers/net/can/c_can/c_can.c | 7 drivers/net/ethernet/freescale/enetc/enetc_vf.c | 2 drivers/net/ethernet/hisilicon/hns3/hnae3.c | 5 drivers/net/usb/qmi_wwan.c | 1 drivers/pwm/pwm-imx-tpm.c | 4 drivers/spi/spi.c | 27 -- drivers/usb/musb/sunxi.c | 2 drivers/usb/serial/io_edgeport.c | 8 drivers/usb/serial/option.c | 6 drivers/usb/serial/qcserial.c | 2 fs/btrfs/delayed-ref.c | 2 fs/nfs/inode.c | 1 fs/nfsd/nfs4xdr.c | 10 fs/ocfs2/file.c | 9 fs/ocfs2/xattr.c | 3 fs/proc/vmcore.c | 9 include/linux/mm.h | 2 include/linux/mm_types.h | 4 include/linux/mtd/rawnand.h | 2 include/linux/spi/spi.h | 3 kernel/bpf/verifier.c | 4 kernel/trace/ftrace.c | 30 +- mm/memory.c | 73 +++-- net/9p/client.c | 12 net/bridge/br_device.c | 5 net/sctp/sm_statefuns.c | 2 net/vmw_vsock/hyperv_transport.c | 1 net/vmw_vsock/virtio_transport_common.c | 1 security/keys/keyring.c | 7 sound/Kconfig | 2 sound/firewire/tascam/amdtp-tascam.c | 2 sound/usb/mixer_quirks.c | 170 +++++++++++++ 57 files changed, 469 insertions(+), 182 deletions(-) Alessandro Zanni (1): fs: Fix uninitialized value issue in from_kuid and from_kgid Alex Deucher (1): drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() Alex Zhang (1): mm/memory.c: make remap_pfn_range() reject unaligned addr Andrew Kanner (1): ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() Antonio Quartulli (1): drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported Benoit Sevens (1): media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format Benoît Monin (1): USB: serial: option: add Quectel RG650V Chen Ridong (1): security/keys: fix slab-out-of-bounds in key_task_permission Christoph Hellwig (1): mm: add remap_pfn_range_notrack Chuck Lever (1): NFSD: Fix NFSv4's PUTPUBFH operation Dan Carpenter (1): USB: serial: io_edgeport: fix use after free in debug printk Dario Binacchi (1): can: c_can: fix {rx,tx}_errors statistics Diederik de Haas (1): arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328 Erik Schumacher (1): pwm: imx-tpm: Use correct MODULO value for EPWM mode Filipe Manana (1): btrfs: reinitialize delayed ref list after deleting it from the list Geert Uytterhoeven (1): arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-sapphire-excavator Greg Kroah-Hartman (1): Linux 5.4.286 Heiko Stuebner (6): arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma lion ARM: dts: rockchip: fix rk3036 acodec node ARM: dts: rockchip: drop grf reference from rk3036 hdmi ARM: dts: rockchip: Fix the spi controller on rk3036 ARM: dts: rockchip: Fix the realtek audio codec on rk3036-kylin Hyunwoo Kim (2): hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans Jack Wu (1): USB: serial: qcserial: add support for Sierra Wireless EM86xx Jan Schär (3): ALSA: usb-audio: Support jack detection on Dell dock ALSA: usb-audio: Add quirks for Dell WD19 dock ALSA: usb-audio: Add endianness annotations Jiri Kosina (1): HID: core: zero-initialize the report buffer Julian Vetter (1): sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML Li Nan (1): md/raid10: improve code of mrdev in raid10_sync_request Linus Torvalds (2): 9p: fix slab cache name creation for real mm: avoid leaving partial pfn mappings around in error case Marc Zyngier (1): irqchip/gic-v3: Force propagation of the active state with a read-back Mark Brown (1): spi: Fix deadlock when adding SPI controllers on SPI buses Mauro Carvalho Chehab (7): media: stb0899_algo: initialize cfr before using it media: dvbdev: prevent the risk of out of memory access media: dvb_frontend: don't play tricks with underflow values media: adv7604: prevent underflow condition when reporting colorspace media: s5p-jpeg: prevent buffer overflows media: cx24116: prevent overflows on SNR calculus media: v4l2-tpg: prevent the risk of a division by zero Michael Ellerman (1): powerpc/powernv: Free name on error in opal_event_init() Michael Walle (1): spi: fix use-after-free of the add_lock mutex Ming-Hung Tsai (4): dm cache: correct the number of origin blocks to match the target length dm cache: fix out-of-bounds access to the dirty bitset when resizing dm cache: optimize dirty bit checking with find_next_bit when resizing dm cache: fix potential out-of-bounds access on the first resume Murad Masimov (1): ALSA: firewire-lib: fix return value on fail in amdtp_tscm_init() Nikolay Aleksandrov (1): net: bridge: xmit: make sure we have at least eth header len bytes Pedro Falcato (1): 9p: Avoid creating multiple slab caches with the same name Peiyang Wang (1): net: hns3: fix kernel crash when uninstalling driver Qi Xi (1): fs/proc: fix compile warning about variable 'vmcore_mmap_ops' Qinglang Miao (1): enetc: simplify the return expression of enetc_vf_set_mac_addr() Reinhard Speyerer (2): USB: serial: option: add Fibocom FG132 0x0112 composition net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition Rik van Riel (1): bpf: use kvzmalloc to allocate BPF verifier environment Roberto Sassu (1): nfs: Fix KMSAN warning in decode_getfattr_attrs() Sean Nyekjaer (1): mtd: rawnand: protect access to rawnand devices while in suspend WANG Wenhu (1): mm: clarify a confusing comment for remap_pfn_range() WangYuli (1): HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad Wei Fang (1): net: enetc: set MAC address to the VF net_device Xin Long (1): sctp: properly validate chunk size in sctp_sf_ootb() Zheng Yejian (1): ftrace: Fix possible use-after-free issue in ftrace_location() Zichen Xie (1): dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow Zijun Hu (1): usb: musb: sunxi: Fix accessing an released usb phy chenqiwu (1): mm: fix ambiguous comments for better code readability

10 months, 1 week

1
1
0 0

Linux 4.19.324

by Greg Kroah-Hartman

I'm announcing the release of the 4.19.324 kernel. All users of the 4.19 kernel series must upgrade. The updated 4.19.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.19.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arm/boot/dts/rk3036-kylin.dts | 4 arch/arm/boot/dts/rk3036.dtsi | 8 arch/arm64/boot/dts/rockchip/rk3399-sapphire-excavator.dts | 2 arch/powerpc/platforms/powernv/opal-irqchip.c | 1 drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c | 4 drivers/gpu/drm/amd/amdgpu/amdgpu_debugfs.c | 2 drivers/hid/hid-core.c | 2 drivers/hid/hid-multitouch.c | 5 drivers/irqchip/irq-gic-v3.c | 7 drivers/md/dm-cache-target.c | 35 drivers/md/dm-unstripe.c | 4 drivers/media/common/v4l2-tpg/v4l2-tpg-core.c | 3 drivers/media/dvb-core/dvb_frontend.c | 4 drivers/media/dvb-core/dvbdev.c | 17 drivers/media/dvb-frontends/cx24116.c | 7 drivers/media/dvb-frontends/stb0899_algo.c | 2 drivers/media/i2c/adv7604.c | 26 drivers/media/platform/s5p-jpeg/jpeg-core.c | 17 drivers/media/usb/uvc/uvc_driver.c | 2 drivers/net/can/c_can/c_can.c | 7 drivers/net/ethernet/hisilicon/hns3/hnae3.c | 5 drivers/net/usb/qmi_wwan.c | 1 drivers/usb/musb/sunxi.c | 2 drivers/usb/serial/io_edgeport.c | 8 drivers/usb/serial/option.c | 6 drivers/usb/serial/qcserial.c | 2 fs/btrfs/delayed-ref.c | 2 fs/nfs/inode.c | 1 fs/ocfs2/file.c | 9 fs/ocfs2/xattr.c | 3 fs/proc/vmcore.c | 9 include/net/bond_alb.h | 4 kernel/bpf/verifier.c | 4 net/9p/client.c | 12 net/bridge/br_device.c | 5 net/sctp/sm_statefuns.c | 2 net/vmw_vsock/hyperv_transport.c | 1 net/vmw_vsock/virtio_transport_common.c | 1 security/keys/keyring.c | 7 sound/Kconfig | 2 sound/core/pcm_lib.c | 13 sound/firewire/tascam/amdtp-tascam.c | 2 sound/usb/mixer_quirks.c | 551 +++++++++++++ 44 files changed, 725 insertions(+), 88 deletions(-) Alessandro Zanni (1): fs: Fix uninitialized value issue in from_kuid and from_kgid Alex Deucher (1): drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() Andrew Kanner (1): ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() Antonio Quartulli (1): drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported Benoit Sevens (1): media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format Benoît Monin (1): USB: serial: option: add Quectel RG650V Chen Ridong (1): security/keys: fix slab-out-of-bounds in key_task_permission Dan Carpenter (1): USB: serial: io_edgeport: fix use after free in debug printk Dario Binacchi (1): can: c_can: fix {rx,tx}_errors statistics Filipe Manana (1): btrfs: reinitialize delayed ref list after deleting it from the list Geert Uytterhoeven (1): arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-sapphire-excavator Greg Kroah-Hartman (1): Linux 4.19.324 Heiko Stuebner (3): ARM: dts: rockchip: fix rk3036 acodec node ARM: dts: rockchip: drop grf reference from rk3036 hdmi ARM: dts: rockchip: Fix the realtek audio codec on rk3036-kylin Hyunwoo Kim (2): hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans Jack Wu (1): USB: serial: qcserial: add support for Sierra Wireless EM86xx Jan Schär (3): ALSA: usb-audio: Support jack detection on Dell dock ALSA: usb-audio: Add quirks for Dell WD19 dock ALSA: usb-audio: Add endianness annotations Jiri Kosina (1): HID: core: zero-initialize the report buffer Jiri Slaby (SUSE) (1): bonding (gcc13): synchronize bond_{a,t}lb_xmit() types Julian Vetter (1): sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML Jussi Laako (1): ALSA: usb-audio: Add custom mixer status quirks for RME CC devices Linus Torvalds (1): 9p: fix slab cache name creation for real Marc Zyngier (1): irqchip/gic-v3: Force propagation of the active state with a read-back Mauro Carvalho Chehab (7): media: stb0899_algo: initialize cfr before using it media: dvbdev: prevent the risk of out of memory access media: dvb_frontend: don't play tricks with underflow values media: adv7604: prevent underflow condition when reporting colorspace media: s5p-jpeg: prevent buffer overflows media: cx24116: prevent overflows on SNR calculus media: v4l2-tpg: prevent the risk of a division by zero Michael Ellerman (1): powerpc/powernv: Free name on error in opal_event_init() Ming-Hung Tsai (4): dm cache: correct the number of origin blocks to match the target length dm cache: fix out-of-bounds access to the dirty bitset when resizing dm cache: optimize dirty bit checking with find_next_bit when resizing dm cache: fix potential out-of-bounds access on the first resume Murad Masimov (1): ALSA: firewire-lib: fix return value on fail in amdtp_tscm_init() Nikolay Aleksandrov (1): net: bridge: xmit: make sure we have at least eth header len bytes Pedro Falcato (1): 9p: Avoid creating multiple slab caches with the same name Peiyang Wang (1): net: hns3: fix kernel crash when uninstalling driver Qi Xi (1): fs/proc: fix compile warning about variable 'vmcore_mmap_ops' Reinhard Speyerer (2): USB: serial: option: add Fibocom FG132 0x0112 composition net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition Ricardo Biehl Pasquali (1): ALSA: pcm: Return 0 when size < start_threshold in capture Rik van Riel (1): bpf: use kvzmalloc to allocate BPF verifier environment Roberto Sassu (1): nfs: Fix KMSAN warning in decode_getfattr_attrs() WangYuli (1): HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad Xin Long (1): sctp: properly validate chunk size in sctp_sf_ootb() Zichen Xie (1): dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow Zijun Hu (1): usb: musb: sunxi: Fix accessing an released usb phy

10 months, 1 week

1
1
0 0

[PATCH 6.11 00/63] 6.11.9-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.11.9 release. There are 63 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun, 17 Nov 2024 06:37:07 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.11.9-rc1… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.11.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.11.9-rc1 Linus Torvalds <torvalds(a)linux-foundation.org> 9p: fix slab cache name creation for real Qun-Wei Lin <qun-wei.lin(a)mediatek.com> mm: krealloc: Fix MTE false alarm in __do_krealloc Nirmoy Das <nirmoy.das(a)intel.com> drm/xe: Don't restart parallel queues multiple times on GT reset Nirmoy Das <nirmoy.das(a)intel.com> drm/xe/ufence: Prefetch ufence addr to catch bogus address Shuicheng Lin <shuicheng.lin(a)intel.com> drm/xe: Handle unreliable MMIO reads during forcewake Badal Nilawar <badal.nilawar(a)intel.com> drm/xe/guc/ct: Flush g2h worker in case of g2h response timeout Shuicheng Lin <shuicheng.lin(a)intel.com> drm/xe: Enlarge the invalidation timeout from 150 to 500 Hou Tao <houtao1(a)huawei.com> bpf: Check validity of link->type in bpf_link_show_fdinfo() Reinhard Speyerer <rspmn(a)arcor.de> net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition Huacai Chen <chenhuacai(a)kernel.org> LoongArch: KVM: Mark hrtimer to expire in hard interrupt context Shengjiu Wang <shengjiu.wang(a)nxp.com> ASoC: fsl_micfil: Add sample rate constraint Yanteng Si <siyanteng(a)cqsoftware.com.cn> LoongArch: Use "Exception return address" to comment ERA Jack Yu <jack.yu(a)realtek.com> ASoC: rt722-sdca: increase clk_stop_timeout to fix clock stop issue Cyan Yang <cyan.yang(a)sifive.com> RISCV: KVM: use raw_spinlock for critical section in imsic Alexey Klimov <alexey.klimov(a)linaro.org> ASoC: codecs: lpass-rx-macro: fix RXn(rx,n) macro for DSM_CTL and SEC7 regs Hans de Goede <hdegoede(a)redhat.com> HID: lenovo: Add support for Thinkpad X1 Tablet Gen 3 keyboard Kenneth Albanowski <kenalba(a)chromium.org> HID: multitouch: Add quirk for Logitech Bolt receiver w/ Casa touchpad Bartłomiej Maryńczak <marynczakbartlomiej(a)gmail.com> HID: i2c-hid: Delayed i2c resume wakeup for 0x0d42 Goodix touchpad David Howells <dhowells(a)redhat.com> afs: Fix lock recursion Alessandro Zanni <alessandro.zanni87(a)gmail.com> fs: Fix uninitialized value issue in from_kuid and from_kgid David Howells <dhowells(a)redhat.com> netfs: Downgrade i_rwsem for a buffered write Derek Fang <derek.fang(a)realtek.com> ASoC: Intel: soc-acpi: lnl: Add match entry for TM2 laptops Ilya Dudikov <ilyadud(a)mail.ru> ASoC: amd: yc: Fix non-functional mic on ASUS E1404FA Christian Heusel <christian(a)heusel.eu> ASoC: amd: yc: Add quirk for ASUS Vivobook S15 M3502RA Zhu Jun <zhujun2(a)cmss.chinamobile.com> ASoC: codecs: Fix error handling in aw_dev_get_dsp_status function Amadeusz Sławiński <amadeuszx.slawinski(a)linux.intel.com> ASoC: Intel: avs: Update stream status in a separate thread Jiawei Ye <jiawei.ye(a)foxmail.com> bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 Zijian Zhang <zijianzhang(a)bytedance.com> bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx Feng Liu <feliu(a)nvidia.com> virtio_pci: Fix admin vq cleanup by using correct info pointer Yuan Can <yuancan(a)huawei.com> vDPA/ifcvf: Fix pci_read_config_byte() return code handling Matthieu Buffet <matthieu(a)buffet.re> samples/landlock: Fix port parsing in sandboxer Nilay Shroff <nilay(a)linux.ibm.com> nvme: make keep-alive synchronous operation Nilay Shroff <nilay(a)linux.ibm.com> nvme-loop: flush off pending I/O while shutting down loop controller Lucas De Marchi <lucas.demarchi(a)intel.com> drm/xe/query: Increase timestamp width Linus Walleij <linus.walleij(a)linaro.org> net: phy: mdio-bcm-unimac: Add BCM6846 support Michael Ellerman <mpe(a)ellerman.id.au> powerpc/powernv: Free name on error in opal_event_init() Philip Yang <Philip.Yang(a)amd.com> drm/amdkfd: Accounting pdd vram_usage for svm Keith Busch <kbusch(a)kernel.org> nvme-multipath: defer partition scanning Will Deacon <will(a)kernel.org> kasan: Disable Software Tag-Based KASAN with GCC Baojun Xu <baojun.xu(a)ti.com> ALSA: hda/tas2781: Add new quirk for Lenovo, ASUS, Dell projects Showrya M N <showrya(a)chelsio.com> RDMA/siw: Add sendpage_ok() check to disable MSG_SPLICE_PAGES Tyrone Wu <wudevelops(a)gmail.com> selftests/bpf: Assert link info uprobe_multi count & path_size if unset Ian Forbes <ian.forbes(a)broadcom.com> drm/vmwgfx: Limit display layout ioctl array size to VMWGFX_NUM_DISPLAY_UNITS Julian Vetter <jvetter(a)kalrayinc.com> sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML Harald Freudenberger <freude(a)linux.ibm.com> s390/ap: Fix CCA crypto card behavior within protected execution environment Herbert Xu <herbert(a)gondor.apana.org.au> crypto: marvell/cesa - Disable hash algorithms Herbert Xu <herbert(a)gondor.apana.org.au> crypto: api - Fix liveliness check in crypto_alg_tested Rik van Riel <riel(a)surriel.com> bpf: use kvzmalloc to allocate BPF verifier environment Greg Joyce <gjoyce(a)linux.ibm.com> nvme: disable CC.CRIME (NVME_CC_CRIME) Robin Murphy <robin.murphy(a)arm.com> iommu/arm-smmu: Clarify MMU-500 CPRE workaround WangYuli <wangyuli(a)uniontech.com> HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad Stefan Blum <stefanblum2004(a)gmail.com> HID: multitouch: Add support for B2402FVA track point SurajSonawane2415 <surajsonawane0215(a)gmail.com> block: Fix elevator_get_default() checking for NULL q->tag_set Hannes Reinecke <hare(a)suse.de> nvme: tcp: avoid race between queue_lock lock and destroy Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> pinctrl: intel: platform: Add Panther Lake to the list of supported Rosen Penev <rosenp(a)gmail.com> pinctrl: aw9523: add missing mutex_destroy Sergey Matsievskiy <matsievskiysv(a)gmail.com> irqchip/ocelot: Fix trigger register address Nilay Shroff <nilay(a)linux.ibm.com> nvmet-passthru: clear EUID/NGUID/UUID while using loop target Eduard Zingerman <eddyz87(a)gmail.com> selftests/bpf: Verify that sync_linked_regs preserves subreg_def Pedro Falcato <pedro.falcato(a)gmail.com> 9p: Avoid creating multiple slab caches with the same name Dominique Martinet <asmadeus(a)codewreck.org> 9p: v9fs_fid_find: also lookup by inode if not found dentry Breno Leitao <leitao(a)debian.org> nvme/host: Fix RCU list traversal to use SRCU primitive Kuniyuki Iwashima <kuniyu(a)amazon.com> smb: client: Fix use-after-free of network namespace. ------------- Diffstat: Makefile | 4 +- arch/loongarch/include/asm/loongarch.h | 2 +- arch/loongarch/kvm/timer.c | 7 +- arch/loongarch/kvm/vcpu.c | 2 +- arch/powerpc/platforms/powernv/opal-irqchip.c | 1 + arch/riscv/kvm/aia_imsic.c | 8 +-- block/elevator.c | 4 +- crypto/algapi.c | 2 +- drivers/crypto/marvell/cesa/hash.c | 12 ++-- drivers/gpu/drm/amd/amdkfd/kfd_chardev.c | 6 +- drivers/gpu/drm/amd/amdkfd/kfd_priv.h | 2 +- drivers/gpu/drm/amd/amdkfd/kfd_process.c | 4 +- drivers/gpu/drm/amd/amdkfd/kfd_svm.c | 26 +++++++ drivers/gpu/drm/vmwgfx/vmwgfx_drv.h | 4 +- drivers/gpu/drm/vmwgfx/vmwgfx_kms.c | 4 +- drivers/gpu/drm/vmwgfx/vmwgfx_kms.h | 3 - drivers/gpu/drm/xe/xe_device.c | 2 +- drivers/gpu/drm/xe/xe_force_wake.c | 12 +++- drivers/gpu/drm/xe/xe_guc_ct.c | 18 +++++ drivers/gpu/drm/xe/xe_guc_submit.c | 14 +++- drivers/gpu/drm/xe/xe_query.c | 6 +- drivers/gpu/drm/xe/xe_sync.c | 3 +- drivers/hid/hid-ids.h | 2 + drivers/hid/hid-lenovo.c | 8 +++ drivers/hid/hid-multitouch.c | 13 ++++ drivers/hid/i2c-hid/i2c-hid-core.c | 10 +++ drivers/infiniband/sw/siw/siw_qp_tx.c | 2 + drivers/iommu/arm/arm-smmu/arm-smmu-impl.c | 4 +- drivers/irqchip/irq-mscc-ocelot.c | 4 +- drivers/net/mdio/mdio-bcm-unimac.c | 1 + drivers/net/usb/qmi_wwan.c | 1 + drivers/nvme/host/core.c | 52 ++++++++------ drivers/nvme/host/multipath.c | 33 +++++++++ drivers/nvme/host/nvme.h | 1 + drivers/nvme/host/tcp.c | 7 +- drivers/nvme/target/loop.c | 13 ++++ drivers/nvme/target/passthru.c | 6 +- drivers/pinctrl/intel/Kconfig | 1 + drivers/pinctrl/pinctrl-aw9523.c | 6 +- drivers/s390/crypto/ap_bus.c | 3 +- drivers/s390/crypto/ap_bus.h | 2 +- drivers/s390/crypto/ap_queue.c | 28 +++++--- drivers/vdpa/ifcvf/ifcvf_base.c | 2 +- drivers/virtio/virtio_pci_common.c | 24 +++++-- drivers/virtio/virtio_pci_common.h | 1 + drivers/virtio/virtio_pci_modern.c | 12 +--- fs/9p/fid.c | 5 +- fs/afs/internal.h | 2 + fs/afs/rxrpc.c | 83 +++++++++++++++------- fs/netfs/locking.c | 3 +- fs/ocfs2/file.c | 9 ++- fs/smb/client/connect.c | 14 +++- include/net/tls.h | 12 +++- kernel/bpf/syscall.c | 14 ++-- kernel/bpf/verifier.c | 4 +- lib/Kconfig.kasan | 7 +- mm/slab_common.c | 2 +- net/9p/client.c | 12 +++- net/core/filter.c | 2 +- samples/landlock/sandboxer.c | 32 ++++++++- sound/Kconfig | 2 +- sound/pci/hda/patch_realtek.c | 29 ++++++++ sound/soc/amd/yc/acp6x-mach.c | 14 ++++ sound/soc/codecs/aw88399.c | 2 +- sound/soc/codecs/lpass-rx-macro.c | 15 ++-- sound/soc/codecs/rt722-sdca-sdw.c | 2 +- sound/soc/fsl/fsl_micfil.c | 38 ++++++++++ sound/soc/intel/avs/core.c | 3 +- sound/soc/intel/avs/pcm.c | 19 +++++ sound/soc/intel/avs/pcm.h | 16 +++++ sound/soc/intel/common/soc-acpi-intel-lnl-match.c | 38 ++++++++++ .../selftests/bpf/prog_tests/fill_link_info.c | 9 +++ .../selftests/bpf/progs/verifier_scalar_ids.c | 67 +++++++++++++++++ 73 files changed, 670 insertions(+), 167 deletions(-)

10 months, 1 week

14
77
0 0

[PATCH 5.10 00/82] 5.10.230-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.10.230 release. There are 82 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun, 17 Nov 2024 06:37:07 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.10.230-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.10.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.10.230-rc1 Linus Torvalds <torvalds(a)linux-foundation.org> 9p: fix slab cache name creation for real Qun-Wei Lin <qun-wei.lin(a)mediatek.com> mm: krealloc: Fix MTE false alarm in __do_krealloc Hagar Hemdan <hagarhem(a)amazon.com> io_uring: fix possible deadlock in io_register_iowq_max_workers() Li Nan <linan122(a)huawei.com> md/raid10: improve code of mrdev in raid10_sync_request Reinhard Speyerer <rspmn(a)arcor.de> net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition Alessandro Zanni <alessandro.zanni87(a)gmail.com> fs: Fix uninitialized value issue in from_kuid and from_kgid Yuan Can <yuancan(a)huawei.com> vDPA/ifcvf: Fix pci_read_config_byte() return code handling Michael Ellerman <mpe(a)ellerman.id.au> powerpc/powernv: Free name on error in opal_event_init() Julian Vetter <jvetter(a)kalrayinc.com> sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML Herbert Xu <herbert(a)gondor.apana.org.au> crypto: marvell/cesa - Disable hash algorithms Rik van Riel <riel(a)surriel.com> bpf: use kvzmalloc to allocate BPF verifier environment WangYuli <wangyuli(a)uniontech.com> HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad Pedro Falcato <pedro.falcato(a)gmail.com> 9p: Avoid creating multiple slab caches with the same name Ioana Ciornei <ioana.ciornei(a)nxp.com> net: phy: ti: take into account all possible interrupt sources Jan Schär <jan(a)jschaer.ch> ALSA: usb-audio: Add endianness annotations Hyunwoo Kim <v4bel(a)theori.io> vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans Hyunwoo Kim <v4bel(a)theori.io> hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer Jan Schär <jan(a)jschaer.ch> ALSA: usb-audio: Add quirks for Dell WD19 dock Jan Schär <jan(a)jschaer.ch> ALSA: usb-audio: Support jack detection on Dell dock Andrew Kanner <andrew.kanner(a)gmail.com> ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() Marc Zyngier <maz(a)kernel.org> irqchip/gic-v3: Force propagation of the active state with a read-back Benoît Monin <benoit.monin(a)gmx.fr> USB: serial: option: add Quectel RG650V Reinhard Speyerer <rspmn(a)arcor.de> USB: serial: option: add Fibocom FG132 0x0112 composition Jack Wu <wojackbb(a)gmail.com> USB: serial: qcserial: add support for Sierra Wireless EM86xx Dan Carpenter <dan.carpenter(a)linaro.org> USB: serial: io_edgeport: fix use after free in debug printk Dan Carpenter <dan.carpenter(a)linaro.org> usb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd() Zijun Hu <quic_zijuhu(a)quicinc.com> usb: musb: sunxi: Fix accessing an released usb phy Qi Xi <xiqi2(a)huawei.com> fs/proc: fix compile warning about variable 'vmcore_mmap_ops' Benoit Sevens <bsevens(a)google.com> media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format Eric Dumazet <edumazet(a)google.com> net: do not delay dst_entries_add() in dst_release() Riccardo Mancini <rickyman7(a)gmail.com> perf session: Add missing evlist__delete when deleting a session Shuai Xue <xueshuai(a)linux.alibaba.com> Revert "perf hist: Add missing puts to hist__account_cycles" Nikolay Aleksandrov <razor(a)blackwall.org> net: bridge: xmit: make sure we have at least eth header len bytes Michael Walle <michael(a)walle.cc> spi: fix use-after-free of the add_lock mutex Mark Brown <broonie(a)kernel.org> spi: Fix deadlock when adding SPI controllers on SPI buses Pavel Begunkov <asml.silence(a)gmail.com> splice: don't generate zero-len segement bvecs Filipe Manana <fdmanana(a)suse.com> btrfs: reinitialize delayed ref list after deleting it from the list Roberto Sassu <roberto.sassu(a)huawei.com> nfs: Fix KMSAN warning in decode_getfattr_attrs() Jens Axboe <axboe(a)kernel.dk> io_uring/rw: fix missing NOWAIT check for O_DIRECT start write Amir Goldstein <amir73il(a)gmail.com> io_uring: use kiocb_{start,end}_write() helpers Amir Goldstein <amir73il(a)gmail.com> fs: create kiocb_{start,end}_write() helpers Amir Goldstein <amir73il(a)gmail.com> io_uring: rename kiocb_end_write() local helper Zichen Xie <zichenxie0106(a)gmail.com> dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow Ming-Hung Tsai <mtsai(a)redhat.com> dm cache: fix potential out-of-bounds access on the first resume Ming-Hung Tsai <mtsai(a)redhat.com> dm cache: optimize dirty bit checking with find_next_bit when resizing Ming-Hung Tsai <mtsai(a)redhat.com> dm cache: fix out-of-bounds access to the dirty bitset when resizing Ming-Hung Tsai <mtsai(a)redhat.com> dm cache: correct the number of origin blocks to match the target length Antonio Quartulli <antonio(a)mandelbit.com> drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() Erik Schumacher <erik.schumacher(a)iris-sensing.com> pwm: imx-tpm: Use correct MODULO value for EPWM mode Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: v4l2-tpg: prevent the risk of a division by zero Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: pulse8-cec: fix data timestamp at pulse8_setup() Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: cx24116: prevent overflows on SNR calculus Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: s5p-jpeg: prevent buffer overflows Amelie Delaunay <amelie.delaunay(a)foss.st.com> ASoC: stm32: spdifrx: fix dma channel release in stm32_spdifrx_remove Murad Masimov <m.masimov(a)maxima.ru> ALSA: firewire-lib: fix return value on fail in amdtp_tscm_init() Johannes Thumshirn <johannes.thumshirn(a)wdc.com> scsi: sd_zbc: Use kvzalloc() to allocate REPORT ZONES buffer Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: adv7604: prevent underflow condition when reporting colorspace Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: dvb_frontend: don't play tricks with underflow values Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: dvbdev: prevent the risk of out of memory access Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: stb0899_algo: initialize cfr before using it Jarosław Janik <jaroslaw.janik(a)gmail.com> Revert "ALSA: hda/conexant: Mute speakers at suspend / shutdown" Johan Jonker <jbx6244(a)gmail.com> net: arc: fix the device for dma_map_single/dma_unmap_single Diogo Silva <diogompaissilva(a)gmail.com> net: phy: ti: add PHY_RST_AFTER_CLK_EN flag Ioana Ciornei <ioana.ciornei(a)nxp.com> net: phy: ti: implement generic .handle_interrupt() callback Ioana Ciornei <ioana.ciornei(a)nxp.com> net: phy: export phy_error and phy_trigger_machine Peiyang Wang <wangpeiyang1(a)huawei.com> net: hns3: fix kernel crash when uninstalling driver Dario Binacchi <dario.binacchi(a)amarulasolutions.com> can: c_can: fix {rx,tx}_errors statistics Xin Long <lucien.xin(a)gmail.com> sctp: properly validate chunk size in sctp_sf_ootb() Wei Fang <wei.fang(a)nxp.com> net: enetc: set MAC address to the VF net_device Chen Ridong <chenridong(a)huawei.com> security/keys: fix slab-out-of-bounds in key_task_permission Jiri Kosina <jkosina(a)suse.com> HID: core: zero-initialize the report buffer Heiko Stuebner <heiko(a)sntech.de> ARM: dts: rockchip: Fix the realtek audio codec on rk3036-kylin Heiko Stuebner <heiko(a)sntech.de> ARM: dts: rockchip: Fix the spi controller on rk3036 Heiko Stuebner <heiko(a)sntech.de> ARM: dts: rockchip: drop grf reference from rk3036 hdmi Heiko Stuebner <heiko(a)sntech.de> ARM: dts: rockchip: fix rk3036 acodec node Peng Fan <peng.fan(a)nxp.com> arm64: dts: imx8mp: correct sdhc ipg clk Heiko Stuebner <heiko(a)sntech.de> arm64: dts: rockchip: Fix LED triggers on rk3308-roc-cc Heiko Stuebner <heiko(a)sntech.de> arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma lion Heiko Stuebner <heiko(a)sntech.de> arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards Diederik de Haas <didi.debian(a)cknow.org> arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328 Geert Uytterhoeven <geert+renesas(a)glider.be> arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-sapphire-excavator ------------- Diffstat: Makefile | 4 +- arch/arm/boot/dts/rk3036-kylin.dts | 4 +- arch/arm/boot/dts/rk3036.dtsi | 14 +- arch/arm64/boot/dts/freescale/imx8mp.dtsi | 6 +- arch/arm64/boot/dts/rockchip/rk3308-roc-cc.dts | 4 +- arch/arm64/boot/dts/rockchip/rk3328.dtsi | 3 +- arch/arm64/boot/dts/rockchip/rk3368-lion.dtsi | 1 - arch/arm64/boot/dts/rockchip/rk3399-rock960.dtsi | 2 +- .../dts/rockchip/rk3399-sapphire-excavator.dts | 2 +- arch/powerpc/platforms/powernv/opal-irqchip.c | 1 + drivers/crypto/marvell/cesa/hash.c | 12 +- drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c | 4 +- drivers/gpu/drm/amd/amdgpu/amdgpu_debugfs.c | 2 +- drivers/hid/hid-core.c | 2 +- drivers/hid/hid-multitouch.c | 5 + drivers/irqchip/irq-gic-v3.c | 7 + drivers/md/dm-cache-target.c | 35 ++--- drivers/md/dm-unstripe.c | 4 +- drivers/md/raid10.c | 23 +-- drivers/media/cec/usb/pulse8/pulse8-cec.c | 2 +- drivers/media/common/v4l2-tpg/v4l2-tpg-core.c | 3 + drivers/media/dvb-core/dvb_frontend.c | 4 +- drivers/media/dvb-core/dvbdev.c | 17 ++- drivers/media/dvb-frontends/cx24116.c | 7 +- drivers/media/dvb-frontends/stb0899_algo.c | 2 +- drivers/media/i2c/adv7604.c | 26 ++-- drivers/media/platform/s5p-jpeg/jpeg-core.c | 17 ++- drivers/media/usb/uvc/uvc_driver.c | 2 +- drivers/net/can/c_can/c_can.c | 7 +- drivers/net/ethernet/arc/emac_main.c | 27 ++-- drivers/net/ethernet/freescale/enetc/enetc_vf.c | 9 +- drivers/net/ethernet/hisilicon/hns3/hnae3.c | 5 +- drivers/net/phy/dp83640.c | 27 ++++ drivers/net/phy/dp83822.c | 38 +++++ drivers/net/phy/dp83848.c | 35 +++++ drivers/net/phy/dp83867.c | 25 +++ drivers/net/phy/dp83869.c | 25 +++ drivers/net/phy/dp83tc811.c | 45 ++++++ drivers/net/phy/phy.c | 6 +- drivers/net/usb/qmi_wwan.c | 1 + drivers/pwm/pwm-imx-tpm.c | 4 +- drivers/scsi/sd_zbc.c | 3 +- drivers/spi/spi.c | 27 ++-- drivers/usb/musb/sunxi.c | 2 - drivers/usb/serial/io_edgeport.c | 8 +- drivers/usb/serial/option.c | 6 + drivers/usb/serial/qcserial.c | 2 + drivers/usb/typec/ucsi/ucsi_ccg.c | 2 + drivers/vdpa/ifcvf/ifcvf_base.c | 2 +- fs/btrfs/delayed-ref.c | 2 +- fs/nfs/inode.c | 1 + fs/ocfs2/file.c | 9 +- fs/ocfs2/xattr.c | 3 +- fs/proc/vmcore.c | 9 +- fs/splice.c | 9 +- include/linux/fs.h | 35 +++++ include/linux/phy.h | 2 + include/linux/spi/spi.h | 3 + io_uring/io_uring.c | 55 ++++--- kernel/bpf/verifier.c | 4 +- mm/slab_common.c | 2 +- net/9p/client.c | 12 +- net/bridge/br_device.c | 5 + net/core/dst.c | 17 ++- net/sctp/sm_statefuns.c | 2 +- net/vmw_vsock/hyperv_transport.c | 1 + net/vmw_vsock/virtio_transport_common.c | 1 + security/keys/keyring.c | 7 +- sound/Kconfig | 2 +- sound/firewire/tascam/amdtp-tascam.c | 2 +- sound/pci/hda/patch_conexant.c | 2 - sound/soc/stm/stm32_spdifrx.c | 2 +- sound/usb/mixer_quirks.c | 170 +++++++++++++++++++++ tools/perf/util/hist.c | 10 +- tools/perf/util/session.c | 5 +- 75 files changed, 703 insertions(+), 190 deletions(-)

10 months, 1 week

7
88
0 0

[PATCH 6.1 00/39] 6.1.118-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.1.118 release. There are 39 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun, 17 Nov 2024 06:37:07 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.1.118-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.1.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.1.118-rc1 Linus Torvalds <torvalds(a)linux-foundation.org> 9p: fix slab cache name creation for real Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com> fs/ntfs3: Fix general protection fault in run_is_mapped_full Hans de Goede <hdegoede(a)redhat.com> platform/x86: x86-android-tablets: Fix use after free on platform_device_register() errors Qun-Wei Lin <qun-wei.lin(a)mediatek.com> mm: krealloc: Fix MTE false alarm in __do_krealloc Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: L2CAP: Fix uaf in l2cap_connect Xiaxi Shen <shenxiaxi26(a)gmail.com> ext4: fix timer use-after-free on failed mount Philip Yang <Philip.Yang(a)amd.com> drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer Qiao Ma <mqaio(a)linux.alibaba.com> uprobe: avoid out-of-bounds memory access of fetching args Andrii Nakryiko <andrii(a)kernel.org> uprobes: encapsulate preparation of uprobe args buffer Hagar Hemdan <hagarhem(a)amazon.com> io_uring: fix possible deadlock in io_register_iowq_max_workers() Li Nan <linan122(a)huawei.com> md/raid10: improve code of mrdev in raid10_sync_request Reinhard Speyerer <rspmn(a)arcor.de> net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition Yanteng Si <siyanteng(a)cqsoftware.com.cn> LoongArch: Use "Exception return address" to comment ERA Hans de Goede <hdegoede(a)redhat.com> HID: lenovo: Add support for Thinkpad X1 Tablet Gen 3 keyboard Kenneth Albanowski <kenalba(a)chromium.org> HID: multitouch: Add quirk for Logitech Bolt receiver w/ Casa touchpad Alessandro Zanni <alessandro.zanni87(a)gmail.com> fs: Fix uninitialized value issue in from_kuid and from_kgid Jiawei Ye <jiawei.ye(a)foxmail.com> bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 Yuan Can <yuancan(a)huawei.com> vDPA/ifcvf: Fix pci_read_config_byte() return code handling Nilay Shroff <nilay(a)linux.ibm.com> nvme: make keep-alive synchronous operation Michael Ellerman <mpe(a)ellerman.id.au> powerpc/powernv: Free name on error in opal_event_init() Keith Busch <kbusch(a)kernel.org> nvme-multipath: defer partition scanning Will Deacon <will(a)kernel.org> kasan: Disable Software Tag-Based KASAN with GCC Ian Forbes <ian.forbes(a)broadcom.com> drm/vmwgfx: Limit display layout ioctl array size to VMWGFX_NUM_DISPLAY_UNITS Julian Vetter <jvetter(a)kalrayinc.com> sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML Herbert Xu <herbert(a)gondor.apana.org.au> crypto: marvell/cesa - Disable hash algorithms Herbert Xu <herbert(a)gondor.apana.org.au> crypto: api - Fix liveliness check in crypto_alg_tested Rik van Riel <riel(a)surriel.com> bpf: use kvzmalloc to allocate BPF verifier environment Greg Joyce <gjoyce(a)linux.ibm.com> nvme: disable CC.CRIME (NVME_CC_CRIME) WangYuli <wangyuli(a)uniontech.com> HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad Stefan Blum <stefanblum2004(a)gmail.com> HID: multitouch: Add support for B2402FVA track point SurajSonawane2415 <surajsonawane0215(a)gmail.com> block: Fix elevator_get_default() checking for NULL q->tag_set Hannes Reinecke <hare(a)suse.de> nvme: tcp: avoid race between queue_lock lock and destroy Sergey Matsievskiy <matsievskiysv(a)gmail.com> irqchip/ocelot: Fix trigger register address Pedro Falcato <pedro.falcato(a)gmail.com> 9p: Avoid creating multiple slab caches with the same name Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Revert "Bluetooth: hci_conn: Consolidate code for aborting connections" Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Revert "Bluetooth: hci_core: Fix possible buffer overflow" Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Revert "Bluetooth: af_bluetooth: Fix deadlock" Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Revert "Bluetooth: hci_sync: Fix overwriting request callback" Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Revert "Bluetooth: fix use-after-free in accessing skb after sending it" ------------- Diffstat: Makefile | 4 +- arch/loongarch/include/asm/loongarch.h | 2 +- arch/powerpc/platforms/powernv/opal-irqchip.c | 1 + block/elevator.c | 4 +- crypto/algapi.c | 2 +- drivers/crypto/marvell/cesa/hash.c | 12 +- drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd.c | 14 +- drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd.h | 2 +- drivers/gpu/drm/amd/amdkfd/kfd_chardev.c | 2 +- drivers/gpu/drm/amd/amdkfd/kfd_device.c | 4 +- .../gpu/drm/amd/amdkfd/kfd_device_queue_manager.c | 2 +- drivers/gpu/drm/amd/amdkfd/kfd_mqd_manager.c | 2 +- drivers/gpu/drm/amd/amdkfd/kfd_process.c | 2 +- .../gpu/drm/amd/amdkfd/kfd_process_queue_manager.c | 4 +- drivers/gpu/drm/vmwgfx/vmwgfx_drv.h | 4 +- drivers/gpu/drm/vmwgfx/vmwgfx_kms.c | 4 +- drivers/gpu/drm/vmwgfx/vmwgfx_kms.h | 3 - drivers/hid/hid-ids.h | 1 + drivers/hid/hid-lenovo.c | 8 ++ drivers/hid/hid-multitouch.c | 13 ++ drivers/irqchip/irq-mscc-ocelot.c | 4 +- drivers/md/raid10.c | 23 +-- drivers/net/usb/qmi_wwan.c | 1 + drivers/nvme/host/core.c | 31 ++-- drivers/nvme/host/multipath.c | 33 +++++ drivers/nvme/host/nvme.h | 1 + drivers/nvme/host/tcp.c | 7 +- drivers/platform/x86/x86-android-tablets.c | 3 +- drivers/vdpa/ifcvf/ifcvf_base.c | 2 +- fs/ext4/super.c | 2 +- fs/ntfs3/inode.c | 9 ++ fs/ocfs2/file.c | 9 +- include/net/bluetooth/hci_core.h | 3 +- io_uring/io_uring.c | 5 + kernel/bpf/verifier.c | 4 +- kernel/trace/trace_uprobe.c | 86 +++++------ lib/Kconfig.kasan | 7 +- mm/slab_common.c | 2 +- net/9p/client.c | 12 +- net/bluetooth/af_bluetooth.c | 10 +- net/bluetooth/hci_conn.c | 158 ++++++++++++++++----- net/bluetooth/hci_core.c | 50 +++---- net/bluetooth/hci_event.c | 20 +-- net/bluetooth/hci_sync.c | 44 ++---- net/bluetooth/l2cap_core.c | 9 -- net/bluetooth/mgmt.c | 15 +- net/core/filter.c | 2 +- sound/Kconfig | 2 +- 48 files changed, 401 insertions(+), 243 deletions(-)

10 months, 1 week

11
49
0 0

[PATCH 4.19 00/52] 4.19.324-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.19.324 release. There are 52 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun, 17 Nov 2024 06:37:07 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.19.324-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.19.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.19.324-rc1 Linus Torvalds <torvalds(a)linux-foundation.org> 9p: fix slab cache name creation for real Reinhard Speyerer <rspmn(a)arcor.de> net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition Alessandro Zanni <alessandro.zanni87(a)gmail.com> fs: Fix uninitialized value issue in from_kuid and from_kgid Michael Ellerman <mpe(a)ellerman.id.au> powerpc/powernv: Free name on error in opal_event_init() Julian Vetter <jvetter(a)kalrayinc.com> sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML Rik van Riel <riel(a)surriel.com> bpf: use kvzmalloc to allocate BPF verifier environment WangYuli <wangyuli(a)uniontech.com> HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad Pedro Falcato <pedro.falcato(a)gmail.com> 9p: Avoid creating multiple slab caches with the same name Jan Schär <jan(a)jschaer.ch> ALSA: usb-audio: Add endianness annotations Hyunwoo Kim <v4bel(a)theori.io> vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans Hyunwoo Kim <v4bel(a)theori.io> hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer Jan Schär <jan(a)jschaer.ch> ALSA: usb-audio: Add quirks for Dell WD19 dock Jan Schär <jan(a)jschaer.ch> ALSA: usb-audio: Support jack detection on Dell dock Jussi Laako <jussi(a)sonarnerd.net> ALSA: usb-audio: Add custom mixer status quirks for RME CC devices Ricardo Biehl Pasquali <pasqualirb(a)gmail.com> ALSA: pcm: Return 0 when size < start_threshold in capture Andrew Kanner <andrew.kanner(a)gmail.com> ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() Marc Zyngier <maz(a)kernel.org> irqchip/gic-v3: Force propagation of the active state with a read-back Benoît Monin <benoit.monin(a)gmx.fr> USB: serial: option: add Quectel RG650V Reinhard Speyerer <rspmn(a)arcor.de> USB: serial: option: add Fibocom FG132 0x0112 composition Jack Wu <wojackbb(a)gmail.com> USB: serial: qcserial: add support for Sierra Wireless EM86xx Dan Carpenter <dan.carpenter(a)linaro.org> USB: serial: io_edgeport: fix use after free in debug printk Zijun Hu <quic_zijuhu(a)quicinc.com> usb: musb: sunxi: Fix accessing an released usb phy Qi Xi <xiqi2(a)huawei.com> fs/proc: fix compile warning about variable 'vmcore_mmap_ops' Benoit Sevens <bsevens(a)google.com> media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format Nikolay Aleksandrov <razor(a)blackwall.org> net: bridge: xmit: make sure we have at least eth header len bytes Jiri Slaby (SUSE) <jirislaby(a)kernel.org> bonding (gcc13): synchronize bond_{a,t}lb_xmit() types Filipe Manana <fdmanana(a)suse.com> btrfs: reinitialize delayed ref list after deleting it from the list Roberto Sassu <roberto.sassu(a)huawei.com> nfs: Fix KMSAN warning in decode_getfattr_attrs() Zichen Xie <zichenxie0106(a)gmail.com> dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow Ming-Hung Tsai <mtsai(a)redhat.com> dm cache: fix potential out-of-bounds access on the first resume Ming-Hung Tsai <mtsai(a)redhat.com> dm cache: optimize dirty bit checking with find_next_bit when resizing Ming-Hung Tsai <mtsai(a)redhat.com> dm cache: fix out-of-bounds access to the dirty bitset when resizing Ming-Hung Tsai <mtsai(a)redhat.com> dm cache: correct the number of origin blocks to match the target length Antonio Quartulli <antonio(a)mandelbit.com> drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: v4l2-tpg: prevent the risk of a division by zero Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: cx24116: prevent overflows on SNR calculus Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: s5p-jpeg: prevent buffer overflows Murad Masimov <m.masimov(a)maxima.ru> ALSA: firewire-lib: fix return value on fail in amdtp_tscm_init() Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: adv7604: prevent underflow condition when reporting colorspace Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: dvb_frontend: don't play tricks with underflow values Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: dvbdev: prevent the risk of out of memory access Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: stb0899_algo: initialize cfr before using it Peiyang Wang <wangpeiyang1(a)huawei.com> net: hns3: fix kernel crash when uninstalling driver Dario Binacchi <dario.binacchi(a)amarulasolutions.com> can: c_can: fix {rx,tx}_errors statistics Xin Long <lucien.xin(a)gmail.com> sctp: properly validate chunk size in sctp_sf_ootb() Chen Ridong <chenridong(a)huawei.com> security/keys: fix slab-out-of-bounds in key_task_permission Jiri Kosina <jkosina(a)suse.com> HID: core: zero-initialize the report buffer Heiko Stuebner <heiko(a)sntech.de> ARM: dts: rockchip: Fix the realtek audio codec on rk3036-kylin Heiko Stuebner <heiko(a)sntech.de> ARM: dts: rockchip: drop grf reference from rk3036 hdmi Heiko Stuebner <heiko(a)sntech.de> ARM: dts: rockchip: fix rk3036 acodec node Geert Uytterhoeven <geert+renesas(a)glider.be> arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-sapphire-excavator ------------- Diffstat: Makefile | 4 +- arch/arm/boot/dts/rk3036-kylin.dts | 4 +- arch/arm/boot/dts/rk3036.dtsi | 8 +- .../dts/rockchip/rk3399-sapphire-excavator.dts | 2 +- arch/powerpc/platforms/powernv/opal-irqchip.c | 1 + drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c | 4 +- drivers/gpu/drm/amd/amdgpu/amdgpu_debugfs.c | 2 +- drivers/hid/hid-core.c | 2 +- drivers/hid/hid-multitouch.c | 5 + drivers/irqchip/irq-gic-v3.c | 7 + drivers/md/dm-cache-target.c | 35 +- drivers/md/dm-unstripe.c | 4 +- drivers/media/common/v4l2-tpg/v4l2-tpg-core.c | 3 + drivers/media/dvb-core/dvb_frontend.c | 4 +- drivers/media/dvb-core/dvbdev.c | 17 +- drivers/media/dvb-frontends/cx24116.c | 7 +- drivers/media/dvb-frontends/stb0899_algo.c | 2 +- drivers/media/i2c/adv7604.c | 26 +- drivers/media/platform/s5p-jpeg/jpeg-core.c | 17 +- drivers/media/usb/uvc/uvc_driver.c | 2 +- drivers/net/can/c_can/c_can.c | 7 +- drivers/net/ethernet/hisilicon/hns3/hnae3.c | 5 +- drivers/net/usb/qmi_wwan.c | 1 + drivers/usb/musb/sunxi.c | 2 - drivers/usb/serial/io_edgeport.c | 8 +- drivers/usb/serial/option.c | 6 + drivers/usb/serial/qcserial.c | 2 + fs/btrfs/delayed-ref.c | 2 +- fs/nfs/inode.c | 1 + fs/ocfs2/file.c | 9 +- fs/ocfs2/xattr.c | 3 +- fs/proc/vmcore.c | 9 +- include/net/bond_alb.h | 4 +- kernel/bpf/verifier.c | 4 +- net/9p/client.c | 12 +- net/bridge/br_device.c | 5 + net/sctp/sm_statefuns.c | 2 +- net/vmw_vsock/hyperv_transport.c | 1 + net/vmw_vsock/virtio_transport_common.c | 1 + security/keys/keyring.c | 7 +- sound/Kconfig | 2 +- sound/core/pcm_lib.c | 13 +- sound/firewire/tascam/amdtp-tascam.c | 2 +- sound/usb/mixer_quirks.c | 551 +++++++++++++++++++++ 44 files changed, 726 insertions(+), 89 deletions(-)

10 months, 1 week

6
57
0 0

[PATCH 5.15.y] phy: qcom: qmp: Fix NULL pointer dereference for USB Uni PHYs

by Krishna Kurapati

Commit [1] introduced DP support to QMP driver. While doing so, the dp and usb configuration structures were added to a combo_phy_cfg structure. During probe, the match data is used to parse and identify the dp and usb configs separately. While doing so, the usb_cfg variable represents the configuration parameters for USB part of the phy (whether it is DP-Cobo or Uni). during probe, one corner case of parsing usb_cfg for Uni PHYs is left incomplete and it is left as NULL. This NULL variable further percolates down to qmp_phy_create() call essentially getting de-referenced and causing a crash. Subsequently, commit [2] split the driver into multiple files, each handling a specific PHY type (USB, DP-Combo, UFS, PCIe). During this refactoring, the probing process was modified, and the NULL pointer dereference issue no longer showed up. [1]: https://lore.kernel.org/all/20200916231202.3637932-8-swboyd@chromium.org/ [2]: https://lore.kernel.org/all/20220607213203.2819885-1-dmitry.baryshkov@linar… Fixes: 52e013d0bffa ("phy: qcom-qmp: Add support for DP in USB3+DP combo phy") Cc: stable(a)vger.kernel.org # 5.15.y Signed-off-by: Krishna Kurapati <quic_kriskura(a)quicinc.com> --- drivers/phy/qualcomm/phy-qcom-qmp.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/phy/qualcomm/phy-qcom-qmp.c b/drivers/phy/qualcomm/phy-qcom-qmp.c index eef863108bfe..e22ee71aa060 100644 --- a/drivers/phy/qualcomm/phy-qcom-qmp.c +++ b/drivers/phy/qualcomm/phy-qcom-qmp.c @@ -5714,6 +5714,8 @@ static int qcom_qmp_phy_probe(struct platform_device *pdev) usb_cfg = combo_cfg->usb_cfg; cfg = usb_cfg; /* Setup clks and regulators */ + } else { + usb_cfg = cfg; } /* per PHY serdes; usually located at base address */ -- 2.34.1

10 months, 1 week

2
3
0 0

[PATCH] powerpc/vdso: Drop -mstack-protector-guard flags in 32-bit files with clang

by Nathan Chancellor

Under certain conditions, the 64-bit '-mstack-protector-guard' flags may end up in the 32-bit vDSO flags, resulting in build failures due to the structure of clang's argument parsing of the stack protector options, which validates the arguments of the stack protector guard flags unconditionally in the frontend, choking on the 64-bit values when targeting 32-bit: clang: error: invalid value 'r13' in 'mstack-protector-guard-reg=', expected one of: r2 clang: error: invalid value 'r13' in 'mstack-protector-guard-reg=', expected one of: r2 make[3]: *** [arch/powerpc/kernel/vdso/Makefile:85: arch/powerpc/kernel/vdso/vgettimeofday-32.o] Error 1 make[3]: *** [arch/powerpc/kernel/vdso/Makefile:87: arch/powerpc/kernel/vdso/vgetrandom-32.o] Error 1 Remove these flags by adding them to the CC32FLAGSREMOVE variable, which already handles situations similar to this. Additionally, reformat and align a comment better for the expanding CONFIG_CC_IS_CLANG block. Cc: stable(a)vger.kernel.org # v6.1+ Signed-off-by: Nathan Chancellor <nathan(a)kernel.org> --- I say "Under certain conditions" because I am not entirely sure what they are. I cannot reproduce this error in my host environment but I can reproduce it in TuxMake's environment, which our CI uses: https://storage.tuxsuite.com/public/clangbuiltlinux/continuous-integration2… $ tuxmake \ -a powerpc \ -k ppc64_guest_defconfig \ -r podman \ -t clang-nightly \ LLVM=1 \ config default ... clang: error: invalid value 'r13' in 'mstack-protector-guard-reg=', expected one of: r2 clang: error: invalid value 'r13' in 'mstack-protector-guard-reg=', expected one of: r2 I suspect that make 4.4 could play a difference here but the solution is quite simple here (since it is already weird with reusing flags) so I figured it was just worth doing this regardless of what the underlying reason is. --- arch/powerpc/kernel/vdso/Makefile | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/arch/powerpc/kernel/vdso/Makefile b/arch/powerpc/kernel/vdso/Makefile index 31ca5a5470047e7ac0a0f8194fd59c6a3b453b4d..c568cad6a22e6b8a8bcb04463b7c850306364804 100644 --- a/arch/powerpc/kernel/vdso/Makefile +++ b/arch/powerpc/kernel/vdso/Makefile @@ -54,10 +54,14 @@ ldflags-y += $(filter-out $(CC_AUTO_VAR_INIT_ZERO_ENABLER) $(CC_FLAGS_FTRACE) -W CC32FLAGS := -m32 CC32FLAGSREMOVE := -mcmodel=medium -mabi=elfv1 -mabi=elfv2 -mcall-aixdesc - # This flag is supported by clang for 64-bit but not 32-bit so it will cause - # an unused command line flag warning for this file. ifdef CONFIG_CC_IS_CLANG +# This flag is supported by clang for 64-bit but not 32-bit so it will cause +# an unused command line flag warning for this file. CC32FLAGSREMOVE += -fno-stack-clash-protection +# -mstack-protector-guard values from the 64-bit build are not valid for the +# 32-bit one. clang validates the values passed to these arguments during +# parsing, even when -fno-stack-protector is passed afterwards. +CC32FLAGSREMOVE += -mstack-protector-guard% endif LD32FLAGS := -Wl,-soname=linux-vdso32.so.1 AS32FLAGS := -D__VDSO32__ --- base-commit: bee08a9e6ab03caf14481d97b35a258400ffab8f change-id: 20241030-powerpc-vdso-drop-stackp-flags-clang-ddfbf2ef27a6 Best regards, -- Nathan Chancellor <nathan(a)kernel.org>

10 months, 1 week

4
5
0 0

[merged mm-hotfixes-stable] mm-revert-mm-shmem-fix-data-race-in-shmem_getattr.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: mm: revert "mm: shmem: fix data-race in shmem_getattr()" has been removed from the -mm tree. Its filename was mm-revert-mm-shmem-fix-data-race-in-shmem_getattr.patch This patch was dropped because it was merged into the mm-hotfixes-stable branch of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm ------------------------------------------------------ From: Andrew Morton <akpm(a)linux-foundation.org> Subject: mm: revert "mm: shmem: fix data-race in shmem_getattr()" Date: Fri Nov 15 04:57:24 PM PST 2024 Revert d949d1d14fa2 ("mm: shmem: fix data-race in shmem_getattr()") as suggested by Chuck [1]. It is causing deadlocks when accessing tmpfs over NFS. As Hugh commented, "added just to silence a syzbot sanitizer splat: added where there has never been any practical problem". Link: https://lkml.kernel.org/r/ZzdxKF39VEmXSSyN@tissot.1015granger.net [1] Fixes: d949d1d14fa2 ("mm: shmem: fix data-race in shmem_getattr()") Acked-by: Hugh Dickins <hughd(a)google.com> Cc: Chuck Lever <chuck.lever(a)oracle.com> Cc: Jeongjun Park <aha310510(a)gmail.com> Cc: Yu Zhao <yuzhao(a)google.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/shmem.c | 2 -- 1 file changed, 2 deletions(-) --- a/mm/shmem.c~mm-revert-mm-shmem-fix-data-race-in-shmem_getattr +++ a/mm/shmem.c @@ -1166,9 +1166,7 @@ static int shmem_getattr(struct mnt_idma stat->attributes_mask |= (STATX_ATTR_APPEND | STATX_ATTR_IMMUTABLE | STATX_ATTR_NODUMP); - inode_lock_shared(inode); generic_fillattr(idmap, request_mask, inode, stat); - inode_unlock_shared(inode); if (shmem_huge_global_enabled(inode, 0, 0, false, NULL, 0)) stat->blksize = HPAGE_PMD_SIZE; _ Patches currently in -mm which might be from akpm(a)linux-foundation.org are fs-proc-vmcorec-fix-warning-when-config_mmu=n.patch

10 months, 1 week

1
0
0 0

[PATCH 5.4 00/67] 5.4.286-rc2 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.4.286 release. There are 67 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun, 17 Nov 2024 12:04:36 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.4.286-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.4.286-rc2 Linus Torvalds <torvalds(a)linux-foundation.org> mm: avoid leaving partial pfn mappings around in error case Linus Torvalds <torvalds(a)linux-foundation.org> 9p: fix slab cache name creation for real Christoph Hellwig <hch(a)lst.de> mm: add remap_pfn_range_notrack Alex Zhang <zhangalex(a)google.com> mm/memory.c: make remap_pfn_range() reject unaligned addr chenqiwu <chenqiwu(a)xiaomi.com> mm: fix ambiguous comments for better code readability WANG Wenhu <wenhu.wang(a)vivo.com> mm: clarify a confusing comment for remap_pfn_range() Li Nan <linan122(a)huawei.com> md/raid10: improve code of mrdev in raid10_sync_request Reinhard Speyerer <rspmn(a)arcor.de> net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition Alessandro Zanni <alessandro.zanni87(a)gmail.com> fs: Fix uninitialized value issue in from_kuid and from_kgid Michael Ellerman <mpe(a)ellerman.id.au> powerpc/powernv: Free name on error in opal_event_init() Julian Vetter <jvetter(a)kalrayinc.com> sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML Rik van Riel <riel(a)surriel.com> bpf: use kvzmalloc to allocate BPF verifier environment WangYuli <wangyuli(a)uniontech.com> HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad Pedro Falcato <pedro.falcato(a)gmail.com> 9p: Avoid creating multiple slab caches with the same name Jan Schär <jan(a)jschaer.ch> ALSA: usb-audio: Add endianness annotations Hyunwoo Kim <v4bel(a)theori.io> vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans Hyunwoo Kim <v4bel(a)theori.io> hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer Zheng Yejian <zhengyejian1(a)huawei.com> ftrace: Fix possible use-after-free issue in ftrace_location() Chuck Lever <chuck.lever(a)oracle.com> NFSD: Fix NFSv4's PUTPUBFH operation Jan Schär <jan(a)jschaer.ch> ALSA: usb-audio: Add quirks for Dell WD19 dock Jan Schär <jan(a)jschaer.ch> ALSA: usb-audio: Support jack detection on Dell dock Andrew Kanner <andrew.kanner(a)gmail.com> ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() Marc Zyngier <maz(a)kernel.org> irqchip/gic-v3: Force propagation of the active state with a read-back Benoît Monin <benoit.monin(a)gmx.fr> USB: serial: option: add Quectel RG650V Reinhard Speyerer <rspmn(a)arcor.de> USB: serial: option: add Fibocom FG132 0x0112 composition Jack Wu <wojackbb(a)gmail.com> USB: serial: qcserial: add support for Sierra Wireless EM86xx Dan Carpenter <dan.carpenter(a)linaro.org> USB: serial: io_edgeport: fix use after free in debug printk Zijun Hu <quic_zijuhu(a)quicinc.com> usb: musb: sunxi: Fix accessing an released usb phy Qi Xi <xiqi2(a)huawei.com> fs/proc: fix compile warning about variable 'vmcore_mmap_ops' Benoit Sevens <bsevens(a)google.com> media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format Nikolay Aleksandrov <razor(a)blackwall.org> net: bridge: xmit: make sure we have at least eth header len bytes Michael Walle <michael(a)walle.cc> spi: fix use-after-free of the add_lock mutex Mark Brown <broonie(a)kernel.org> spi: Fix deadlock when adding SPI controllers on SPI buses Sean Nyekjaer <sean(a)geanix.com> mtd: rawnand: protect access to rawnand devices while in suspend Filipe Manana <fdmanana(a)suse.com> btrfs: reinitialize delayed ref list after deleting it from the list Roberto Sassu <roberto.sassu(a)huawei.com> nfs: Fix KMSAN warning in decode_getfattr_attrs() Zichen Xie <zichenxie0106(a)gmail.com> dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow Ming-Hung Tsai <mtsai(a)redhat.com> dm cache: fix potential out-of-bounds access on the first resume Ming-Hung Tsai <mtsai(a)redhat.com> dm cache: optimize dirty bit checking with find_next_bit when resizing Ming-Hung Tsai <mtsai(a)redhat.com> dm cache: fix out-of-bounds access to the dirty bitset when resizing Ming-Hung Tsai <mtsai(a)redhat.com> dm cache: correct the number of origin blocks to match the target length Antonio Quartulli <antonio(a)mandelbit.com> drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() Erik Schumacher <erik.schumacher(a)iris-sensing.com> pwm: imx-tpm: Use correct MODULO value for EPWM mode Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: v4l2-tpg: prevent the risk of a division by zero Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: cx24116: prevent overflows on SNR calculus Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: s5p-jpeg: prevent buffer overflows Murad Masimov <m.masimov(a)maxima.ru> ALSA: firewire-lib: fix return value on fail in amdtp_tscm_init() Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: adv7604: prevent underflow condition when reporting colorspace Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: dvb_frontend: don't play tricks with underflow values Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: dvbdev: prevent the risk of out of memory access Mauro Carvalho Chehab <mchehab+huawei(a)kernel.org> media: stb0899_algo: initialize cfr before using it Peiyang Wang <wangpeiyang1(a)huawei.com> net: hns3: fix kernel crash when uninstalling driver Dario Binacchi <dario.binacchi(a)amarulasolutions.com> can: c_can: fix {rx,tx}_errors statistics Xin Long <lucien.xin(a)gmail.com> sctp: properly validate chunk size in sctp_sf_ootb() Wei Fang <wei.fang(a)nxp.com> net: enetc: set MAC address to the VF net_device Qinglang Miao <miaoqinglang(a)huawei.com> enetc: simplify the return expression of enetc_vf_set_mac_addr() Chen Ridong <chenridong(a)huawei.com> security/keys: fix slab-out-of-bounds in key_task_permission Jiri Kosina <jkosina(a)suse.com> HID: core: zero-initialize the report buffer Heiko Stuebner <heiko(a)sntech.de> ARM: dts: rockchip: Fix the realtek audio codec on rk3036-kylin Heiko Stuebner <heiko(a)sntech.de> ARM: dts: rockchip: Fix the spi controller on rk3036 Heiko Stuebner <heiko(a)sntech.de> ARM: dts: rockchip: drop grf reference from rk3036 hdmi Heiko Stuebner <heiko(a)sntech.de> ARM: dts: rockchip: fix rk3036 acodec node Heiko Stuebner <heiko(a)sntech.de> arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma lion Heiko Stuebner <heiko(a)sntech.de> arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards Diederik de Haas <didi.debian(a)cknow.org> arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328 Geert Uytterhoeven <geert+renesas(a)glider.be> arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-sapphire-excavator ------------- Diffstat: Makefile | 4 +- arch/arm/boot/dts/rk3036-kylin.dts | 4 +- arch/arm/boot/dts/rk3036.dtsi | 14 +- arch/arm64/boot/dts/rockchip/rk3328.dtsi | 3 +- arch/arm64/boot/dts/rockchip/rk3368-lion.dtsi | 1 - arch/arm64/boot/dts/rockchip/rk3399-rock960.dtsi | 2 +- .../dts/rockchip/rk3399-sapphire-excavator.dts | 2 +- arch/powerpc/platforms/powernv/opal-irqchip.c | 1 + drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c | 4 +- drivers/gpu/drm/amd/amdgpu/amdgpu_debugfs.c | 2 +- drivers/hid/hid-core.c | 2 +- drivers/hid/hid-multitouch.c | 5 + drivers/irqchip/irq-gic-v3.c | 7 + drivers/md/dm-cache-target.c | 35 ++--- drivers/md/dm-unstripe.c | 4 +- drivers/md/raid10.c | 23 +-- drivers/media/common/v4l2-tpg/v4l2-tpg-core.c | 3 + drivers/media/dvb-core/dvb_frontend.c | 4 +- drivers/media/dvb-core/dvbdev.c | 17 ++- drivers/media/dvb-frontends/cx24116.c | 7 +- drivers/media/dvb-frontends/stb0899_algo.c | 2 +- drivers/media/i2c/adv7604.c | 26 ++-- drivers/media/platform/s5p-jpeg/jpeg-core.c | 17 ++- drivers/media/usb/uvc/uvc_driver.c | 2 +- drivers/mtd/nand/raw/nand_base.c | 44 +++--- drivers/net/can/c_can/c_can.c | 7 +- drivers/net/ethernet/freescale/enetc/enetc_vf.c | 2 + drivers/net/ethernet/hisilicon/hns3/hnae3.c | 5 +- drivers/net/usb/qmi_wwan.c | 1 + drivers/pwm/pwm-imx-tpm.c | 4 +- drivers/spi/spi.c | 27 ++-- drivers/usb/musb/sunxi.c | 2 - drivers/usb/serial/io_edgeport.c | 8 +- drivers/usb/serial/option.c | 6 + drivers/usb/serial/qcserial.c | 2 + fs/btrfs/delayed-ref.c | 2 +- fs/nfs/inode.c | 1 + fs/nfsd/nfs4xdr.c | 10 +- fs/ocfs2/file.c | 9 +- fs/ocfs2/xattr.c | 3 +- fs/proc/vmcore.c | 9 +- include/linux/mm.h | 2 + include/linux/mm_types.h | 4 +- include/linux/mtd/rawnand.h | 2 + include/linux/spi/spi.h | 3 + kernel/bpf/verifier.c | 4 +- kernel/trace/ftrace.c | 30 ++-- mm/memory.c | 75 ++++++--- net/9p/client.c | 12 +- net/bridge/br_device.c | 5 + net/sctp/sm_statefuns.c | 2 +- net/vmw_vsock/hyperv_transport.c | 1 + net/vmw_vsock/virtio_transport_common.c | 1 + security/keys/keyring.c | 7 +- sound/Kconfig | 2 +- sound/firewire/tascam/amdtp-tascam.c | 2 +- sound/usb/mixer_quirks.c | 170 +++++++++++++++++++++ 57 files changed, 471 insertions(+), 184 deletions(-)

10 months, 1 week

5
4
0 0

[PATCH 5.15 00/22] 5.15.173-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.15.173 release. There are 22 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun, 17 Nov 2024 06:37:07 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.15.173-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.15.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.15.173-rc1 Linus Torvalds <torvalds(a)linux-foundation.org> 9p: fix slab cache name creation for real Jan Kara <jack(a)suse.cz> udf: Avoid directory type conversion failure due to ENOMEM Jan Kara <jack(a)suse.cz> udf: Allocate name buffer in directory iterator on heap Yuanzheng Song <songyuanzheng(a)huawei.com> mm/memory: add non-anonymous page check in the copy_present_page() Qun-Wei Lin <qun-wei.lin(a)mediatek.com> mm: krealloc: Fix MTE false alarm in __do_krealloc Hagar Hemdan <hagarhem(a)amazon.com> io_uring: fix possible deadlock in io_register_iowq_max_workers() Li Nan <linan122(a)huawei.com> md/raid10: improve code of mrdev in raid10_sync_request Reinhard Speyerer <rspmn(a)arcor.de> net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition Hans de Goede <hdegoede(a)redhat.com> HID: lenovo: Add support for Thinkpad X1 Tablet Gen 3 keyboard Kenneth Albanowski <kenalba(a)chromium.org> HID: multitouch: Add quirk for Logitech Bolt receiver w/ Casa touchpad Alessandro Zanni <alessandro.zanni87(a)gmail.com> fs: Fix uninitialized value issue in from_kuid and from_kgid Yuan Can <yuancan(a)huawei.com> vDPA/ifcvf: Fix pci_read_config_byte() return code handling Michael Ellerman <mpe(a)ellerman.id.au> powerpc/powernv: Free name on error in opal_event_init() Ian Forbes <ian.forbes(a)broadcom.com> drm/vmwgfx: Limit display layout ioctl array size to VMWGFX_NUM_DISPLAY_UNITS Julian Vetter <jvetter(a)kalrayinc.com> sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML Herbert Xu <herbert(a)gondor.apana.org.au> crypto: marvell/cesa - Disable hash algorithms Rik van Riel <riel(a)surriel.com> bpf: use kvzmalloc to allocate BPF verifier environment WangYuli <wangyuli(a)uniontech.com> HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad Stefan Blum <stefanblum2004(a)gmail.com> HID: multitouch: Add support for B2402FVA track point SurajSonawane2415 <surajsonawane0215(a)gmail.com> block: Fix elevator_get_default() checking for NULL q->tag_set Sergey Matsievskiy <matsievskiysv(a)gmail.com> irqchip/ocelot: Fix trigger register address Pedro Falcato <pedro.falcato(a)gmail.com> 9p: Avoid creating multiple slab caches with the same name ------------- Diffstat: Makefile | 4 ++-- arch/powerpc/platforms/powernv/opal-irqchip.c | 1 + block/elevator.c | 4 ++-- drivers/crypto/marvell/cesa/hash.c | 12 ++++++------ drivers/gpu/drm/vmwgfx/vmwgfx_drv.h | 4 ++-- drivers/gpu/drm/vmwgfx/vmwgfx_kms.c | 4 +++- drivers/gpu/drm/vmwgfx/vmwgfx_kms.h | 3 --- drivers/hid/hid-ids.h | 1 + drivers/hid/hid-lenovo.c | 8 ++++++++ drivers/hid/hid-multitouch.c | 13 +++++++++++++ drivers/irqchip/irq-mscc-ocelot.c | 4 ++-- drivers/md/raid10.c | 23 ++++++++++++----------- drivers/net/usb/qmi_wwan.c | 1 + drivers/vdpa/ifcvf/ifcvf_base.c | 2 +- fs/ocfs2/file.c | 9 ++++++--- fs/udf/directory.c | 27 +++++++++++++++++++-------- fs/udf/udfdecl.h | 2 +- io_uring/io_uring.c | 5 +++++ kernel/bpf/verifier.c | 4 ++-- mm/memory.c | 11 +++++++++++ mm/slab_common.c | 2 +- net/9p/client.c | 12 +++++++++++- sound/Kconfig | 2 +- 23 files changed, 111 insertions(+), 47 deletions(-)

10 months, 1 week

10
31
0 0

[PATCH 6.6 00/48] 6.6.62-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.6.62 release. There are 48 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun, 17 Nov 2024 06:37:07 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.6.62-rc1… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.6.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.6.62-rc1 Linus Torvalds <torvalds(a)linux-foundation.org> 9p: fix slab cache name creation for real Hugh Dickins <hughd(a)google.com> mm/thp: fix deferred split unqueue naming and locking Kefeng Wang <wangkefeng.wang(a)huawei.com> mm: refactor folio_undo_large_rmappable() Matthew Wilcox (Oracle) <willy(a)infradead.org> mm: always initialise folio->_deferred_list Matthew Wilcox (Oracle) <willy(a)infradead.org> mm: support order-1 folios in the page cache Ryan Roberts <ryan.roberts(a)arm.com> mm/readahead: do not allow order-1 folio Hugh Dickins <hughd(a)google.com> mm: add page_rmappable_folio() wrapper Qun-Wei Lin <qun-wei.lin(a)mediatek.com> mm: krealloc: Fix MTE false alarm in __do_krealloc Hagar Hemdan <hagarhem(a)amazon.com> io_uring: fix possible deadlock in io_register_iowq_max_workers() Hou Tao <houtao1(a)huawei.com> bpf: Check validity of link->type in bpf_link_show_fdinfo() Reinhard Speyerer <rspmn(a)arcor.de> net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition Shengjiu Wang <shengjiu.wang(a)nxp.com> ASoC: fsl_micfil: Add sample rate constraint Yanteng Si <siyanteng(a)cqsoftware.com.cn> LoongArch: Use "Exception return address" to comment ERA Jack Yu <jack.yu(a)realtek.com> ASoC: rt722-sdca: increase clk_stop_timeout to fix clock stop issue Cyan Yang <cyan.yang(a)sifive.com> RISCV: KVM: use raw_spinlock for critical section in imsic Hans de Goede <hdegoede(a)redhat.com> HID: lenovo: Add support for Thinkpad X1 Tablet Gen 3 keyboard Kenneth Albanowski <kenalba(a)chromium.org> HID: multitouch: Add quirk for Logitech Bolt receiver w/ Casa touchpad Alessandro Zanni <alessandro.zanni87(a)gmail.com> fs: Fix uninitialized value issue in from_kuid and from_kgid Ilya Dudikov <ilyadud(a)mail.ru> ASoC: amd: yc: Fix non-functional mic on ASUS E1404FA Christian Heusel <christian(a)heusel.eu> ASoC: amd: yc: Add quirk for ASUS Vivobook S15 M3502RA Jiawei Ye <jiawei.ye(a)foxmail.com> bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 Zijian Zhang <zijianzhang(a)bytedance.com> bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx Yuan Can <yuancan(a)huawei.com> vDPA/ifcvf: Fix pci_read_config_byte() return code handling Breno Leitao <leitao(a)debian.org> nvme/host: Fix RCU list traversal to use SRCU primitive Kuniyuki Iwashima <kuniyu(a)amazon.com> smb: client: Fix use-after-free of network namespace. Nilay Shroff <nilay(a)linux.ibm.com> nvme: make keep-alive synchronous operation Nilay Shroff <nilay(a)linux.ibm.com> nvme-loop: flush off pending I/O while shutting down loop controller Linus Walleij <linus.walleij(a)linaro.org> net: phy: mdio-bcm-unimac: Add BCM6846 support Michael Ellerman <mpe(a)ellerman.id.au> powerpc/powernv: Free name on error in opal_event_init() Philip Yang <Philip.Yang(a)amd.com> drm/amdkfd: Accounting pdd vram_usage for svm Keith Busch <kbusch(a)kernel.org> nvme-multipath: defer partition scanning Will Deacon <will(a)kernel.org> kasan: Disable Software Tag-Based KASAN with GCC Showrya M N <showrya(a)chelsio.com> RDMA/siw: Add sendpage_ok() check to disable MSG_SPLICE_PAGES Ian Forbes <ian.forbes(a)broadcom.com> drm/vmwgfx: Limit display layout ioctl array size to VMWGFX_NUM_DISPLAY_UNITS Julian Vetter <jvetter(a)kalrayinc.com> sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML Herbert Xu <herbert(a)gondor.apana.org.au> crypto: marvell/cesa - Disable hash algorithms Herbert Xu <herbert(a)gondor.apana.org.au> crypto: api - Fix liveliness check in crypto_alg_tested Rik van Riel <riel(a)surriel.com> bpf: use kvzmalloc to allocate BPF verifier environment Greg Joyce <gjoyce(a)linux.ibm.com> nvme: disable CC.CRIME (NVME_CC_CRIME) Robin Murphy <robin.murphy(a)arm.com> iommu/arm-smmu: Clarify MMU-500 CPRE workaround WangYuli <wangyuli(a)uniontech.com> HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad Stefan Blum <stefanblum2004(a)gmail.com> HID: multitouch: Add support for B2402FVA track point SurajSonawane2415 <surajsonawane0215(a)gmail.com> block: Fix elevator_get_default() checking for NULL q->tag_set Hannes Reinecke <hare(a)suse.de> nvme: tcp: avoid race between queue_lock lock and destroy Sergey Matsievskiy <matsievskiysv(a)gmail.com> irqchip/ocelot: Fix trigger register address Eduard Zingerman <eddyz87(a)gmail.com> selftests/bpf: Verify that sync_linked_regs preserves subreg_def Pedro Falcato <pedro.falcato(a)gmail.com> 9p: Avoid creating multiple slab caches with the same name Dominique Martinet <asmadeus(a)codewreck.org> 9p: v9fs_fid_find: also lookup by inode if not found dentry ------------- Diffstat: Makefile | 4 +- arch/loongarch/include/asm/loongarch.h | 2 +- arch/powerpc/platforms/powernv/opal-irqchip.c | 1 + arch/riscv/kvm/aia_imsic.c | 8 +-- block/elevator.c | 4 +- crypto/algapi.c | 2 +- drivers/crypto/marvell/cesa/hash.c | 12 ++-- drivers/gpu/drm/amd/amdkfd/kfd_chardev.c | 6 +- drivers/gpu/drm/amd/amdkfd/kfd_priv.h | 2 +- drivers/gpu/drm/amd/amdkfd/kfd_process.c | 4 +- drivers/gpu/drm/amd/amdkfd/kfd_svm.c | 26 +++++++++ drivers/gpu/drm/vmwgfx/vmwgfx_drv.h | 4 +- drivers/gpu/drm/vmwgfx/vmwgfx_kms.c | 4 +- drivers/gpu/drm/vmwgfx/vmwgfx_kms.h | 3 - drivers/hid/hid-ids.h | 1 + drivers/hid/hid-lenovo.c | 8 +++ drivers/hid/hid-multitouch.c | 13 +++++ drivers/infiniband/sw/siw/siw_qp_tx.c | 2 + drivers/iommu/arm/arm-smmu/arm-smmu-impl.c | 4 +- drivers/irqchip/irq-mscc-ocelot.c | 4 +- drivers/net/mdio/mdio-bcm-unimac.c | 1 + drivers/net/usb/qmi_wwan.c | 1 + drivers/nvme/host/core.c | 52 +++++++++-------- drivers/nvme/host/multipath.c | 33 +++++++++++ drivers/nvme/host/nvme.h | 1 + drivers/nvme/host/tcp.c | 7 ++- drivers/nvme/target/loop.c | 13 +++++ drivers/vdpa/ifcvf/ifcvf_base.c | 2 +- fs/9p/fid.c | 5 +- fs/ocfs2/file.c | 9 ++- fs/smb/client/connect.c | 14 ++++- include/net/tls.h | 12 +++- io_uring/io_uring.c | 5 ++ kernel/bpf/syscall.c | 14 +++-- kernel/bpf/verifier.c | 4 +- lib/Kconfig.kasan | 7 ++- mm/filemap.c | 2 - mm/huge_memory.c | 59 ++++++++++++------- mm/hugetlb.c | 1 + mm/internal.h | 27 ++++++++- mm/memcontrol.c | 29 ++++++++++ mm/mempolicy.c | 17 +----- mm/page_alloc.c | 21 +++---- mm/readahead.c | 11 +--- mm/slab_common.c | 2 +- net/9p/client.c | 12 +++- net/core/filter.c | 2 +- sound/Kconfig | 2 +- sound/soc/amd/yc/acp6x-mach.c | 14 +++++ sound/soc/codecs/rt722-sdca-sdw.c | 2 +- sound/soc/fsl/fsl_micfil.c | 38 ++++++++++++ .../selftests/bpf/progs/verifier_scalar_ids.c | 67 ++++++++++++++++++++++ 52 files changed, 456 insertions(+), 144 deletions(-)

10 months, 1 week

12
59
0 0

[PATCH] PCI: dwc: ep: Fix advertised resizable BAR size again

by Niklas Cassel

The advertised resizable BAR size was fixed in commit 72e34b8593e0 ("PCI: dwc: endpoint: Fix advertised resizable BAR size"). Commit 867ab111b242 ("PCI: dwc: ep: Add a generic dw_pcie_ep_linkdown() API to handle Link Down event") was included shortly after this, and moved the code to another function. When the code was moved, this fix was mistakenly lost. According to the spec, it is illegal to not have a bit set in PCI_REBAR_CAP, and 1 MB is the smallest size allowed. Set bit 4 in PCI_REBAR_CAP, so that we actually advertise support for a 1 MB BAR size. Cc: stable(a)vger.kernel.org Fixes: 867ab111b242 ("PCI: dwc: ep: Add a generic dw_pcie_ep_linkdown() API to handle Link Down event") Signed-off-by: Niklas Cassel <cassel(a)kernel.org> --- drivers/pci/controller/dwc/pcie-designware-ep.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/pci/controller/dwc/pcie-designware-ep.c b/drivers/pci/controller/dwc/pcie-designware-ep.c index 43ba5c6738df1..cc8ff4a014368 100644 --- a/drivers/pci/controller/dwc/pcie-designware-ep.c +++ b/drivers/pci/controller/dwc/pcie-designware-ep.c @@ -689,7 +689,7 @@ static void dw_pcie_ep_init_non_sticky_registers(struct dw_pcie *pci) * for 1 MB BAR size only. */ for (i = 0; i < nbars; i++, offset += PCI_REBAR_CTRL) - dw_pcie_writel_dbi(pci, offset + PCI_REBAR_CAP, 0x0); + dw_pcie_writel_dbi(pci, offset + PCI_REBAR_CAP, BIT(4)); } dw_pcie_setup(pci); -- 2.47.0

10 months, 1 week

2
1
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror