+ mm-damon-core-fix-damos_commit_filter-not-changing-allow.patch added to mm-hotfixes-unstable branch
by Andrew Morton
The patch titled
Subject: mm/damon/core: fix damos_commit_filter not changing allow
has been added to the -mm mm-hotfixes-unstable branch. Its filename is
mm-damon-core-fix-damos_commit_filter-not-changing-allow.patch
This patch will shortly appear at
https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche…
This patch will later appear in the mm-hotfixes-unstable branch at
git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next via the mm-everything
branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
and is updated there every 2-3 working days
------------------------------------------------------
From: Sang-Heon Jeon <ekffu200098(a)gmail.com>
Subject: mm/damon/core: fix damos_commit_filter not changing allow
Date: Sat, 16 Aug 2025 10:51:16 +0900
Current damos_commit_filter() does not persist the `allow' value of the
filter. As a result, changing the `allow' value of a filter and
committing doesn't change the `allow' value.
Add the missing `allow' value update, so committing the filter
persistently changes the `allow' value well.
Link: https://lkml.kernel.org/r/20250816015116.194589-1-ekffu200098@gmail.com
Fixes: fe6d7fdd6249 ("mm/damon/core: add damos_filter->allow field")
Signed-off-by: Sang-Heon Jeon <ekffu200098(a)gmail.com>
Reviewed-by: SeongJae Park <sj(a)kernel.org>
Cc: <stable(a)vger.kernel.org> [6.14.x]
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
mm/damon/core.c | 1 +
1 file changed, 1 insertion(+)
--- a/mm/damon/core.c~mm-damon-core-fix-damos_commit_filter-not-changing-allow
+++ a/mm/damon/core.c
@@ -883,6 +883,7 @@ static void damos_commit_filter(
{
dst->type = src->type;
dst->matching = src->matching;
+ dst->allow = src->allow;
damos_commit_filter_arg(dst, src);
}
_
Patches currently in -mm which might be from ekffu200098(a)gmail.com are
mm-damon-core-fix-commit_ops_filters-by-using-correct-nth-function.patch
selftests-damon-fix-selftests-by-installing-drgn-related-script.patch
mm-damon-core-fix-damos_commit_filter-not-changing-allow.patch
mm-damon-update-expired-description-of-damos_action.patch
docs-mm-damon-design-fix-typo-s-sz_trtied-sz_tried.patch
selftests-damon-test-no-op-commit-broke-damon-status.patch
1 month
- 1
- 0
[PATCH v2] staging: axis-fifo: fix maximum TX packet length check
by Ovidiu Panait
Since commit 2ca34b508774 ("staging: axis-fifo: Correct handling of
tx_fifo_depth for size validation"), write() operations with packets
larger than 'tx_fifo_depth - 4' words are no longer rejected with -EINVAL.
Fortunately, the packets are not actually getting transmitted to hardware,
otherwise they would be raising a 'Transmit Packet Overrun Error'
interrupt, which requires a reset of the TX circuit to recover from.
Instead, the request times out inside wait_event_interruptible_timeout()
and always returns -EAGAIN, since the wake up condition can never be true
for these packets. But still, they unnecessarily block other tasks from
writing to the FIFO and the EAGAIN return code signals userspace to retry
the write() call, even though it will always fail and time out.
According to the AXI4-Stream FIFO reference manual (PG080), the maximum
valid packet length is 'tx_fifo_depth - 4' words, so attempting to send
larger packets is invalid and should not be happening in the first place:
> The maximum packet that can be transmitted is limited by the size of
> the FIFO, which is (C_TX_FIFO_DEPTH–4)*(data interface width/8) bytes.
Therefore, bring back the old behavior and outright reject packets larger
than 'tx_fifo_depth - 4' with -EINVAL. Add a comment to explain why the
check is necessary. The dev_err() message was removed to avoid cluttering
the dmesg log if an invalid packet is received from userspace.
Fixes: 2ca34b508774 ("staging: axis-fifo: Correct handling of tx_fifo_depth for size validation")
Cc: stable(a)vger.kernel.org
Signed-off-by: Ovidiu Panait <ovidiu.panait.oss(a)gmail.com>
---
Changes in v2:
- added "cc: stable" tag
drivers/staging/axis-fifo/axis-fifo.c | 14 ++++++++++----
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/drivers/staging/axis-fifo/axis-fifo.c b/drivers/staging/axis-fifo/axis-fifo.c
index e8aa632e0a31..271236ad023f 100644
--- a/drivers/staging/axis-fifo/axis-fifo.c
+++ b/drivers/staging/axis-fifo/axis-fifo.c
@@ -325,11 +325,17 @@ static ssize_t axis_fifo_write(struct file *f, const char __user *buf,
return -EINVAL;
}
- if (words_to_write > fifo->tx_fifo_depth) {
- dev_err(fifo->dt_device, "tried to write more words [%u] than slots in the fifo buffer [%u]\n",
- words_to_write, fifo->tx_fifo_depth);
+ /*
+ * In 'Store-and-Forward' mode, the maximum packet that can be
+ * transmitted is limited by the size of the FIFO, which is
+ * (C_TX_FIFO_DEPTH–4)*(data interface width/8) bytes.
+ *
+ * Do not attempt to send a packet larger than 'tx_fifo_depth - 4',
+ * otherwise a 'Transmit Packet Overrun Error' interrupt will be
+ * raised, which requires a reset of the TX circuit to recover.
+ */
+ if (words_to_write > (fifo->tx_fifo_depth - 4))
return -EINVAL;
- }
if (fifo->write_flags & O_NONBLOCK) {
/*
--
2.50.0
1 month
- 1
- 0
FAILED: patch "[PATCH] smb: client: let send_done() cleanup before calling" failed to apply to 5.4-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.4-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y
git checkout FETCH_HEAD
git cherry-pick -x 5349ae5e05fa37409fd48a1eb483b199c32c889b
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081755-subdivide-astound-6aef@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 5349ae5e05fa37409fd48a1eb483b199c32c889b Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze(a)samba.org>
Date: Mon, 4 Aug 2025 14:10:12 +0200
Subject: [PATCH] smb: client: let send_done() cleanup before calling
smbd_disconnect_rdma_connection()
We should call ib_dma_unmap_single() and mempool_free() before calling
smbd_disconnect_rdma_connection().
And smbd_disconnect_rdma_connection() needs to be the last function to
call as all other state might already be gone after it returns.
Cc: Steve French <smfrench(a)gmail.com>
Cc: Tom Talpey <tom(a)talpey.com>
Cc: Long Li <longli(a)microsoft.com>
Cc: linux-cifs(a)vger.kernel.org
Cc: samba-technical(a)lists.samba.org
Fixes: f198186aa9bb ("CIFS: SMBD: Establish SMB Direct connection")
Signed-off-by: Stefan Metzmacher <metze(a)samba.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
diff --git a/fs/smb/client/smbdirect.c b/fs/smb/client/smbdirect.c
index 754e94a0e07f..e99e783f1b0e 100644
--- a/fs/smb/client/smbdirect.c
+++ b/fs/smb/client/smbdirect.c
@@ -281,18 +281,20 @@ static void send_done(struct ib_cq *cq, struct ib_wc *wc)
log_rdma_send(INFO, "smbd_request 0x%p completed wc->status=%d\n",
request, wc->status);
- if (wc->status != IB_WC_SUCCESS || wc->opcode != IB_WC_SEND) {
- log_rdma_send(ERR, "wc->status=%d wc->opcode=%d\n",
- wc->status, wc->opcode);
- smbd_disconnect_rdma_connection(request->info);
- }
-
for (i = 0; i < request->num_sge; i++)
ib_dma_unmap_single(sc->ib.dev,
request->sge[i].addr,
request->sge[i].length,
DMA_TO_DEVICE);
+ if (wc->status != IB_WC_SUCCESS || wc->opcode != IB_WC_SEND) {
+ log_rdma_send(ERR, "wc->status=%d wc->opcode=%d\n",
+ wc->status, wc->opcode);
+ mempool_free(request, info->request_mempool);
+ smbd_disconnect_rdma_connection(info);
+ return;
+ }
+
if (atomic_dec_and_test(&request->info->send_pending))
wake_up(&request->info->wait_send_pending);
1 month
- 2
- 1
FAILED: patch "[PATCH] smb: client: let send_done() cleanup before calling" failed to apply to 5.10-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.10-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y
git checkout FETCH_HEAD
git cherry-pick -x 5349ae5e05fa37409fd48a1eb483b199c32c889b
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081757-moonwalk-backpedal-fe00@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 5349ae5e05fa37409fd48a1eb483b199c32c889b Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze(a)samba.org>
Date: Mon, 4 Aug 2025 14:10:12 +0200
Subject: [PATCH] smb: client: let send_done() cleanup before calling
smbd_disconnect_rdma_connection()
We should call ib_dma_unmap_single() and mempool_free() before calling
smbd_disconnect_rdma_connection().
And smbd_disconnect_rdma_connection() needs to be the last function to
call as all other state might already be gone after it returns.
Cc: Steve French <smfrench(a)gmail.com>
Cc: Tom Talpey <tom(a)talpey.com>
Cc: Long Li <longli(a)microsoft.com>
Cc: linux-cifs(a)vger.kernel.org
Cc: samba-technical(a)lists.samba.org
Fixes: f198186aa9bb ("CIFS: SMBD: Establish SMB Direct connection")
Signed-off-by: Stefan Metzmacher <metze(a)samba.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
diff --git a/fs/smb/client/smbdirect.c b/fs/smb/client/smbdirect.c
index 754e94a0e07f..e99e783f1b0e 100644
--- a/fs/smb/client/smbdirect.c
+++ b/fs/smb/client/smbdirect.c
@@ -281,18 +281,20 @@ static void send_done(struct ib_cq *cq, struct ib_wc *wc)
log_rdma_send(INFO, "smbd_request 0x%p completed wc->status=%d\n",
request, wc->status);
- if (wc->status != IB_WC_SUCCESS || wc->opcode != IB_WC_SEND) {
- log_rdma_send(ERR, "wc->status=%d wc->opcode=%d\n",
- wc->status, wc->opcode);
- smbd_disconnect_rdma_connection(request->info);
- }
-
for (i = 0; i < request->num_sge; i++)
ib_dma_unmap_single(sc->ib.dev,
request->sge[i].addr,
request->sge[i].length,
DMA_TO_DEVICE);
+ if (wc->status != IB_WC_SUCCESS || wc->opcode != IB_WC_SEND) {
+ log_rdma_send(ERR, "wc->status=%d wc->opcode=%d\n",
+ wc->status, wc->opcode);
+ mempool_free(request, info->request_mempool);
+ smbd_disconnect_rdma_connection(info);
+ return;
+ }
+
if (atomic_dec_and_test(&request->info->send_pending))
wake_up(&request->info->wait_send_pending);
1 month
- 2
- 1
FAILED: patch "[PATCH] smb: client: let send_done() cleanup before calling" failed to apply to 5.15-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.15-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y
git checkout FETCH_HEAD
git cherry-pick -x 5349ae5e05fa37409fd48a1eb483b199c32c889b
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081753-revolver-radiated-4b75@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 5349ae5e05fa37409fd48a1eb483b199c32c889b Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze(a)samba.org>
Date: Mon, 4 Aug 2025 14:10:12 +0200
Subject: [PATCH] smb: client: let send_done() cleanup before calling
smbd_disconnect_rdma_connection()
We should call ib_dma_unmap_single() and mempool_free() before calling
smbd_disconnect_rdma_connection().
And smbd_disconnect_rdma_connection() needs to be the last function to
call as all other state might already be gone after it returns.
Cc: Steve French <smfrench(a)gmail.com>
Cc: Tom Talpey <tom(a)talpey.com>
Cc: Long Li <longli(a)microsoft.com>
Cc: linux-cifs(a)vger.kernel.org
Cc: samba-technical(a)lists.samba.org
Fixes: f198186aa9bb ("CIFS: SMBD: Establish SMB Direct connection")
Signed-off-by: Stefan Metzmacher <metze(a)samba.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
diff --git a/fs/smb/client/smbdirect.c b/fs/smb/client/smbdirect.c
index 754e94a0e07f..e99e783f1b0e 100644
--- a/fs/smb/client/smbdirect.c
+++ b/fs/smb/client/smbdirect.c
@@ -281,18 +281,20 @@ static void send_done(struct ib_cq *cq, struct ib_wc *wc)
log_rdma_send(INFO, "smbd_request 0x%p completed wc->status=%d\n",
request, wc->status);
- if (wc->status != IB_WC_SUCCESS || wc->opcode != IB_WC_SEND) {
- log_rdma_send(ERR, "wc->status=%d wc->opcode=%d\n",
- wc->status, wc->opcode);
- smbd_disconnect_rdma_connection(request->info);
- }
-
for (i = 0; i < request->num_sge; i++)
ib_dma_unmap_single(sc->ib.dev,
request->sge[i].addr,
request->sge[i].length,
DMA_TO_DEVICE);
+ if (wc->status != IB_WC_SUCCESS || wc->opcode != IB_WC_SEND) {
+ log_rdma_send(ERR, "wc->status=%d wc->opcode=%d\n",
+ wc->status, wc->opcode);
+ mempool_free(request, info->request_mempool);
+ smbd_disconnect_rdma_connection(info);
+ return;
+ }
+
if (atomic_dec_and_test(&request->info->send_pending))
wake_up(&request->info->wait_send_pending);
1 month
- 2
- 1
FAILED: patch "[PATCH] smb: client: let send_done() cleanup before calling" failed to apply to 6.1-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.1-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y
git checkout FETCH_HEAD
git cherry-pick -x 5349ae5e05fa37409fd48a1eb483b199c32c889b
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081751-drench-clammy-f8dd@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 5349ae5e05fa37409fd48a1eb483b199c32c889b Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze(a)samba.org>
Date: Mon, 4 Aug 2025 14:10:12 +0200
Subject: [PATCH] smb: client: let send_done() cleanup before calling
smbd_disconnect_rdma_connection()
We should call ib_dma_unmap_single() and mempool_free() before calling
smbd_disconnect_rdma_connection().
And smbd_disconnect_rdma_connection() needs to be the last function to
call as all other state might already be gone after it returns.
Cc: Steve French <smfrench(a)gmail.com>
Cc: Tom Talpey <tom(a)talpey.com>
Cc: Long Li <longli(a)microsoft.com>
Cc: linux-cifs(a)vger.kernel.org
Cc: samba-technical(a)lists.samba.org
Fixes: f198186aa9bb ("CIFS: SMBD: Establish SMB Direct connection")
Signed-off-by: Stefan Metzmacher <metze(a)samba.org>
Signed-off-by: Steve French <stfrench(a)microsoft.com>
diff --git a/fs/smb/client/smbdirect.c b/fs/smb/client/smbdirect.c
index 754e94a0e07f..e99e783f1b0e 100644
--- a/fs/smb/client/smbdirect.c
+++ b/fs/smb/client/smbdirect.c
@@ -281,18 +281,20 @@ static void send_done(struct ib_cq *cq, struct ib_wc *wc)
log_rdma_send(INFO, "smbd_request 0x%p completed wc->status=%d\n",
request, wc->status);
- if (wc->status != IB_WC_SUCCESS || wc->opcode != IB_WC_SEND) {
- log_rdma_send(ERR, "wc->status=%d wc->opcode=%d\n",
- wc->status, wc->opcode);
- smbd_disconnect_rdma_connection(request->info);
- }
-
for (i = 0; i < request->num_sge; i++)
ib_dma_unmap_single(sc->ib.dev,
request->sge[i].addr,
request->sge[i].length,
DMA_TO_DEVICE);
+ if (wc->status != IB_WC_SUCCESS || wc->opcode != IB_WC_SEND) {
+ log_rdma_send(ERR, "wc->status=%d wc->opcode=%d\n",
+ wc->status, wc->opcode);
+ mempool_free(request, info->request_mempool);
+ smbd_disconnect_rdma_connection(info);
+ return;
+ }
+
if (atomic_dec_and_test(&request->info->send_pending))
wake_up(&request->info->wait_send_pending);
1 month
- 2
- 1
FAILED: patch "[PATCH] PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable" failed to apply to 5.4-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.4-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y
git checkout FETCH_HEAD
git cherry-pick -x 6cff20ce3b92ffbf2fc5eb9e5a030b3672aa414a
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081513-doorpost-truck-2a5e@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 6cff20ce3b92ffbf2fc5eb9e5a030b3672aa414a Mon Sep 17 00:00:00 2001
From: Lukas Wunner <lukas(a)wunner.de>
Date: Sun, 13 Jul 2025 16:31:01 +0200
Subject: [PATCH] PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable
ports
pci_bridge_d3_possible() is called from both pcie_portdrv_probe() and
pcie_portdrv_remove() to determine whether runtime power management shall
be enabled (on probe) or disabled (on remove) on a PCIe port.
The underlying assumption is that pci_bridge_d3_possible() always returns
the same value, else a runtime PM reference imbalance would occur. That
assumption is not given if the PCIe port is inaccessible on remove due to
hot-unplug: pci_bridge_d3_possible() calls pciehp_is_native(), which
accesses Config Space to determine whether the port is Hot-Plug Capable.
An inaccessible port returns "all ones", which is converted to "all
zeroes" by pcie_capability_read_dword(). Hence the port no longer seems
Hot-Plug Capable on remove even though it was on probe.
The resulting runtime PM ref imbalance causes warning messages such as:
pcieport 0000:02:04.0: Runtime PM usage count underflow!
Avoid the Config Space access (and thus the runtime PM ref imbalance) by
caching the Hot-Plug Capable bit in struct pci_dev.
The struct already contains an "is_hotplug_bridge" flag, which however is
not only set on Hot-Plug Capable PCIe ports, but also Conventional PCI
Hot-Plug bridges and ACPI slots. The flag identifies bridges which are
allocated additional MMIO and bus number resources to allow for hierarchy
expansion.
The kernel is somewhat sloppily using "is_hotplug_bridge" in a number of
places to identify Hot-Plug Capable PCIe ports, even though the flag
encompasses other devices. Subsequent commits replace these occurrences
with the new flag to clearly delineate Hot-Plug Capable PCIe ports from
other kinds of hotplug bridges.
Document the existing "is_hotplug_bridge" and the new "is_pciehp" flag
and document the (non-obvious) requirement that pci_bridge_d3_possible()
always returns the same value across the entire lifetime of a bridge,
including its hot-removal.
Fixes: 5352a44a561d ("PCI: pciehp: Make pciehp_is_native() stricter")
Reported-by: Laurent Bigonville <bigon(a)bigon.be>
Closes: https://bugzilla.kernel.org/show_bug.cgi?id=220216
Reported-by: Mario Limonciello <mario.limonciello(a)amd.com>
Closes: https://lore.kernel.org/r/20250609020223.269407-3-superm1@kernel.org/
Link: https://lore.kernel.org/all/20250620025535.3425049-3-superm1@kernel.org/T/#u
Signed-off-by: Lukas Wunner <lukas(a)wunner.de>
Signed-off-by: Bjorn Helgaas <bhelgaas(a)google.com>
Acked-by: Rafael J. Wysocki <rafael(a)kernel.org>
Cc: stable(a)vger.kernel.org # v4.18+
Link: https://patch.msgid.link/fe5dcc3b2e62ee1df7905d746bde161eb1b3291c.175239010…
diff --git a/drivers/pci/pci-acpi.c b/drivers/pci/pci-acpi.c
index b78e0e417324..efe478e5073e 100644
--- a/drivers/pci/pci-acpi.c
+++ b/drivers/pci/pci-acpi.c
@@ -816,13 +816,11 @@ int pci_acpi_program_hp_params(struct pci_dev *dev)
bool pciehp_is_native(struct pci_dev *bridge)
{
const struct pci_host_bridge *host;
- u32 slot_cap;
if (!IS_ENABLED(CONFIG_HOTPLUG_PCI_PCIE))
return false;
- pcie_capability_read_dword(bridge, PCI_EXP_SLTCAP, &slot_cap);
- if (!(slot_cap & PCI_EXP_SLTCAP_HPC))
+ if (!bridge->is_pciehp)
return false;
if (pcie_ports_native)
diff --git a/drivers/pci/pci.c b/drivers/pci/pci.c
index e9448d55113b..23d8fe98ddf9 100644
--- a/drivers/pci/pci.c
+++ b/drivers/pci/pci.c
@@ -3030,8 +3030,12 @@ static const struct dmi_system_id bridge_d3_blacklist[] = {
* pci_bridge_d3_possible - Is it possible to put the bridge into D3
* @bridge: Bridge to check
*
- * This function checks if it is possible to move the bridge to D3.
* Currently we only allow D3 for some PCIe ports and for Thunderbolt.
+ *
+ * Return: Whether it is possible to move the bridge to D3.
+ *
+ * The return value is guaranteed to be constant across the entire lifetime
+ * of the bridge, including its hot-removal.
*/
bool pci_bridge_d3_possible(struct pci_dev *bridge)
{
diff --git a/drivers/pci/probe.c b/drivers/pci/probe.c
index 4b8693ec9e4c..cf50be63bf5f 100644
--- a/drivers/pci/probe.c
+++ b/drivers/pci/probe.c
@@ -1678,7 +1678,7 @@ void set_pcie_hotplug_bridge(struct pci_dev *pdev)
pcie_capability_read_dword(pdev, PCI_EXP_SLTCAP, ®32);
if (reg32 & PCI_EXP_SLTCAP_HPC)
- pdev->is_hotplug_bridge = 1;
+ pdev->is_hotplug_bridge = pdev->is_pciehp = 1;
}
static void set_pcie_thunderbolt(struct pci_dev *dev)
diff --git a/include/linux/pci.h b/include/linux/pci.h
index 05e68f35f392..d56d0dd80afb 100644
--- a/include/linux/pci.h
+++ b/include/linux/pci.h
@@ -328,6 +328,11 @@ struct rcec_ea;
* determined (e.g., for Root Complex Integrated
* Endpoints without the relevant Capability
* Registers).
+ * @is_hotplug_bridge: Hotplug bridge of any kind (e.g. PCIe Hot-Plug Capable,
+ * Conventional PCI Hot-Plug, ACPI slot).
+ * Such bridges are allocated additional MMIO and bus
+ * number resources to allow for hierarchy expansion.
+ * @is_pciehp: PCIe Hot-Plug Capable bridge.
*/
struct pci_dev {
struct list_head bus_list; /* Node in per-bus list */
@@ -451,6 +456,7 @@ struct pci_dev {
unsigned int is_physfn:1;
unsigned int is_virtfn:1;
unsigned int is_hotplug_bridge:1;
+ unsigned int is_pciehp:1;
unsigned int shpc_managed:1; /* SHPC owned by shpchp */
unsigned int is_thunderbolt:1; /* Thunderbolt controller */
/*
1 month
- 2
- 1
FAILED: patch "[PATCH] PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable" failed to apply to 5.10-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.10-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y
git checkout FETCH_HEAD
git cherry-pick -x 6cff20ce3b92ffbf2fc5eb9e5a030b3672aa414a
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081512-refresh-safely-eef5@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 6cff20ce3b92ffbf2fc5eb9e5a030b3672aa414a Mon Sep 17 00:00:00 2001
From: Lukas Wunner <lukas(a)wunner.de>
Date: Sun, 13 Jul 2025 16:31:01 +0200
Subject: [PATCH] PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable
ports
pci_bridge_d3_possible() is called from both pcie_portdrv_probe() and
pcie_portdrv_remove() to determine whether runtime power management shall
be enabled (on probe) or disabled (on remove) on a PCIe port.
The underlying assumption is that pci_bridge_d3_possible() always returns
the same value, else a runtime PM reference imbalance would occur. That
assumption is not given if the PCIe port is inaccessible on remove due to
hot-unplug: pci_bridge_d3_possible() calls pciehp_is_native(), which
accesses Config Space to determine whether the port is Hot-Plug Capable.
An inaccessible port returns "all ones", which is converted to "all
zeroes" by pcie_capability_read_dword(). Hence the port no longer seems
Hot-Plug Capable on remove even though it was on probe.
The resulting runtime PM ref imbalance causes warning messages such as:
pcieport 0000:02:04.0: Runtime PM usage count underflow!
Avoid the Config Space access (and thus the runtime PM ref imbalance) by
caching the Hot-Plug Capable bit in struct pci_dev.
The struct already contains an "is_hotplug_bridge" flag, which however is
not only set on Hot-Plug Capable PCIe ports, but also Conventional PCI
Hot-Plug bridges and ACPI slots. The flag identifies bridges which are
allocated additional MMIO and bus number resources to allow for hierarchy
expansion.
The kernel is somewhat sloppily using "is_hotplug_bridge" in a number of
places to identify Hot-Plug Capable PCIe ports, even though the flag
encompasses other devices. Subsequent commits replace these occurrences
with the new flag to clearly delineate Hot-Plug Capable PCIe ports from
other kinds of hotplug bridges.
Document the existing "is_hotplug_bridge" and the new "is_pciehp" flag
and document the (non-obvious) requirement that pci_bridge_d3_possible()
always returns the same value across the entire lifetime of a bridge,
including its hot-removal.
Fixes: 5352a44a561d ("PCI: pciehp: Make pciehp_is_native() stricter")
Reported-by: Laurent Bigonville <bigon(a)bigon.be>
Closes: https://bugzilla.kernel.org/show_bug.cgi?id=220216
Reported-by: Mario Limonciello <mario.limonciello(a)amd.com>
Closes: https://lore.kernel.org/r/20250609020223.269407-3-superm1@kernel.org/
Link: https://lore.kernel.org/all/20250620025535.3425049-3-superm1@kernel.org/T/#u
Signed-off-by: Lukas Wunner <lukas(a)wunner.de>
Signed-off-by: Bjorn Helgaas <bhelgaas(a)google.com>
Acked-by: Rafael J. Wysocki <rafael(a)kernel.org>
Cc: stable(a)vger.kernel.org # v4.18+
Link: https://patch.msgid.link/fe5dcc3b2e62ee1df7905d746bde161eb1b3291c.175239010…
diff --git a/drivers/pci/pci-acpi.c b/drivers/pci/pci-acpi.c
index b78e0e417324..efe478e5073e 100644
--- a/drivers/pci/pci-acpi.c
+++ b/drivers/pci/pci-acpi.c
@@ -816,13 +816,11 @@ int pci_acpi_program_hp_params(struct pci_dev *dev)
bool pciehp_is_native(struct pci_dev *bridge)
{
const struct pci_host_bridge *host;
- u32 slot_cap;
if (!IS_ENABLED(CONFIG_HOTPLUG_PCI_PCIE))
return false;
- pcie_capability_read_dword(bridge, PCI_EXP_SLTCAP, &slot_cap);
- if (!(slot_cap & PCI_EXP_SLTCAP_HPC))
+ if (!bridge->is_pciehp)
return false;
if (pcie_ports_native)
diff --git a/drivers/pci/pci.c b/drivers/pci/pci.c
index e9448d55113b..23d8fe98ddf9 100644
--- a/drivers/pci/pci.c
+++ b/drivers/pci/pci.c
@@ -3030,8 +3030,12 @@ static const struct dmi_system_id bridge_d3_blacklist[] = {
* pci_bridge_d3_possible - Is it possible to put the bridge into D3
* @bridge: Bridge to check
*
- * This function checks if it is possible to move the bridge to D3.
* Currently we only allow D3 for some PCIe ports and for Thunderbolt.
+ *
+ * Return: Whether it is possible to move the bridge to D3.
+ *
+ * The return value is guaranteed to be constant across the entire lifetime
+ * of the bridge, including its hot-removal.
*/
bool pci_bridge_d3_possible(struct pci_dev *bridge)
{
diff --git a/drivers/pci/probe.c b/drivers/pci/probe.c
index 4b8693ec9e4c..cf50be63bf5f 100644
--- a/drivers/pci/probe.c
+++ b/drivers/pci/probe.c
@@ -1678,7 +1678,7 @@ void set_pcie_hotplug_bridge(struct pci_dev *pdev)
pcie_capability_read_dword(pdev, PCI_EXP_SLTCAP, ®32);
if (reg32 & PCI_EXP_SLTCAP_HPC)
- pdev->is_hotplug_bridge = 1;
+ pdev->is_hotplug_bridge = pdev->is_pciehp = 1;
}
static void set_pcie_thunderbolt(struct pci_dev *dev)
diff --git a/include/linux/pci.h b/include/linux/pci.h
index 05e68f35f392..d56d0dd80afb 100644
--- a/include/linux/pci.h
+++ b/include/linux/pci.h
@@ -328,6 +328,11 @@ struct rcec_ea;
* determined (e.g., for Root Complex Integrated
* Endpoints without the relevant Capability
* Registers).
+ * @is_hotplug_bridge: Hotplug bridge of any kind (e.g. PCIe Hot-Plug Capable,
+ * Conventional PCI Hot-Plug, ACPI slot).
+ * Such bridges are allocated additional MMIO and bus
+ * number resources to allow for hierarchy expansion.
+ * @is_pciehp: PCIe Hot-Plug Capable bridge.
*/
struct pci_dev {
struct list_head bus_list; /* Node in per-bus list */
@@ -451,6 +456,7 @@ struct pci_dev {
unsigned int is_physfn:1;
unsigned int is_virtfn:1;
unsigned int is_hotplug_bridge:1;
+ unsigned int is_pciehp:1;
unsigned int shpc_managed:1; /* SHPC owned by shpchp */
unsigned int is_thunderbolt:1; /* Thunderbolt controller */
/*
1 month
- 2
- 1
[PATCH 6.16 000/627] 6.16.1-rc1 review
by Greg Kroah-Hartman
This is the start of the stable review cycle for the 6.16.1 release.
There are 627 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Thu, 14 Aug 2025 17:32:40 +0000.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.16.1-rc1…
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.16.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Linux 6.16.1-rc1
Suren Baghdasaryan <surenb(a)google.com>
mm: fix a UAF when vma->mm is freed after vma->vm_refcnt got dropped
Baochen Qiang <quic_bqiang(a)quicinc.com>
wifi: ath12k: install pairwise key first
Tao Xue <xuetao09(a)huawei.com>
usb: gadget : fix use-after-free in composite_dev_cleanup()
Aditya Garg <gargaditya08(a)live.com>
HID: apple: avoid setting up battery timer for devices without battery
Aditya Garg <gargaditya08(a)live.com>
HID: magicmouse: avoid setting up battery timer when not needed
Alan Stern <stern(a)rowland.harvard.edu>
HID: core: Harden s32ton() against conversion to 0 bits
Yuhao Jiang <danisjiang(a)gmail.com>
USB: gadget: f_hid: Fix memory leak in hidg_bind error path
Qasim Ijaz <qasdev00(a)gmail.com>
HID: apple: validate feature-report field count to prevent NULL pointer dereference
Julien Massot <julien.massot(a)collabora.com>
media: ti: j721e-csi2rx: fix list_del corruption
Robin Murphy <robin.murphy(a)arm.com>
perf/arm-ni: Set initial IRQ affinity
Akash Kumar <quic_akakum(a)quicinc.com>
usb: gadget: uvc: Initialize frame-based format color matching descriptor
Baolin Wang <baolin.wang(a)linux.alibaba.com>
mm: shmem: fix the shmem large folio allocation for the i915 driver
Kemeng Shi <shikemeng(a)huaweicloud.com>
mm: swap: move nr_swap_pages counter decrement from folio_alloc_swap() to swap_range_alloc()
Kemeng Shi <shikemeng(a)huaweicloud.com>
mm: swap: fix potential buffer overflow in setup_clusters()
Kemeng Shi <shikemeng(a)huaweicloud.com>
mm: swap: correctly use maxpages in swapon syscall to avoid potential deadloop
Andy Shevchenko <andriy.shevchenko(a)linux.intel.com>
mm/hmm: move pmd_to_hmm_pfn_flags() to the respective #ifdeffery
Jiaxun Yang <jiaxun.yang(a)flygoat.com>
MIPS: mm: tlb-r4k: Uniquify TLB entries on init
Gerald Schaefer <gerald.schaefer(a)linux.ibm.com>
s390/mm: Remove possible false-positive warning in pte_free_defer()
Shin'ichiro Kawasaki <shinichiro.kawasaki(a)wdc.com>
zloop: fix KASAN use-after-free of tag set
Marc Zyngier <maz(a)kernel.org>
KVM: arm64: Filter out HCR_EL2 bits when running in hypervisor context
Marc Zyngier <maz(a)kernel.org>
KVM: arm64: Check for SYSREGS_ON_CPU before accessing the CPU state
Sean Christopherson <seanjc(a)google.com>
KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is supported
Sean Christopherson <seanjc(a)google.com>
KVM: x86: Drop kvm_x86_ops.set_dr6() in favor of a new KVM_RUN flag
Sean Christopherson <seanjc(a)google.com>
KVM: x86: Convert vcpu_run()'s immediate exit param into a generic bitmap
Dave Hansen <dave.hansen(a)linux.intel.com>
x86/fpu: Delay instruction pointer fixup until after warning
Michael J. Ruhl <michael.j.ruhl(a)intel.com>
platform/x86/intel/pmt: fix a crashlog NULL pointer access
Edip Hazuri <edip(a)medip.dev>
ALSA: hda/realtek - Fix mute LED for HP Victus 16-d1xxx (MB 8A26)
Edip Hazuri <edip(a)medip.dev>
ALSA: hda/realtek - Fix mute LED for HP Victus 16-s0xxx
Edip Hazuri <edip(a)medip.dev>
ALSA: hda/realtek - Fix mute LED for HP Victus 16-r1xxx
Geoffrey D. Bennett <g(a)b4.vu>
ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx()
Thorsten Blum <thorsten.blum(a)linux.dev>
ALSA: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe()
Tom Lendacky <thomas.lendacky(a)amd.com>
x86/sev: Evict cache lines during SNP memory validation
Ammar Faizi <ammarfaizi2(a)gnuweeb.org>
net: usbnet: Fix the wrong netif_carrier_on() call
John Ernberg <john.ernberg(a)actia.se>
net: usbnet: Avoid potential RCU stall on LINK_CHANGE event
Zenm Chen <zenmchen(a)gmail.com>
Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano
Slark Xiao <slark_xiao(a)163.com>
USB: serial: option: add Foxconn T99W709
Thorsten Blum <thorsten.blum(a)linux.dev>
smb: server: Fix extension string in ksmbd_extract_shortname()
Namjae Jeon <linkinjeon(a)kernel.org>
ksmbd: limit repeated connections from clients with the same IP
Paulo Alcantara <pc(a)manguebit.org>
smb: client: default to nonativesocket under POSIX mounts
Paulo Alcantara <pc(a)manguebit.org>
smb: client: set symlink type as native for POSIX mounts
Wang Zhaolong <wangzhaolong(a)huaweicloud.com>
smb: client: fix netns refcount leak after net_passive changes
Namjae Jeon <linkinjeon(a)kernel.org>
ksmbd: fix corrupted mtime and ctime in smb2_open
Namjae Jeon <linkinjeon(a)kernel.org>
ksmbd: fix Preauh_HashValue race condition
Namjae Jeon <linkinjeon(a)kernel.org>
ksmbd: fix null pointer dereference error in generate_encryptionkey
Budimir Markovic <markovicbudimir(a)gmail.com>
vsock: Do not allow binding to VMADDR_PORT_ANY
Quang Le <quanglex97(a)gmail.com>
net/packet: fix a race in packet_set_ring() and packet_notifier()
Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com>
selftests/perf_events: Add a mmap() correctness test
Thomas Gleixner <tglx(a)linutronix.de>
perf/core: Prevent VMA split of buffer mappings
Thomas Gleixner <tglx(a)linutronix.de>
perf/core: Handle buffer mapping fail correctly in perf_mmap()
Thomas Gleixner <tglx(a)linutronix.de>
perf/core: Exit early on perf_mmap() fail
Thomas Gleixner <tglx(a)linutronix.de>
perf/core: Don't leak AUX buffer refcount on allocation failure
Thomas Gleixner <tglx(a)linutronix.de>
perf/core: Preserve AUX buffer allocation failure result
Olga Kornievskaia <okorniev(a)redhat.com>
sunrpc: fix handling of server side tls alerts
NeilBrown <neil(a)brown.name>
nfsd: avoid ref leak in nfsd_open_local_fh()
Jeff Layton <jlayton(a)kernel.org>
nfsd: don't set the ctime on delegated atime updates
Zhang Rui <rui.zhang(a)intel.com>
tools/power turbostat: Fix DMR support
Zhang Rui <rui.zhang(a)intel.com>
tools/power turbostat: Fix bogus SysWatt for forked program
Stefan Metzmacher <metze(a)samba.org>
smb: client: return an error if rdma_connect does not return within 5 seconds
Eric Dumazet <edumazet(a)google.com>
pptp: fix pptp_xmit() error path
Mohamed Khalfella <mkhalfella(a)purestorage.com>
nvmet: exit debugfs after discovery subsystem exits
Stefan Metzmacher <metze(a)samba.org>
smb: client: let recv_done() avoid touching data_transfer after cleanup/move
Stefan Metzmacher <metze(a)samba.org>
smb: client: let recv_done() cleanup before notifying the callers.
Stefan Metzmacher <metze(a)samba.org>
smb: client: make sure we call ib_dma_unmap_single() only if we called ib_dma_map_single already
Stefan Metzmacher <metze(a)samba.org>
smb: client: remove separate empty_packet_queue
Stefan Metzmacher <metze(a)samba.org>
smb: client: let send_done() cleanup before calling smbd_disconnect_rdma_connection()
Stefan Metzmacher <metze(a)samba.org>
smb: server: let recv_done() avoid touching data_transfer after cleanup/move
Stefan Metzmacher <metze(a)samba.org>
smb: server: let recv_done() consistently call put_recvmsg/smb_direct_disconnect_rdma_connection
Stefan Metzmacher <metze(a)samba.org>
smb: server: make sure we call ib_dma_unmap_single() only if we called ib_dma_map_single already
Stefan Metzmacher <metze(a)samba.org>
smb: server: remove separate empty_recvmsg_queue
Mikhail Zaslonko <zaslonko(a)linux.ibm.com>
s390/boot: Fix startup debugging log
Takashi Iwai <tiwai(a)suse.de>
ALSA: hda/ca0132: Fix missing error handling in ca0132_alt_select_out()
Arnd Bergmann <arnd(a)arndb.de>
ASoC: SOF: Intel: hda-sdw-bpt: fix SND_SOF_SOF_HDA_SDW_BPT dependencies
Arnd Bergmann <arnd(a)arndb.de>
irqchip: Build IMX_MU_MSI only on ARM
Meghana Malladi <m-malladi(a)ti.com>
net: ti: icssg-prueth: Fix skb handling for XDP_PASS
Trond Myklebust <trond.myklebust(a)hammerspace.com>
NFS/localio: nfs_uuid_put() fix the wake up after unlinking the file
Trond Myklebust <trond.myklebust(a)hammerspace.com>
NFS/localio: nfs_uuid_put() fix races with nfs_open/close_local_fh()
Trond Myklebust <trond.myklebust(a)hammerspace.com>
NFS/localio: nfs_close_local_fh() fix check for file closed
Mohsin Bashir <mohsin.bashr(a)gmail.com>
eth: fbnic: Lock the tx_dropped update
Mohsin Bashir <mohsin.bashr(a)gmail.com>
eth: fbnic: Fix tx_dropped reporting
Jakub Kicinski <kuba(a)kernel.org>
eth: fbnic: remove the debugging trick of super high page bias
Sumanth Korikkar <sumanthk(a)linux.ibm.com>
s390/mm: Allocate page table with PAGE_SIZE granularity
Maher Azzouzi <maherazz04(a)gmail.com>
net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing
Jakub Kicinski <kuba(a)kernel.org>
Revert "net: mdio_bus: Use devm for getting reset GPIO"
Michal Schmidt <mschmidt(a)redhat.com>
benet: fix BUG when creating VFs
Lorenzo Bianconi <lorenzo(a)kernel.org>
net: airoha: npu: Add missing MODULE_FIRMWARE macros
Jakub Kicinski <kuba(a)kernel.org>
net: devmem: fix DMA direction on unmapping
Arnd Bergmann <arnd(a)arndb.de>
ipa: fix compile-testing with qcom-mdt=m
Jakub Kicinski <kuba(a)kernel.org>
eth: fbnic: unlink NAPIs from queues on error to open
Thomas Gleixner <tglx(a)linutronix.de>
x86/irq: Plug vector setup race
Michal Wajdeczko <michal.wajdeczko(a)intel.com>
drm/xe/pf: Disable PF restart worker on device removal
Olga Kornievskaia <okorniev(a)redhat.com>
sunrpc: fix client side handling of tls alerts
Yang Erkun <yangerkun(a)huawei.com>
md: make rdev_addable usable for rcu mode
Takamitsu Iwai <takamitz(a)amazon.co.jp>
net/sched: taprio: enforce minimum value for picos_per_byte
Wang Liang <wangliang74(a)huawei.com>
net: drop UFO packets in udp_rcv_segment()
Florian Fainelli <florian.fainelli(a)broadcom.com>
net: mdio: mdio-bcm-unimac: Correct rate fallback logic
Eric Dumazet <edumazet(a)google.com>
ipv6: reject malicious packets in ipv6_gso_segment()
Eric Dumazet <edumazet(a)google.com>
selftests: avoid using ifconfig
Christoph Paasch <cpaasch(a)openai.com>
net/mlx5: Correctly set gso_segs when LRO is used
Lorenzo Bianconi <lorenzo(a)kernel.org>
net: airoha: Fix PPE table access in airoha_ppe_debugfs_foe_show()
Simon Trimmer <simont(a)opensource.cirrus.com>
spi: cs42l43: Property entry should be a null-terminated array
Baojun Xu <baojun.xu(a)ti.com>
ASoC: tas2781: Fix the wrong step for TLV on tas2781
Christoph Hellwig <hch(a)lst.de>
block: ensure discard_granularity is zero when discard is not supported
Guenter Roeck <linux(a)roeck-us.net>
block: Fix default IO priority if there is no IO context
Jakub Kicinski <kuba(a)kernel.org>
netlink: specs: ethtool: fix module EEPROM input/output arguments
Alexander Gordeev <agordeev(a)linux.ibm.com>
s390/mm: Set high_memory at the end of the identity mapping
Harald Freudenberger <freude(a)linux.ibm.com>
s390/ap: Unmask SLCF bit in card and queue ap functions sysfs
Mohamed Khalfella <mkhalfella(a)purestorage.com>
nvmet: initialize discovery subsys after debugfs is initialized
Eric Dumazet <edumazet(a)google.com>
pptp: ensure minimal skb length in pptp_xmit()
Bence Csókás <csokas.bence(a)prolan.hu>
net: mdio_bus: Use devm for getting reset GPIO
Luca Weiss <luca.weiss(a)fairphone.com>
net: ipa: add IPA v5.1 and v5.5 to ipa_version_string()
Horatiu Vultur <horatiu.vultur(a)microchip.com>
phy: mscc: Fix parsing of unicast frames
Jakub Kicinski <kuba(a)kernel.org>
netpoll: prevent hanging NAPI when netcons gets enabled
Michal Luczaj <mhal(a)rbox.co>
kcm: Fix splice support
Heming Zhao <heming.zhao(a)suse.com>
md/md-cluster: handle REMOVE message earlier
Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org>
ARM: s3c/gpio: complete the conversion to new GPIO value setters
Benjamin Coddington <bcodding(a)redhat.com>
NFS: Fixup allocation flags for nfsiod's __GFP_NORETRY
Olga Kornievskaia <okorniev(a)redhat.com>
NFSv4.2: another fix for listxattr
Trond Myklebust <trond.myklebust(a)hammerspace.com>
NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()
Trond Myklebust <trond.myklebust(a)hammerspace.com>
NFS: Fix wakeup of __nfs_lookup_revalidate() in unblock_revalidate()
Tigran Mkrtchyan <tigran.mkrtchyan(a)desy.de>
pNFS/flexfiles: don't attempt pnfs on fatal DS errors
Len Brown <len.brown(a)intel.com>
tools/power turbostat: regression fix: --show C1E%
Timothy Pearson <tpearson(a)raptorengineering.com>
PCI: pnv_php: Fix surprise plug detection and recovery
Timothy Pearson <tpearson(a)raptorengineering.com>
powerpc/eeh: Make EEH driver device hotplug safe
Timothy Pearson <tpearson(a)raptorengineering.com>
powerpc/eeh: Export eeh_unfreeze_pe()
Timothy Pearson <tpearson(a)raptorengineering.com>
PCI: pnv_php: Work around switches with broken presence detection
Timothy Pearson <tpearson(a)raptorengineering.com>
PCI: pnv_php: Clean up allocated IRQs on unplug
Herbert Xu <herbert(a)gondor.apana.org.au>
padata: Remove comment for reorder_work
Peter Zijlstra <peterz(a)infradead.org>
sched/psi: Fix psi_seq initialization
Jason Gunthorpe <jgg(a)ziepe.ca>
vfio/pci: Do vf_token checks for VFIO_DEVICE_BIND_IOMMUFD
Masahiro Yamada <masahiroy(a)kernel.org>
kconfig: qconf: fix ConfigList::updateListAllforAll()
Salomon Dushimirimana <salomondush(a)google.com>
scsi: sd: Make sd shutdown issue START STOP UNIT appropriately
Seunghui Lee <sh043.lee(a)samsung.com>
scsi: ufs: core: Use link recovery when h8 exit fails during runtime resume
Li Lingfeng <lilingfeng3(a)huawei.com>
scsi: Revert "scsi: iscsi: Fix HW conn removal use after free"
Tomas Henzl <thenzl(a)redhat.com>
scsi: mpt3sas: Fix a fw_event memory leak
Alex Williamson <alex.williamson(a)redhat.com>
vfio/pci: Separate SR-IOV VF dev_set
Brett Creeley <brett.creeley(a)amd.com>
vfio/pds: Fix missing detach_ioas op
Jacob Pan <jacob.pan(a)linux.microsoft.com>
vfio: Prevent open_count decrement to negative
Jacob Pan <jacob.pan(a)linux.microsoft.com>
vfio: Fix unbalanced vfio_df_close call in no-iommu mode
Christophe JAILLET <christophe.jaillet(a)wanadoo.fr>
i2c: muxes: mule: Fix an error handling path in mule_i2c_mux_probe()
Zhengxu Zhang <zhengxu.zhang(a)unisoc.com>
exfat: fdatasync flag should be same like generic_write_sync()
Chao Yu <chao(a)kernel.org>
f2fs: fix to trigger foreground gc during f2fs_map_blocks() in lfs mode
Chao Yu <chao(a)kernel.org>
f2fs: fix to calculate dirty data during has_not_enough_free_secs()
Chao Yu <chao(a)kernel.org>
f2fs: fix to update upper_p in __get_secs_required() correctly
Jan Prusakowski <jprusakowski(a)google.com>
f2fs: vm_unmap_ram() may be called from an invalid context
Chao Yu <chao(a)kernel.org>
f2fs: fix to avoid out-of-boundary access in devs.path
Chao Yu <chao(a)kernel.org>
f2fs: fix to avoid panic in f2fs_evict_inode
Chao Yu <chao(a)kernel.org>
f2fs: fix to avoid UAF in f2fs_sync_inode_meta()
Chao Yu <chao(a)kernel.org>
f2fs: doc: fix wrong quota mount option description
Chao Yu <chao(a)kernel.org>
f2fs: fix to check upper boundary for gc_no_zoned_gc_percent
Chao Yu <chao(a)kernel.org>
f2fs: fix to check upper boundary for gc_valid_thresh_ratio
yohan.joung <yohan.joung(a)sk.com>
f2fs: fix to check upper boundary for value of gc_boost_zoned_gc_percent
Abinash Singh <abinashlalotra(a)gmail.com>
f2fs: fix KMSAN uninit-value in extent_info usage
Zhiguo Niu <zhiguo.niu(a)unisoc.com>
f2fs: compress: fix UAF of f2fs_inode_info in f2fs_free_dic
Zhiguo Niu <zhiguo.niu(a)unisoc.com>
f2fs: compress: change the first parameter of page_array_{alloc,free} to sbi
Chao Yu <chao(a)kernel.org>
f2fs: fix to avoid invalid wait context issue
Sheng Yong <shengyong1(a)xiaomi.com>
f2fs: fix bio memleak when committing super block
Daeho Jeong <daehojeong(a)google.com>
f2fs: turn off one_time when forcibly set to foreground GC
Brian Masney <bmasney(a)redhat.com>
rtc: rv3028: fix incorrect maximum clock rate handling
Brian Masney <bmasney(a)redhat.com>
rtc: pcf8563: fix incorrect maximum clock rate handling
Brian Masney <bmasney(a)redhat.com>
rtc: pcf85063: fix incorrect maximum clock rate handling
Brian Masney <bmasney(a)redhat.com>
rtc: nct3018y: fix incorrect maximum clock rate handling
Brian Masney <bmasney(a)redhat.com>
rtc: hym8563: fix incorrect maximum clock rate handling
Brian Masney <bmasney(a)redhat.com>
rtc: ds1307: fix incorrect maximum clock rate handling
Uros Bizjak <ubizjak(a)gmail.com>
ucount: fix atomic_long_inc_below() argument type
Petr Pavlu <petr.pavlu(a)suse.com>
module: Restore the moduleparam prefix length check
Stanley Chu <yschu(a)nuvoton.com>
i3c: master: svc: Fix npcm845 FIFO_EMPTY quirk
Arnd Bergmann <arnd(a)arndb.de>
i3c: fix module_i3c_i2c_driver() with I3C=n
Helge Deller <deller(a)gmx.de>
apparmor: Fix unaligned memory accesses in KUnit test
Colin Ian King <colin.i.king(a)gmail.com>
squashfs: fix incorrect argument to sizeof in kmalloc_array call
Matthew Wilcox (Oracle) <willy(a)infradead.org>
squashfs: use folios in squashfs_bio_read_cached()
Johannes Berg <johannes.berg(a)intel.com>
scripts: gdb: move MNT_* constants to gdb-parsed
Jiri Olsa <olsajiri(a)gmail.com>
uprobes: revert ref_ctr_offset in uprobe_unregister error path
Kent Overstreet <kent.overstreet(a)linux.dev>
dm-flakey: Fix corrupt_bio_byte setup checks
Ryan Lee <ryan.lee(a)canonical.com>
apparmor: fix loop detection used in conflicting attachment resolution
Ryan Lee <ryan.lee(a)canonical.com>
apparmor: ensure WB_HISTORY_SIZE value is a power of 2
Paul Chaignon <paul.chaignon(a)gmail.com>
bpf: Check netfilter ctx accesses are aligned
Paul Chaignon <paul.chaignon(a)gmail.com>
bpf: Check flow_dissector ctx accesses are aligned
Cindy Lu <lulu(a)redhat.com>
vhost: Reintroduce kthread API and add mode selection
Anders Roxell <anders.roxell(a)linaro.org>
vdpa: Fix IDR memory leak in VDUSE module exit
Dragos Tatulea <dtatulea(a)nvidia.com>
vdpa/mlx5: Fix release of uninitialized resources on error path
Alok Tiwari <alok.a.tiwari(a)oracle.com>
vhost-scsi: Fix check for inline_sg_cnt exceeding preallocated limit
Mike Christie <michael.christie(a)oracle.com>
vhost-scsi: Fix log flooding with target does not exist errors
Dragos Tatulea <dtatulea(a)nvidia.com>
vdpa/mlx5: Fix needs_teardown flag calculation
Daniel Borkmann <daniel(a)iogearbox.net>
bpf: Fix oob access in cgroup local storage
Daniel Borkmann <daniel(a)iogearbox.net>
bpf: Move cgroup iterator helpers to bpf.h
Daniel Borkmann <daniel(a)iogearbox.net>
bpf: Move bpf map owner out of common struct
Daniel Borkmann <daniel(a)iogearbox.net>
bpf: Add cookie object to bpf maps
Namhyung Kim <namhyung(a)kernel.org>
perf record: Cache build-ID of hit DSOs only
Takashi Iwai <tiwai(a)suse.de>
ALSA: usb: scarlett2: Fix missing NULL check
WangYuli <wangyuli(a)uniontech.com>
selftests: ALSA: fix memory leak in utimer test
Lukasz Laguna <lukasz.laguna(a)intel.com>
drm/xe/vf: Disable CSC support on VF
Balamanikandan Gunasundar <balamanikandan.gunasundar(a)microchip.com>
mtd: rawnand: atmel: set pmecc data setup time
Thomas Fourier <fourier.thomas(a)gmail.com>
mtd: rawnand: rockchip: Add missing check after DMA map
Thomas Fourier <fourier.thomas(a)gmail.com>
mtd: rawnand: atmel: Fix dma_mapping_error() address
Zheng Yu <zheng.yu(a)northwestern.edu>
jfs: fix metapage reference count leak in dbAllocCtl
Michal Wajdeczko <michal.wajdeczko(a)intel.com>
drm/xe/configfs: Fix pci_dev reference leak
Paulo Alcantara <pc(a)manguebit.org>
smb: client: allow parsing zero-length AV pairs
Chenyuan Yang <chenyuan0y(a)gmail.com>
fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref
Giovanni Cabiddu <giovanni.cabiddu(a)intel.com>
crypto: qat - fix seq_file position update in adf_ring_next()
Giovanni Cabiddu <giovanni.cabiddu(a)intel.com>
crypto: qat - fix DMA direction for compression on GEN2 devices
Shubhrajyoti Datta <shubhrajyoti.datta(a)amd.com>
clk: clocking-wizard: Fix the round rate handling for versal
Chen Pei <cp0613(a)linux.alibaba.com>
perf tools: Remove libtraceevent in .gitignore
Ben Hutchings <benh(a)debian.org>
sh: Do not use hyphen in exported variable name
Akhilesh Patil <akhilesh(a)ee.iitb.ac.in>
clk: spacemit: ccu_pll: fix error return value in recalc_rate callback
Ian Rogers <irogers(a)google.com>
perf topdown: Use attribute to see an event is a topdown metic or slots
Shengjiu Wang <shengjiu.wang(a)nxp.com>
ASoC: fsl_xcvr: get channel status data with firmware exists
Shengjiu Wang <shengjiu.wang(a)nxp.com>
ASoC: fsl_xcvr: get channel status data when PHY is not exists
Charles Keepax <ckeepax(a)opensource.cirrus.com>
ASoC: SDCA: Fix some holes in the regmap readable/writeable helpers
Shree Ramamoorthy <s-ramamoorthy(a)ti.com>
mfd: tps65219: Update TPS65214 MFD cell's GPIO compatible string
Thomas Fourier <fourier.thomas(a)gmail.com>
dmaengine: nbpfaxi: Add missing check after DMA map
Thomas Fourier <fourier.thomas(a)gmail.com>
dmaengine: mv_xor: Fix missing check after DMA map and missing unmap
Ian Rogers <irogers(a)google.com>
perf pmu: Switch FILENAME_MAX to NAME_MAX
Ian Rogers <irogers(a)google.com>
tools subcmd: Tighten the filename size in check_if_command_finished
Yao Zi <ziyao(a)disroot.org>
clk: thead: th1520-ap: Describe mux clocks with clk_mux
Dan Carpenter <dan.carpenter(a)linaro.org>
fs/orangefs: Allow 2 more characters in do_c_string()
Tanmay Shah <tanmay.shah(a)amd.com>
remoteproc: xlnx: Disable unsupported features
Luca Weiss <luca.weiss(a)fairphone.com>
phy: qcom: phy-qcom-snps-eusb2: Add missing write from init sequence
Laurentiu Palcu <laurentiu.palcu(a)oss.nxp.com>
clk: imx95-blk-ctl: Fix synchronous abort
Manivannan Sadhasivam <mani(a)kernel.org>
PCI: endpoint: pci-epf-vntb: Fix the incorrect usage of __iomem attribute
Bard Liao <yung-chuan.liao(a)linux.intel.com>
soundwire: stream: restore params when prepare ports fail
Michal Koutný <mkoutny(a)suse.com>
cgroup: Add compatibility option for content of /proc/cgroups
Eric Biggers <ebiggers(a)kernel.org>
crypto: krb5 - Fix memory leak in krb5_test_one_prf()
Suman Kumar Chakraborty <suman.kumar.chakraborty(a)intel.com>
crypto: qat - fix virtual channel configuration for GEN6 devices
Bairavi Alagappan <bairavix.alagappan(a)intel.com>
crypto: qat - disable ZUC-256 capability for QAT GEN5
Thomas Fourier <fourier.thomas(a)gmail.com>
crypto: img-hash - Fix dma_unmap_sg() nents value
Thomas Fourier <fourier.thomas(a)gmail.com>
crypto: keembay - Fix dma_unmap_sg() nents value
Ovidiu Panait <ovidiu.panait.oss(a)gmail.com>
hwrng: mtk - handle devm_pm_runtime_enable errors
Varshini Rajendran <varshini.rajendran(a)microchip.com>
clk: at91: sam9x7: update pll clk ranges
Jan Kara <jack(a)suse.cz>
ext4: Make sure BH_New bit is cleared in ->write_end handler
Baokun Li <libaokun1(a)huawei.com>
ext4: fix inode use after free in ext4_end_io_rsv_work()
Shashank Balaji <shashank.mahadasyam(a)sony.com>
selftests/cgroup: fix cpu.max tests
Dan Carpenter <dan.carpenter(a)linaro.org>
watchdog: ziirave_wdt: check record length in ziirave_firm_verify()
Robin Murphy <robin.murphy(a)arm.com>
PCI: Fix driver_managed_dma check
Thomas Fourier <fourier.thomas(a)gmail.com>
scsi: isci: Fix dma_unmap_sg() nents value
Thomas Fourier <fourier.thomas(a)gmail.com>
scsi: mvsas: Fix dma_unmap_sg() nents value
Thomas Fourier <fourier.thomas(a)gmail.com>
scsi: elx: efct: Fix dma_unmap_sg() nents value
Bagas Sanjaya <bagasdotme(a)gmail.com>
scsi: core: Fix kernel doc for scsi_track_queue_full()
Thomas Fourier <fourier.thomas(a)gmail.com>
scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value
Paul Kocialkowski <paulk(a)sys-base.io>
clk: sunxi-ng: v3s: Fix de clock definition
Zhang Yi <yi.zhang(a)huawei.com>
ext4: fix insufficient credits calculation in ext4_meta_trans_blocks()
Zhang Yi <yi.zhang(a)huawei.com>
ext4: correct the reserved credits for extent conversion
Yao Zi <ziyao(a)disroot.org>
clk: thead: th1520-ap: Correctly refer the parent of osc_12m
Shiraz Saleem <shirazsaleem(a)microsoft.com>
RDMA/mana_ib: Fix DSCP value in modify QP
Ian Rogers <irogers(a)google.com>
perf python: Correct pyrf_evsel__read for tool PMUs
Ian Rogers <irogers(a)google.com>
perf python: Fix thread check in pyrf_evsel__read
Ian Rogers <irogers(a)google.com>
perf hwmon_pmu: Avoid shortening hwmon PMU name
Leo Yan <leo.yan(a)arm.com>
perf tests bp_account: Fix leaked file descriptor
Mukesh Ojha <mukesh.ojha(a)oss.qualcomm.com>
pinmux: fix race causing mux_owner NULL with active mux_usecount
Li Ming <ming.li(a)zohomail.com>
cxl/edac: Fix wrong dpa checking for PPR operation
Li Ming <ming.li(a)zohomail.com>
cxl/core: Introduce a new helper cxl_resource_contains_addr()
wangzijie <wangzijie1(a)honor.com>
proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al
Leon Romanovsky <leon(a)kernel.org>
RDMA/uverbs: Add empty rdma_uattrs_has_raw_cap() declaration
Arnd Bergmann <arnd(a)arndb.de>
kernel: trace: preemptirq_delay_test: use offstack cpu mask
Steven Rostedt <rostedt(a)goodmis.org>
tracing: Use queue_rcu_work() to free filters
Junxian Huang <huangjunxian6(a)hisilicon.com>
RDMA/hns: Fix -Wframe-larger-than issue
Junxian Huang <huangjunxian6(a)hisilicon.com>
RDMA/hns: Drop GFP_NOWARN
Junxian Huang <huangjunxian6(a)hisilicon.com>
RDMA/hns: Fix accessing uninitialized resources
Junxian Huang <huangjunxian6(a)hisilicon.com>
RDMA/hns: Get message length of ack_req from FW
Mengbiao Xiong <xisme1998(a)gmail.com>
crypto: ccp - Fix crash when rebind ccp device for ccp.ko
Thomas Fourier <fourier.thomas(a)gmail.com>
crypto: inside-secure - Fix `dma_unmap_sg()` nents value
Alexey Kardashevskiy <aik(a)amd.com>
crypto: ccp - Fix locking on alloc failure handling
wenglianfa <wenglianfa(a)huawei.com>
RDMA/hns: Fix HW configurations not cleared in error flow
wenglianfa <wenglianfa(a)huawei.com>
RDMA/hns: Fix double destruction of rsv_qp
Alex Elder <elder(a)riscstar.com>
clk: spacemit: mark K1 pll1_d8 as critical
Namhyung Kim <namhyung(a)kernel.org>
perf sched: Fix memory leaks in 'perf sched latency'
Namhyung Kim <namhyung(a)kernel.org>
perf sched: Use RC_CHK_EQUAL() to compare pointers
Namhyung Kim <namhyung(a)kernel.org>
perf sched: Fix memory leaks for evsel->priv in timehist
Namhyung Kim <namhyung(a)kernel.org>
perf sched: Fix thread leaks in 'perf sched timehist'
Namhyung Kim <namhyung(a)kernel.org>
perf sched: Fix memory leaks in 'perf sched map'
Namhyung Kim <namhyung(a)kernel.org>
perf sched: Free thread->priv using priv_destructor
Namhyung Kim <namhyung(a)kernel.org>
perf sched: Make sure it frees the usage string
Takahiro Kuwano <Takahiro.Kuwano(a)infineon.com>
mtd: spi-nor: spansion: Fixup params->set_4byte_addr_mode for SEMPER
Ian Rogers <irogers(a)google.com>
perf dso: Add missed dso__put to dso__load_kcore
Namhyung Kim <namhyung(a)kernel.org>
perf tools: Fix use-after-free in help_unknown_cmd()
WangYuli <wangyuli(a)uniontech.com>
gitignore: allow .pylintrc to be tracked
Andy Shevchenko <andriy.shevchenko(a)linux.intel.com>
leds: pca955x: Avoid potential overflow when filling default_label (take 2)
Thomas Fourier <fourier.thomas(a)gmail.com>
Fix dma_unmap_sg() nents value
Parav Pandit <parav(a)nvidia.com>
RDMA/counter: Check CAP_NET_RAW check in user namespace for RDMA counters
Parav Pandit <parav(a)nvidia.com>
RDMA/nldev: Check CAP_NET_RAW in user namespace for QP modify
Parav Pandit <parav(a)nvidia.com>
RDMA/mlx5: Check CAP_NET_RAW in user namespace for devx create
Arnd Bergmann <arnd(a)arndb.de>
leds: tps6131x: Add V4L2_FLASH_LED_CLASS dependency
Parav Pandit <parav(a)nvidia.com>
RDMA/uverbs: Check CAP_NET_RAW in user namespace for RAW QP create
Parav Pandit <parav(a)nvidia.com>
RDMA/uverbs: Check CAP_NET_RAW in user namespace for QP create
Parav Pandit <parav(a)nvidia.com>
RDMA/mlx5: Check CAP_NET_RAW in user namespace for anchor create
Parav Pandit <parav(a)nvidia.com>
RDMA/mlx5: Check CAP_NET_RAW in user namespace for flow create
Parav Pandit <parav(a)nvidia.com>
RDMA/uverbs: Check CAP_NET_RAW in user namespace for flow create
Mark Bloch <mbloch(a)nvidia.com>
RDMA/ipoib: Use parent rdma device net namespace
Nuno Sá <nuno.sa(a)analog.com>
clk: clk-axi-clkgen: fix fpfd_max frequency for zynq
Amir Goldstein <amir73il(a)gmail.com>
fanotify: sanitize handle_type values when reporting fid
Luca Weiss <luca.weiss(a)fairphone.com>
phy: qualcomm: phy-qcom-eusb2-repeater: Don't zero-out registers
Rodrigo Gobbi <rodrigo.gobbi.7(a)gmail.com>
soundwire: debugfs: move debug statement outside of error handling
Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org>
dmaengine: mmp: Fix again Wvoid-pointer-to-enum-cast warning
Charles Keepax <ckeepax(a)opensource.cirrus.com>
soundwire: Correct some property names
Niklas Cassel <cassel(a)kernel.org>
PCI: qcom: Wait PCIE_RESET_CONFIG_WAIT_MS after link-up IRQ
Niklas Cassel <cassel(a)kernel.org>
PCI: dw-rockchip: Wait PCIE_RESET_CONFIG_WAIT_MS after link-up IRQ
Niklas Cassel <cassel(a)kernel.org>
PCI: Rename PCIE_RESET_CONFIG_DEVICE_WAIT_MS to PCIE_RESET_CONFIG_WAIT_MS
Jiwei Sun <sunjw10(a)lenovo.com>
PCI: Adjust the position of reading the Link Control 2 register
Ze Huang <huangze(a)whut.edu.cn>
pinctrl: canaan: k230: Fix order of DT parse and pinctrl register
Ze Huang <huangze(a)whut.edu.cn>
pinctrl: canaan: k230: add NULL check in DT parse
Yuan Chen <chenyuan(a)kylinos.cn>
pinctrl: berlin: fix memory leak in berlin_pinctrl_build_state()
Yuan Chen <chenyuan(a)kylinos.cn>
pinctrl: sunxi: Fix memory leak on krealloc failure
Jerome Brunet <jbrunet(a)baylibre.com>
PCI: endpoint: pci-epf-vntb: Return -ENOENT if pci_epc_get_next_free_bar() fails
Suman Kumar Chakraborty <suman.kumar.chakraborty(a)intel.com>
crypto: qat - restore ASYM service support for GEN6 devices
Herbert Xu <herbert(a)gondor.apana.org.au>
crypto: ahash - Stop legacy tfms from using the set_virt fallback path
Herbert Xu <herbert(a)gondor.apana.org.au>
crypto: ahash - Add support for drivers with no fallback
Arnd Bergmann <arnd(a)arndb.de>
crypto: arm/aes-neonbs - work around gcc-15 warning
Thomas Antoine <t.antoine(a)uclouvain.be>
power: supply: max1720x correct capacity computation
Casey Connolly <casey.connolly(a)linaro.org>
power: supply: qcom_pmi8998_charger: fix wakeirq
Charles Han <hanchunchao(a)inspur.com>
power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set
Geert Uytterhoeven <geert+renesas(a)glider.be>
power: reset: POWER_RESET_TORADEX_EC should depend on ARCH_MXC
Charles Han <hanchunchao(a)inspur.com>
power: supply: cpcap-charger: Fix null check for power_supply_get_by_name
Rohit Visavalia <rohit.visavalia(a)amd.com>
clk: xilinx: vcu: unregister pll_post only if registered correctly
Namhyung Kim <namhyung(a)kernel.org>
perf parse-events: Set default GH modifier properly
James Cowgill <james.cowgill(a)blaize.com>
media: v4l2-ctrls: Fix H264 SEPARATE_COLOUR_PLANE check
Ming Qian <ming.qian(a)oss.nxp.com>
media: imx-jpeg: Account for data_offset when getting image address
Henry Martin <bsdhenrymartin(a)gmail.com>
clk: davinci: Add NULL check in davinci_lpsc_clk_register()
Ivan Stepchenko <sid(a)itb.spb.ru>
mtd: fix possible integer overflow in erase_xfer()
Svyatoslav Pankratov <svyatoslav.pankratov(a)intel.com>
crypto: qat - fix state restore for banks with exceptions
Ahsan Atta <ahsan.atta(a)intel.com>
crypto: qat - allow enabling VFs in the absence of IOMMU
Ashish Kalra <ashish.kalra(a)amd.com>
crypto: ccp - Fix dereferencing uninitialized error pointer
Herbert Xu <herbert(a)gondor.apana.org.au>
padata: Fix pd UAF once and for all
Herbert Xu <herbert(a)gondor.apana.org.au>
crypto: s390/sha3 - Use cpu byte-order when exporting
Herbert Xu <herbert(a)gondor.apana.org.au>
crypto: s390/hmac - Fix counter in export state
Herbert Xu <herbert(a)gondor.apana.org.au>
crypto: marvell/cesa - Fix engine load inaccuracy
Suman Kumar Chakraborty <suman.kumar.chakraborty(a)intel.com>
crypto: qat - use unmanaged allocation for dc_data
Ovidiu Panait <ovidiu.panait.oss(a)gmail.com>
crypto: sun8i-ce - fix nents passed to dma_unmap_sg()
Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com>
clk: renesas: rzv2h: Fix missing CLK_SET_RATE_PARENT flag for ddiv clocks
Hans Zhang <18255117159(a)163.com>
PCI: rockchip-host: Fix "Unexpected Completion" log message
Bjorn Andersson <bjorn.andersson(a)oss.qualcomm.com>
remoteproc: qcom: pas: Conclude the rename from adsp
Thomas Richard <thomas.richard(a)bootlin.com>
pinctrl: cirrus: madera-core: Use devm_pinctrl_register_mappings()
Kees Cook <kees(a)kernel.org>
fortify: Fix incorrect reporting of read buffer size
Kees Cook <kees(a)kernel.org>
staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int()
Gabriele Monaco <gmonaco(a)redhat.com>
rv: Adjust monitor dependencies
Gabriele Monaco <gmonaco(a)redhat.com>
rv: Use strings in da monitors tracepoints
Gabriele Monaco <gmonaco(a)redhat.com>
rv: Remove trailing whitespace from tracepoint string
Samuel Holland <samuel.holland(a)sifive.com>
RISC-V: KVM: Fix inclusion of Smnpm in the guest ISA bitmap
Puranjay Mohan <puranjay(a)kernel.org>
bpf, arm64: Fix fp initialization for exception boundary
Thomas Weißschuh <thomas.weissschuh(a)linutronix.de>
bpf/preload: Don't select USERMODE_DRIVER
Eric Dumazet <edumazet(a)google.com>
ipv6: annotate data-races around rt->fib6_nsiblings
Eric Dumazet <edumazet(a)google.com>
ipv6: fix possible infinite loop in fib6_info_uses_dev()
Eric Dumazet <edumazet(a)google.com>
ipv6: prevent infinite loop in rt6_nlmsg_size()
Eric Dumazet <edumazet(a)google.com>
ipv6: add a retry logic in net6_rt_notify()
Stanislav Fomichev <sdf(a)fomichev.me>
vrf: Drop existing dst reference in vrf_ip6_input_dst
Xiumei Mu <xmu(a)redhat.com>
selftests: rtnetlink.sh: remove esp4_offload after test
Jason Xing <kernelxing(a)tencent.com>
igb: xsk: solve negative overflow of nb_pkts in zerocopy mode
Jason Xing <kernelxing(a)tencent.com>
stmmac: xsk: fix negative overflow of budget in zerocopy mode
Kuniyuki Iwashima <kuniyu(a)google.com>
neighbour: Fix null-ptr-deref in neigh_flush_dev().
Tristram Ha <tristram.ha(a)microchip.com>
net: dsa: microchip: Fix wrong rx drop MIB counter for KSZ8863
Stanislav Fomichev <sdf(a)fomichev.me>
macsec: set IFF_UNICAST_FLT priv flag
Shahar Shitrit <shshitrit(a)nvidia.com>
net/mlx5e: Fix potential deadlock by deferring RX timeout recovery
Jianbo Liu <jianbol(a)nvidia.com>
net/mlx5e: Remove skb secpath if xfrm state is not found
Alexei Lazar <alazar(a)nvidia.com>
net/mlx5e: Clear Read-Only port buffer size in PBMC before update
Yi Chen <yiche(a)redhat.com>
selftests: netfilter: ipvs.sh: Explicity disable rp_filter on interface tunl0
Phil Sutter <phil(a)nwl.cc>
selftests: netfilter: Ignore tainted kernels in interface stress test
Florian Westphal <fw(a)strlen.de>
netfilter: xt_nfacct: don't assume acct name is null-terminated
Jimmy Assarsson <extja(a)kvaser.com>
can: kvaser_usb: Assign netdev.dev_port based on device channel index
Jimmy Assarsson <extja(a)kvaser.com>
can: kvaser_pciefd: Store device channel index
Randy Dunlap <rdunlap(a)infradead.org>
can: tscan1: CAN_TSCAN1 can depend on PC104
Vincent Mailhol <mailhol.vincent(a)wanadoo.fr>
can: tscan1: Kconfig: add COMPILE_TEST
Stephane Grosjean <stephane.grosjean(a)hms-networks.com>
can: peak_usb: fix USB FD devices potential malfunction
Daniel Zahka <daniel.zahka(a)gmail.com>
selftests: drv-net: tso: fix non-tunneled tso6 test case name
Daniel Zahka <daniel.zahka(a)gmail.com>
selftests: drv-net: tso: fix vxlan tunnel flags to get correct gso_type
Daniel Zahka <daniel.zahka(a)gmail.com>
selftests: drv-net: tso: enable test cases based on hw_features
Gal Pressman <gal(a)nvidia.com>
selftests: drv-net: Fix remote command checking in require_cmd()
Gabriele Monaco <gmonaco(a)redhat.com>
tools/rv: Do not skip idle in trace
Paul Chaignon <paul.chaignon(a)gmail.com>
bpf: Reject narrower access to pointer ctx fields
Kuniyuki Iwashima <kuniyu(a)google.com>
bpf: Disable migration in nf_hook_run_bpf().
Chris Down <chris(a)chrisdown.name>
Bluetooth: hci_event: Mask data status from LE ext adv reports
Kiran K <kiran.k(a)intel.com>
Bluetooth: btintel_pcie: Make driver wait for alive interrupt
Kiran K <kiran.k(a)intel.com>
Bluetooth: btintel: Define a macro for Intel Reset vendor command
Ivan Pravdin <ipravdin.official(a)gmail.com>
Bluetooth: hci_devcd_dump: fix out-of-bounds via dev_coredumpv
Arseniy Krasnov <avkrasnov(a)salutedevices.com>
Bluetooth: hci_sync: fix double free in 'hci_discovery_filter_clear()'
Zhongqiu Han <quic_zhonhan(a)quicinc.com>
Bluetooth: btusb: Fix potential NULL dereference on kmalloc failure
Ting-Ying Li <tingying.li(a)cypress.com>
wifi: brcmfmac: fix EXTSAE WPA3 connection failure due to AUTH TX failure
Lu Baolu <baolu.lu(a)linux.intel.com>
iommu/vt-d: Fix UAF on sva unbind with pending IOPFs
Benjamin Berg <benjamin.berg(a)intel.com>
wifi: iwlwifi: mld: decode EOF bit for AMPDUs
Jeremy Linton <jeremy.linton(a)arm.com>
arm64/gcs: task_gcs_el0_enable() should use passed task
Johannes Berg <johannes.berg(a)intel.com>
wifi: mac80211: fix WARN_ON for monitor mode on some devices
Kees Cook <kees(a)kernel.org>
wifi: brcmfmac: cyw: Fix __counted_by to be LE variant
Matthew Wilcox (Oracle) <willy(a)infradead.org>
memcg_slabinfo: Fix use of PG_slab
Marco Elver <elver(a)google.com>
kcsan: test: Initialize dummy variable
Steven Rostedt <rostedt(a)goodmis.org>
ring-buffer: Remove ring_buffer_read_prepare_sync()
Kees Cook <kees(a)kernel.org>
wifi: nl80211: Set num_sub_specs before looping through sub_specs
Kees Cook <kees(a)kernel.org>
wifi: mac80211: Write cnt before copying in ieee80211_copy_rnr_beacon()
Steven Rostedt <rostedt(a)goodmis.org>
PM: cpufreq: powernv/tracing: Move powernv_throttle trace event
Gokul Sivakumar <gokulkumar.sivakumar(a)infineon.com>
wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE
Tamizh Chelvam Raja <tamizh.raja(a)oss.qualcomm.com>
wifi: ath12k: fix endianness handling while accessing wmi service bit
Remi Pommarel <repk(a)triplefau.lt>
Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()"
Remi Pommarel <repk(a)triplefau.lt>
wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key()
Alexander Wetzel <Alexander(a)wetzel-home.de>
wifi: mac80211: Don't call fq_flow_idx() for management frames
Alexander Wetzel <Alexander(a)wetzel-home.de>
wifi: mac80211: Do not schedule stopped TXQs
Alexander Wetzel <Alexander(a)wetzel-home.de>
wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac()
Murad Masimov <m.masimov(a)mt-integration.ru>
wifi: plfxlc: Fix error handling in usb driver probe
Moon Hee Lee <moonhee.lee.ca(a)gmail.com>
wifi: mac80211: reject TDLS operations when station is not associated
Tze-nan Wu <Tze-nan.Wu(a)mediatek.com>
rcu: Fix delayed execution of hurry callbacks
Jason Gunthorpe <jgg(a)ziepe.ca>
iommu/amd: Fix geometry.aperture_end for V2 tables
Puranjay Mohan <puranjay(a)kernel.org>
selftests/bpf: fix implementation of smp_mb()
Alex Deucher <alexander.deucher(a)amd.com>
drm/amdgpu/gfx10: fix kiq locking in KCQ reset
Alex Deucher <alexander.deucher(a)amd.com>
drm/amdgpu/gfx9.4.3: fix kiq locking in KCQ reset
Alex Deucher <alexander.deucher(a)amd.com>
drm/amdgpu/gfx9: fix kiq locking in KCQ reset
Baochen Qiang <quic_bqiang(a)quicinc.com>
wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask()
Aaradhana Sahu <aaradhana.sahu(a)oss.qualcomm.com>
wifi: ath12k: Use HTT_TCL_METADATA_VER_V1 in FTM mode
Maharaja Kennadyrajan <maharaja.kennadyrajan(a)oss.qualcomm.com>
wifi: mac80211: use RCU-safe iteration in ieee80211_csa_finish
Thomas Fourier <fourier.thomas(a)gmail.com>
mwl8k: Add missing check after DMA map
Bitterblue Smith <rtl8821cerfe2(a)gmail.com>
wifi: rtw88: Fix macid assigned to TDLS station
Martin Kaistra <martin.kaistra(a)linutronix.de>
wifi: rtl8xxxu: Fix RX skb size for aggregation disabled
Eric Dumazet <edumazet(a)google.com>
tcp: call tcp_measure_rcv_mss() for ooo packets
Juergen Gross <jgross(a)suse.com>
xen/gntdev: remove struct gntdev_copy_batch from stack
Dmitry Baryshkov <dmitry.baryshkov(a)oss.qualcomm.com>
iommu/arm-smmu: disable PRR on SM8250
Ethan Milon <ethan.milon(a)eviden.com>
iommu/vt-d: Fix missing PASID in dev TLB flush with cache_tag_flush_all
Jason Gunthorpe <jgg(a)ziepe.ca>
iommu/vt-d: Do not wipe out the page table NID when devices detach
Juri Lelli <juri.lelli(a)redhat.com>
sched/deadline: Reset extra_bw to max_bw when clearing root domains
Juri Lelli <juri.lelli(a)redhat.com>
sched/deadline: Initialize dl_servers after SMP
Al Viro <viro(a)zeniv.linux.org.uk>
xen: fix UAF in dmabuf_exp_from_pages()
Edward Srouji <edwards(a)nvidia.com>
RDMA/mlx5: Fix UMR modifying of mkey page size
Eric Dumazet <edumazet(a)google.com>
net_sched: act_ctinfo: use atomic64_t for three counters
William Liu <will(a)willsroot.io>
net/sched: Restrict conditions for adding duplicating netems to qdisc tree
Thomas Weißschuh <linux(a)weissschuh.net>
leds: lp8860: Check return value of devm_mutex_init()
Thomas Weißschuh <linux(a)weissschuh.net>
spi: spi-nxp-fspi: Check return value of devm_mutex_init()
Easwar Hariharan <eahariha(a)linux.microsoft.com>
iommu/amd: Enable PASID and ATS capabilities in the correct order
Tiwei Bie <tiwei.btw(a)antgroup.com>
um: rtc: Avoid shadowing err in uml_rtc_start()
Johan Korsnes <johan.korsnes(a)gmail.com>
arch: powerpc: defconfig: Drop obsolete CONFIG_NET_CLS_TCINDEX
Jeff Johnson <jeff.johnson(a)oss.qualcomm.com>
wifi: ath12k: pack HTT pdev rate stats structs
Harshitha Prem <quic_hprem(a)quicinc.com>
wifi: ath12k: update unsupported bandwidth flags in reg rules
Simona Vetter <simona.vetter(a)ffwll.ch>
drm/panthor: Fix UAF in panthor_gem_create_with_handle() debugfs code
Fedor Pchelkin <pchelkin(a)ispras.ru>
netfilter: nf_tables: adjust lockdep assertions handling
Phil Sutter <phil(a)nwl.cc>
netfilter: nf_tables: Drop dead code from fill_*_info routines
Shixiong Ou <oushixiong(a)kylinos.cn>
fbcon: Fix outdated registered_fb reference in comment
Peter Zijlstra <peterz(a)infradead.org>
sched/deadline: Less agressive dl_server handling
Peter Zijlstra <peterz(a)infradead.org>
sched/psi: Optimize psi_group_change() cpu_clock() usage
Andy Yan <andy.yan(a)rock-chips.com>
drm/rockchip: vop2: Fix the update of LAYER/PORT select registers when there are multi display output on rk3588/rk3568
Heiko Stuebner <heiko(a)sntech.de>
drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port
Masahiro Yamada <masahiroy(a)kernel.org>
arm64: fix unnecessary rebuilding when CONFIG_DEBUG_EFI=y
Aaradhana Sahu <aaradhana.sahu(a)oss.qualcomm.com>
wifi: ath12k: Block radio bring-up in FTM mode
Vitaly Prosyak <vitaly.prosyak(a)amd.com>
drm/amdgpu: fix use-after-free in amdgpu_userq_suspend+0x51a/0x5a0
Vitaly Prosyak <vitaly.prosyak(a)amd.com>
Revert "drm/amdgpu: fix slab-use-after-free in amdgpu_userq_mgr_fini"
Fedor Pchelkin <pchelkin(a)ispras.ru>
drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value
Alex Deucher <alexander.deucher(a)amd.com>
drm/amdgpu/gfx10: fix KGQ reset sequence
Alex Deucher <alexander.deucher(a)amd.com>
drm/amdgpu: move force completion into ring resets
Christian König <ckoenig.leichtzumerken(a)gmail.com>
drm/amdgpu: rework queue reset scheduler interaction
Emily Deng <Emily.Deng(a)amd.com>
drm/amdkfd: Move the process suspend and resume out of full access
Lorenzo Bianconi <lorenzo(a)kernel.org>
wifi: mt76: mt7996: Fix valid_links bitmask in mt7996_mac_sta_{add,remove}
Lorenzo Bianconi <lorenzo(a)kernel.org>
wifi: mt76: mt7996: Fix possible OOB access in mt7996_tx()
Lorenzo Bianconi <lorenzo(a)kernel.org>
wifi: mt76: mt7996: Fix secondary link lookup in mt7996_mcu_sta_mld_setup_tlv()
Artem Sadovnikov <a.sadovnikov(a)ispras.ru>
refscale: Check that nreaders and loops multiplication doesn't overflow
Finn Thain <fthain(a)linux-m68k.org>
m68k: Don't unregister boot console needlessly
Konrad Dybcio <konrad.dybcio(a)oss.qualcomm.com>
drm/msm/dpu: Fill in min_prefill_lines for SC8180X
Kumar Kartikeya Dwivedi <memxor(a)gmail.com>
bpf: Ensure RCU lock is held around bpf_prog_ksym_find
Dan Carpenter <dan.carpenter(a)linaro.org>
wifi: mt76: mt7925: fix off by one in mt7925_mcu_hw_scan()
Mark Brown <broonie(a)kernel.org>
kselftest/arm64: Fix check for setting new VLs in sve-ptrace
Dan Carpenter <dan.carpenter(a)linaro.org>
wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start()
Eric Dumazet <edumazet(a)google.com>
net: dst: add four helpers to annotate data-races around dst->dev
Eric Dumazet <edumazet(a)google.com>
net: dst: annotate data-races around dst->output
Eric Dumazet <edumazet(a)google.com>
net: dst: annotate data-races around dst->input
Stav Aviram <saviram(a)nvidia.com>
net/mlx5: Check device memory pointer before usage
xin.guo <guoxin0309(a)gmail.com>
tcp: fix tcp_ofo_queue() to avoid including too much DUP SACK range
Thiraviyam Mariyappan <thiraviyam.mariyappan(a)oss.qualcomm.com>
wifi: ath12k: Clear auth flag only for actual association in security mode
Sergey Senozhatsky <senozhatsky(a)chromium.org>
wifi: ath11k: clear initialized flag for deinit-ed srng lists
Stanislav Fomichev <sdf(a)fomichev.me>
team: replace team lock with rtnl lock
Shuicheng Lin <shuicheng.lin(a)intel.com>
drm/xe/uapi: Correct sync type definition in comments
Jiasheng Jiang <jiasheng(a)iscas.ac.cn>
iwlwifi: Add missing check for alloc_ordered_workqueue
Xiu Jianfeng <xiujianfeng(a)huawei.com>
wifi: iwlwifi: Fix memory leak in iwl_mvm_init()
Vitaly Prosyak <vitaly.prosyak(a)amd.com>
drm/amdgpu: fix slab-use-after-free in amdgpu_userq_mgr_fini+0x70c
Daniil Dulov <d.dulov(a)aladdin.ru>
wifi: rtl818x: Kill URBs before clearing tx status queue
Zong-Zhe Yang <kevin_yang(a)realtek.com>
wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band
Eric Dumazet <edumazet(a)google.com>
net: annotate races around sk->sk_uid
Arnd Bergmann <arnd(a)arndb.de>
caif: reduce stack size, again
Tamizh Chelvam Raja <tamizh.raja(a)oss.qualcomm.com>
wifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type()
P Praneesh <praneesh.p(a)oss.qualcomm.com>
wifi: ath12k: Fix double budget decrement while reaping monitor ring
Kang Yang <kang.yang(a)oss.qualcomm.com>
wifi: ath12k: update channel list in worker when wait flag is set
Rameshkumar Sundaram <rameshkumar.sundaram(a)oss.qualcomm.com>
wifi: ath12k: Avoid accessing uninitialized arvif->ar during beacon miss
Haren Myneni <haren(a)linux.ibm.com>
powerpc/pseries/dlpar: Search DRC index from ibm,drc-indexes for IO add
Yuan Chen <chenyuan(a)kylinos.cn>
bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure
Rameshkumar Sundaram <rameshkumar.sundaram(a)oss.qualcomm.com>
wifi: mac80211: Fix bssid_indicator for MBSSID in AP mode
Erni Sri Satya Vennela <ernis(a)linux.microsoft.com>
net: mana: Fix potential deadlocks in mana napi ops
Alex Deucher <alexander.deucher(a)amd.com>
drm/amdgpu/sdma: handle paging queues in amdgpu_sdma_reset_engine()
Lijo Lazar <lijo.lazar(a)amd.com>
drm/amdgpu: Remove nbiov7.9 replay count reporting
Jonathan Corbet <corbet(a)lwn.net>
slub: Fix a documentation build error for krealloc()
Ian Forbes <ian.forbes(a)broadcom.com>
drm/vmwgfx: Fix Host-Backed userspace on Guest-Backed kernel
Petr Machata <petrm(a)nvidia.com>
net: ipv6: ip6mr: Fix in/out netdev to pass to the FORWARD chain
Mykyta Yatsenko <yatsenko(a)meta.com>
selftests/bpf: Fix unintentional switch case fall through
Eduard Zingerman <eddyz87(a)gmail.com>
bpf: handle jset (if a & b ...) as a jump in CFG computation
Fushuai Wang <wangfushuai(a)baidu.com>
selftests/bpf: fix signedness bug in redir_partial()
Charalampos Mitrodimas <charmitro(a)posteo.net>
net, bpf: Fix RCU usage in task_cls_state() for BPF programs
Jiayuan Chen <jiayuan.chen(a)linux.dev>
bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls
Breno Leitao <leitao(a)debian.org>
netconsole: Only register console drivers when targets are configured
Jiayuan Chen <jiayuan.chen(a)linux.dev>
bpf, sockmap: Fix psock incorrectly pointing to sk
Kuan-Chung Chen <damon.chen(a)realtek.com>
wifi: rtw89: fix EHT 20MHz TX rate for non-AP STA
Fedor Pchelkin <pchelkin(a)ispras.ru>
wifi: rtw89: sar: do not assert wiphy lock held until probing is done
Fedor Pchelkin <pchelkin(a)ispras.ru>
wifi: rtw89: sar: drop lockdep assertion in rtw89_set_sar_from_acpi
Dan Carpenter <dan.carpenter(a)linaro.org>
wifi: rtw89: mcc: prevent shift wrapping in rtw89_core_mlsr_switch()
Boris Brezillon <boris.brezillon(a)collabora.com>
drm/panthor: Add missing explicit padding in drm_panthor_gpu_info
Adrián Larumbe <adrian.larumbe(a)collabora.com>
drm/panfrost: Fix panfrost device variable name in devfreq
Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com>
drm/connector: hdmi: Evaluate limited range after computing format
Geert Uytterhoeven <geert+renesas(a)glider.be>
drm/sitronix: Remove broken backwards-compatibility layer
Andy Yan <andy.yan(a)rock-chips.com>
drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed
Huan Yang <link(a)vivo.com>
udmabuf: fix vmap missed offset page
Huan Yang <link(a)vivo.com>
Revert "udmabuf: fix vmap_udmabuf error page set"
Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org>
MIPS: alchemy: gpio: use new GPIO line value setter callbacks for the remaining chips
Steven Rostedt <rostedt(a)goodmis.org>
selftests/tracing: Fix false failure of subsystem event test
Alok Tiwari <alok.a.tiwari(a)oracle.com>
staging: nvec: Fix incorrect null termination of battery manufacturer
Inochi Amaoto <inochiama(a)gmail.com>
riscv: dts: sophgo: sg2044: Add missing riscv,cbop-block-size property
Antheas Kapenekakis <lkml(a)antheas.dev>
platform/x86: oxpec: Fix turbo register for G1 AMD
Michael J. Ruhl <michael.j.ruhl(a)intel.com>
drm/xe: Correct BMG VSEC header sizing
Michael J. Ruhl <michael.j.ruhl(a)intel.com>
drm/xe: Correct the rev value for the DVSEC entries
Slark Xiao <slark_xiao(a)163.com>
bus: mhi: host: pci_generic: Fix the modem name of Foxconn T99W640
Konrad Dybcio <konrad.dybcio(a)oss.qualcomm.com>
interconnect: qcom: qcs615: Drop IP0 interconnects
Dmitry Baryshkov <dmitry.baryshkov(a)oss.qualcomm.com>
interconnect: qcom: sc8180x: specify num_nodes
Dmitry Baryshkov <dmitry.baryshkov(a)oss.qualcomm.com>
interconnect: qcom: sc8280xp: specify num_links for qnm_a1noc_cfg
Johan Hovold <johan(a)kernel.org>
soc: qcom: pmic_glink: fix OF node leak
Brahmajit Das <listout(a)listout.xyz>
samples: mei: Fix building on musl libc
Johan Hovold <johan(a)kernel.org>
driver core: auxiliary bus: fix OF node leak
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
staging: greybus: gbphy: fix up const issue with the match callback
Charles Keepax <ckeepax(a)opensource.cirrus.com>
ASoC: SDCA: Allow read-only controls to be deferrable
Charles Keepax <ckeepax(a)opensource.cirrus.com>
ASoC: SDCA: Update memory allocations to zero initialise
Rafael J. Wysocki <rafael.j.wysocki(a)intel.com>
kexec_core: Fix error code path in the KEXEC_JUMP flow
Jonas Karlman <jonas(a)kwiboo.se>
arm64: dts: rockchip: Fix UART DMA support for RK3528
Lifeng Zheng <zhenglifeng1(a)huawei.com>
cpufreq: Init policy->rwsem before it may be possibly used
Lifeng Zheng <zhenglifeng1(a)huawei.com>
cpufreq: Initialize cpufreq-based frequency-invariance later
Rafael J. Wysocki <rafael.j.wysocki(a)intel.com>
cpufreq: intel_pstate: Always use HWP_DESIRED_PERF in passive mode
Chanwoo Choi <cw00.choi(a)samsung.com>
PM / devfreq: Fix a index typo in trans_stat
Lifeng Zheng <zhenglifeng1(a)huawei.com>
PM / devfreq: Check governor before using governor->name
Jonas Karlman <jonas(a)kwiboo.se>
arm64: dts: rockchip: Fix pinctrl node names for RK3528
Max Krummenacher <max.krummenacher(a)toradex.com>
arm64: dts: freescale: imx8mp-toradex-smarc: fix lvds dsi mux gpio
Adam Ford <aford173(a)gmail.com>
arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed
Adam Ford <aford173(a)gmail.com>
arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed
Annette Kobou <annette.kobou(a)kontron.de>
ARM: dts: imx6ul-kontron-bl-common: Fix RTS polarity for RS485 interface
Moon Hee Lee <moonhee.lee.ca(a)gmail.com>
selftests: breakpoints: use suspend_stats to reliably check suspend success
Patrick Delaunay <patrick.delaunay(a)foss.st.com>
arm64: dts: st: fix timer used for ticks
Sebastian Reichel <sebastian.reichel(a)collabora.com>
arm64: dts: rockchip: fix PHY handling for ROCK 4D
Sumit Gupta <sumitg(a)nvidia.com>
soc/tegra: cbb: Clear ERR_FORCE register with ERR_STATUS
Christophe JAILLET <christophe.jaillet(a)wanadoo.fr>
staging: gpib: Fix error handling paths in cb_gpib_probe()
Harshit Mogalapalli <harshit.m.mogalapalli(a)oracle.com>
staging: gpib: Fix error code in board_type_ioctl()
Parth Pancholi <parth.pancholi(a)toradex.com>
arm64: dts: ti: k3-am62p-verdin: fix PWM_3_DSI GPIO direction
Niklas Söderlund <niklas.soderlund+renesas(a)ragnatech.se>
arm64: dts: renesas: r8a779g3-sparrow-hawk-fan-pwm: Add missing install target
Albin Törnqvist <albin.tornqvist(a)codiax.se>
arm: dts: ti: omap: Fixup pinheader typo
Thomas Weißschuh <thomas.weissschuh(a)linutronix.de>
tools/nolibc: avoid false-positive -Wmaybe-uninitialized through waitpid()
Lucas De Marchi <lucas.demarchi(a)intel.com>
usb: early: xhci-dbc: Fix early_ioremap leak
Thomas Weißschuh <thomas.weissschuh(a)linutronix.de>
selftests/nolibc: correctly report errors from printf() and friends
Francesco Dolcini <francesco.dolcini(a)toradex.com>
arm64: dts: ti: k3-am62p-verdin: add SD_1 CD pull-up
Sivan Zohar-Kotzer <sivany32(a)gmail.com>
powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw()
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Revert "vmci: Prevent the dispatching of uninitialized payloads"
Thomas Weißschuh <thomas.weissschuh(a)linutronix.de>
selftests: vDSO: chacha: Correctly skip test if necessary
Tim Harvey <tharvey(a)gateworks.com>
arm64: dts: imx8mp-venice-gw74xx: update name of M2SKT_WDIS2# gpio
Denis OSTERLAND-HEIM <denis.osterland(a)diehl.com>
pps: fix poll support
Lizhi Xu <lizhi.xu(a)windriver.com>
vmci: Prevent the dispatching of uninitialized payloads
Shankari Anand <shankari.ak0208(a)gmail.com>
rust: miscdevice: clarify invariant for `MiscDeviceRegistration`
Abdun Nihaal <abdun.nihaal(a)gmail.com>
staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc()
Colin Ian King <colin.i.king(a)gmail.com>
staging: gpib: fix unset padding field copy back to userspace
Charles Keepax <ckeepax(a)opensource.cirrus.com>
ASoC: SDCA: Add missing default in switch in entity_pde_event()
Jonas Karlman <jonas(a)kwiboo.se>
arm64: dts: rockchip: Enable eMMC HS200 mode on Radxa E20C
Konrad Dybcio <konrad.dybcio(a)oss.qualcomm.com>
power: sequencing: qcom-wcn: fix bluetooth-wifi copypasta for WCN6855
Danilo Krummrich <dakr(a)kernel.org>
rust: devres: require T: Send for Devres
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
drivers: misc: sram: fix up some const issues with recent attribute changes
Clément Le Goffic <clement.legoffic(a)foss.st.com>
spi: stm32: Check for cfg availability in stm32_spi_probe
Hans de Goede <hansg(a)kernel.org>
mei: vsc: Fix "BUG: Invalid wait context" lockdep error
Hans de Goede <hansg(a)kernel.org>
mei: vsc: Run event callback from a workqueue
Hans de Goede <hansg(a)kernel.org>
mei: vsc: Drop unused vsc_tp_request_irq() and vsc_tp_free_irq()
Hans de Goede <hansg(a)kernel.org>
mei: vsc: Unset the event callback on remove and probe errors
Hans de Goede <hansg(a)kernel.org>
mei: vsc: Event notifier fixes
Hans de Goede <hansg(a)kernel.org>
mei: vsc: Destroy mutex after freeing the IRQ
Hans de Goede <hansg(a)kernel.org>
mei: vsc: Don't re-init VSC from mei_vsc_hw_reset() on stop
Dmitry Baryshkov <dmitry.baryshkov(a)oss.qualcomm.com>
usb: typec: ucsi: yoga-c630: fix error and remove paths
Pawan Gupta <pawan.kumar.gupta(a)linux.intel.com>
x86/bugs: Allow ITS stuffing in eIBRS+retpoline mode also
Pawan Gupta <pawan.kumar.gupta(a)linux.intel.com>
x86/bugs: Introduce cdt_possible()
Pawan Gupta <pawan.kumar.gupta(a)linux.intel.com>
x86/bugs: Simplify the retbleed=stuff checks
Pawan Gupta <pawan.kumar.gupta(a)linux.intel.com>
x86/bugs: Avoid AUTO after the select step in the retbleed mitigation
Sibi Sankar <quic_sibis(a)quicinc.com>
firmware: arm_scmi: Fix up turbo frequencies selection
Arnd Bergmann <arnd(a)arndb.de>
cpufreq: armada-8k: make both cpu masks static
Ryan Wanner <Ryan.Wanner(a)microchip.com>
ARM: dts: microchip: sam9x7: Add clock name property
Ryan Wanner <Ryan.Wanner(a)microchip.com>
ARM: dts: microchip: sama7d65: Add clock name property
Michael Walle <mwalle(a)kernel.org>
arm64: dts: ti: k3-am62p-j722s: fix pinctrl-single size
Emanuele Ghidoli <emanuele.ghidoli(a)toradex.com>
arm64: dts: ti: k3-am62p-verdin: Enable pull-ups on I2C_3_HDMI
Wadim Egorov <w.egorov(a)phytec.de>
arm64: dts: ti: k3-am642-phyboard-electra: Fix PRU-ICSSG Ethernet ports
Quentin Schulz <quentin.schulz(a)cherry.de>
arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP
Charalampos Mitrodimas <charmitro(a)posteo.net>
usb: misc: apple-mfi-fastcharge: Make power supply names unique
Seungjin Bae <eeodqql09(a)gmail.com>
usb: host: xhci-plat: fix incorrect type for of_match variable in xhci_plat_probe()
Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org>
ARM: dts: vfxxx: Correctly use two tuples for timer address
Gautham R. Shenoy <gautham.shenoy(a)amd.com>
pm: cpupower: Fix printing of CORE, CPU fields in cpupower-monitor
André Apitzsch <git(a)apitzsch.eu>
arm64: dts: qcom: msm8976: Make blsp_dma controlled-remotely
Lijuan Gao <lijuan.gao(a)oss.qualcomm.com>
arm64: dts: qcom: sa8775p: Correct the interrupt for remoteproc
Will Deacon <willdeacon(a)google.com>
arm64: dts: exynos: gs101: Add 'local-timer-stop' to cpuidle nodes
Jie Gan <jie.gan(a)oss.qualcomm.com>
arm64: dts: qcom: qcs615: disable the CTI device of the camera block
Konrad Dybcio <konrad.dybcio(a)oss.qualcomm.com>
arm64: dts: qcom: sc7180: Expand IMEM region
Konrad Dybcio <konrad.dybcio(a)oss.qualcomm.com>
arm64: dts: qcom: sdm845: Expand IMEM region
Jie Gan <jie.gan(a)oss.qualcomm.com>
arm64: dts: qcom: qcs615: fix a crash issue caused by infinite loop for Coresight
Alexander Wilhelm <alexander.wilhelm(a)westermo.com>
soc: qcom: fix endianness for QMI header
Alexander Wilhelm <alexander.wilhelm(a)westermo.com>
soc: qcom: QMI encoding/decoding for big endian
Dmitry Vyukov <dvyukov(a)google.com>
selftests: Fix errno checking in syscall_user_dispatch test
Alexander Stein <alexander.stein(a)ew.tq-group.com>
arm64: dts: freescale: imx93-tqma9352: Limit BUCK2 to 600mV
Chen-Yu Tsai <wenst(a)chromium.org>
ASoC: mediatek: mt8183-afe-pcm: Support >32 bit DMA addresses
Chen-Yu Tsai <wenst(a)chromium.org>
ASoC: mediatek: use reserved memory or enable buffer pre-allocation
Konrad Dybcio <konrad.dybcio(a)oss.qualcomm.com>
arm64: dts: qcom: x1p42100: Fix thermal sensor configuration
Arnd Bergmann <arnd(a)arndb.de>
ASoC: ops: dynamically allocate struct snd_ctl_elem_value
Venkata Prasad Potturu <venkataprasad.potturu(a)amd.com>
ASoC: amd: acp: Fix pointer assignments for snd_soc_acpi_mach structures
Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com>
ASoC: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask()
Pei Xiao <xiaopei01(a)kylinos.cn>
ASOC: rockchip: fix capture stream handling in rockchip_sai_xfer_stop
Kees Cook <kees(a)kernel.org>
sched/task_stack: Add missing const qualifier to end_of_stack()
Nilay Shroff <nilay(a)linux.ibm.com>
block: restore two stage elevator switch while running nr_hw_queue update
Bo Liu (OpenAnolis) <liubo03(a)inspur.com>
erofs: fix build error with CONFIG_EROFS_FS_ZIP_ACCEL=y
Jann Horn <jannh(a)google.com>
eventpoll: fix sphinx documentation build warning
Jann Horn <jannh(a)google.com>
eventpoll: Fix semi-unbounded recursion
Sun YangKai <sunk67188(a)gmail.com>
btrfs: remove partial support for lowest level from btrfs_search_forward()
Randy Dunlap <rdunlap(a)infradead.org>
io_uring: fix breakage in EXPERT menu
John Garry <john.g.garry(a)oracle.com>
block: sanitize chunk_sectors for atomic write limits
Rick Wertenbroek <rick.wertenbroek(a)gmail.com>
nvmet: pci-epf: Do not complete commands twice if nvmet_req_init() fails
Andreas Gruenbacher <agruenba(a)redhat.com>
gfs2: No more self recovery
John Garry <john.g.garry(a)oracle.com>
md/raid10: fix set but not used variable in sync_request_write()
Ming Lei <ming.lei(a)redhat.com>
ublk: validate ublk server pid
Uday Shankar <ushankar(a)purestorage.com>
ublk: speed up ublk server exit handling
Kees Cook <kees(a)kernel.org>
kunit/fortify: Add back "volatile" for sizeof() constants
Zheng Qixing <zhengqixing(a)huawei.com>
md: allow removing faulty rdev during resync
Ming Lei <ming.lei(a)redhat.com>
nbd: fix lockdep deadlock warning
Andreas Gruenbacher <agruenba(a)redhat.com>
gfs2: Minor do_xmote cancelation fix
Thomas Fourier <fourier.thomas(a)gmail.com>
block: mtip32xx: Fix usage of dma_map_sg()
Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com>
Revert "fs/ntfs3: Replace inode_trylock with inode_lock"
Yangtao Li <frank.li(a)vivo.com>
hfsplus: remove mutex_lock check in hfsplus_free_extents
Yangtao Li <frank.li(a)vivo.com>
hfs: make splice write available again
Yangtao Li <frank.li(a)vivo.com>
hfsplus: make splice write available again
Caleb Sander Mateos <csander(a)purestorage.com>
ublk: use vmalloc for ublk_device's __queues
Tingmao Wang <m(a)maowtm.org>
landlock: Fix warning from KUnit tests
Edward Adam Davis <eadavis(a)qq.com>
fs/ntfs3: cancle set bad inode after removing name fails
Song Liu <song(a)kernel.org>
selftests/landlock: Fix build of audit_test
Mickaël Salaün <mic(a)digikod.net>
selftests/landlock: Fix readlink check
RubenKelevra <rubenkelevra(a)gmail.com>
fs_context: fix parameter name in infofc() macro
Al Viro <viro(a)zeniv.linux.org.uk>
parse_longname(): strrchr() expects NUL-terminated string
Richard Guy Briggs <rgb(a)redhat.com>
audit,module: restore audit logging in load failure case
-------------
Diffstat:
.gitignore | 1 +
Documentation/admin-guide/kernel-parameters.txt | 8 +
Documentation/filesystems/f2fs.rst | 6 +-
Documentation/netlink/specs/ethtool.yaml | 6 +-
Makefile | 4 +-
arch/arm/boot/dts/microchip/sam9x7.dtsi | 2 +
arch/arm/boot/dts/microchip/sama7d65.dtsi | 2 +
.../boot/dts/nxp/imx/imx6ul-kontron-bl-common.dtsi | 1 -
arch/arm/boot/dts/nxp/vf/vfxxx.dtsi | 2 +-
arch/arm/boot/dts/ti/omap/am335x-boneblack.dts | 2 +-
arch/arm/crypto/aes-neonbs-glue.c | 2 +-
arch/arm/mach-s3c/gpio-samsung.c | 2 +-
arch/arm64/boot/dts/exynos/google/gs101.dtsi | 3 +
.../boot/dts/freescale/imx8mm-beacon-som.dtsi | 2 +
.../boot/dts/freescale/imx8mn-beacon-som.dtsi | 2 +
.../dts/freescale/imx8mp-toradex-smarc-dev.dts | 5 -
.../boot/dts/freescale/imx8mp-toradex-smarc.dtsi | 2 +
.../boot/dts/freescale/imx8mp-venice-gw74xx.dts | 8 +-
arch/arm64/boot/dts/freescale/imx93-tqma9352.dtsi | 6 +-
arch/arm64/boot/dts/qcom/msm8976.dtsi | 2 +
arch/arm64/boot/dts/qcom/qcs615.dtsi | 4 +
arch/arm64/boot/dts/qcom/sa8775p.dtsi | 10 +-
arch/arm64/boot/dts/qcom/sc7180.dtsi | 10 +-
arch/arm64/boot/dts/qcom/sdm845.dtsi | 10 +-
arch/arm64/boot/dts/qcom/x1e80100.dtsi | 2 +-
arch/arm64/boot/dts/qcom/x1p42100.dtsi | 556 +++++++++++++++++++
arch/arm64/boot/dts/renesas/Makefile | 1 +
arch/arm64/boot/dts/rockchip/px30-evb.dts | 3 +-
arch/arm64/boot/dts/rockchip/px30-pp1516.dtsi | 3 +-
arch/arm64/boot/dts/rockchip/px30.dtsi | 2 -
arch/arm64/boot/dts/rockchip/rk3528-pinctrl.dtsi | 20 +-
arch/arm64/boot/dts/rockchip/rk3528-radxa-e20c.dts | 1 +
arch/arm64/boot/dts/rockchip/rk3528.dtsi | 16 +-
arch/arm64/boot/dts/rockchip/rk3576-rock-4d.dts | 6 +-
arch/arm64/boot/dts/st/stm32mp251.dtsi | 2 +-
.../boot/dts/ti/k3-am62p-j722s-common-main.dtsi | 2 +-
arch/arm64/boot/dts/ti/k3-am62p-verdin.dtsi | 8 +-
.../boot/dts/ti/k3-am642-phyboard-electra-rdk.dts | 2 +
arch/arm64/include/asm/gcs.h | 2 +-
arch/arm64/include/asm/kvm_host.h | 4 +
arch/arm64/kernel/Makefile | 2 +-
arch/arm64/kernel/process.c | 6 +-
arch/arm64/kvm/hyp/exception.c | 6 +-
arch/arm64/kvm/hyp/vhe/switch.c | 14 +-
arch/arm64/net/bpf_jit_comp.c | 1 +
arch/m68k/Kconfig.debug | 2 +-
arch/m68k/kernel/early_printk.c | 42 +-
arch/m68k/kernel/head.S | 8 +-
arch/mips/alchemy/common/gpiolib.c | 12 +-
arch/mips/mm/tlb-r4k.c | 56 +-
arch/powerpc/configs/ppc6xx_defconfig | 1 -
arch/powerpc/kernel/eeh.c | 1 +
arch/powerpc/kernel/eeh_driver.c | 48 +-
arch/powerpc/kernel/eeh_pe.c | 10 +-
arch/powerpc/kernel/pci-hotplug.c | 3 +
arch/powerpc/platforms/pseries/dlpar.c | 52 +-
arch/riscv/boot/dts/sophgo/sg2044-cpus.dtsi | 64 +++
arch/riscv/kvm/vcpu_onereg.c | 83 ++-
arch/s390/boot/startup.c | 2 +-
arch/s390/crypto/hmac_s390.c | 12 +-
arch/s390/crypto/sha.h | 3 +
arch/s390/crypto/sha3_256_s390.c | 22 +-
arch/s390/crypto/sha3_512_s390.c | 23 +-
arch/s390/include/asm/ap.h | 2 +-
arch/s390/kernel/setup.c | 6 +
arch/s390/mm/pgalloc.c | 5 -
arch/s390/mm/vmem.c | 5 +-
arch/sh/Makefile | 10 +-
arch/sh/boot/compressed/Makefile | 4 +-
arch/sh/boot/romimage/Makefile | 4 +-
arch/um/drivers/rtc_user.c | 2 +-
arch/x86/boot/cpuflags.c | 13 +
arch/x86/boot/startup/sev-shared.c | 7 +
arch/x86/coco/sev/core.c | 21 +
arch/x86/include/asm/cpufeatures.h | 1 +
arch/x86/include/asm/hw_irq.h | 12 +-
arch/x86/include/asm/kvm-x86-ops.h | 1 -
arch/x86/include/asm/kvm_host.h | 8 +-
arch/x86/include/asm/msr-index.h | 1 +
arch/x86/include/asm/sev.h | 19 +
arch/x86/kernel/cpu/bugs.c | 56 +-
arch/x86/kernel/cpu/scattered.c | 1 +
arch/x86/kernel/irq.c | 63 ++-
arch/x86/kvm/svm/svm.c | 14 +-
arch/x86/kvm/vmx/main.c | 15 +-
arch/x86/kvm/vmx/tdx.c | 18 +-
arch/x86/kvm/vmx/vmx.c | 16 +-
arch/x86/kvm/vmx/x86_ops.h | 4 +-
arch/x86/kvm/x86.c | 13 +-
arch/x86/mm/extable.c | 5 +-
block/blk-mq.c | 84 ++-
block/blk-settings.c | 19 +-
block/blk.h | 2 +-
block/elevator.c | 10 +-
crypto/ahash.c | 13 +-
crypto/krb5/selftest.c | 1 +
drivers/base/auxiliary.c | 2 +
drivers/block/mtip32xx/mtip32xx.c | 27 +-
drivers/block/nbd.c | 12 +-
drivers/block/ublk_drv.c | 49 +-
drivers/block/zloop.c | 3 +-
drivers/bluetooth/btintel.c | 4 +-
drivers/bluetooth/btintel.h | 2 +
drivers/bluetooth/btintel_pcie.c | 42 +-
drivers/bluetooth/btusb.c | 14 +-
drivers/bluetooth/hci_intel.c | 10 +-
drivers/bus/mhi/host/pci_generic.c | 8 +-
drivers/char/hw_random/mtk-rng.c | 4 +-
drivers/clk/at91/sam9x7.c | 20 +-
drivers/clk/clk-axi-clkgen.c | 2 +-
drivers/clk/davinci/psc.c | 5 +
drivers/clk/imx/clk-imx95-blk-ctl.c | 13 +-
drivers/clk/renesas/rzv2h-cpg.c | 1 +
drivers/clk/spacemit/ccu-k1.c | 3 +-
drivers/clk/spacemit/ccu_mix.h | 11 +-
drivers/clk/spacemit/ccu_pll.c | 2 +-
drivers/clk/sunxi-ng/ccu-sun8i-v3s.c | 3 +-
drivers/clk/thead/clk-th1520-ap.c | 102 ++--
drivers/clk/xilinx/clk-xlnx-clock-wizard.c | 2 +-
drivers/clk/xilinx/xlnx_vcu.c | 4 +-
drivers/cpufreq/Makefile | 1 +
drivers/cpufreq/armada-8k-cpufreq.c | 3 +-
drivers/cpufreq/cpufreq.c | 21 +-
drivers/cpufreq/intel_pstate.c | 4 +-
drivers/cpufreq/powernv-cpufreq.c | 4 +-
drivers/cpufreq/powernv-trace.h | 44 ++
.../crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c | 4 +-
drivers/crypto/ccp/ccp-debugfs.c | 3 +
drivers/crypto/ccp/sev-dev.c | 16 +-
drivers/crypto/img-hash.c | 2 +-
drivers/crypto/inside-secure/safexcel_hash.c | 8 +-
.../crypto/intel/keembay/keembay-ocs-hcu-core.c | 8 +-
.../crypto/intel/qat/qat_420xx/adf_420xx_hw_data.c | 9 +-
.../crypto/intel/qat/qat_6xxx/adf_6xxx_hw_data.c | 20 +-
.../crypto/intel/qat/qat_6xxx/adf_6xxx_hw_data.h | 2 +-
.../crypto/intel/qat/qat_common/adf_gen4_hw_data.c | 29 +-
drivers/crypto/intel/qat/qat_common/adf_sriov.c | 1 -
.../intel/qat/qat_common/adf_transport_debug.c | 4 +-
drivers/crypto/intel/qat/qat_common/qat_bl.c | 6 +-
.../crypto/intel/qat/qat_common/qat_compression.c | 8 +-
drivers/crypto/marvell/cesa/cipher.c | 4 +-
drivers/crypto/marvell/cesa/hash.c | 5 +-
drivers/cxl/core/core.h | 1 +
drivers/cxl/core/edac.c | 5 +-
drivers/cxl/core/hdm.c | 7 +
drivers/devfreq/devfreq.c | 12 +-
drivers/dma-buf/Kconfig | 1 -
drivers/dma-buf/udmabuf.c | 23 +-
drivers/dma/mmp_tdma.c | 2 +-
drivers/dma/mv_xor.c | 21 +-
drivers/dma/nbpfaxi.c | 13 +
drivers/firmware/arm_scmi/perf.c | 2 +-
drivers/firmware/efi/libstub/Makefile.zboot | 2 +-
drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd.c | 24 +-
drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd.h | 25 +-
.../gpu/drm/amd/amdgpu/amdgpu_amdkfd_arcturus.c | 4 +-
drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 11 +-
drivers/gpu/drm/amd/amdgpu/amdgpu_job.c | 39 +-
drivers/gpu/drm/amd/amdgpu/amdgpu_sdma.c | 10 +-
drivers/gpu/drm/amd/amdgpu/amdgpu_userq.c | 2 +-
drivers/gpu/drm/amd/amdgpu/gfx_v10_0.c | 38 +-
drivers/gpu/drm/amd/amdgpu/gfx_v11_0.c | 12 +-
drivers/gpu/drm/amd/amdgpu/gfx_v12_0.c | 12 +-
drivers/gpu/drm/amd/amdgpu/gfx_v9_0.c | 9 +-
drivers/gpu/drm/amd/amdgpu/gfx_v9_4_3.c | 10 +-
drivers/gpu/drm/amd/amdgpu/jpeg_v2_0.c | 8 +-
drivers/gpu/drm/amd/amdgpu/jpeg_v2_5.c | 8 +-
drivers/gpu/drm/amd/amdgpu/jpeg_v3_0.c | 8 +-
drivers/gpu/drm/amd/amdgpu/jpeg_v4_0.c | 8 +-
drivers/gpu/drm/amd/amdgpu/jpeg_v4_0_3.c | 8 +-
drivers/gpu/drm/amd/amdgpu/jpeg_v5_0_1.c | 8 +-
drivers/gpu/drm/amd/amdgpu/nbio_v7_9.c | 20 -
drivers/gpu/drm/amd/amdgpu/sdma_v4_4_2.c | 35 +-
drivers/gpu/drm/amd/amdgpu/sdma_v5_0.c | 5 +-
drivers/gpu/drm/amd/amdgpu/sdma_v5_2.c | 5 +-
drivers/gpu/drm/amd/amdgpu/sdma_v6_0.c | 6 +-
drivers/gpu/drm/amd/amdgpu/sdma_v7_0.c | 6 +-
drivers/gpu/drm/amd/amdgpu/vcn_v4_0.c | 7 +-
drivers/gpu/drm/amd/amdgpu/vcn_v4_0_3.c | 6 +-
drivers/gpu/drm/amd/amdgpu/vcn_v4_0_5.c | 7 +-
drivers/gpu/drm/amd/amdgpu/vcn_v5_0_0.c | 7 +-
drivers/gpu/drm/amd/amdkfd/kfd_device.c | 54 +-
.../gpu/drm/amd/pm/powerplay/hwmgr/smu_helper.c | 2 +-
drivers/gpu/drm/display/drm_hdmi_state_helper.c | 4 +-
.../drm/msm/disp/dpu1/catalog/dpu_5_1_sc8180x.h | 1 +
drivers/gpu/drm/panfrost/panfrost_devfreq.c | 4 +-
drivers/gpu/drm/panthor/panthor_gem.c | 31 +-
drivers/gpu/drm/panthor/panthor_gem.h | 3 -
drivers/gpu/drm/rockchip/rockchip_drm_fb.c | 9 +-
drivers/gpu/drm/rockchip/rockchip_drm_vop2.c | 29 +-
drivers/gpu/drm/rockchip/rockchip_drm_vop2.h | 33 ++
drivers/gpu/drm/rockchip/rockchip_vop2_reg.c | 89 ++-
drivers/gpu/drm/sitronix/Kconfig | 10 -
drivers/gpu/drm/vmwgfx/vmwgfx_shader.c | 2 +-
drivers/gpu/drm/xe/xe_configfs.c | 3 +-
drivers/gpu/drm/xe/xe_device.c | 1 +
drivers/gpu/drm/xe/xe_gt_sriov_pf.c | 32 +-
drivers/gpu/drm/xe/xe_vsec.c | 20 +-
drivers/hid/hid-apple.c | 20 +-
drivers/hid/hid-core.c | 6 +-
drivers/hid/hid-magicmouse.c | 60 +-
drivers/i2c/muxes/i2c-mux-mule.c | 3 +-
drivers/i3c/master/svc-i3c-master.c | 20 +-
drivers/infiniband/core/counters.c | 2 +-
drivers/infiniband/core/device.c | 27 +
drivers/infiniband/core/nldev.c | 2 +-
drivers/infiniband/core/rdma_core.c | 29 +
drivers/infiniband/core/uverbs_cmd.c | 7 +-
drivers/infiniband/core/uverbs_std_types_qp.c | 2 +-
drivers/infiniband/hw/erdma/erdma_verbs.c | 3 +-
drivers/infiniband/hw/hns/hns_roce_device.h | 1 +
drivers/infiniband/hw/hns/hns_roce_hem.c | 18 +-
drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 87 ++-
drivers/infiniband/hw/hns/hns_roce_hw_v2.h | 8 +-
drivers/infiniband/hw/hns/hns_roce_main.c | 22 +-
drivers/infiniband/hw/mana/qp.c | 2 +-
drivers/infiniband/hw/mlx5/devx.c | 2 +-
drivers/infiniband/hw/mlx5/dm.c | 2 +-
drivers/infiniband/hw/mlx5/fs.c | 4 +-
drivers/infiniband/hw/mlx5/umr.c | 6 +-
drivers/infiniband/ulp/ipoib/ipoib_main.c | 2 +
drivers/interconnect/qcom/qcs615.c | 42 --
drivers/interconnect/qcom/sc8180x.c | 6 +
drivers/interconnect/qcom/sc8280xp.c | 1 +
drivers/iommu/amd/iommu.c | 19 +-
drivers/iommu/arm/arm-smmu/arm-smmu-qcom.c | 3 +-
drivers/iommu/intel/cache.c | 18 +-
drivers/iommu/intel/iommu.c | 3 +-
drivers/irqchip/Kconfig | 1 +
drivers/leds/flash/Kconfig | 1 +
drivers/leds/leds-lp8860.c | 4 +-
drivers/leds/leds-pca955x.c | 4 +-
drivers/md/dm-flakey.c | 9 +-
drivers/md/md.c | 41 +-
drivers/md/raid10.c | 3 -
drivers/media/platform/nxp/imx-jpeg/mxc-jpeg.c | 47 +-
drivers/media/platform/nxp/imx-jpeg/mxc-jpeg.h | 1 +
.../media/platform/ti/j721e-csi2rx/j721e-csi2rx.c | 1 +
drivers/media/v4l2-core/v4l2-ctrls-core.c | 8 +-
drivers/mfd/tps65219.c | 2 +-
drivers/misc/mei/platform-vsc.c | 8 +
drivers/misc/mei/vsc-tp.c | 68 +--
drivers/misc/mei/vsc-tp.h | 3 -
drivers/misc/sram.c | 10 +-
drivers/mtd/ftl.c | 2 +-
drivers/mtd/nand/raw/atmel/nand-controller.c | 2 +-
drivers/mtd/nand/raw/atmel/pmecc.c | 6 +
drivers/mtd/nand/raw/rockchip-nand-controller.c | 15 +
drivers/mtd/spi-nor/spansion.c | 31 ++
drivers/net/can/kvaser_pciefd.c | 1 +
drivers/net/can/sja1000/Kconfig | 2 +-
drivers/net/can/usb/kvaser_usb/kvaser_usb_core.c | 1 +
drivers/net/can/usb/peak_usb/pcan_usb_fd.c | 17 +-
drivers/net/dsa/microchip/ksz8.c | 3 +
drivers/net/dsa/microchip/ksz8_reg.h | 4 +-
drivers/net/ethernet/airoha/airoha_npu.c | 2 +
drivers/net/ethernet/airoha/airoha_ppe.c | 26 +-
drivers/net/ethernet/emulex/benet/be_cmds.c | 2 +-
drivers/net/ethernet/intel/igb/igb_xsk.c | 3 +-
drivers/net/ethernet/mellanox/mlx5/core/en.h | 1 +
.../ethernet/mellanox/mlx5/core/en/port_buffer.c | 3 +
.../ethernet/mellanox/mlx5/core/en/reporter_rx.c | 7 +
.../mellanox/mlx5/core/en_accel/ipsec_rxtx.c | 4 +
drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 26 +-
drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 1 +
drivers/net/ethernet/mellanox/mlx5/core/lib/dm.c | 4 +-
drivers/net/ethernet/mellanox/mlx5/core/main.c | 3 -
drivers/net/ethernet/meta/fbnic/fbnic_netdev.c | 14 +-
drivers/net/ethernet/meta/fbnic/fbnic_txrx.c | 4 +-
drivers/net/ethernet/meta/fbnic/fbnic_txrx.h | 6 +-
drivers/net/ethernet/microsoft/mana/mana_en.c | 28 +-
drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 2 +-
drivers/net/ethernet/ti/icssg/icssg_common.c | 15 +-
drivers/net/ipa/Kconfig | 2 +-
drivers/net/ipa/ipa_sysfs.c | 6 +-
drivers/net/macsec.c | 2 +-
drivers/net/mdio/mdio-bcm-unimac.c | 5 +-
drivers/net/netconsole.c | 30 +-
drivers/net/phy/mscc/mscc_ptp.c | 1 +
drivers/net/phy/mscc/mscc_ptp.h | 1 +
drivers/net/ppp/pptp.c | 18 +-
drivers/net/team/team_core.c | 96 ++--
drivers/net/team/team_mode_activebackup.c | 3 +-
drivers/net/team/team_mode_loadbalance.c | 13 +-
drivers/net/usb/usbnet.c | 11 +-
drivers/net/vrf.c | 2 +
drivers/net/wireless/ath/ath11k/hal.c | 4 +
drivers/net/wireless/ath/ath11k/mac.c | 12 +-
drivers/net/wireless/ath/ath12k/core.c | 1 +
drivers/net/wireless/ath/ath12k/core.h | 8 +-
.../net/wireless/ath/ath12k/debugfs_htt_stats.h | 6 +-
drivers/net/wireless/ath/ath12k/dp.h | 1 +
drivers/net/wireless/ath/ath12k/dp_mon.c | 1 -
drivers/net/wireless/ath/ath12k/dp_tx.c | 10 +-
drivers/net/wireless/ath/ath12k/mac.c | 120 +++-
drivers/net/wireless/ath/ath12k/p2p.c | 3 +-
drivers/net/wireless/ath/ath12k/reg.c | 116 +++-
drivers/net/wireless/ath/ath12k/reg.h | 1 +
drivers/net/wireless/ath/ath12k/wmi.c | 14 +-
drivers/net/wireless/ath/ath12k/wmi.h | 2 +
.../broadcom/brcm80211/brcmfmac/cfg80211.c | 38 +-
.../broadcom/brcm80211/brcmfmac/cyw/core.c | 26 +-
.../broadcom/brcm80211/brcmfmac/cyw/fwil_types.h | 2 +-
drivers/net/wireless/intel/iwlwifi/dvm/main.c | 12 +-
drivers/net/wireless/intel/iwlwifi/mld/rx.c | 9 +
drivers/net/wireless/intel/iwlwifi/mvm/ops.c | 4 +-
drivers/net/wireless/marvell/mwl8k.c | 4 +
drivers/net/wireless/mediatek/mt76/mt7925/mcu.c | 4 +-
drivers/net/wireless/mediatek/mt76/mt7996/main.c | 21 +-
drivers/net/wireless/mediatek/mt76/mt7996/mcu.c | 3 +-
drivers/net/wireless/purelifi/plfxlc/mac.c | 11 +-
drivers/net/wireless/purelifi/plfxlc/mac.h | 2 +-
drivers/net/wireless/purelifi/plfxlc/usb.c | 29 +-
drivers/net/wireless/realtek/rtl818x/rtl8187/dev.c | 3 +-
drivers/net/wireless/realtek/rtl8xxxu/core.c | 2 +-
drivers/net/wireless/realtek/rtw88/main.c | 4 +-
drivers/net/wireless/realtek/rtw89/core.c | 8 +-
drivers/net/wireless/realtek/rtw89/phy.c | 12 +-
drivers/net/wireless/realtek/rtw89/sar.c | 5 +-
drivers/nvme/target/core.c | 18 +-
drivers/nvme/target/pci-epf.c | 23 +-
drivers/pci/controller/dwc/pcie-dw-rockchip.c | 1 +
drivers/pci/controller/dwc/pcie-qcom.c | 1 +
drivers/pci/controller/pcie-rockchip-host.c | 2 +-
drivers/pci/controller/plda/pcie-starfive.c | 2 +-
drivers/pci/endpoint/functions/pci-epf-vntb.c | 4 +-
drivers/pci/hotplug/pnv_php.c | 235 +++++++-
drivers/pci/pci-driver.c | 6 +-
drivers/pci/pci.h | 2 +-
drivers/pci/quirks.c | 6 +-
drivers/perf/arm-ni.c | 2 +
drivers/phy/phy-snps-eusb2.c | 3 +
drivers/phy/qualcomm/phy-qcom-eusb2-repeater.c | 83 +--
drivers/pinctrl/berlin/berlin.c | 8 +-
drivers/pinctrl/cirrus/pinctrl-madera-core.c | 14 +-
drivers/pinctrl/pinctrl-k230.c | 13 +-
drivers/pinctrl/pinmux.c | 20 +-
drivers/pinctrl/sunxi/pinctrl-sunxi.c | 11 +-
drivers/platform/x86/intel/pmt/class.c | 3 +-
drivers/platform/x86/intel/pmt/class.h | 1 +
drivers/platform/x86/oxpec.c | 37 +-
drivers/power/reset/Kconfig | 1 +
drivers/power/sequencing/pwrseq-qcom-wcn.c | 2 +-
drivers/power/supply/cpcap-charger.c | 5 +-
drivers/power/supply/max14577_charger.c | 4 +-
drivers/power/supply/max1720x_battery.c | 11 +-
drivers/power/supply/qcom_pmi8998_charger.c | 4 +-
drivers/powercap/dtpm_cpu.c | 2 +
drivers/pps/pps.c | 11 +-
drivers/remoteproc/Kconfig | 11 +-
drivers/remoteproc/qcom_q6v5_pas.c | 615 ++++++++++-----------
drivers/remoteproc/xlnx_r5_remoteproc.c | 2 +
drivers/rtc/rtc-ds1307.c | 2 +-
drivers/rtc/rtc-hym8563.c | 2 +-
drivers/rtc/rtc-nct3018y.c | 2 +-
drivers/rtc/rtc-pcf85063.c | 2 +-
drivers/rtc/rtc-pcf8563.c | 2 +-
drivers/rtc/rtc-rv3028.c | 2 +-
drivers/s390/crypto/ap_bus.h | 2 +-
drivers/scsi/elx/efct/efct_lio.c | 2 +-
drivers/scsi/ibmvscsi_tgt/libsrp.c | 6 +-
drivers/scsi/isci/request.c | 2 +-
drivers/scsi/mpt3sas/mpt3sas_scsih.c | 3 +-
drivers/scsi/mvsas/mv_sas.c | 4 +-
drivers/scsi/scsi.c | 8 +-
drivers/scsi/scsi_transport_iscsi.c | 2 +
drivers/scsi/sd.c | 4 +-
drivers/soc/qcom/pmic_glink.c | 9 +-
drivers/soc/qcom/qmi_encdec.c | 52 +-
drivers/soc/qcom/qmi_interface.c | 6 +-
drivers/soc/tegra/cbb/tegra234-cbb.c | 2 +
drivers/soundwire/debugfs.c | 6 +-
drivers/soundwire/mipi_disco.c | 4 +-
drivers/soundwire/stream.c | 2 +-
drivers/spi/spi-cs42l43.c | 2 +-
drivers/spi/spi-nxp-fspi.c | 4 +-
drivers/spi/spi-stm32.c | 8 +-
drivers/staging/fbtft/fbtft-core.c | 1 +
drivers/staging/gpib/cb7210/cb7210.c | 15 +-
drivers/staging/gpib/common/gpib_os.c | 4 +-
drivers/staging/greybus/gbphy.c | 6 +-
.../media/atomisp/pci/atomisp_gmin_platform.c | 9 +-
drivers/staging/nvec/nvec_power.c | 2 +-
drivers/ufs/core/ufshcd.c | 10 +-
drivers/usb/early/xhci-dbc.c | 4 +
drivers/usb/gadget/composite.c | 5 +
drivers/usb/gadget/function/f_hid.c | 7 +-
drivers/usb/gadget/function/uvc_configfs.c | 10 +
drivers/usb/host/xhci-plat.c | 2 +-
drivers/usb/misc/apple-mfi-fastcharge.c | 24 +-
drivers/usb/serial/option.c | 2 +
drivers/usb/typec/ucsi/ucsi_yoga_c630.c | 19 +-
drivers/vdpa/mlx5/core/mr.c | 3 +
drivers/vdpa/mlx5/net/mlx5_vnet.c | 12 +-
drivers/vdpa/vdpa_user/vduse_dev.c | 1 +
drivers/vfio/device_cdev.c | 38 +-
drivers/vfio/group.c | 7 +-
drivers/vfio/iommufd.c | 4 +
drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c | 1 +
drivers/vfio/pci/mlx5/main.c | 1 +
drivers/vfio/pci/nvgrace-gpu/main.c | 2 +
drivers/vfio/pci/pds/vfio_dev.c | 2 +
drivers/vfio/pci/qat/main.c | 1 +
drivers/vfio/pci/vfio_pci.c | 1 +
drivers/vfio/pci/vfio_pci_core.c | 24 +-
drivers/vfio/pci/virtio/main.c | 3 +
drivers/vfio/vfio_main.c | 3 +-
drivers/vhost/Kconfig | 18 +
drivers/vhost/scsi.c | 6 +-
drivers/vhost/vhost.c | 244 +++++++-
drivers/vhost/vhost.h | 22 +
drivers/video/fbdev/core/fbcon.c | 4 +-
drivers/video/fbdev/imxfb.c | 9 +-
drivers/watchdog/ziirave_wdt.c | 3 +
drivers/xen/gntdev-common.h | 4 +
drivers/xen/gntdev-dmabuf.c | 28 +-
drivers/xen/gntdev.c | 71 ++-
fs/btrfs/ctree.c | 18 +-
fs/ceph/crypto.c | 31 +-
fs/erofs/Kconfig | 2 +
fs/eventpoll.c | 58 +-
fs/exfat/file.c | 5 +-
fs/ext4/inline.c | 2 +
fs/ext4/inode.c | 13 +-
fs/ext4/page-io.c | 16 +-
fs/f2fs/compress.c | 76 +--
fs/f2fs/data.c | 7 +-
fs/f2fs/debug.c | 17 +-
fs/f2fs/extent_cache.c | 2 +-
fs/f2fs/f2fs.h | 4 +-
fs/f2fs/gc.c | 1 +
fs/f2fs/inode.c | 21 +-
fs/f2fs/segment.h | 5 +-
fs/f2fs/super.c | 1 +
fs/f2fs/sysfs.c | 21 +
fs/gfs2/glock.c | 3 +-
fs/gfs2/util.c | 37 +-
fs/hfs/inode.c | 1 +
fs/hfsplus/extents.c | 3 -
fs/hfsplus/inode.c | 1 +
fs/jfs/jfs_dmap.c | 4 +-
fs/nfs/dir.c | 4 +-
fs/nfs/export.c | 11 +-
fs/nfs/flexfilelayout/flexfilelayout.c | 26 +-
fs/nfs/flexfilelayout/flexfilelayoutdev.c | 6 +-
fs/nfs/internal.h | 9 +-
fs/nfs/nfs4proc.c | 10 +-
fs/nfs_common/nfslocalio.c | 28 +-
fs/nfsd/localio.c | 5 +-
fs/nfsd/vfs.c | 10 +-
fs/notify/fanotify/fanotify.c | 8 +-
fs/ntfs3/file.c | 5 +-
fs/ntfs3/frecord.c | 7 +-
fs/ntfs3/namei.c | 10 +-
fs/ntfs3/ntfs_fs.h | 3 +-
fs/orangefs/orangefs-debugfs.c | 6 +-
fs/proc/generic.c | 2 +
fs/proc/inode.c | 2 +-
fs/proc/internal.h | 5 +
fs/smb/client/cifs_debug.c | 6 +-
fs/smb/client/cifsencrypt.c | 4 +-
fs/smb/client/cifsfs.c | 2 +-
fs/smb/client/connect.c | 9 +-
fs/smb/client/fs_context.c | 19 +-
fs/smb/client/fs_context.h | 18 +-
fs/smb/client/link.c | 11 +-
fs/smb/client/reparse.c | 2 +-
fs/smb/client/smbdirect.c | 130 ++---
fs/smb/client/smbdirect.h | 4 -
fs/smb/server/connection.h | 1 +
fs/smb/server/smb2pdu.c | 22 +-
fs/smb/server/smb_common.c | 2 +-
fs/smb/server/transport_rdma.c | 97 ++--
fs/smb/server/transport_tcp.c | 17 +
fs/smb/server/vfs.c | 3 +-
fs/squashfs/block.c | 47 +-
include/crypto/internal/hash.h | 6 +
include/linux/audit.h | 9 +-
include/linux/bpf-cgroup.h | 5 -
include/linux/bpf.h | 60 +-
include/linux/crypto.h | 3 +
include/linux/fortify-string.h | 2 +-
include/linux/fs_context.h | 2 +-
include/linux/i3c/device.h | 4 +-
include/linux/if_team.h | 3 -
include/linux/ioprio.h | 3 +-
include/linux/mlx5/device.h | 1 +
include/linux/mmap_lock.h | 30 +
include/linux/moduleparam.h | 5 +-
include/linux/padata.h | 4 -
include/linux/pps_kernel.h | 1 +
include/linux/proc_fs.h | 1 +
include/linux/psi_types.h | 6 +-
include/linux/ring_buffer.h | 4 +-
include/linux/sched.h | 1 +
include/linux/sched/task_stack.h | 2 +-
include/linux/skbuff.h | 23 +
include/linux/soc/qcom/qmi.h | 6 +-
include/linux/usb/usbnet.h | 1 +
include/linux/vfio.h | 4 +
include/linux/vfio_pci_core.h | 2 +
include/net/bluetooth/hci.h | 1 +
include/net/bluetooth/hci_core.h | 6 +
include/net/dst.h | 24 +-
include/net/lwtunnel.h | 8 +-
include/net/route.h | 4 +-
include/net/sock.h | 12 +-
include/net/tc_act/tc_ctinfo.h | 6 +-
include/net/udp.h | 24 +-
include/rdma/ib_verbs.h | 12 +
include/sound/tas2781-tlv.h | 2 +-
include/trace/events/power.h | 22 -
include/uapi/drm/panthor_drm.h | 3 +
include/uapi/drm/xe_drm.h | 8 +-
include/uapi/linux/vfio.h | 12 +-
include/uapi/linux/vhost.h | 29 +
init/Kconfig | 2 +-
kernel/audit.h | 2 +-
kernel/auditsc.c | 2 +-
kernel/bpf/cgroup.c | 8 +-
kernel/bpf/core.c | 55 +-
kernel/bpf/helpers.c | 11 +-
kernel/bpf/preload/Kconfig | 1 -
kernel/bpf/syscall.c | 19 +-
kernel/bpf/verifier.c | 1 +
kernel/cgroup/cgroup-v1.c | 14 +-
kernel/events/core.c | 36 +-
kernel/events/uprobes.c | 4 +-
kernel/kcsan/kcsan_test.c | 2 +-
kernel/kexec_core.c | 3 +-
kernel/module/main.c | 6 +-
kernel/padata.c | 132 ++---
kernel/rcu/refscale.c | 10 +-
kernel/rcu/tree_nocb.h | 2 +-
kernel/sched/core.c | 2 +
kernel/sched/deadline.c | 78 ++-
kernel/sched/fair.c | 9 -
kernel/sched/psi.c | 123 +++--
kernel/sched/sched.h | 1 +
kernel/trace/power-traces.c | 1 -
kernel/trace/preemptirq_delay_test.c | 13 +-
kernel/trace/ring_buffer.c | 63 +--
kernel/trace/rv/monitors/scpd/Kconfig | 2 +-
kernel/trace/rv/monitors/sncid/Kconfig | 2 +-
kernel/trace/rv/monitors/snep/Kconfig | 2 +-
kernel/trace/rv/monitors/wip/Kconfig | 2 +-
kernel/trace/rv/rv_trace.h | 84 +--
kernel/trace/trace.c | 14 +-
kernel/trace/trace_events_filter.c | 28 +-
kernel/trace/trace_kdb.c | 8 +-
kernel/ucount.c | 2 +-
lib/tests/fortify_kunit.c | 4 +-
mm/hmm.c | 2 +-
mm/mmap_lock.c | 3 +-
mm/shmem.c | 4 +-
mm/slub.c | 10 +-
mm/swapfile.c | 65 +--
net/bluetooth/coredump.c | 6 +-
net/bluetooth/hci_event.c | 8 +-
net/caif/cfctrl.c | 294 +++++-----
net/core/devmem.c | 6 +-
net/core/devmem.h | 7 +-
net/core/dst.c | 8 +-
net/core/filter.c | 23 +-
net/core/neighbour.c | 88 ++-
net/core/netclassid_cgroup.c | 4 +-
net/core/netpoll.c | 7 +
net/core/skmsg.c | 7 +
net/core/sock.c | 8 +-
net/ipv4/inet_connection_sock.c | 4 +-
net/ipv4/ping.c | 2 +-
net/ipv4/raw.c | 2 +-
net/ipv4/route.c | 7 +-
net/ipv4/syncookies.c | 3 +-
net/ipv4/tcp_input.c | 4 +-
net/ipv4/udp.c | 3 +-
net/ipv6/af_inet6.c | 2 +-
net/ipv6/datagram.c | 2 +-
net/ipv6/inet6_connection_sock.c | 4 +-
net/ipv6/ip6_fib.c | 24 +-
net/ipv6/ip6_offload.c | 4 +-
net/ipv6/ip6mr.c | 3 +-
net/ipv6/ping.c | 2 +-
net/ipv6/raw.c | 2 +-
net/ipv6/route.c | 79 +--
net/ipv6/syncookies.c | 2 +-
net/ipv6/tcp_ipv6.c | 2 +-
net/ipv6/udp.c | 5 +-
net/kcm/kcmsock.c | 6 +
net/l2tp/l2tp_ip6.c | 2 +-
net/mac80211/cfg.c | 12 +-
net/mac80211/ieee80211_i.h | 15 +
net/mac80211/main.c | 13 +-
net/mac80211/tdls.c | 2 +-
net/mac80211/tx.c | 14 +-
net/mptcp/protocol.c | 2 +-
net/netfilter/nf_bpf_link.c | 5 +-
net/netfilter/nf_tables_api.c | 29 +-
net/netfilter/xt_nfacct.c | 4 +-
net/packet/af_packet.c | 12 +-
net/sched/act_ctinfo.c | 19 +-
net/sched/sch_mqprio.c | 2 +-
net/sched/sch_netem.c | 40 ++
net/sched/sch_taprio.c | 21 +-
net/socket.c | 8 +-
net/sunrpc/svcsock.c | 43 +-
net/sunrpc/xprtsock.c | 40 +-
net/tls/tls_sw.c | 13 +
net/vmw_vsock/af_vsock.c | 3 +-
net/wireless/nl80211.c | 1 +
net/wireless/reg.c | 2 +
rust/kernel/devres.rs | 10 +-
rust/kernel/miscdevice.rs | 8 +-
samples/mei/mei-amt-version.c | 2 +-
scripts/gdb/linux/constants.py.in | 12 +-
scripts/kconfig/qconf.cc | 2 +-
security/apparmor/include/match.h | 8 +-
security/apparmor/match.c | 23 +-
security/apparmor/policy_unpack_test.c | 6 +-
security/landlock/id.c | 69 ++-
sound/pci/hda/patch_ca0132.c | 5 +-
sound/pci/hda/patch_realtek.c | 3 +
sound/soc/amd/acp/acp-pci.c | 8 +-
sound/soc/amd/acp/amd-acpi-mach.c | 4 +-
sound/soc/amd/acp/amd.h | 8 +-
sound/soc/fsl/fsl_xcvr.c | 25 +-
.../soc/mediatek/common/mtk-afe-platform-driver.c | 4 +-
sound/soc/mediatek/common/mtk-base-afe.h | 1 +
sound/soc/mediatek/mt8173/mt8173-afe-pcm.c | 7 +
sound/soc/mediatek/mt8183/mt8183-afe-pcm.c | 21 +
sound/soc/mediatek/mt8186/mt8186-afe-pcm.c | 7 +
sound/soc/mediatek/mt8192/mt8192-afe-pcm.c | 7 +
sound/soc/rockchip/rockchip_sai.c | 16 +-
sound/soc/sdca/sdca_asoc.c | 14 +-
sound/soc/sdca/sdca_functions.c | 3 +-
sound/soc/sdca/sdca_regmap.c | 16 +-
sound/soc/soc-dai.c | 16 +-
sound/soc/soc-ops.c | 28 +-
sound/soc/sof/intel/Kconfig | 3 +-
sound/usb/mixer_scarlett2.c | 14 +-
sound/x86/intel_hdmi_audio.c | 2 +-
tools/bpf/bpftool/net.c | 15 +-
tools/cgroup/memcg_slabinfo.py | 4 +-
tools/include/nolibc/stdio.h | 4 +-
tools/include/nolibc/sys/wait.h | 2 +-
tools/lib/subcmd/help.c | 12 +-
tools/lib/subcmd/run-command.c | 15 +-
tools/perf/.gitignore | 2 -
tools/perf/arch/x86/include/arch-tests.h | 4 +
tools/perf/arch/x86/tests/Build | 1 +
tools/perf/arch/x86/tests/arch-tests.c | 1 +
tools/perf/arch/x86/tests/topdown.c | 76 +++
tools/perf/arch/x86/util/evsel.c | 46 +-
tools/perf/arch/x86/util/topdown.c | 31 +-
tools/perf/arch/x86/util/topdown.h | 4 +
tools/perf/builtin-sched.c | 147 +++--
tools/perf/tests/bp_account.c | 1 +
tools/perf/util/build-id.c | 2 +-
tools/perf/util/evsel.c | 11 +
tools/perf/util/evsel.h | 2 +
tools/perf/util/hwmon_pmu.c | 2 +-
tools/perf/util/parse-events.c | 11 +-
tools/perf/util/pmu.c | 4 +-
tools/perf/util/python.c | 49 +-
tools/perf/util/symbol.c | 1 +
.../cpupower/utils/idle_monitor/cpupower-monitor.c | 4 -
tools/power/x86/turbostat/turbostat.c | 34 +-
tools/testing/selftests/alsa/utimer-test.c | 1 +
tools/testing/selftests/arm64/fp/sve-ptrace.c | 2 +-
tools/testing/selftests/bpf/bpf_atomic.h | 2 +-
.../selftests/bpf/prog_tests/sockmap_listen.c | 2 +
tools/testing/selftests/bpf/veristat.c | 1 +
.../breakpoints/step_after_suspend_test.c | 41 +-
tools/testing/selftests/cgroup/test_cpu.c | 63 ++-
tools/testing/selftests/drivers/net/hw/tso.py | 99 ++--
tools/testing/selftests/drivers/net/lib/py/env.py | 2 +-
.../ftrace/test.d/event/subsystem-enable.tc | 28 +-
tools/testing/selftests/landlock/audit.h | 7 +-
tools/testing/selftests/landlock/audit_test.c | 1 +
tools/testing/selftests/net/netfilter/ipvs.sh | 4 +-
.../net/netfilter/nft_interface_stress.sh | 5 +-
tools/testing/selftests/net/rtnetlink.sh | 6 +
tools/testing/selftests/net/vlan_hw_filter.sh | 16 +-
tools/testing/selftests/nolibc/nolibc-test.c | 23 +
tools/testing/selftests/perf_events/.gitignore | 1 +
tools/testing/selftests/perf_events/Makefile | 2 +-
tools/testing/selftests/perf_events/mmap.c | 236 ++++++++
.../selftests/syscall_user_dispatch/sud_test.c | 50 +-
tools/testing/selftests/vDSO/vdso_test_chacha.c | 3 +-
tools/verification/rv/src/in_kernel.c | 4 +-
690 files changed, 7316 insertions(+), 3614 deletions(-)
1 month
- 24
- 675
Instability in ALL stable and LTS distro kernels (IRQ #16 being disabled, PCIe bus errors, ath10k_pci) in Dell Inspiron 5567
by Bandhan Pramanik
Hello,
The following is the original thread, where a bug was reported to the
linux-wireless and ath10k mailing lists. The specific bug has been
detailed clearly here.
https://lore.kernel.org/linux-wireless/690B1DB2-C9DC-4FAD-8063-4CED659B1701…
There is also a Bugzilla report by me, which was opened later:
https://bugzilla.kernel.org/show_bug.cgi?id=220264
As stated, it is highly encouraged to check out all the logs,
especially the line of IRQ #16 in /proc/interrupts.
Here is where all the logs are:
https://gist.github.com/BandhanPramanik/ddb0cb23eca03ca2ea43a1d832a16180
(these logs are taken from an Arch liveboot)
On my daily driver, I found these on my IRQ #16:
16: 173210 0 0 0 IR-IO-APIC
16-fasteoi i2c_designware.0, idma64.0, i801_smbus
The fixes stated on the Reddit post for this Wi-Fi card didn't quite
work. (But git-cloning the firmware files did give me some more time
to have stable internet)
This time, I had to go for the GRUB kernel parameters.
Right now, I'm using "irqpoll" to curb the errors caused.
"intel_iommu=off" did not work, and the Wi-Fi was constantly crashing
even then. Did not try out "pci=noaer" this time.
If it's of any concern, there is a very weird error in Chromium-based
browsers which has only happened after I started using irqpoll. When I
Google something, the background of the individual result boxes shows
as pure black, while the surrounding space is the usual
greyish-blackish, like we see in Dark Mode. Here is a picture of the
exact thing I'm experiencing: https://files.catbox.moe/mjew6g.png
If you notice anything in my logs/bug reports, please let me know.
(Because it seems like Wi-Fi errors are just a red herring, there are
some ACPI or PCIe-related errors in the computers of this model - just
a naive speculation, though.)
Thanking you,
Bandhan Pramanik
1 month
- 4
- 20
Reply Request For International Broadcast Conference 2025
by Jack Reacher
Hi,
I just wanted to check in and see if you had the chance to review my previous email regarding International Broadcast Conference (IBC) 2025.
Looking forward to your reply.
Kind regards,
Jack Reacher
_____________________________________________________________________________________
From: Jack Reacher
Subject: International Broadcast Conference (IBC) 2025
Hi,
We are offering the visitors contact list International Broadcast Conference (IBC) 2025.
We currently have 50,656 verified visitor contacts.
Each contact contains: Contact name, Job Title, Business Name, Physical Address, Phone Numbers, Official Email address and many more…
Rest assured, our contacts are 100% opt-in and GDPR compliant, ensuring the utmost integrity in your outreach.
Let me know if you are interested so that I can share the pricing for the same.
Kind Regards,
Jack Reacher
Sr. Marketing Manager
If you do not wish to receive this newsletter reply as “Unfollow”
1 month
- 1
- 0
FAILED: patch "[PATCH] NFS: Fix the setting of capabilities when automounting a new" failed to apply to 5.4-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.4-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y
git checkout FETCH_HEAD
git cherry-pick -x b01f21cacde9f2878492cf318fee61bf4ccad323
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081556-illusive-crawlers-8c0e@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From b01f21cacde9f2878492cf318fee61bf4ccad323 Mon Sep 17 00:00:00 2001
From: Trond Myklebust <trond.myklebust(a)hammerspace.com>
Date: Sun, 3 Aug 2025 14:31:59 -0700
Subject: [PATCH] NFS: Fix the setting of capabilities when automounting a new
filesystem
Capabilities cannot be inherited when we cross into a new filesystem.
They need to be reset to the minimal defaults, and then probed for
again.
Fixes: 54ceac451598 ("NFS: Share NFS superblocks per-protocol per-server per-FSID")
Cc: stable(a)vger.kernel.org
Reviewed-by: Benjamin Coddington <bcodding(a)redhat.com>
Signed-off-by: Trond Myklebust <trond.myklebust(a)hammerspace.com>
diff --git a/fs/nfs/client.c b/fs/nfs/client.c
index e13eb429b8b5..8fb4a950dd55 100644
--- a/fs/nfs/client.c
+++ b/fs/nfs/client.c
@@ -682,6 +682,44 @@ struct nfs_client *nfs_init_client(struct nfs_client *clp,
}
EXPORT_SYMBOL_GPL(nfs_init_client);
+static void nfs4_server_set_init_caps(struct nfs_server *server)
+{
+#if IS_ENABLED(CONFIG_NFS_V4)
+ /* Set the basic capabilities */
+ server->caps = server->nfs_client->cl_mvops->init_caps;
+ if (server->flags & NFS_MOUNT_NORDIRPLUS)
+ server->caps &= ~NFS_CAP_READDIRPLUS;
+ if (server->nfs_client->cl_proto == XPRT_TRANSPORT_RDMA)
+ server->caps &= ~NFS_CAP_READ_PLUS;
+
+ /*
+ * Don't use NFS uid/gid mapping if we're using AUTH_SYS or lower
+ * authentication.
+ */
+ if (nfs4_disable_idmapping &&
+ server->client->cl_auth->au_flavor == RPC_AUTH_UNIX)
+ server->caps |= NFS_CAP_UIDGID_NOMAP;
+#endif
+}
+
+void nfs_server_set_init_caps(struct nfs_server *server)
+{
+ switch (server->nfs_client->rpc_ops->version) {
+ case 2:
+ server->caps = NFS_CAP_HARDLINKS | NFS_CAP_SYMLINKS;
+ break;
+ case 3:
+ server->caps = NFS_CAP_HARDLINKS | NFS_CAP_SYMLINKS;
+ if (!(server->flags & NFS_MOUNT_NORDIRPLUS))
+ server->caps |= NFS_CAP_READDIRPLUS;
+ break;
+ default:
+ nfs4_server_set_init_caps(server);
+ break;
+ }
+}
+EXPORT_SYMBOL_GPL(nfs_server_set_init_caps);
+
/*
* Create a version 2 or 3 client
*/
@@ -726,7 +764,6 @@ static int nfs_init_server(struct nfs_server *server,
/* Initialise the client representation from the mount data */
server->flags = ctx->flags;
server->options = ctx->options;
- server->caps |= NFS_CAP_HARDLINKS | NFS_CAP_SYMLINKS;
switch (clp->rpc_ops->version) {
case 2:
@@ -762,6 +799,8 @@ static int nfs_init_server(struct nfs_server *server,
if (error < 0)
goto error;
+ nfs_server_set_init_caps(server);
+
/* Preserve the values of mount_server-related mount options */
if (ctx->mount_server.addrlen) {
memcpy(&server->mountd_address, &ctx->mount_server.address,
@@ -934,7 +973,6 @@ void nfs_server_copy_userdata(struct nfs_server *target, struct nfs_server *sour
target->acregmax = source->acregmax;
target->acdirmin = source->acdirmin;
target->acdirmax = source->acdirmax;
- target->caps = source->caps;
target->options = source->options;
target->auth_info = source->auth_info;
target->port = source->port;
@@ -1169,6 +1207,8 @@ struct nfs_server *nfs_clone_server(struct nfs_server *source,
if (error < 0)
goto out_free_server;
+ nfs_server_set_init_caps(server);
+
/* probe the filesystem info for this server filesystem */
error = nfs_probe_server(server, fh);
if (error < 0)
diff --git a/fs/nfs/internal.h b/fs/nfs/internal.h
index 0143e0794d32..1a18d8d9be25 100644
--- a/fs/nfs/internal.h
+++ b/fs/nfs/internal.h
@@ -231,7 +231,7 @@ extern struct nfs_client *
nfs4_find_client_sessionid(struct net *, const struct sockaddr *,
struct nfs4_sessionid *, u32);
extern struct nfs_server *nfs_create_server(struct fs_context *);
-extern void nfs4_server_set_init_caps(struct nfs_server *);
+extern void nfs_server_set_init_caps(struct nfs_server *);
extern struct nfs_server *nfs4_create_server(struct fs_context *);
extern struct nfs_server *nfs4_create_referral_server(struct fs_context *);
extern int nfs4_update_server(struct nfs_server *server, const char *hostname,
diff --git a/fs/nfs/nfs4client.c b/fs/nfs/nfs4client.c
index 2ea98f1f116f..6fddf43d729c 100644
--- a/fs/nfs/nfs4client.c
+++ b/fs/nfs/nfs4client.c
@@ -1074,24 +1074,6 @@ static void nfs4_session_limit_xasize(struct nfs_server *server)
#endif
}
-void nfs4_server_set_init_caps(struct nfs_server *server)
-{
- /* Set the basic capabilities */
- server->caps |= server->nfs_client->cl_mvops->init_caps;
- if (server->flags & NFS_MOUNT_NORDIRPLUS)
- server->caps &= ~NFS_CAP_READDIRPLUS;
- if (server->nfs_client->cl_proto == XPRT_TRANSPORT_RDMA)
- server->caps &= ~NFS_CAP_READ_PLUS;
-
- /*
- * Don't use NFS uid/gid mapping if we're using AUTH_SYS or lower
- * authentication.
- */
- if (nfs4_disable_idmapping &&
- server->client->cl_auth->au_flavor == RPC_AUTH_UNIX)
- server->caps |= NFS_CAP_UIDGID_NOMAP;
-}
-
static int nfs4_server_common_setup(struct nfs_server *server,
struct nfs_fh *mntfh, bool auth_probe)
{
@@ -1110,7 +1092,7 @@ static int nfs4_server_common_setup(struct nfs_server *server,
if (error < 0)
return error;
- nfs4_server_set_init_caps(server);
+ nfs_server_set_init_caps(server);
/* Probe the root fh to retrieve its FSID and filehandle */
error = nfs4_get_rootfh(server, mntfh, auth_probe);
diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c
index d7dc669d84c5..c7c7ec22f21d 100644
--- a/fs/nfs/nfs4proc.c
+++ b/fs/nfs/nfs4proc.c
@@ -4092,7 +4092,7 @@ int nfs4_server_capabilities(struct nfs_server *server, struct nfs_fh *fhandle)
};
int err;
- nfs4_server_set_init_caps(server);
+ nfs_server_set_init_caps(server);
do {
err = nfs4_handle_exception(server,
_nfs4_server_capabilities(server, fhandle),
1 month
- 2
- 3
FAILED: patch "[PATCH] PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable" failed to apply to 5.15-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.15-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y
git checkout FETCH_HEAD
git cherry-pick -x 6cff20ce3b92ffbf2fc5eb9e5a030b3672aa414a
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081511-procreate-museum-7213@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 6cff20ce3b92ffbf2fc5eb9e5a030b3672aa414a Mon Sep 17 00:00:00 2001
From: Lukas Wunner <lukas(a)wunner.de>
Date: Sun, 13 Jul 2025 16:31:01 +0200
Subject: [PATCH] PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable
ports
pci_bridge_d3_possible() is called from both pcie_portdrv_probe() and
pcie_portdrv_remove() to determine whether runtime power management shall
be enabled (on probe) or disabled (on remove) on a PCIe port.
The underlying assumption is that pci_bridge_d3_possible() always returns
the same value, else a runtime PM reference imbalance would occur. That
assumption is not given if the PCIe port is inaccessible on remove due to
hot-unplug: pci_bridge_d3_possible() calls pciehp_is_native(), which
accesses Config Space to determine whether the port is Hot-Plug Capable.
An inaccessible port returns "all ones", which is converted to "all
zeroes" by pcie_capability_read_dword(). Hence the port no longer seems
Hot-Plug Capable on remove even though it was on probe.
The resulting runtime PM ref imbalance causes warning messages such as:
pcieport 0000:02:04.0: Runtime PM usage count underflow!
Avoid the Config Space access (and thus the runtime PM ref imbalance) by
caching the Hot-Plug Capable bit in struct pci_dev.
The struct already contains an "is_hotplug_bridge" flag, which however is
not only set on Hot-Plug Capable PCIe ports, but also Conventional PCI
Hot-Plug bridges and ACPI slots. The flag identifies bridges which are
allocated additional MMIO and bus number resources to allow for hierarchy
expansion.
The kernel is somewhat sloppily using "is_hotplug_bridge" in a number of
places to identify Hot-Plug Capable PCIe ports, even though the flag
encompasses other devices. Subsequent commits replace these occurrences
with the new flag to clearly delineate Hot-Plug Capable PCIe ports from
other kinds of hotplug bridges.
Document the existing "is_hotplug_bridge" and the new "is_pciehp" flag
and document the (non-obvious) requirement that pci_bridge_d3_possible()
always returns the same value across the entire lifetime of a bridge,
including its hot-removal.
Fixes: 5352a44a561d ("PCI: pciehp: Make pciehp_is_native() stricter")
Reported-by: Laurent Bigonville <bigon(a)bigon.be>
Closes: https://bugzilla.kernel.org/show_bug.cgi?id=220216
Reported-by: Mario Limonciello <mario.limonciello(a)amd.com>
Closes: https://lore.kernel.org/r/20250609020223.269407-3-superm1@kernel.org/
Link: https://lore.kernel.org/all/20250620025535.3425049-3-superm1@kernel.org/T/#u
Signed-off-by: Lukas Wunner <lukas(a)wunner.de>
Signed-off-by: Bjorn Helgaas <bhelgaas(a)google.com>
Acked-by: Rafael J. Wysocki <rafael(a)kernel.org>
Cc: stable(a)vger.kernel.org # v4.18+
Link: https://patch.msgid.link/fe5dcc3b2e62ee1df7905d746bde161eb1b3291c.175239010…
diff --git a/drivers/pci/pci-acpi.c b/drivers/pci/pci-acpi.c
index b78e0e417324..efe478e5073e 100644
--- a/drivers/pci/pci-acpi.c
+++ b/drivers/pci/pci-acpi.c
@@ -816,13 +816,11 @@ int pci_acpi_program_hp_params(struct pci_dev *dev)
bool pciehp_is_native(struct pci_dev *bridge)
{
const struct pci_host_bridge *host;
- u32 slot_cap;
if (!IS_ENABLED(CONFIG_HOTPLUG_PCI_PCIE))
return false;
- pcie_capability_read_dword(bridge, PCI_EXP_SLTCAP, &slot_cap);
- if (!(slot_cap & PCI_EXP_SLTCAP_HPC))
+ if (!bridge->is_pciehp)
return false;
if (pcie_ports_native)
diff --git a/drivers/pci/pci.c b/drivers/pci/pci.c
index e9448d55113b..23d8fe98ddf9 100644
--- a/drivers/pci/pci.c
+++ b/drivers/pci/pci.c
@@ -3030,8 +3030,12 @@ static const struct dmi_system_id bridge_d3_blacklist[] = {
* pci_bridge_d3_possible - Is it possible to put the bridge into D3
* @bridge: Bridge to check
*
- * This function checks if it is possible to move the bridge to D3.
* Currently we only allow D3 for some PCIe ports and for Thunderbolt.
+ *
+ * Return: Whether it is possible to move the bridge to D3.
+ *
+ * The return value is guaranteed to be constant across the entire lifetime
+ * of the bridge, including its hot-removal.
*/
bool pci_bridge_d3_possible(struct pci_dev *bridge)
{
diff --git a/drivers/pci/probe.c b/drivers/pci/probe.c
index 4b8693ec9e4c..cf50be63bf5f 100644
--- a/drivers/pci/probe.c
+++ b/drivers/pci/probe.c
@@ -1678,7 +1678,7 @@ void set_pcie_hotplug_bridge(struct pci_dev *pdev)
pcie_capability_read_dword(pdev, PCI_EXP_SLTCAP, ®32);
if (reg32 & PCI_EXP_SLTCAP_HPC)
- pdev->is_hotplug_bridge = 1;
+ pdev->is_hotplug_bridge = pdev->is_pciehp = 1;
}
static void set_pcie_thunderbolt(struct pci_dev *dev)
diff --git a/include/linux/pci.h b/include/linux/pci.h
index 05e68f35f392..d56d0dd80afb 100644
--- a/include/linux/pci.h
+++ b/include/linux/pci.h
@@ -328,6 +328,11 @@ struct rcec_ea;
* determined (e.g., for Root Complex Integrated
* Endpoints without the relevant Capability
* Registers).
+ * @is_hotplug_bridge: Hotplug bridge of any kind (e.g. PCIe Hot-Plug Capable,
+ * Conventional PCI Hot-Plug, ACPI slot).
+ * Such bridges are allocated additional MMIO and bus
+ * number resources to allow for hierarchy expansion.
+ * @is_pciehp: PCIe Hot-Plug Capable bridge.
*/
struct pci_dev {
struct list_head bus_list; /* Node in per-bus list */
@@ -451,6 +456,7 @@ struct pci_dev {
unsigned int is_physfn:1;
unsigned int is_virtfn:1;
unsigned int is_hotplug_bridge:1;
+ unsigned int is_pciehp:1;
unsigned int shpc_managed:1; /* SHPC owned by shpchp */
unsigned int is_thunderbolt:1; /* Thunderbolt controller */
/*
1 month
- 2
- 1
FAILED: patch "[PATCH] block: Make REQ_OP_ZONE_FINISH a write operation" failed to apply to 5.10-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.10-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y
git checkout FETCH_HEAD
git cherry-pick -x 3f66ccbaaef3a0c5bd844eab04e3207b4061c546
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081544-coliseum-cylinder-43d2@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 3f66ccbaaef3a0c5bd844eab04e3207b4061c546 Mon Sep 17 00:00:00 2001
From: Damien Le Moal <dlemoal(a)kernel.org>
Date: Wed, 25 Jun 2025 18:33:23 +0900
Subject: [PATCH] block: Make REQ_OP_ZONE_FINISH a write operation
REQ_OP_ZONE_FINISH is defined as "12", which makes
op_is_write(REQ_OP_ZONE_FINISH) return false, despite the fact that a
zone finish operation is an operation that modifies a zone (transition
it to full) and so should be considered as a write operation (albeit
one that does not transfer any data to the device).
Fix this by redefining REQ_OP_ZONE_FINISH to be an odd number (13), and
redefine REQ_OP_ZONE_RESET and REQ_OP_ZONE_RESET_ALL using sequential
odd numbers from that new value.
Fixes: 6c1b1da58f8c ("block: add zone open, close and finish operations")
Cc: stable(a)vger.kernel.org
Signed-off-by: Damien Le Moal <dlemoal(a)kernel.org>
Reviewed-by: Bart Van Assche <bvanassche(a)acm.org>
Reviewed-by: Johannes Thumshirn <johannes.thumshirn(a)wdc.com>
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Link: https://lore.kernel.org/r/20250625093327.548866-2-dlemoal@kernel.org
Signed-off-by: Jens Axboe <axboe(a)kernel.dk>
diff --git a/include/linux/blk_types.h b/include/linux/blk_types.h
index 3d1577f07c1c..930daff207df 100644
--- a/include/linux/blk_types.h
+++ b/include/linux/blk_types.h
@@ -350,11 +350,11 @@ enum req_op {
/* Close a zone */
REQ_OP_ZONE_CLOSE = (__force blk_opf_t)11,
/* Transition a zone to full */
- REQ_OP_ZONE_FINISH = (__force blk_opf_t)12,
+ REQ_OP_ZONE_FINISH = (__force blk_opf_t)13,
/* reset a zone write pointer */
- REQ_OP_ZONE_RESET = (__force blk_opf_t)13,
+ REQ_OP_ZONE_RESET = (__force blk_opf_t)15,
/* reset all the zone present on the device */
- REQ_OP_ZONE_RESET_ALL = (__force blk_opf_t)15,
+ REQ_OP_ZONE_RESET_ALL = (__force blk_opf_t)17,
/* Driver private requests */
REQ_OP_DRV_IN = (__force blk_opf_t)34,
1 month
- 2
- 1
FAILED: patch "[PATCH] PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable" failed to apply to 6.1-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.1-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y
git checkout FETCH_HEAD
git cherry-pick -x 6cff20ce3b92ffbf2fc5eb9e5a030b3672aa414a
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081510-deodorize-kitten-ff60@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 6cff20ce3b92ffbf2fc5eb9e5a030b3672aa414a Mon Sep 17 00:00:00 2001
From: Lukas Wunner <lukas(a)wunner.de>
Date: Sun, 13 Jul 2025 16:31:01 +0200
Subject: [PATCH] PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable
ports
pci_bridge_d3_possible() is called from both pcie_portdrv_probe() and
pcie_portdrv_remove() to determine whether runtime power management shall
be enabled (on probe) or disabled (on remove) on a PCIe port.
The underlying assumption is that pci_bridge_d3_possible() always returns
the same value, else a runtime PM reference imbalance would occur. That
assumption is not given if the PCIe port is inaccessible on remove due to
hot-unplug: pci_bridge_d3_possible() calls pciehp_is_native(), which
accesses Config Space to determine whether the port is Hot-Plug Capable.
An inaccessible port returns "all ones", which is converted to "all
zeroes" by pcie_capability_read_dword(). Hence the port no longer seems
Hot-Plug Capable on remove even though it was on probe.
The resulting runtime PM ref imbalance causes warning messages such as:
pcieport 0000:02:04.0: Runtime PM usage count underflow!
Avoid the Config Space access (and thus the runtime PM ref imbalance) by
caching the Hot-Plug Capable bit in struct pci_dev.
The struct already contains an "is_hotplug_bridge" flag, which however is
not only set on Hot-Plug Capable PCIe ports, but also Conventional PCI
Hot-Plug bridges and ACPI slots. The flag identifies bridges which are
allocated additional MMIO and bus number resources to allow for hierarchy
expansion.
The kernel is somewhat sloppily using "is_hotplug_bridge" in a number of
places to identify Hot-Plug Capable PCIe ports, even though the flag
encompasses other devices. Subsequent commits replace these occurrences
with the new flag to clearly delineate Hot-Plug Capable PCIe ports from
other kinds of hotplug bridges.
Document the existing "is_hotplug_bridge" and the new "is_pciehp" flag
and document the (non-obvious) requirement that pci_bridge_d3_possible()
always returns the same value across the entire lifetime of a bridge,
including its hot-removal.
Fixes: 5352a44a561d ("PCI: pciehp: Make pciehp_is_native() stricter")
Reported-by: Laurent Bigonville <bigon(a)bigon.be>
Closes: https://bugzilla.kernel.org/show_bug.cgi?id=220216
Reported-by: Mario Limonciello <mario.limonciello(a)amd.com>
Closes: https://lore.kernel.org/r/20250609020223.269407-3-superm1@kernel.org/
Link: https://lore.kernel.org/all/20250620025535.3425049-3-superm1@kernel.org/T/#u
Signed-off-by: Lukas Wunner <lukas(a)wunner.de>
Signed-off-by: Bjorn Helgaas <bhelgaas(a)google.com>
Acked-by: Rafael J. Wysocki <rafael(a)kernel.org>
Cc: stable(a)vger.kernel.org # v4.18+
Link: https://patch.msgid.link/fe5dcc3b2e62ee1df7905d746bde161eb1b3291c.175239010…
diff --git a/drivers/pci/pci-acpi.c b/drivers/pci/pci-acpi.c
index b78e0e417324..efe478e5073e 100644
--- a/drivers/pci/pci-acpi.c
+++ b/drivers/pci/pci-acpi.c
@@ -816,13 +816,11 @@ int pci_acpi_program_hp_params(struct pci_dev *dev)
bool pciehp_is_native(struct pci_dev *bridge)
{
const struct pci_host_bridge *host;
- u32 slot_cap;
if (!IS_ENABLED(CONFIG_HOTPLUG_PCI_PCIE))
return false;
- pcie_capability_read_dword(bridge, PCI_EXP_SLTCAP, &slot_cap);
- if (!(slot_cap & PCI_EXP_SLTCAP_HPC))
+ if (!bridge->is_pciehp)
return false;
if (pcie_ports_native)
diff --git a/drivers/pci/pci.c b/drivers/pci/pci.c
index e9448d55113b..23d8fe98ddf9 100644
--- a/drivers/pci/pci.c
+++ b/drivers/pci/pci.c
@@ -3030,8 +3030,12 @@ static const struct dmi_system_id bridge_d3_blacklist[] = {
* pci_bridge_d3_possible - Is it possible to put the bridge into D3
* @bridge: Bridge to check
*
- * This function checks if it is possible to move the bridge to D3.
* Currently we only allow D3 for some PCIe ports and for Thunderbolt.
+ *
+ * Return: Whether it is possible to move the bridge to D3.
+ *
+ * The return value is guaranteed to be constant across the entire lifetime
+ * of the bridge, including its hot-removal.
*/
bool pci_bridge_d3_possible(struct pci_dev *bridge)
{
diff --git a/drivers/pci/probe.c b/drivers/pci/probe.c
index 4b8693ec9e4c..cf50be63bf5f 100644
--- a/drivers/pci/probe.c
+++ b/drivers/pci/probe.c
@@ -1678,7 +1678,7 @@ void set_pcie_hotplug_bridge(struct pci_dev *pdev)
pcie_capability_read_dword(pdev, PCI_EXP_SLTCAP, ®32);
if (reg32 & PCI_EXP_SLTCAP_HPC)
- pdev->is_hotplug_bridge = 1;
+ pdev->is_hotplug_bridge = pdev->is_pciehp = 1;
}
static void set_pcie_thunderbolt(struct pci_dev *dev)
diff --git a/include/linux/pci.h b/include/linux/pci.h
index 05e68f35f392..d56d0dd80afb 100644
--- a/include/linux/pci.h
+++ b/include/linux/pci.h
@@ -328,6 +328,11 @@ struct rcec_ea;
* determined (e.g., for Root Complex Integrated
* Endpoints without the relevant Capability
* Registers).
+ * @is_hotplug_bridge: Hotplug bridge of any kind (e.g. PCIe Hot-Plug Capable,
+ * Conventional PCI Hot-Plug, ACPI slot).
+ * Such bridges are allocated additional MMIO and bus
+ * number resources to allow for hierarchy expansion.
+ * @is_pciehp: PCIe Hot-Plug Capable bridge.
*/
struct pci_dev {
struct list_head bus_list; /* Node in per-bus list */
@@ -451,6 +456,7 @@ struct pci_dev {
unsigned int is_physfn:1;
unsigned int is_virtfn:1;
unsigned int is_hotplug_bridge:1;
+ unsigned int is_pciehp:1;
unsigned int shpc_managed:1; /* SHPC owned by shpchp */
unsigned int is_thunderbolt:1; /* Thunderbolt controller */
/*
1 month
- 2
- 1
[PATCH 6.12.y 0/7] KVM: x86: Backports for 6.12.y
by Sean Christopherson
More KVM backports, this time for 6.12.y (and with far fewer dependencies).
Same note/caveat about Sasha already posting[1][2] many/most of these:
KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is supported
KVM: VMX: Extract checking of guest's DEBUGCTL into helper
KVM: nVMX: Check vmcs12->guest_ia32_debugctl on nested VM-Enter
KVM: VMX: Wrap all accesses to IA32_DEBUGCTL with getter/setter APIs
I'm including them here to hopefully make life easier for y'all, and because
the order they are presented here is the preferred ordering, i.e. should be
the same ordering as the original upstream patches.
But, if you end up grabbing Sasha's patches first, it's not a big deal as the
only true dependencies is that the DEBUGCTL.RTM_DEBUG patch needs to land
before "Check vmcs12->guest_ia32_debugctl on nested VM-Enter".
[1] https://lore.kernel.org/all/20250813182455.2068642-1-sashal@kernel.org
[2] https://lore.kernel.org/all/20250814125614.2090890-1-sashal@kernel.org
Maxim Levitsky (3):
KVM: nVMX: Check vmcs12->guest_ia32_debugctl on nested VM-Enter
KVM: VMX: Wrap all accesses to IA32_DEBUGCTL with getter/setter APIs
KVM: VMX: Preserve host's DEBUGCTLMSR_FREEZE_IN_SMM while running the
guest
Sean Christopherson (4):
KVM: x86: Convert vcpu_run()'s immediate exit param into a generic
bitmap
KVM: x86: Drop kvm_x86_ops.set_dr6() in favor of a new KVM_RUN flag
KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is supported
KVM: VMX: Extract checking of guest's DEBUGCTL into helper
arch/x86/include/asm/kvm-x86-ops.h | 1 -
arch/x86/include/asm/kvm_host.h | 15 ++++++--
arch/x86/include/asm/msr-index.h | 1 +
arch/x86/kvm/svm/svm.c | 14 ++++----
arch/x86/kvm/vmx/main.c | 3 +-
arch/x86/kvm/vmx/nested.c | 21 ++++++++---
arch/x86/kvm/vmx/pmu_intel.c | 8 ++---
arch/x86/kvm/vmx/vmx.c | 57 ++++++++++++++++++------------
arch/x86/kvm/vmx/vmx.h | 26 ++++++++++++++
arch/x86/kvm/vmx/x86_ops.h | 2 +-
arch/x86/kvm/x86.c | 25 ++++++++++---
11 files changed, 125 insertions(+), 48 deletions(-)
base-commit: 8f5ff9784f3262e6e85c68d86f8b7931827f2983
--
2.51.0.rc1.163.g2494970778-goog
1 month
- 2
- 8
FAILED: patch "[PATCH] block: Make REQ_OP_ZONE_FINISH a write operation" failed to apply to 5.15-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.15-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y
git checkout FETCH_HEAD
git cherry-pick -x 3f66ccbaaef3a0c5bd844eab04e3207b4061c546
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081544-slackness-vantage-3e99@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 3f66ccbaaef3a0c5bd844eab04e3207b4061c546 Mon Sep 17 00:00:00 2001
From: Damien Le Moal <dlemoal(a)kernel.org>
Date: Wed, 25 Jun 2025 18:33:23 +0900
Subject: [PATCH] block: Make REQ_OP_ZONE_FINISH a write operation
REQ_OP_ZONE_FINISH is defined as "12", which makes
op_is_write(REQ_OP_ZONE_FINISH) return false, despite the fact that a
zone finish operation is an operation that modifies a zone (transition
it to full) and so should be considered as a write operation (albeit
one that does not transfer any data to the device).
Fix this by redefining REQ_OP_ZONE_FINISH to be an odd number (13), and
redefine REQ_OP_ZONE_RESET and REQ_OP_ZONE_RESET_ALL using sequential
odd numbers from that new value.
Fixes: 6c1b1da58f8c ("block: add zone open, close and finish operations")
Cc: stable(a)vger.kernel.org
Signed-off-by: Damien Le Moal <dlemoal(a)kernel.org>
Reviewed-by: Bart Van Assche <bvanassche(a)acm.org>
Reviewed-by: Johannes Thumshirn <johannes.thumshirn(a)wdc.com>
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Link: https://lore.kernel.org/r/20250625093327.548866-2-dlemoal@kernel.org
Signed-off-by: Jens Axboe <axboe(a)kernel.dk>
diff --git a/include/linux/blk_types.h b/include/linux/blk_types.h
index 3d1577f07c1c..930daff207df 100644
--- a/include/linux/blk_types.h
+++ b/include/linux/blk_types.h
@@ -350,11 +350,11 @@ enum req_op {
/* Close a zone */
REQ_OP_ZONE_CLOSE = (__force blk_opf_t)11,
/* Transition a zone to full */
- REQ_OP_ZONE_FINISH = (__force blk_opf_t)12,
+ REQ_OP_ZONE_FINISH = (__force blk_opf_t)13,
/* reset a zone write pointer */
- REQ_OP_ZONE_RESET = (__force blk_opf_t)13,
+ REQ_OP_ZONE_RESET = (__force blk_opf_t)15,
/* reset all the zone present on the device */
- REQ_OP_ZONE_RESET_ALL = (__force blk_opf_t)15,
+ REQ_OP_ZONE_RESET_ALL = (__force blk_opf_t)17,
/* Driver private requests */
REQ_OP_DRV_IN = (__force blk_opf_t)34,
1 month
- 2
- 1
[PATCH v2] mm/damon/core: fix damos_commit_filter not changing allow
by Sang-Heon Jeon
Current damos_commit_filter() not persist allow value of filter. As a
result, changing allow value of filter and commit doesn't change
allow value.
Add the missing allow value update, so commit filter now persist changing
allow value well.
Fixes: fe6d7fdd6249 ("mm/damon/core: add damos_filter->allow field")
Cc: stable(a)vger.kernel.org # 6.14.x
Signed-off-by: Sang-Heon Jeon <ekffu200098(a)gmail.com>
---
Changes from v1 [1]:
- Fix wrong fixes section commit
- Add cc section for backporting
[1] https://lore.kernel.org/damon/20250815094059.133769-1-ekffu200098@gmail.com/
---
mm/damon/core.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/mm/damon/core.c b/mm/damon/core.c
index 19c8f01fc81a..cb41fddca78c 100644
--- a/mm/damon/core.c
+++ b/mm/damon/core.c
@@ -900,6 +900,7 @@ static void damos_commit_filter(
{
dst->type = src->type;
dst->matching = src->matching;
+ dst->allow = src->allow;
damos_commit_filter_arg(dst, src);
}
--
2.43.0
1 month
- 2
- 1
[PATCH RESEND] pcmcia: Fix a NULL pointer dereference in __iodyn_find_io_region()
by Ma Ke
In __iodyn_find_io_region(), pcmcia_make_resource() is assigned to
res and used in pci_bus_alloc_resource(). There is a dereference of res
in pci_bus_alloc_resource(), which could lead to a NULL pointer
dereference on failure of pcmcia_make_resource().
Fix this bug by adding a check of res.
Found by code review, complie tested only.
Cc: stable(a)vger.kernel.org
Fixes: 49b1153adfe1 ("pcmcia: move all pcmcia_resource_ops providers into one module")
Signed-off-by: Ma Ke <make24(a)iscas.ac.cn>
---
drivers/pcmcia/rsrc_iodyn.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/pcmcia/rsrc_iodyn.c b/drivers/pcmcia/rsrc_iodyn.c
index b04b16496b0c..2677b577c1f8 100644
--- a/drivers/pcmcia/rsrc_iodyn.c
+++ b/drivers/pcmcia/rsrc_iodyn.c
@@ -62,6 +62,9 @@ static struct resource *__iodyn_find_io_region(struct pcmcia_socket *s,
unsigned long min = base;
int ret;
+ if (!res)
+ return NULL;
+
data.mask = align - 1;
data.offset = base & data.mask;
--
2.25.1
1 month
- 2
- 1
[PATCH v2] debugfs: fix mount options not being applied
by Charalampos Mitrodimas
Mount options (uid, gid, mode) are silently ignored when debugfs is
mounted. This is a regression introduced during the conversion to the
new mount API.
When the mount API conversion was done, the line that sets
sb->s_fs_info to the parsed options was removed. This causes
debugfs_apply_options() to operate on a NULL pointer.
Fix this by following the same pattern as the tracefs fix in commit
e4d32142d1de ("tracing: Fix tracefs mount options"). Call
debugfs_reconfigure() in debugfs_get_tree() to apply the mount options
to the superblock after it has been created or reused.
As an example, with the bug the "mode" mount option is ignored:
$ mount -o mode=0666 -t debugfs debugfs /tmp/debugfs_test
$ mount | grep debugfs_test
debugfs on /tmp/debugfs_test type debugfs (rw,relatime)
$ ls -ld /tmp/debugfs_test
drwx------ 25 root root 0 Aug 4 14:16 /tmp/debugfs_test
With the fix applied, it works as expected:
$ mount -o mode=0666 -t debugfs debugfs /tmp/debugfs_test
$ mount | grep debugfs_test
debugfs on /tmp/debugfs_test type debugfs (rw,relatime,mode=666)
$ ls -ld /tmp/debugfs_test
drw-rw-rw- 37 root root 0 Aug 2 17:28 /tmp/debugfs_test
Fixes: a20971c18752 ("vfs: Convert debugfs to use the new mount API")
Closes: https://bugzilla.kernel.org/show_bug.cgi?id=220406
Cc: stable(a)vger.kernel.org
Signed-off-by: Charalampos Mitrodimas <charmitro(a)posteo.net>
---
Changes in v2:
- Follow the same pattern as e4d32142d1de ("tracing: Fix tracefs mount options")
- Add Cc: stable tag
- Link to v1: https://lore.kernel.org/r/20250804-debugfs-mount-opts-v1-1-bc05947a80b5@pos…
---
fs/debugfs/inode.c | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/fs/debugfs/inode.c b/fs/debugfs/inode.c
index a0357b0cf362d8ac47ff810e162402d6a8ae2cb9..c12d649df6a5435050f606c2828a9a7cc61922e4 100644
--- a/fs/debugfs/inode.c
+++ b/fs/debugfs/inode.c
@@ -183,6 +183,9 @@ static int debugfs_reconfigure(struct fs_context *fc)
struct debugfs_fs_info *sb_opts = sb->s_fs_info;
struct debugfs_fs_info *new_opts = fc->s_fs_info;
+ if (!new_opts)
+ return 0;
+
sync_filesystem(sb);
/* structure copy of new mount options to sb */
@@ -282,10 +285,16 @@ static int debugfs_fill_super(struct super_block *sb, struct fs_context *fc)
static int debugfs_get_tree(struct fs_context *fc)
{
+ int err;
+
if (!(debugfs_allow & DEBUGFS_ALLOW_API))
return -EPERM;
- return get_tree_single(fc, debugfs_fill_super);
+ err = get_tree_single(fc, debugfs_fill_super);
+ if (err)
+ return err;
+
+ return debugfs_reconfigure(fc);
}
static void debugfs_free_fc(struct fs_context *fc)
---
base-commit: 3c4a063b1f8ab71352df1421d9668521acb63cd9
change-id: 20250804-debugfs-mount-opts-2a68d7741f05
Best regards,
--
Charalampos Mitrodimas <charmitro(a)posteo.net>
1 month
- 2
- 2
[PATCH AUTOSEL 6.16 01/85] usb: xhci: print xhci->xhc_state when queue_command failed
by Sasha Levin
From: Su Hui <suhui(a)nfschina.com>
[ Upstream commit 7919407eca2ef562fa6c98c41cfdf6f6cdd69d92 ]
When encounters some errors like these:
xhci_hcd 0000:4a:00.2: xHCI dying or halted, can't queue_command
xhci_hcd 0000:4a:00.2: FIXME: allocate a command ring segment
usb usb5-port6: couldn't allocate usb_device
It's hard to know whether xhc_state is dying or halted. So it's better
to print xhc_state's value which can help locate the resaon of the bug.
Signed-off-by: Su Hui <suhui(a)nfschina.com>
Link: https://lore.kernel.org/r/20250725060117.1773770-1-suhui@nfschina.com
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Signed-off-by: Sasha Levin <sashal(a)kernel.org>
---
LLM Generated explanations, may be completely bogus:
**Backport Status: YES**
This commit is suitable for backporting to stable kernel trees for the
following reasons:
1. **Enhanced Debugging for Real-World Issues**: The commit improves
debugging of USB xHCI host controller failures by printing the actual
`xhc_state` value when `queue_command` fails. The commit message
shows real error messages users encounter ("xHCI dying or halted,
can't queue_command"), demonstrating this is a real-world debugging
problem.
2. **Minimal and Safe Change**: The change is extremely small and safe -
it only modifies a debug print statement from:
```c
xhci_dbg(xhci, "xHCI dying or halted, can't queue_command\n");
```
to:
```c
xhci_dbg(xhci, "xHCI dying or halted, can't queue_command. state:
0x%x\n", xhci->xhc_state);
```
3. **No Functional Changes**: This is a pure diagnostic improvement. It
doesn't change any logic, control flow, or data structures. It only
adds the state value (0x%x format) to an existing debug message.
4. **Important for Troubleshooting**: The xHCI driver is critical for
USB functionality, and when it fails with "dying or halted" states,
knowing the exact state helps diagnose whether:
- `XHCI_STATE_DYING` (0x1) - controller is dying
- `XHCI_STATE_HALTED` (0x2) - controller is halted
- Both states (0x3) - controller has both flags set
This distinction is valuable for debugging hardware issues, driver
bugs, or system problems.
5. **Zero Risk of Regression**: Adding a parameter to a debug print
statement has no risk of introducing regressions. The worst case is
the debug message prints the state value.
6. **Follows Stable Rules**: This meets stable kernel criteria as it:
- Fixes a real debugging limitation
- Is obviously correct
- Has been tested (signed-off and accepted by Greg KH)
- Is small (single line change)
- Doesn't add new features, just improves existing diagnostics
The commit helps system administrators and developers diagnose USB
issues more effectively by providing the actual state value rather than
just saying "dying or halted", making it a valuable debugging
enhancement for stable kernels.
drivers/usb/host/xhci-ring.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/usb/host/xhci-ring.c b/drivers/usb/host/xhci-ring.c
index 94c9c9271658..131e7530ec4a 100644
--- a/drivers/usb/host/xhci-ring.c
+++ b/drivers/usb/host/xhci-ring.c
@@ -4372,7 +4372,8 @@ static int queue_command(struct xhci_hcd *xhci, struct xhci_command *cmd,
if ((xhci->xhc_state & XHCI_STATE_DYING) ||
(xhci->xhc_state & XHCI_STATE_HALTED)) {
- xhci_dbg(xhci, "xHCI dying or halted, can't queue_command\n");
+ xhci_dbg(xhci, "xHCI dying or halted, can't queue_command. state: 0x%x\n",
+ xhci->xhc_state);
return -ESHUTDOWN;
}
--
2.39.5
1 month
- 5
- 89
[PATCH AUTOSEL 6.1 01/51] usb: xhci: print xhci->xhc_state when queue_command failed
by Sasha Levin
From: Su Hui <suhui(a)nfschina.com>
[ Upstream commit 7919407eca2ef562fa6c98c41cfdf6f6cdd69d92 ]
When encounters some errors like these:
xhci_hcd 0000:4a:00.2: xHCI dying or halted, can't queue_command
xhci_hcd 0000:4a:00.2: FIXME: allocate a command ring segment
usb usb5-port6: couldn't allocate usb_device
It's hard to know whether xhc_state is dying or halted. So it's better
to print xhc_state's value which can help locate the resaon of the bug.
Signed-off-by: Su Hui <suhui(a)nfschina.com>
Link: https://lore.kernel.org/r/20250725060117.1773770-1-suhui@nfschina.com
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Signed-off-by: Sasha Levin <sashal(a)kernel.org>
---
LLM Generated explanations, may be completely bogus:
**Backport Status: YES**
This commit is suitable for backporting to stable kernel trees for the
following reasons:
1. **Enhanced Debugging for Real-World Issues**: The commit improves
debugging of USB xHCI host controller failures by printing the actual
`xhc_state` value when `queue_command` fails. The commit message
shows real error messages users encounter ("xHCI dying or halted,
can't queue_command"), demonstrating this is a real-world debugging
problem.
2. **Minimal and Safe Change**: The change is extremely small and safe -
it only modifies a debug print statement from:
```c
xhci_dbg(xhci, "xHCI dying or halted, can't queue_command\n");
```
to:
```c
xhci_dbg(xhci, "xHCI dying or halted, can't queue_command. state:
0x%x\n", xhci->xhc_state);
```
3. **No Functional Changes**: This is a pure diagnostic improvement. It
doesn't change any logic, control flow, or data structures. It only
adds the state value (0x%x format) to an existing debug message.
4. **Important for Troubleshooting**: The xHCI driver is critical for
USB functionality, and when it fails with "dying or halted" states,
knowing the exact state helps diagnose whether:
- `XHCI_STATE_DYING` (0x1) - controller is dying
- `XHCI_STATE_HALTED` (0x2) - controller is halted
- Both states (0x3) - controller has both flags set
This distinction is valuable for debugging hardware issues, driver
bugs, or system problems.
5. **Zero Risk of Regression**: Adding a parameter to a debug print
statement has no risk of introducing regressions. The worst case is
the debug message prints the state value.
6. **Follows Stable Rules**: This meets stable kernel criteria as it:
- Fixes a real debugging limitation
- Is obviously correct
- Has been tested (signed-off and accepted by Greg KH)
- Is small (single line change)
- Doesn't add new features, just improves existing diagnostics
The commit helps system administrators and developers diagnose USB
issues more effectively by providing the actual state value rather than
just saying "dying or halted", making it a valuable debugging
enhancement for stable kernels.
drivers/usb/host/xhci-ring.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/usb/host/xhci-ring.c b/drivers/usb/host/xhci-ring.c
index 0862fdd3e568..c4880b22f359 100644
--- a/drivers/usb/host/xhci-ring.c
+++ b/drivers/usb/host/xhci-ring.c
@@ -4421,7 +4421,8 @@ static int queue_command(struct xhci_hcd *xhci, struct xhci_command *cmd,
if ((xhci->xhc_state & XHCI_STATE_DYING) ||
(xhci->xhc_state & XHCI_STATE_HALTED)) {
- xhci_dbg(xhci, "xHCI dying or halted, can't queue_command\n");
+ xhci_dbg(xhci, "xHCI dying or halted, can't queue_command. state: 0x%x\n",
+ xhci->xhc_state);
return -ESHUTDOWN;
}
--
2.39.5
1 month
- 3
- 53
[PATCH AUTOSEL 6.16-6.6] apparmor: shift ouid when mediating hard links in userns
by Sasha Levin
From: Gabriel Totev <gabriel.totev(a)zetier.com>
[ Upstream commit c5bf96d20fd787e4909b755de4705d52f3458836 ]
When using AppArmor profiles inside an unprivileged container,
the link operation observes an unshifted ouid.
(tested with LXD and Incus)
For example, root inside container and uid 1000000 outside, with
`owner /root/link l,` profile entry for ln:
/root$ touch chain && ln chain link
==> dmesg
apparmor="DENIED" operation="link" class="file"
namespace="root//lxd-feet_<var-snap-lxd-common-lxd>" profile="linkit"
name="/root/link" pid=1655 comm="ln" requested_mask="l" denied_mask="l"
fsuid=1000000 ouid=0 [<== should be 1000000] target="/root/chain"
Fix by mapping inode uid of old_dentry in aa_path_link() rather than
using it directly, similarly to how it's mapped in __file_path_perm()
later in the file.
Signed-off-by: Gabriel Totev <gabriel.totev(a)zetier.com>
Signed-off-by: John Johansen <john.johansen(a)canonical.com>
Signed-off-by: Sasha Levin <sashal(a)kernel.org>
---
LLM Generated explanations, may be completely bogus:
**Backport Status: YES**
This commit should be backported to stable kernel trees for the
following reasons:
1. **Clear Bug Fix**: This fixes a real bug where AppArmor incorrectly
reports the unshifted uid when mediating hard link operations inside
user namespaces/containers. The commit message provides a concrete
example showing ouid=0 instead of the expected ouid=1000000 in
container logs.
2. **Security Impact**: This is a security-relevant bug that causes
AppArmor policy enforcement to behave incorrectly in containerized
environments. The owner-based AppArmor rules (like `owner /root/link
l,`) won't work correctly because the uid comparison is done with the
wrong (unshifted) value.
3. **Minimal and Contained Fix**: The change is small and surgical - it
only modifies the aa_path_link() function to properly map the inode
uid through the mount's idmapping, following the exact same pattern
already used in __file_path_perm():
- Uses `i_uid_into_vfsuid(mnt_idmap(target.mnt), inode)` to get the
vfsuid
- Converts it back with `vfsuid_into_kuid(vfsuid)` for the path_cond
structure
4. **No New Features or Architecture Changes**: This is purely a bug fix
that makes aa_path_link() consistent with how __file_path_perm()
already handles uid mapping. No new functionality is added.
5. **Container/User Namespace Compatibility**: With the widespread use
of containers (LXD, Incus, Docker with userns), this bug affects many
production systems. The fix ensures AppArmor policies work correctly
in these environments.
6. **Low Risk**: The change follows an established pattern in the
codebase (from __file_path_perm) and only affects the specific case
of hard link permission checks in user namespaces. The risk of
regression is minimal.
7. **Clear Testing**: The commit message indicates this was tested with
LXD and Incus containers, showing the issue is reproducible and the
fix validated.
The code change is straightforward - replacing direct access to
`d_backing_inode(old_dentry)->i_uid` with proper idmapping-aware
conversion that respects user namespace uid shifts. This makes
aa_path_link() consistent with other AppArmor file operations that
already handle idmapped mounts correctly.
security/apparmor/file.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/security/apparmor/file.c b/security/apparmor/file.c
index d52a5b14dad4..62bc46e03758 100644
--- a/security/apparmor/file.c
+++ b/security/apparmor/file.c
@@ -423,9 +423,11 @@ int aa_path_link(const struct cred *subj_cred,
{
struct path link = { .mnt = new_dir->mnt, .dentry = new_dentry };
struct path target = { .mnt = new_dir->mnt, .dentry = old_dentry };
+ struct inode *inode = d_backing_inode(old_dentry);
+ vfsuid_t vfsuid = i_uid_into_vfsuid(mnt_idmap(target.mnt), inode);
struct path_cond cond = {
- d_backing_inode(old_dentry)->i_uid,
- d_backing_inode(old_dentry)->i_mode
+ .uid = vfsuid_into_kuid(vfsuid),
+ .mode = inode->i_mode,
};
char *buffer = NULL, *buffer2 = NULL;
struct aa_profile *profile;
--
2.39.5
1 month
- 3
- 17
[PATCH] soc: qcom: icc-bwmon: Fix handling dev_pm_opp_find_bw_*() errors
by Krzysztof Kozlowski
The ISR calls dev_pm_opp_find_bw_ceil(), which can return EINVAL, ERANGE
or ENODEV, and if that one fails with ERANGE, then it tries again with
floor dev_pm_opp_find_bw_floor().
Code misses error checks for two cases:
1. First dev_pm_opp_find_bw_ceil() failed with error different than
ERANGE,
2. Any error from second dev_pm_opp_find_bw_floor().
In an unlikely case these error happened, the code would further
dereference the ERR pointer. Close that possibility and make the code
more obvious that all errors are correctly handled.
Reported by Smatch:
icc-bwmon.c:693 bwmon_intr_thread() error: 'target_opp' dereferencing possible ERR_PTR()
Fixes: b9c2ae6cac40 ("soc: qcom: icc-bwmon: Add bandwidth monitoring driver")
Cc: <stable(a)vger.kernel.org>
Reported-by: Dan Carpenter <dan.carpenter(a)linaro.org>
Closes: https://lore.kernel.org/r/aJTNEQsRFjrFknG9@stanley.mountain/
Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org>
---
Some unreleased smatch, though, because I cannot reproduce the warning,
but I imagine Dan keeps the tastiests reports for later. :)
---
drivers/soc/qcom/icc-bwmon.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/soc/qcom/icc-bwmon.c b/drivers/soc/qcom/icc-bwmon.c
index 3dfa448bf8cf..597f9025e422 100644
--- a/drivers/soc/qcom/icc-bwmon.c
+++ b/drivers/soc/qcom/icc-bwmon.c
@@ -656,6 +656,9 @@ static irqreturn_t bwmon_intr_thread(int irq, void *dev_id)
if (IS_ERR(target_opp) && PTR_ERR(target_opp) == -ERANGE)
target_opp = dev_pm_opp_find_bw_floor(bwmon->dev, &bw_kbps, 0);
+ if (IS_ERR(target_opp))
+ return IRQ_HANDLED;
+
bwmon->target_kbps = bw_kbps;
bw_kbps--;
--
2.48.1
1 month
- 3
- 5
[PATCH 6.1.y] tls: separate no-async decryption request handling from async
by William Liu
From: Sabrina Dubroca <sd(a)queasysnail.net>
[ Upstream commit 41532b785e9d79636b3815a64ddf6a096647d011 ]
If we're not doing async, the handling is much simpler. There's no
reference counting, we just need to wait for the completion to wake us
up and return its result.
We should preferably also use a separate crypto_wait. I'm not seeing a
UAF as I did in the past, I think aec7961 ("tls: fix race between
async notify and socket close") took care of it.
This will make the next fix easier.
Signed-off-by: Sabrina Dubroca <sd(a)queasysnail.net>
Link: https://lore.kernel.org/r/47bde5f649707610eaef9f0d679519966fc31061.17091326…
Signed-off-by: Jakub Kicinski <kuba(a)kernel.org>
[ William: The original patch did not apply cleanly due to deletions of
non-existent lines in 6.1.y. The UAF the author stopped seeing can still
be reproduced on systems without AVX in conjunction with cryptd.
Also removed an extraneous statement after a return statement that is
adjacent to diff. ]
Link: https://lore.kernel.org/netdev/he2K1yz_u7bZ-CnYcTSQ4OxuLuHZXN6xZRgp6_ICSWnq…
Signed-off-by: William Liu <will(a)willsroot.io>
---
Tested with original repro and all tests in selftests/net/tls.c
---
net/tls/tls_sw.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index 6ac3dcbe87b5..e1e3207168e3 100644
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -274,9 +274,15 @@ static int tls_do_decryption(struct sock *sk,
DEBUG_NET_WARN_ON_ONCE(atomic_read(&ctx->decrypt_pending) < 1);
atomic_inc(&ctx->decrypt_pending);
} else {
+ DECLARE_CRYPTO_WAIT(wait);
+
aead_request_set_callback(aead_req,
CRYPTO_TFM_REQ_MAY_BACKLOG,
- crypto_req_done, &ctx->async_wait);
+ crypto_req_done, &wait);
+ ret = crypto_aead_decrypt(aead_req);
+ if (ret == -EINPROGRESS || ret == -EBUSY)
+ ret = crypto_wait_req(ret, &wait);
+ return ret;
}
ret = crypto_aead_decrypt(aead_req);
@@ -289,7 +295,6 @@ static int tls_do_decryption(struct sock *sk,
/* all completions have run, we're not doing async anymore */
darg->async = false;
return ret;
- ret = ret ?: -EINPROGRESS;
}
atomic_dec(&ctx->decrypt_pending);
--
2.43.0
1 month
- 1
- 0
[PATCH 6.12] mfd: cros_ec: Separate charge-control probing from USB-PD
by linux@weissschuh.net
From: Thomas Weißschuh <linux(a)weissschuh.net>
[ Upstream commit e40fc1160d491c3bcaf8e940ae0dde0a7c5e8e14 ]
The charge-control subsystem in the ChromeOS EC is not strictly tied to
its USB-PD subsystem.
Since commit 7613bc0d116a ("mfd: cros_ec: Don't load charger with UCSI")
the presence of EC_FEATURE_UCSI_PPM would inhibit the probing of the
charge-control driver.
Furthermore recent versions of the EC firmware in Framework laptops
hard-disable EC_FEATURE_USB_PD to avoid probing cros-usbpd-charger,
which then also breaks cros-charge-control.
Instead use the dedicated EC_FEATURE_CHARGER.
Cc: stable(a)vger.kernel.org
Link: https://github.com/FrameworkComputer/EmbeddedController/commit/1d7bcf1d5013…
Fixes: 555b5fcdb844 ("mfd: cros_ec: Register charge control subdevice")
Signed-off-by: Thomas Weißschuh <linux(a)weissschuh.net>
Reviewed-by: Tzung-Bi Shih <tzungbi(a)kernel.org>
Tested-by: Tom Vincent <linux(a)tlvince.com>
Link: https://lore.kernel.org/r/20250521-cros-ec-mfd-chctl-probe-v1-1-6ebfe3a6efa…
Signed-off-by: Lee Jones <lee(a)kernel.org>
---
drivers/mfd/cros_ec_dev.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/drivers/mfd/cros_ec_dev.c b/drivers/mfd/cros_ec_dev.c
index f3dc812b359f..78c48dc624e8 100644
--- a/drivers/mfd/cros_ec_dev.c
+++ b/drivers/mfd/cros_ec_dev.c
@@ -87,7 +87,6 @@ static const struct mfd_cell cros_ec_sensorhub_cells[] = {
};
static const struct mfd_cell cros_usbpd_charger_cells[] = {
- { .name = "cros-charge-control", },
{ .name = "cros-usbpd-charger", },
{ .name = "cros-usbpd-logger", },
};
@@ -108,6 +107,10 @@ static const struct mfd_cell cros_ec_keyboard_leds_cells[] = {
{ .name = "cros-keyboard-leds", },
};
+static const struct mfd_cell cros_ec_charge_control_cells[] = {
+ { .name = "cros-charge-control", },
+};
+
static const struct cros_feature_to_cells cros_subdevices[] = {
{
.id = EC_FEATURE_CEC,
@@ -144,6 +147,11 @@ static const struct cros_feature_to_cells cros_subdevices[] = {
.mfd_cells = cros_ec_keyboard_leds_cells,
.num_cells = ARRAY_SIZE(cros_ec_keyboard_leds_cells),
},
+ {
+ .id = EC_FEATURE_CHARGER,
+ .mfd_cells = cros_ec_charge_control_cells,
+ .num_cells = ARRAY_SIZE(cros_ec_charge_control_cells),
+ },
};
static const struct mfd_cell cros_ec_platform_cells[] = {
--
2.50.1
1 month
- 1
- 0
+ mm-memory-failure-fix-infinite-uce-for-vm_pfnmap-pfn.patch added to mm-hotfixes-unstable branch
by Andrew Morton
The patch titled
Subject: mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn
has been added to the -mm mm-hotfixes-unstable branch. Its filename is
mm-memory-failure-fix-infinite-uce-for-vm_pfnmap-pfn.patch
This patch will shortly appear at
https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche…
This patch will later appear in the mm-hotfixes-unstable branch at
git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next via the mm-everything
branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
and is updated there every 2-3 working days
------------------------------------------------------
From: Jinjiang Tu <tujinjiang(a)huawei.com>
Subject: mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn
Date: Fri, 15 Aug 2025 15:32:09 +0800
When memory_failure() is called for a already hwpoisoned pfn,
kill_accessing_process() will be called to kill current task. However, if
the vma of the accessing vaddr is VM_PFNMAP, walk_page_range() will skip
the vma in walk_page_test() and return 0.
Before commit aaf99ac2ceb7 ("mm/hwpoison: do not send SIGBUS to processes
with recovered clean pages"), kill_accessing_process() will return EFAULT.
For x86, the current task will be killed in kill_me_maybe().
However, after this commit, kill_accessing_process() simplies return 0,
that means UCE is handled properly, but it doesn't actually. In such
case, the user task will trigger UCE infinitely.
To fix it, add .test_walk callback for hwpoison_walk_ops to scan all vmas.
Link: https://lkml.kernel.org/r/20250815073209.1984582-1-tujinjiang@huawei.com
Fixes: aaf99ac2ceb7 ("mm/hwpoison: do not send SIGBUS to processes with recovered clean pages")
Signed-off-by: Jinjiang Tu <tujinjiang(a)huawei.com>
Acked-by: David Hildenbrand <david(a)redhat.com>
Acked-by: Miaohe Lin <linmiaohe(a)huawei.com>
Reviewed-by: Jane Chu <jane.chu(a)oracle.com>
Cc: Kefeng Wang <wangkefeng.wang(a)huawei.com>
Cc: Naoya Horiguchi <nao.horiguchi(a)gmail.com>
Cc: Oscar Salvador <osalvador(a)suse.de>
Cc: Shuai Xue <xueshuai(a)linux.alibaba.com>
Cc: Zi Yan <ziy(a)nvidia.com>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
mm/memory-failure.c | 8 ++++++++
1 file changed, 8 insertions(+)
--- a/mm/memory-failure.c~mm-memory-failure-fix-infinite-uce-for-vm_pfnmap-pfn
+++ a/mm/memory-failure.c
@@ -853,9 +853,17 @@ static int hwpoison_hugetlb_range(pte_t
#define hwpoison_hugetlb_range NULL
#endif
+static int hwpoison_test_walk(unsigned long start, unsigned long end,
+ struct mm_walk *walk)
+{
+ /* We also want to consider pages mapped into VM_PFNMAP. */
+ return 0;
+}
+
static const struct mm_walk_ops hwpoison_walk_ops = {
.pmd_entry = hwpoison_pte_range,
.hugetlb_entry = hwpoison_hugetlb_range,
+ .test_walk = hwpoison_test_walk,
.walk_lock = PGWALK_RDLOCK,
};
_
Patches currently in -mm which might be from tujinjiang(a)huawei.com are
mm-memory-failure-fix-infinite-uce-for-vm_pfnmap-pfn.patch
mm-memory_hotplug-fix-hwpoisoned-large-folio-handling-in-do_migrate_range.patch
1 month
- 1
- 0
+ init-handle-bootloader-identifier-in-kernel-parameters-v4.patch added to mm-nonmm-unstable branch
by Andrew Morton
The patch titled
Subject: init-handle-bootloader-identifier-in-kernel-parameters-v4
has been added to the -mm mm-nonmm-unstable branch. Its filename is
init-handle-bootloader-identifier-in-kernel-parameters-v4.patch
This patch will shortly appear at
https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche…
This patch will later appear in the mm-nonmm-unstable branch at
git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next via the mm-everything
branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
and is updated there every 2-3 working days
------------------------------------------------------
From: Huacai Chen <chenhuacai(a)loongson.cn>
Subject: init-handle-bootloader-identifier-in-kernel-parameters-v4
Date: Fri, 15 Aug 2025 17:01:20 +0800
use strstarts()
Link: https://lkml.kernel.org/r/20250815090120.1569947-1-chenhuacai@loongson.cn
Signed-off-by: Huacai Chen <chenhuacai(a)loongson.cn>
Cc: Al Viro <viro(a)zeniv.linux.org.uk>
Cc: Christian Brauner <brauner(a)kernel.org>
Cc: Jan Kara <jack(a)suse.cz>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
init/main.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/init/main.c~init-handle-bootloader-identifier-in-kernel-parameters-v4
+++ a/init/main.c
@@ -559,7 +559,7 @@ static int __init unknown_bootoption(cha
/* Handle bootloader identifier */
for (int i = 0; bootloader[i]; i++) {
- if (!strncmp(param, bootloader[i], strlen(bootloader[i])))
+ if (strstarts(param, bootloader[i]))
return 0;
}
_
Patches currently in -mm which might be from chenhuacai(a)loongson.cn are
init-handle-bootloader-identifier-in-kernel-parameters.patch
init-handle-bootloader-identifier-in-kernel-parameters-v4.patch
1 month
- 1
- 0
[PATCH v5 RESEND] x86/cpu/intel: Fix the constant_tsc model check for Pentium 4
by Suchit Karunakaran
Pentium 4's which are INTEL_P4_PRESCOTT (model 0x03) and later have
a constant TSC. This was correctly captured until commit fadb6f569b10
("x86/cpu/intel: Limit the non-architectural constant_tsc model checks").
In that commit, an error was introduced while selecting the last P4
model (0x06) as the upper bound. Model 0x06 was transposed to
INTEL_P4_WILLAMETTE, which is just plain wrong. That was presumably a
simple typo, probably just copying and pasting the wrong P4 model.
Fix the constant TSC logic to cover all later P4 models. End at
INTEL_P4_CEDARMILL which accurately corresponds to the last P4 model.
Fixes: fadb6f569b10 ("x86/cpu/intel: Limit the non-architectural constant_tsc model checks")
Cc: <stable(a)vger.kernel.org> # v6.15
Reviewed-by: Sohil Mehta <sohil.mehta(a)intel.com>
Signed-off-by: Suchit Karunakaran <suchitkarunakaran(a)gmail.com>
---
Changes since v4:
- Updated the patch based on review suggestions
Changes since v3:
- Refined changelog
Changes since v2:
- Improved commit message
Changes since v1:
- Fixed incorrect logic
arch/x86/kernel/cpu/intel.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/x86/kernel/cpu/intel.c b/arch/x86/kernel/cpu/intel.c
index 076eaa41b8c8..98ae4c37c93e 100644
--- a/arch/x86/kernel/cpu/intel.c
+++ b/arch/x86/kernel/cpu/intel.c
@@ -262,7 +262,7 @@ static void early_init_intel(struct cpuinfo_x86 *c)
if (c->x86_power & (1 << 8)) {
set_cpu_cap(c, X86_FEATURE_CONSTANT_TSC);
set_cpu_cap(c, X86_FEATURE_NONSTOP_TSC);
- } else if ((c->x86_vfm >= INTEL_P4_PRESCOTT && c->x86_vfm <= INTEL_P4_WILLAMETTE) ||
+ } else if ((c->x86_vfm >= INTEL_P4_PRESCOTT && c->x86_vfm <= INTEL_P4_CEDARMILL) ||
(c->x86_vfm >= INTEL_CORE_YONAH && c->x86_vfm <= INTEL_IVYBRIDGE)) {
set_cpu_cap(c, X86_FEATURE_CONSTANT_TSC);
}
--
2.50.1
1 month
- 1
- 0
[BACKPORT REQUEST] mfd: cros_ec: Separate charge-control probing from USB-PD
by Thomas Weißschuh
Dear stable team,
I'd like to have the following commit backported to v6.16 and v6.15:
e40fc1160d49 ("mfd: cros_ec: Separate charge-control probing from USB-PD")
It fixes probing issues for the cros-charge-control driver, for details
see the commit message.
As far as I can see, the commit also was marked for -stable backporting
from the beginning. Somehow this doesn't seem to have worked.
Thanks for your consideration,
Thomas
1 month
- 2
- 1
FAILED: patch "[PATCH] PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable" failed to apply to 6.6-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.6-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y
git checkout FETCH_HEAD
git cherry-pick -x 6cff20ce3b92ffbf2fc5eb9e5a030b3672aa414a
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081509-uncrown-janitor-adad@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 6cff20ce3b92ffbf2fc5eb9e5a030b3672aa414a Mon Sep 17 00:00:00 2001
From: Lukas Wunner <lukas(a)wunner.de>
Date: Sun, 13 Jul 2025 16:31:01 +0200
Subject: [PATCH] PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable
ports
pci_bridge_d3_possible() is called from both pcie_portdrv_probe() and
pcie_portdrv_remove() to determine whether runtime power management shall
be enabled (on probe) or disabled (on remove) on a PCIe port.
The underlying assumption is that pci_bridge_d3_possible() always returns
the same value, else a runtime PM reference imbalance would occur. That
assumption is not given if the PCIe port is inaccessible on remove due to
hot-unplug: pci_bridge_d3_possible() calls pciehp_is_native(), which
accesses Config Space to determine whether the port is Hot-Plug Capable.
An inaccessible port returns "all ones", which is converted to "all
zeroes" by pcie_capability_read_dword(). Hence the port no longer seems
Hot-Plug Capable on remove even though it was on probe.
The resulting runtime PM ref imbalance causes warning messages such as:
pcieport 0000:02:04.0: Runtime PM usage count underflow!
Avoid the Config Space access (and thus the runtime PM ref imbalance) by
caching the Hot-Plug Capable bit in struct pci_dev.
The struct already contains an "is_hotplug_bridge" flag, which however is
not only set on Hot-Plug Capable PCIe ports, but also Conventional PCI
Hot-Plug bridges and ACPI slots. The flag identifies bridges which are
allocated additional MMIO and bus number resources to allow for hierarchy
expansion.
The kernel is somewhat sloppily using "is_hotplug_bridge" in a number of
places to identify Hot-Plug Capable PCIe ports, even though the flag
encompasses other devices. Subsequent commits replace these occurrences
with the new flag to clearly delineate Hot-Plug Capable PCIe ports from
other kinds of hotplug bridges.
Document the existing "is_hotplug_bridge" and the new "is_pciehp" flag
and document the (non-obvious) requirement that pci_bridge_d3_possible()
always returns the same value across the entire lifetime of a bridge,
including its hot-removal.
Fixes: 5352a44a561d ("PCI: pciehp: Make pciehp_is_native() stricter")
Reported-by: Laurent Bigonville <bigon(a)bigon.be>
Closes: https://bugzilla.kernel.org/show_bug.cgi?id=220216
Reported-by: Mario Limonciello <mario.limonciello(a)amd.com>
Closes: https://lore.kernel.org/r/20250609020223.269407-3-superm1@kernel.org/
Link: https://lore.kernel.org/all/20250620025535.3425049-3-superm1@kernel.org/T/#u
Signed-off-by: Lukas Wunner <lukas(a)wunner.de>
Signed-off-by: Bjorn Helgaas <bhelgaas(a)google.com>
Acked-by: Rafael J. Wysocki <rafael(a)kernel.org>
Cc: stable(a)vger.kernel.org # v4.18+
Link: https://patch.msgid.link/fe5dcc3b2e62ee1df7905d746bde161eb1b3291c.175239010…
diff --git a/drivers/pci/pci-acpi.c b/drivers/pci/pci-acpi.c
index b78e0e417324..efe478e5073e 100644
--- a/drivers/pci/pci-acpi.c
+++ b/drivers/pci/pci-acpi.c
@@ -816,13 +816,11 @@ int pci_acpi_program_hp_params(struct pci_dev *dev)
bool pciehp_is_native(struct pci_dev *bridge)
{
const struct pci_host_bridge *host;
- u32 slot_cap;
if (!IS_ENABLED(CONFIG_HOTPLUG_PCI_PCIE))
return false;
- pcie_capability_read_dword(bridge, PCI_EXP_SLTCAP, &slot_cap);
- if (!(slot_cap & PCI_EXP_SLTCAP_HPC))
+ if (!bridge->is_pciehp)
return false;
if (pcie_ports_native)
diff --git a/drivers/pci/pci.c b/drivers/pci/pci.c
index e9448d55113b..23d8fe98ddf9 100644
--- a/drivers/pci/pci.c
+++ b/drivers/pci/pci.c
@@ -3030,8 +3030,12 @@ static const struct dmi_system_id bridge_d3_blacklist[] = {
* pci_bridge_d3_possible - Is it possible to put the bridge into D3
* @bridge: Bridge to check
*
- * This function checks if it is possible to move the bridge to D3.
* Currently we only allow D3 for some PCIe ports and for Thunderbolt.
+ *
+ * Return: Whether it is possible to move the bridge to D3.
+ *
+ * The return value is guaranteed to be constant across the entire lifetime
+ * of the bridge, including its hot-removal.
*/
bool pci_bridge_d3_possible(struct pci_dev *bridge)
{
diff --git a/drivers/pci/probe.c b/drivers/pci/probe.c
index 4b8693ec9e4c..cf50be63bf5f 100644
--- a/drivers/pci/probe.c
+++ b/drivers/pci/probe.c
@@ -1678,7 +1678,7 @@ void set_pcie_hotplug_bridge(struct pci_dev *pdev)
pcie_capability_read_dword(pdev, PCI_EXP_SLTCAP, ®32);
if (reg32 & PCI_EXP_SLTCAP_HPC)
- pdev->is_hotplug_bridge = 1;
+ pdev->is_hotplug_bridge = pdev->is_pciehp = 1;
}
static void set_pcie_thunderbolt(struct pci_dev *dev)
diff --git a/include/linux/pci.h b/include/linux/pci.h
index 05e68f35f392..d56d0dd80afb 100644
--- a/include/linux/pci.h
+++ b/include/linux/pci.h
@@ -328,6 +328,11 @@ struct rcec_ea;
* determined (e.g., for Root Complex Integrated
* Endpoints without the relevant Capability
* Registers).
+ * @is_hotplug_bridge: Hotplug bridge of any kind (e.g. PCIe Hot-Plug Capable,
+ * Conventional PCI Hot-Plug, ACPI slot).
+ * Such bridges are allocated additional MMIO and bus
+ * number resources to allow for hierarchy expansion.
+ * @is_pciehp: PCIe Hot-Plug Capable bridge.
*/
struct pci_dev {
struct list_head bus_list; /* Node in per-bus list */
@@ -451,6 +456,7 @@ struct pci_dev {
unsigned int is_physfn:1;
unsigned int is_virtfn:1;
unsigned int is_hotplug_bridge:1;
+ unsigned int is_pciehp:1;
unsigned int shpc_managed:1; /* SHPC owned by shpchp */
unsigned int is_thunderbolt:1; /* Thunderbolt controller */
/*
1 month
- 2
- 1
FAILED: patch "[PATCH] block: Make REQ_OP_ZONE_FINISH a write operation" failed to apply to 6.1-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.1-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y
git checkout FETCH_HEAD
git cherry-pick -x 3f66ccbaaef3a0c5bd844eab04e3207b4061c546
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081543-myself-easiest-be00@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 3f66ccbaaef3a0c5bd844eab04e3207b4061c546 Mon Sep 17 00:00:00 2001
From: Damien Le Moal <dlemoal(a)kernel.org>
Date: Wed, 25 Jun 2025 18:33:23 +0900
Subject: [PATCH] block: Make REQ_OP_ZONE_FINISH a write operation
REQ_OP_ZONE_FINISH is defined as "12", which makes
op_is_write(REQ_OP_ZONE_FINISH) return false, despite the fact that a
zone finish operation is an operation that modifies a zone (transition
it to full) and so should be considered as a write operation (albeit
one that does not transfer any data to the device).
Fix this by redefining REQ_OP_ZONE_FINISH to be an odd number (13), and
redefine REQ_OP_ZONE_RESET and REQ_OP_ZONE_RESET_ALL using sequential
odd numbers from that new value.
Fixes: 6c1b1da58f8c ("block: add zone open, close and finish operations")
Cc: stable(a)vger.kernel.org
Signed-off-by: Damien Le Moal <dlemoal(a)kernel.org>
Reviewed-by: Bart Van Assche <bvanassche(a)acm.org>
Reviewed-by: Johannes Thumshirn <johannes.thumshirn(a)wdc.com>
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Link: https://lore.kernel.org/r/20250625093327.548866-2-dlemoal@kernel.org
Signed-off-by: Jens Axboe <axboe(a)kernel.dk>
diff --git a/include/linux/blk_types.h b/include/linux/blk_types.h
index 3d1577f07c1c..930daff207df 100644
--- a/include/linux/blk_types.h
+++ b/include/linux/blk_types.h
@@ -350,11 +350,11 @@ enum req_op {
/* Close a zone */
REQ_OP_ZONE_CLOSE = (__force blk_opf_t)11,
/* Transition a zone to full */
- REQ_OP_ZONE_FINISH = (__force blk_opf_t)12,
+ REQ_OP_ZONE_FINISH = (__force blk_opf_t)13,
/* reset a zone write pointer */
- REQ_OP_ZONE_RESET = (__force blk_opf_t)13,
+ REQ_OP_ZONE_RESET = (__force blk_opf_t)15,
/* reset all the zone present on the device */
- REQ_OP_ZONE_RESET_ALL = (__force blk_opf_t)15,
+ REQ_OP_ZONE_RESET_ALL = (__force blk_opf_t)17,
/* Driver private requests */
REQ_OP_DRV_IN = (__force blk_opf_t)34,
1 month
- 2
- 2
[STATUS] stable/linux-6.6.y - bb9c90ab9c5a1a933a0dfd302a3fde73642b2b06
by KernelCI bot
Hello,
Status summary for stable/linux-6.6.y
Dashboard:
https://d.kernelci.org/c/stable/linux-6.6.y/bb9c90ab9c5a1a933a0dfd302a3fde7…
giturl: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
branch: linux-6.6.y
commit hash: bb9c90ab9c5a1a933a0dfd302a3fde73642b2b06
origin: maestro
test start time: 2025-08-15 10:52:19.705000+00:00
Builds: 45 ✅ 0 ❌ 0 ⚠️
Boots: 60 ✅ 0 ❌ 42 ⚠️
Tests: 3948 ✅ 607 ❌ 1617 ⚠️
### POSSIBLE REGRESSIONS
No possible regressions observed.
### FIXED REGRESSIONS
No fixed regressions observed.
### UNSTABLE TESTS
Hardware: bcm2711-rpi-4-b
- boot (defconfig+lab-setup+kselftest)
last run: https://d.kernelci.org/test/maestro:689f184b233e484a3f986be3
history: > ✅ > ✅ > ⚠️
Hardware: dell-latitude-3445-7520c-skyrim
- boot (cros://chromeos-6.6/x86_64/chromeos-amd-stoneyridge.flavour.config+lab-setup+x86-board+CONFIG_MODULE_COMPRESS=n+CONFIG_MODULE_COMPRESS_NONE=y)
last run: https://d.kernelci.org/test/maestro:689f24dd233e484a3f98e2c2
history: > ⚠️ > ⚠️
Sent every day if there were changes in the past 24 hours.
Legend: ✅ PASS ❌ FAIL ⚠️ INCONCLUSIVE
--
This is an experimental report format. Please send feedback in!
Talk to us at kernelci(a)lists.linux.dev
Made with love by the KernelCI team - https://kernelci.org
1 month
- 1
- 0
[STATUS] stable/linux-6.12.y - 880e4ff5d6c8dc6b660f163a0e9b68b898cc6310
by KernelCI bot
Hello,
Status summary for stable/linux-6.12.y
Dashboard:
https://d.kernelci.org/c/stable/linux-6.12.y/880e4ff5d6c8dc6b660f163a0e9b68…
giturl: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
branch: linux-6.12.y
commit hash: 880e4ff5d6c8dc6b660f163a0e9b68b898cc6310
origin: maestro
test start time: 2025-08-15 10:52:20.130000+00:00
Builds: 44 ✅ 0 ❌ 1 ⚠️
Boots: 160 ✅ 1 ❌ 41 ⚠️
Tests: 10405 ✅ 5245 ❌ 3110 ⚠️
### POSSIBLE REGRESSIONS
No possible regressions observed.
### FIXED REGRESSIONS
No fixed regressions observed.
### UNSTABLE TESTS
Hardware: acer-cb317-1h-c3z6-dedede
- kernelci_wifi_basic (x86_64_defconfig+lab-setup+x86-board+kselftest)
last run: https://d.kernelci.org/test/maestro:689f1bf6233e484a3f98a8b1
history: > ⚠️ > ❌
Hardware: acer-chromebox-cxi4-puff
- tast (cros://chromeos-6.6/x86_64/chromeos-intel-pineview.flavour.config+lab-setup+x86-board+CONFIG_MODULE_COMPRESS=n+CONFIG_MODULE_COMPRESS_NONE=y)
last run: https://d.kernelci.org/test/maestro:689f2110233e484a3f98ccb7
history: > ⚠️ > ❌ > ⚠️ > ⚠️ > ⚠️
Hardware: bcm2711-rpi-4-b
- boot (defconfig+lab-setup+kselftest)
last run: https://d.kernelci.org/test/maestro:689f1a23233e484a3f9880c8
history: > ✅ > ✅ > ⚠️
Hardware: dell-latitude-3445-7520c-skyrim
- boot (cros://chromeos-6.6/x86_64/chromeos-amd-stoneyridge.flavour.config+lab-setup+x86-board+CONFIG_MODULE_COMPRESS=n+CONFIG_MODULE_COMPRESS_NONE=y)
last run: https://d.kernelci.org/test/maestro:689f17c2233e484a3f986a63
history: > ⚠️ > ⚠️
Hardware: hp-14-db0003na-grunt
- tast (cros://chromeos-6.6/x86_64/chromeos-amd-stoneyridge.flavour.config+lab-setup+x86-board+CONFIG_MODULE_COMPRESS=n+CONFIG_MODULE_COMPRESS_NONE=y)
last run: https://d.kernelci.org/test/maestro:689f17d9233e484a3f986b39
history: > ⚠️ > ❌ > ⚠️ > ⚠️ > ⚠️
Hardware: hp-x360-14a-cb0001xx-zork
- tast (cros://chromeos-6.6/x86_64/chromeos-amd-stoneyridge.flavour.config+lab-setup+x86-board+CONFIG_MODULE_COMPRESS=n+CONFIG_MODULE_COMPRESS_NONE=y)
last run: https://d.kernelci.org/test/maestro:689f17db233e484a3f986b42
history: > ⚠️ > ⚠️ > ⚠️ > ❌ > ⚠️
Hardware: lenovo-TPad-C13-Yoga-zork
- tast (cros://chromeos-6.6/x86_64/chromeos-amd-stoneyridge.flavour.config+lab-setup+x86-board+CONFIG_MODULE_COMPRESS=n+CONFIG_MODULE_COMPRESS_NONE=y)
last run: https://d.kernelci.org/test/maestro:689f17db233e484a3f986b45
history: > ⚠️ > ⚠️ > ⚠️ > ⚠️ > ⚠️
Sent every day if there were changes in the past 24 hours.
Legend: ✅ PASS ❌ FAIL ⚠️ INCONCLUSIVE
--
This is an experimental report format. Please send feedback in!
Talk to us at kernelci(a)lists.linux.dev
Made with love by the KernelCI team - https://kernelci.org
1 month
- 1
- 0
[STATUS] stable/linux-6.1.y - 0bc96de781b4da716c8dbd248af4b26d8d8341f5
by KernelCI bot
Hello,
Status summary for stable/linux-6.1.y
Dashboard:
https://d.kernelci.org/c/stable/linux-6.1.y/0bc96de781b4da716c8dbd248af4b26…
giturl: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
branch: linux-6.1.y
commit hash: 0bc96de781b4da716c8dbd248af4b26d8d8341f5
origin: maestro
test start time: 2025-08-15 10:52:19.284000+00:00
Builds: 44 ✅ 1 ❌ 0 ⚠️
Boots: 35 ✅ 0 ❌ 24 ⚠️
Tests: 1994 ✅ 166 ❌ 1054 ⚠️
### POSSIBLE REGRESSIONS
No possible regressions observed.
### FIXED REGRESSIONS
No fixed regressions observed.
### UNSTABLE TESTS
Hardware: bcm2711-rpi-4-b
- boot (defconfig+lab-setup+kselftest)
last run: https://d.kernelci.org/test/maestro:689f28a2233e484a3f98e9a8
history: > ✅ > ✅ > ⚠️
Sent every day if there were changes in the past 24 hours.
Legend: ✅ PASS ❌ FAIL ⚠️ INCONCLUSIVE
--
This is an experimental report format. Please send feedback in!
Talk to us at kernelci(a)lists.linux.dev
Made with love by the KernelCI team - https://kernelci.org
1 month
- 1
- 0
[PATCH 2/2] riscv, bpf: use lw when reading int cpu in bpf_get_smp_processor_id
by Radim Krčmář
emit_ld is wrong, because thread_info.cpu is 32-bit, not xlen-bit wide.
The struct currently has a hole after cpu, so little endian accesses
seemed fine.
Fixes: 2ddec2c80b44 ("riscv, bpf: inline bpf_get_smp_processor_id()")
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Radim Krčmář <rkrcmar(a)ventanamicro.com>
---
arch/riscv/net/bpf_jit_comp64.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/riscv/net/bpf_jit_comp64.c b/arch/riscv/net/bpf_jit_comp64.c
index 6e1554d89681..9883a55d61b5 100644
--- a/arch/riscv/net/bpf_jit_comp64.c
+++ b/arch/riscv/net/bpf_jit_comp64.c
@@ -1763,7 +1763,7 @@ int bpf_jit_emit_insn(const struct bpf_insn *insn, struct rv_jit_context *ctx,
*/
if (insn->src_reg == 0 && insn->imm == BPF_FUNC_get_smp_processor_id) {
/* Load current CPU number in R0 */
- emit_ld(bpf_to_rv_reg(BPF_REG_0, ctx), offsetof(struct thread_info, cpu),
+ emit_lw(bpf_to_rv_reg(BPF_REG_0, ctx), offsetof(struct thread_info, cpu),
RV_REG_TP, ctx);
break;
}
--
2.50.0
1 month
- 2
- 1
[PATCH 1/2] riscv, bpf: use lw when reading int cpu in BPF_MOV64_PERCPU_REG
by Radim Krčmář
emit_ld is wrong, because thread_info.cpu is 32-bit, not xlen-bit wide.
The struct currently has a hole after cpu, so little endian accesses
seemed fine.
Fixes: 19c56d4e5be1 ("riscv, bpf: add internal-only MOV instruction to resolve per-CPU addrs")
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Radim Krčmář <rkrcmar(a)ventanamicro.com>
---
arch/riscv/net/bpf_jit_comp64.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/riscv/net/bpf_jit_comp64.c b/arch/riscv/net/bpf_jit_comp64.c
index 10e01ff06312..6e1554d89681 100644
--- a/arch/riscv/net/bpf_jit_comp64.c
+++ b/arch/riscv/net/bpf_jit_comp64.c
@@ -1356,7 +1356,7 @@ int bpf_jit_emit_insn(const struct bpf_insn *insn, struct rv_jit_context *ctx,
emit_mv(rd, rs, ctx);
#ifdef CONFIG_SMP
/* Load current CPU number in T1 */
- emit_ld(RV_REG_T1, offsetof(struct thread_info, cpu),
+ emit_lw(RV_REG_T1, offsetof(struct thread_info, cpu),
RV_REG_TP, ctx);
/* Load address of __per_cpu_offset array in T2 */
emit_addr(RV_REG_T2, (u64)&__per_cpu_offset, extra_pass, ctx);
--
2.50.0
1 month
- 2
- 1
[PATCH v2] drm/mediatek: Fix device/node reference count leaks in mtk_drm_get_all_drm_priv
by Ma Ke
Using device_find_child() and of_find_device_by_node() to locate
devices could cause an imbalance in the device's reference count.
device_find_child() and of_find_device_by_node() both call
get_device() to increment the reference count of the found device
before returning the pointer. In mtk_drm_get_all_drm_priv(), these
references are never released through put_device(), resulting in
permanent reference count increments. Additionally, the
for_each_child_of_node() iterator fails to release node references in
all code paths. This leaks device node references when loop
termination occurs before reaching MAX_CRTC. These reference count
leaks may prevent device/node resources from being properly released
during driver unbind operations.
As comment of device_find_child() says, 'NOTE: you will need to drop
the reference with put_device() after use'.
Found by code review.
Cc: stable(a)vger.kernel.org
Fixes: 1ef7ed48356c ("drm/mediatek: Modify mediatek-drm for mt8195 multi mmsys support")
Signed-off-by: Ma Ke <make24(a)iscas.ac.cn>
---
Changes in v2:
- added goto labels as suggestions.
---
drivers/gpu/drm/mediatek/mtk_drm_drv.c | 21 ++++++++++++++-------
1 file changed, 14 insertions(+), 7 deletions(-)
diff --git a/drivers/gpu/drm/mediatek/mtk_drm_drv.c b/drivers/gpu/drm/mediatek/mtk_drm_drv.c
index d5e6bab36414..f8a817689e16 100644
--- a/drivers/gpu/drm/mediatek/mtk_drm_drv.c
+++ b/drivers/gpu/drm/mediatek/mtk_drm_drv.c
@@ -387,19 +387,19 @@ static bool mtk_drm_get_all_drm_priv(struct device *dev)
of_id = of_match_node(mtk_drm_of_ids, node);
if (!of_id)
- continue;
+ goto next_put_node;
pdev = of_find_device_by_node(node);
if (!pdev)
- continue;
+ goto next_put_node;
drm_dev = device_find_child(&pdev->dev, NULL, mtk_drm_match);
if (!drm_dev)
- continue;
+ goto next_put_device_pdev_dev;
temp_drm_priv = dev_get_drvdata(drm_dev);
if (!temp_drm_priv)
- continue;
+ goto next_put_device_drm_dev;
if (temp_drm_priv->data->main_len)
all_drm_priv[CRTC_MAIN] = temp_drm_priv;
@@ -411,10 +411,17 @@ static bool mtk_drm_get_all_drm_priv(struct device *dev)
if (temp_drm_priv->mtk_drm_bound)
cnt++;
- if (cnt == MAX_CRTC) {
- of_node_put(node);
+next_put_device_drm_dev:
+ put_device(drm_dev);
+
+next_put_device_pdev_dev:
+ put_device(&pdev->dev);
+
+next_put_node:
+ of_node_put(node);
+
+ if (cnt == MAX_CRTC)
break;
- }
}
if (drm_priv->data->mmsys_dev_num == cnt) {
--
2.25.1
1 month
- 3
- 2
FAILED: patch "[PATCH] PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable" failed to apply to 6.12-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.12-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.12.y
git checkout FETCH_HEAD
git cherry-pick -x 6cff20ce3b92ffbf2fc5eb9e5a030b3672aa414a
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081508-ultra-derived-f72d@gregkh' --subject-prefix 'PATCH 6.12.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 6cff20ce3b92ffbf2fc5eb9e5a030b3672aa414a Mon Sep 17 00:00:00 2001
From: Lukas Wunner <lukas(a)wunner.de>
Date: Sun, 13 Jul 2025 16:31:01 +0200
Subject: [PATCH] PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable
ports
pci_bridge_d3_possible() is called from both pcie_portdrv_probe() and
pcie_portdrv_remove() to determine whether runtime power management shall
be enabled (on probe) or disabled (on remove) on a PCIe port.
The underlying assumption is that pci_bridge_d3_possible() always returns
the same value, else a runtime PM reference imbalance would occur. That
assumption is not given if the PCIe port is inaccessible on remove due to
hot-unplug: pci_bridge_d3_possible() calls pciehp_is_native(), which
accesses Config Space to determine whether the port is Hot-Plug Capable.
An inaccessible port returns "all ones", which is converted to "all
zeroes" by pcie_capability_read_dword(). Hence the port no longer seems
Hot-Plug Capable on remove even though it was on probe.
The resulting runtime PM ref imbalance causes warning messages such as:
pcieport 0000:02:04.0: Runtime PM usage count underflow!
Avoid the Config Space access (and thus the runtime PM ref imbalance) by
caching the Hot-Plug Capable bit in struct pci_dev.
The struct already contains an "is_hotplug_bridge" flag, which however is
not only set on Hot-Plug Capable PCIe ports, but also Conventional PCI
Hot-Plug bridges and ACPI slots. The flag identifies bridges which are
allocated additional MMIO and bus number resources to allow for hierarchy
expansion.
The kernel is somewhat sloppily using "is_hotplug_bridge" in a number of
places to identify Hot-Plug Capable PCIe ports, even though the flag
encompasses other devices. Subsequent commits replace these occurrences
with the new flag to clearly delineate Hot-Plug Capable PCIe ports from
other kinds of hotplug bridges.
Document the existing "is_hotplug_bridge" and the new "is_pciehp" flag
and document the (non-obvious) requirement that pci_bridge_d3_possible()
always returns the same value across the entire lifetime of a bridge,
including its hot-removal.
Fixes: 5352a44a561d ("PCI: pciehp: Make pciehp_is_native() stricter")
Reported-by: Laurent Bigonville <bigon(a)bigon.be>
Closes: https://bugzilla.kernel.org/show_bug.cgi?id=220216
Reported-by: Mario Limonciello <mario.limonciello(a)amd.com>
Closes: https://lore.kernel.org/r/20250609020223.269407-3-superm1@kernel.org/
Link: https://lore.kernel.org/all/20250620025535.3425049-3-superm1@kernel.org/T/#u
Signed-off-by: Lukas Wunner <lukas(a)wunner.de>
Signed-off-by: Bjorn Helgaas <bhelgaas(a)google.com>
Acked-by: Rafael J. Wysocki <rafael(a)kernel.org>
Cc: stable(a)vger.kernel.org # v4.18+
Link: https://patch.msgid.link/fe5dcc3b2e62ee1df7905d746bde161eb1b3291c.175239010…
diff --git a/drivers/pci/pci-acpi.c b/drivers/pci/pci-acpi.c
index b78e0e417324..efe478e5073e 100644
--- a/drivers/pci/pci-acpi.c
+++ b/drivers/pci/pci-acpi.c
@@ -816,13 +816,11 @@ int pci_acpi_program_hp_params(struct pci_dev *dev)
bool pciehp_is_native(struct pci_dev *bridge)
{
const struct pci_host_bridge *host;
- u32 slot_cap;
if (!IS_ENABLED(CONFIG_HOTPLUG_PCI_PCIE))
return false;
- pcie_capability_read_dword(bridge, PCI_EXP_SLTCAP, &slot_cap);
- if (!(slot_cap & PCI_EXP_SLTCAP_HPC))
+ if (!bridge->is_pciehp)
return false;
if (pcie_ports_native)
diff --git a/drivers/pci/pci.c b/drivers/pci/pci.c
index e9448d55113b..23d8fe98ddf9 100644
--- a/drivers/pci/pci.c
+++ b/drivers/pci/pci.c
@@ -3030,8 +3030,12 @@ static const struct dmi_system_id bridge_d3_blacklist[] = {
* pci_bridge_d3_possible - Is it possible to put the bridge into D3
* @bridge: Bridge to check
*
- * This function checks if it is possible to move the bridge to D3.
* Currently we only allow D3 for some PCIe ports and for Thunderbolt.
+ *
+ * Return: Whether it is possible to move the bridge to D3.
+ *
+ * The return value is guaranteed to be constant across the entire lifetime
+ * of the bridge, including its hot-removal.
*/
bool pci_bridge_d3_possible(struct pci_dev *bridge)
{
diff --git a/drivers/pci/probe.c b/drivers/pci/probe.c
index 4b8693ec9e4c..cf50be63bf5f 100644
--- a/drivers/pci/probe.c
+++ b/drivers/pci/probe.c
@@ -1678,7 +1678,7 @@ void set_pcie_hotplug_bridge(struct pci_dev *pdev)
pcie_capability_read_dword(pdev, PCI_EXP_SLTCAP, ®32);
if (reg32 & PCI_EXP_SLTCAP_HPC)
- pdev->is_hotplug_bridge = 1;
+ pdev->is_hotplug_bridge = pdev->is_pciehp = 1;
}
static void set_pcie_thunderbolt(struct pci_dev *dev)
diff --git a/include/linux/pci.h b/include/linux/pci.h
index 05e68f35f392..d56d0dd80afb 100644
--- a/include/linux/pci.h
+++ b/include/linux/pci.h
@@ -328,6 +328,11 @@ struct rcec_ea;
* determined (e.g., for Root Complex Integrated
* Endpoints without the relevant Capability
* Registers).
+ * @is_hotplug_bridge: Hotplug bridge of any kind (e.g. PCIe Hot-Plug Capable,
+ * Conventional PCI Hot-Plug, ACPI slot).
+ * Such bridges are allocated additional MMIO and bus
+ * number resources to allow for hierarchy expansion.
+ * @is_pciehp: PCIe Hot-Plug Capable bridge.
*/
struct pci_dev {
struct list_head bus_list; /* Node in per-bus list */
@@ -451,6 +456,7 @@ struct pci_dev {
unsigned int is_physfn:1;
unsigned int is_virtfn:1;
unsigned int is_hotplug_bridge:1;
+ unsigned int is_pciehp:1;
unsigned int shpc_managed:1; /* SHPC owned by shpchp */
unsigned int is_thunderbolt:1; /* Thunderbolt controller */
/*
1 month
- 2
- 3
FAILED: patch "[PATCH] block: Make REQ_OP_ZONE_FINISH a write operation" failed to apply to 6.6-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.6-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y
git checkout FETCH_HEAD
git cherry-pick -x 3f66ccbaaef3a0c5bd844eab04e3207b4061c546
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081543-graffiti-nastily-6e2b@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 3f66ccbaaef3a0c5bd844eab04e3207b4061c546 Mon Sep 17 00:00:00 2001
From: Damien Le Moal <dlemoal(a)kernel.org>
Date: Wed, 25 Jun 2025 18:33:23 +0900
Subject: [PATCH] block: Make REQ_OP_ZONE_FINISH a write operation
REQ_OP_ZONE_FINISH is defined as "12", which makes
op_is_write(REQ_OP_ZONE_FINISH) return false, despite the fact that a
zone finish operation is an operation that modifies a zone (transition
it to full) and so should be considered as a write operation (albeit
one that does not transfer any data to the device).
Fix this by redefining REQ_OP_ZONE_FINISH to be an odd number (13), and
redefine REQ_OP_ZONE_RESET and REQ_OP_ZONE_RESET_ALL using sequential
odd numbers from that new value.
Fixes: 6c1b1da58f8c ("block: add zone open, close and finish operations")
Cc: stable(a)vger.kernel.org
Signed-off-by: Damien Le Moal <dlemoal(a)kernel.org>
Reviewed-by: Bart Van Assche <bvanassche(a)acm.org>
Reviewed-by: Johannes Thumshirn <johannes.thumshirn(a)wdc.com>
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Link: https://lore.kernel.org/r/20250625093327.548866-2-dlemoal@kernel.org
Signed-off-by: Jens Axboe <axboe(a)kernel.dk>
diff --git a/include/linux/blk_types.h b/include/linux/blk_types.h
index 3d1577f07c1c..930daff207df 100644
--- a/include/linux/blk_types.h
+++ b/include/linux/blk_types.h
@@ -350,11 +350,11 @@ enum req_op {
/* Close a zone */
REQ_OP_ZONE_CLOSE = (__force blk_opf_t)11,
/* Transition a zone to full */
- REQ_OP_ZONE_FINISH = (__force blk_opf_t)12,
+ REQ_OP_ZONE_FINISH = (__force blk_opf_t)13,
/* reset a zone write pointer */
- REQ_OP_ZONE_RESET = (__force blk_opf_t)13,
+ REQ_OP_ZONE_RESET = (__force blk_opf_t)15,
/* reset all the zone present on the device */
- REQ_OP_ZONE_RESET_ALL = (__force blk_opf_t)15,
+ REQ_OP_ZONE_RESET_ALL = (__force blk_opf_t)17,
/* Driver private requests */
REQ_OP_DRV_IN = (__force blk_opf_t)34,
1 month
- 2
- 2
FAILED: patch "[PATCH] fscrypt: Don't use problematic non-inline crypto engines" failed to apply to 6.1-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.1-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y
git checkout FETCH_HEAD
git cherry-pick -x b41c1d8d07906786c60893980d52688f31d114a6
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081514-salad-crumpet-f125@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From b41c1d8d07906786c60893980d52688f31d114a6 Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers(a)kernel.org>
Date: Fri, 4 Jul 2025 00:03:22 -0700
Subject: [PATCH] fscrypt: Don't use problematic non-inline crypto engines
Make fscrypt no longer use Crypto API drivers for non-inline crypto
engines, even when the Crypto API prioritizes them over CPU-based code
(which unfortunately it often does). These drivers tend to be really
problematic, especially for fscrypt's workload. This commit has no
effect on inline crypto engines, which are different and do work well.
Specifically, exclude drivers that have CRYPTO_ALG_KERN_DRIVER_ONLY or
CRYPTO_ALG_ALLOCATES_MEMORY set. (Later, CRYPTO_ALG_ASYNC should be
excluded too. That's omitted for now to keep this commit backportable,
since until recently some CPU-based code had CRYPTO_ALG_ASYNC set.)
There are two major issues with these drivers: bugs and performance.
First, these drivers tend to be buggy. They're fundamentally much more
error-prone and harder to test than the CPU-based code. They often
don't get tested before kernel releases, and even if they do, the crypto
self-tests don't properly test these drivers. Released drivers have
en/decrypted or hashed data incorrectly. These bugs cause issues for
fscrypt users who often didn't even want to use these drivers, e.g.:
- https://github.com/google/fscryptctl/issues/32
- https://github.com/google/fscryptctl/issues/9
- https://lore.kernel.org/r/PH0PR02MB731916ECDB6C613665863B6CFFAA2@PH0PR02MB7…
These drivers have also similarly caused issues for dm-crypt users,
including data corruption and deadlocks. Since Linux v5.10, dm-crypt
has disabled most of them by excluding CRYPTO_ALG_ALLOCATES_MEMORY.
Second, these drivers tend to be *much* slower than the CPU-based code.
This may seem counterintuitive, but benchmarks clearly show it. There's
a *lot* of overhead associated with going to a hardware driver, off the
CPU, and back again. To prove this, I gathered as many systems with
this type of crypto engine as I could, and I measured synchronous
encryption of 4096-byte messages (which matches fscrypt's workload):
Intel Emerald Rapids server:
AES-256-XTS:
xts-aes-vaes-avx512 16171 MB/s [CPU-based, Vector AES]
qat_aes_xts 289 MB/s [Offload, Intel QuickAssist]
Qualcomm SM8650 HDK:
AES-256-XTS:
xts-aes-ce 4301 MB/s [CPU-based, ARMv8 Crypto Extensions]
xts-aes-qce 73 MB/s [Offload, Qualcomm Crypto Engine]
i.MX 8M Nano LPDDR4 EVK:
AES-256-XTS:
xts-aes-ce 647 MB/s [CPU-based, ARMv8 Crypto Extensions]
xts(ecb-aes-caam) 20 MB/s [Offload, CAAM]
AES-128-CBC-ESSIV:
essiv(cbc-aes-caam,sha256-lib) 23 MB/s [Offload, CAAM]
STM32MP157F-DK2:
AES-256-XTS:
xts-aes-neonbs 13.2 MB/s [CPU-based, ARM NEON]
xts(stm32-ecb-aes) 3.1 MB/s [Offload, STM32 crypto engine]
AES-128-CBC-ESSIV:
essiv(cbc-aes-neonbs,sha256-lib)
14.7 MB/s [CPU-based, ARM NEON]
essiv(stm32-cbc-aes,sha256-lib)
3.2 MB/s [Offload, STM32 crypto engine]
Adiantum:
adiantum(xchacha12-arm,aes-arm,nhpoly1305-neon)
52.8 MB/s [CPU-based, ARM scalar + NEON]
So, there was no case in which the crypto engine was even *close* to
being faster. On the first three, which have AES instructions in the
CPU, the CPU was 30 to 55 times faster (!). Even on STM32MP157F-DK2
which has a Cortex-A7 CPU that doesn't have AES instructions, AES was
over 4 times faster on the CPU. And Adiantum encryption, which is what
actually should be used on CPUs like that, was over 17 times faster.
Other justifications that have been given for these non-inline crypto
engines (almost always coming from the hardware vendors, not actual
users) don't seem very plausible either:
- The crypto engine throughput could be improved by processing
multiple requests concurrently. Currently irrelevant to fscrypt,
since it doesn't do that. This would also be complex, and unhelpful
in many cases. 2 of the 4 engines I tested even had only one queue.
- Some of the engines, e.g. STM32, support hardware keys. Also
currently irrelevant to fscrypt, since it doesn't support these.
Interestingly, the STM32 driver itself doesn't support this either.
- Free up CPU for other tasks and/or reduce energy usage. Not very
plausible considering the "short" message length, driver overhead,
and scheduling overhead. There's just very little time for the CPU
to do something else like run another task or enter low-power state,
before the message finishes and it's time to process the next one.
- Some of these engines resist power analysis and electromagnetic
attacks, while the CPU-based crypto generally does not. In theory,
this sounds great. In practice, if this benefit requires the use of
an off-CPU offload that massively regresses performance and has a
low-quality, buggy driver, the price for this hardening (which is
not relevant to most fscrypt users, and tends to be incomplete) is
just too high. Inline crypto engines are much more promising here,
as are on-CPU solutions like RISC-V High Assurance Cryptography.
Fixes: b30ab0e03407 ("ext4 crypto: add ext4 encryption facilities")
Cc: stable(a)vger.kernel.org
Acked-by: Ard Biesheuvel <ardb(a)kernel.org>
Link: https://lore.kernel.org/r/20250704070322.20692-1-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers(a)kernel.org>
diff --git a/Documentation/filesystems/fscrypt.rst b/Documentation/filesystems/fscrypt.rst
index f63791641c1d..696a5844bfa3 100644
--- a/Documentation/filesystems/fscrypt.rst
+++ b/Documentation/filesystems/fscrypt.rst
@@ -147,9 +147,8 @@ However, these ioctls have some limitations:
were wiped. To partially solve this, you can add init_on_free=1 to
your kernel command line. However, this has a performance cost.
-- Secret keys might still exist in CPU registers, in crypto
- accelerator hardware (if used by the crypto API to implement any of
- the algorithms), or in other places not explicitly considered here.
+- Secret keys might still exist in CPU registers or in other places
+ not explicitly considered here.
Full system compromise
~~~~~~~~~~~~~~~~~~~~~~
@@ -406,9 +405,12 @@ the work is done by XChaCha12, which is much faster than AES when AES
acceleration is unavailable. For more information about Adiantum, see
`the Adiantum paper <https://eprint.iacr.org/2018/720.pdf>`_.
-The (AES-128-CBC-ESSIV, AES-128-CBC-CTS) pair exists only to support
-systems whose only form of AES acceleration is an off-CPU crypto
-accelerator such as CAAM or CESA that does not support XTS.
+The (AES-128-CBC-ESSIV, AES-128-CBC-CTS) pair was added to try to
+provide a more efficient option for systems that lack AES instructions
+in the CPU but do have a non-inline crypto engine such as CAAM or CESA
+that supports AES-CBC (and not AES-XTS). This is deprecated. It has
+been shown that just doing AES on the CPU is actually faster.
+Moreover, Adiantum is faster still and is recommended on such systems.
The remaining mode pairs are the "national pride ciphers":
@@ -1318,22 +1320,13 @@ this by validating all top-level encryption policies prior to access.
Inline encryption support
=========================
-By default, fscrypt uses the kernel crypto API for all cryptographic
-operations (other than HKDF, which fscrypt partially implements
-itself). The kernel crypto API supports hardware crypto accelerators,
-but only ones that work in the traditional way where all inputs and
-outputs (e.g. plaintexts and ciphertexts) are in memory. fscrypt can
-take advantage of such hardware, but the traditional acceleration
-model isn't particularly efficient and fscrypt hasn't been optimized
-for it.
-
-Instead, many newer systems (especially mobile SoCs) have *inline
-encryption hardware* that can encrypt/decrypt data while it is on its
-way to/from the storage device. Linux supports inline encryption
-through a set of extensions to the block layer called *blk-crypto*.
-blk-crypto allows filesystems to attach encryption contexts to bios
-(I/O requests) to specify how the data will be encrypted or decrypted
-in-line. For more information about blk-crypto, see
+Many newer systems (especially mobile SoCs) have *inline encryption
+hardware* that can encrypt/decrypt data while it is on its way to/from
+the storage device. Linux supports inline encryption through a set of
+extensions to the block layer called *blk-crypto*. blk-crypto allows
+filesystems to attach encryption contexts to bios (I/O requests) to
+specify how the data will be encrypted or decrypted in-line. For more
+information about blk-crypto, see
:ref:`Documentation/block/inline-encryption.rst <inline_encryption>`.
On supported filesystems (currently ext4 and f2fs), fscrypt can use
diff --git a/fs/crypto/fscrypt_private.h b/fs/crypto/fscrypt_private.h
index c1d92074b65c..6e7164530a1e 100644
--- a/fs/crypto/fscrypt_private.h
+++ b/fs/crypto/fscrypt_private.h
@@ -45,6 +45,23 @@
*/
#undef FSCRYPT_MAX_KEY_SIZE
+/*
+ * This mask is passed as the third argument to the crypto_alloc_*() functions
+ * to prevent fscrypt from using the Crypto API drivers for non-inline crypto
+ * engines. Those drivers have been problematic for fscrypt. fscrypt users
+ * have reported hangs and even incorrect en/decryption with these drivers.
+ * Since going to the driver, off CPU, and back again is really slow, such
+ * drivers can be over 50 times slower than the CPU-based code for fscrypt's
+ * workload. Even on platforms that lack AES instructions on the CPU, using the
+ * offloads has been shown to be slower, even staying with AES. (Of course,
+ * Adiantum is faster still, and is the recommended option on such platforms...)
+ *
+ * Note that fscrypt also supports inline crypto engines. Those don't use the
+ * Crypto API and work much better than the old-style (non-inline) engines.
+ */
+#define FSCRYPT_CRYPTOAPI_MASK \
+ (CRYPTO_ALG_ALLOCATES_MEMORY | CRYPTO_ALG_KERN_DRIVER_ONLY)
+
#define FSCRYPT_CONTEXT_V1 1
#define FSCRYPT_CONTEXT_V2 2
diff --git a/fs/crypto/hkdf.c b/fs/crypto/hkdf.c
index 5c095c8aa3b5..b1ef506cd341 100644
--- a/fs/crypto/hkdf.c
+++ b/fs/crypto/hkdf.c
@@ -58,7 +58,7 @@ int fscrypt_init_hkdf(struct fscrypt_hkdf *hkdf, const u8 *master_key,
u8 prk[HKDF_HASHLEN];
int err;
- hmac_tfm = crypto_alloc_shash(HKDF_HMAC_ALG, 0, 0);
+ hmac_tfm = crypto_alloc_shash(HKDF_HMAC_ALG, 0, FSCRYPT_CRYPTOAPI_MASK);
if (IS_ERR(hmac_tfm)) {
fscrypt_err(NULL, "Error allocating " HKDF_HMAC_ALG ": %ld",
PTR_ERR(hmac_tfm));
diff --git a/fs/crypto/keysetup.c b/fs/crypto/keysetup.c
index a67e20d126c9..74d4a2e1ad23 100644
--- a/fs/crypto/keysetup.c
+++ b/fs/crypto/keysetup.c
@@ -104,7 +104,8 @@ fscrypt_allocate_skcipher(struct fscrypt_mode *mode, const u8 *raw_key,
struct crypto_skcipher *tfm;
int err;
- tfm = crypto_alloc_skcipher(mode->cipher_str, 0, 0);
+ tfm = crypto_alloc_skcipher(mode->cipher_str, 0,
+ FSCRYPT_CRYPTOAPI_MASK);
if (IS_ERR(tfm)) {
if (PTR_ERR(tfm) == -ENOENT) {
fscrypt_warn(inode,
diff --git a/fs/crypto/keysetup_v1.c b/fs/crypto/keysetup_v1.c
index b70521c55132..158ceae8a5bc 100644
--- a/fs/crypto/keysetup_v1.c
+++ b/fs/crypto/keysetup_v1.c
@@ -52,7 +52,8 @@ static int derive_key_aes(const u8 *master_key,
struct skcipher_request *req = NULL;
DECLARE_CRYPTO_WAIT(wait);
struct scatterlist src_sg, dst_sg;
- struct crypto_skcipher *tfm = crypto_alloc_skcipher("ecb(aes)", 0, 0);
+ struct crypto_skcipher *tfm =
+ crypto_alloc_skcipher("ecb(aes)", 0, FSCRYPT_CRYPTOAPI_MASK);
if (IS_ERR(tfm)) {
res = PTR_ERR(tfm);
1 month
- 2
- 1
FAILED: patch "[PATCH] fscrypt: Don't use problematic non-inline crypto engines" failed to apply to 6.6-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.6-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y
git checkout FETCH_HEAD
git cherry-pick -x b41c1d8d07906786c60893980d52688f31d114a6
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081512-filter-droop-370f@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From b41c1d8d07906786c60893980d52688f31d114a6 Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers(a)kernel.org>
Date: Fri, 4 Jul 2025 00:03:22 -0700
Subject: [PATCH] fscrypt: Don't use problematic non-inline crypto engines
Make fscrypt no longer use Crypto API drivers for non-inline crypto
engines, even when the Crypto API prioritizes them over CPU-based code
(which unfortunately it often does). These drivers tend to be really
problematic, especially for fscrypt's workload. This commit has no
effect on inline crypto engines, which are different and do work well.
Specifically, exclude drivers that have CRYPTO_ALG_KERN_DRIVER_ONLY or
CRYPTO_ALG_ALLOCATES_MEMORY set. (Later, CRYPTO_ALG_ASYNC should be
excluded too. That's omitted for now to keep this commit backportable,
since until recently some CPU-based code had CRYPTO_ALG_ASYNC set.)
There are two major issues with these drivers: bugs and performance.
First, these drivers tend to be buggy. They're fundamentally much more
error-prone and harder to test than the CPU-based code. They often
don't get tested before kernel releases, and even if they do, the crypto
self-tests don't properly test these drivers. Released drivers have
en/decrypted or hashed data incorrectly. These bugs cause issues for
fscrypt users who often didn't even want to use these drivers, e.g.:
- https://github.com/google/fscryptctl/issues/32
- https://github.com/google/fscryptctl/issues/9
- https://lore.kernel.org/r/PH0PR02MB731916ECDB6C613665863B6CFFAA2@PH0PR02MB7…
These drivers have also similarly caused issues for dm-crypt users,
including data corruption and deadlocks. Since Linux v5.10, dm-crypt
has disabled most of them by excluding CRYPTO_ALG_ALLOCATES_MEMORY.
Second, these drivers tend to be *much* slower than the CPU-based code.
This may seem counterintuitive, but benchmarks clearly show it. There's
a *lot* of overhead associated with going to a hardware driver, off the
CPU, and back again. To prove this, I gathered as many systems with
this type of crypto engine as I could, and I measured synchronous
encryption of 4096-byte messages (which matches fscrypt's workload):
Intel Emerald Rapids server:
AES-256-XTS:
xts-aes-vaes-avx512 16171 MB/s [CPU-based, Vector AES]
qat_aes_xts 289 MB/s [Offload, Intel QuickAssist]
Qualcomm SM8650 HDK:
AES-256-XTS:
xts-aes-ce 4301 MB/s [CPU-based, ARMv8 Crypto Extensions]
xts-aes-qce 73 MB/s [Offload, Qualcomm Crypto Engine]
i.MX 8M Nano LPDDR4 EVK:
AES-256-XTS:
xts-aes-ce 647 MB/s [CPU-based, ARMv8 Crypto Extensions]
xts(ecb-aes-caam) 20 MB/s [Offload, CAAM]
AES-128-CBC-ESSIV:
essiv(cbc-aes-caam,sha256-lib) 23 MB/s [Offload, CAAM]
STM32MP157F-DK2:
AES-256-XTS:
xts-aes-neonbs 13.2 MB/s [CPU-based, ARM NEON]
xts(stm32-ecb-aes) 3.1 MB/s [Offload, STM32 crypto engine]
AES-128-CBC-ESSIV:
essiv(cbc-aes-neonbs,sha256-lib)
14.7 MB/s [CPU-based, ARM NEON]
essiv(stm32-cbc-aes,sha256-lib)
3.2 MB/s [Offload, STM32 crypto engine]
Adiantum:
adiantum(xchacha12-arm,aes-arm,nhpoly1305-neon)
52.8 MB/s [CPU-based, ARM scalar + NEON]
So, there was no case in which the crypto engine was even *close* to
being faster. On the first three, which have AES instructions in the
CPU, the CPU was 30 to 55 times faster (!). Even on STM32MP157F-DK2
which has a Cortex-A7 CPU that doesn't have AES instructions, AES was
over 4 times faster on the CPU. And Adiantum encryption, which is what
actually should be used on CPUs like that, was over 17 times faster.
Other justifications that have been given for these non-inline crypto
engines (almost always coming from the hardware vendors, not actual
users) don't seem very plausible either:
- The crypto engine throughput could be improved by processing
multiple requests concurrently. Currently irrelevant to fscrypt,
since it doesn't do that. This would also be complex, and unhelpful
in many cases. 2 of the 4 engines I tested even had only one queue.
- Some of the engines, e.g. STM32, support hardware keys. Also
currently irrelevant to fscrypt, since it doesn't support these.
Interestingly, the STM32 driver itself doesn't support this either.
- Free up CPU for other tasks and/or reduce energy usage. Not very
plausible considering the "short" message length, driver overhead,
and scheduling overhead. There's just very little time for the CPU
to do something else like run another task or enter low-power state,
before the message finishes and it's time to process the next one.
- Some of these engines resist power analysis and electromagnetic
attacks, while the CPU-based crypto generally does not. In theory,
this sounds great. In practice, if this benefit requires the use of
an off-CPU offload that massively regresses performance and has a
low-quality, buggy driver, the price for this hardening (which is
not relevant to most fscrypt users, and tends to be incomplete) is
just too high. Inline crypto engines are much more promising here,
as are on-CPU solutions like RISC-V High Assurance Cryptography.
Fixes: b30ab0e03407 ("ext4 crypto: add ext4 encryption facilities")
Cc: stable(a)vger.kernel.org
Acked-by: Ard Biesheuvel <ardb(a)kernel.org>
Link: https://lore.kernel.org/r/20250704070322.20692-1-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers(a)kernel.org>
diff --git a/Documentation/filesystems/fscrypt.rst b/Documentation/filesystems/fscrypt.rst
index f63791641c1d..696a5844bfa3 100644
--- a/Documentation/filesystems/fscrypt.rst
+++ b/Documentation/filesystems/fscrypt.rst
@@ -147,9 +147,8 @@ However, these ioctls have some limitations:
were wiped. To partially solve this, you can add init_on_free=1 to
your kernel command line. However, this has a performance cost.
-- Secret keys might still exist in CPU registers, in crypto
- accelerator hardware (if used by the crypto API to implement any of
- the algorithms), or in other places not explicitly considered here.
+- Secret keys might still exist in CPU registers or in other places
+ not explicitly considered here.
Full system compromise
~~~~~~~~~~~~~~~~~~~~~~
@@ -406,9 +405,12 @@ the work is done by XChaCha12, which is much faster than AES when AES
acceleration is unavailable. For more information about Adiantum, see
`the Adiantum paper <https://eprint.iacr.org/2018/720.pdf>`_.
-The (AES-128-CBC-ESSIV, AES-128-CBC-CTS) pair exists only to support
-systems whose only form of AES acceleration is an off-CPU crypto
-accelerator such as CAAM or CESA that does not support XTS.
+The (AES-128-CBC-ESSIV, AES-128-CBC-CTS) pair was added to try to
+provide a more efficient option for systems that lack AES instructions
+in the CPU but do have a non-inline crypto engine such as CAAM or CESA
+that supports AES-CBC (and not AES-XTS). This is deprecated. It has
+been shown that just doing AES on the CPU is actually faster.
+Moreover, Adiantum is faster still and is recommended on such systems.
The remaining mode pairs are the "national pride ciphers":
@@ -1318,22 +1320,13 @@ this by validating all top-level encryption policies prior to access.
Inline encryption support
=========================
-By default, fscrypt uses the kernel crypto API for all cryptographic
-operations (other than HKDF, which fscrypt partially implements
-itself). The kernel crypto API supports hardware crypto accelerators,
-but only ones that work in the traditional way where all inputs and
-outputs (e.g. plaintexts and ciphertexts) are in memory. fscrypt can
-take advantage of such hardware, but the traditional acceleration
-model isn't particularly efficient and fscrypt hasn't been optimized
-for it.
-
-Instead, many newer systems (especially mobile SoCs) have *inline
-encryption hardware* that can encrypt/decrypt data while it is on its
-way to/from the storage device. Linux supports inline encryption
-through a set of extensions to the block layer called *blk-crypto*.
-blk-crypto allows filesystems to attach encryption contexts to bios
-(I/O requests) to specify how the data will be encrypted or decrypted
-in-line. For more information about blk-crypto, see
+Many newer systems (especially mobile SoCs) have *inline encryption
+hardware* that can encrypt/decrypt data while it is on its way to/from
+the storage device. Linux supports inline encryption through a set of
+extensions to the block layer called *blk-crypto*. blk-crypto allows
+filesystems to attach encryption contexts to bios (I/O requests) to
+specify how the data will be encrypted or decrypted in-line. For more
+information about blk-crypto, see
:ref:`Documentation/block/inline-encryption.rst <inline_encryption>`.
On supported filesystems (currently ext4 and f2fs), fscrypt can use
diff --git a/fs/crypto/fscrypt_private.h b/fs/crypto/fscrypt_private.h
index c1d92074b65c..6e7164530a1e 100644
--- a/fs/crypto/fscrypt_private.h
+++ b/fs/crypto/fscrypt_private.h
@@ -45,6 +45,23 @@
*/
#undef FSCRYPT_MAX_KEY_SIZE
+/*
+ * This mask is passed as the third argument to the crypto_alloc_*() functions
+ * to prevent fscrypt from using the Crypto API drivers for non-inline crypto
+ * engines. Those drivers have been problematic for fscrypt. fscrypt users
+ * have reported hangs and even incorrect en/decryption with these drivers.
+ * Since going to the driver, off CPU, and back again is really slow, such
+ * drivers can be over 50 times slower than the CPU-based code for fscrypt's
+ * workload. Even on platforms that lack AES instructions on the CPU, using the
+ * offloads has been shown to be slower, even staying with AES. (Of course,
+ * Adiantum is faster still, and is the recommended option on such platforms...)
+ *
+ * Note that fscrypt also supports inline crypto engines. Those don't use the
+ * Crypto API and work much better than the old-style (non-inline) engines.
+ */
+#define FSCRYPT_CRYPTOAPI_MASK \
+ (CRYPTO_ALG_ALLOCATES_MEMORY | CRYPTO_ALG_KERN_DRIVER_ONLY)
+
#define FSCRYPT_CONTEXT_V1 1
#define FSCRYPT_CONTEXT_V2 2
diff --git a/fs/crypto/hkdf.c b/fs/crypto/hkdf.c
index 5c095c8aa3b5..b1ef506cd341 100644
--- a/fs/crypto/hkdf.c
+++ b/fs/crypto/hkdf.c
@@ -58,7 +58,7 @@ int fscrypt_init_hkdf(struct fscrypt_hkdf *hkdf, const u8 *master_key,
u8 prk[HKDF_HASHLEN];
int err;
- hmac_tfm = crypto_alloc_shash(HKDF_HMAC_ALG, 0, 0);
+ hmac_tfm = crypto_alloc_shash(HKDF_HMAC_ALG, 0, FSCRYPT_CRYPTOAPI_MASK);
if (IS_ERR(hmac_tfm)) {
fscrypt_err(NULL, "Error allocating " HKDF_HMAC_ALG ": %ld",
PTR_ERR(hmac_tfm));
diff --git a/fs/crypto/keysetup.c b/fs/crypto/keysetup.c
index a67e20d126c9..74d4a2e1ad23 100644
--- a/fs/crypto/keysetup.c
+++ b/fs/crypto/keysetup.c
@@ -104,7 +104,8 @@ fscrypt_allocate_skcipher(struct fscrypt_mode *mode, const u8 *raw_key,
struct crypto_skcipher *tfm;
int err;
- tfm = crypto_alloc_skcipher(mode->cipher_str, 0, 0);
+ tfm = crypto_alloc_skcipher(mode->cipher_str, 0,
+ FSCRYPT_CRYPTOAPI_MASK);
if (IS_ERR(tfm)) {
if (PTR_ERR(tfm) == -ENOENT) {
fscrypt_warn(inode,
diff --git a/fs/crypto/keysetup_v1.c b/fs/crypto/keysetup_v1.c
index b70521c55132..158ceae8a5bc 100644
--- a/fs/crypto/keysetup_v1.c
+++ b/fs/crypto/keysetup_v1.c
@@ -52,7 +52,8 @@ static int derive_key_aes(const u8 *master_key,
struct skcipher_request *req = NULL;
DECLARE_CRYPTO_WAIT(wait);
struct scatterlist src_sg, dst_sg;
- struct crypto_skcipher *tfm = crypto_alloc_skcipher("ecb(aes)", 0, 0);
+ struct crypto_skcipher *tfm =
+ crypto_alloc_skcipher("ecb(aes)", 0, FSCRYPT_CRYPTOAPI_MASK);
if (IS_ERR(tfm)) {
res = PTR_ERR(tfm);
1 month
- 2
- 1
[PATCH v2] drm/nouveau/gsp: fix mismatched alloc/free for kvmalloc()
by Qianfeng Rong
Replace kfree() with kvfree() for memory allocated by kvmalloc().
Compile-tested only.
Cc: stable(a)vger.kernel.org
Fixes: 8a8b1ec5261f ("drm/nouveau/gsp: split rpc handling out on its own")
Signed-off-by: Qianfeng Rong <rongqianfeng(a)vivo.com>
Reviewed-by: Timur Tabi <ttabi(a)nvidia.com>
Acked-by: Zhi Wang <zhiw(a)nvidia.com>
---
v2: Add a Fixes: tag.
---
drivers/gpu/drm/nouveau/nvkm/subdev/gsp/rm/r535/rpc.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/gpu/drm/nouveau/nvkm/subdev/gsp/rm/r535/rpc.c b/drivers/gpu/drm/nouveau/nvkm/subdev/gsp/rm/r535/rpc.c
index 9d06ff722fea..0dc4782df8c0 100644
--- a/drivers/gpu/drm/nouveau/nvkm/subdev/gsp/rm/r535/rpc.c
+++ b/drivers/gpu/drm/nouveau/nvkm/subdev/gsp/rm/r535/rpc.c
@@ -325,7 +325,7 @@ r535_gsp_msgq_recv(struct nvkm_gsp *gsp, u32 gsp_rpc_len, int *retries)
rpc = r535_gsp_msgq_peek(gsp, sizeof(*rpc), info.retries);
if (IS_ERR_OR_NULL(rpc)) {
- kfree(buf);
+ kvfree(buf);
return rpc;
}
@@ -334,7 +334,7 @@ r535_gsp_msgq_recv(struct nvkm_gsp *gsp, u32 gsp_rpc_len, int *retries)
rpc = r535_gsp_msgq_recv_one_elem(gsp, &info);
if (IS_ERR_OR_NULL(rpc)) {
- kfree(buf);
+ kvfree(buf);
return rpc;
}
--
2.34.1
1 month
- 2
- 1
[PATCH v3 0/2] iterate_folioq bug when offset==size (Was: [REGRESSION] 9pfs issues on 6.12-rc1)
by Dominique Martinet via B4 Relay
So we've had this regression in 9p for.. almost a year, which is way too
long, but there was no "easy" reproducer until yesterday (thank you
again!!)
It turned out to be a bug with iov_iter on folios,
iov_iter_get_pages_alloc2() would advance the iov_iter correctly up to
the end edge of a folio and the later copy_to_iter() fails on the
iterate_folioq() bug.
Happy to consider alternative ways of fixing this, now there's a
reproducer it's all much clearer; for the bug to be visible we basically
need to make and IO with non-contiguous folios in the iov_iter which is
not obvious to test with synthetic VMs, with size that triggers a
zero-copy read followed by a non-zero-copy read.
Signed-off-by: Dominique Martinet <asmadeus(a)codewreck.org>
---
Changes in v3:
- convert 'goto next' to a big "if there is valid data in current folio"
Future optimizations can remove it again after making sure this (iov iter
advanced to end of folio) can never happen.
- Link to v2: https://lore.kernel.org/r/20250812-iot_iter_folio-v2-0-f99423309478@codewre…
Changes in v2:
- Fixed 'remain' being used uninitialized in iterate_folioq when going
through the goto
- s/forwarded/advanced in commit message
- Link to v1: https://lore.kernel.org/r/20250811-iot_iter_folio-v1-0-d9c223adf93c@codewre…
---
Dominique Martinet (2):
iov_iter: iterate_folioq: fix handling of offset >= folio size
iov_iter: iov_folioq_get_pages: don't leave empty slot behind
include/linux/iov_iter.h | 20 +++++++++++---------
lib/iov_iter.c | 6 +++---
2 files changed, 14 insertions(+), 12 deletions(-)
---
base-commit: 8f5ae30d69d7543eee0d70083daf4de8fe15d585
change-id: 20250811-iot_iter_folio-1b7849f88fed
Best regards,
--
Dominique Martinet <asmadeus(a)codewreck.org>
1 month
- 3
- 3
FAILED: patch "[PATCH] NFS: Fix the setting of capabilities when automounting a new" failed to apply to 5.10-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.10-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y
git checkout FETCH_HEAD
git cherry-pick -x b01f21cacde9f2878492cf318fee61bf4ccad323
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081556-disprove-clumsy-91a1@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From b01f21cacde9f2878492cf318fee61bf4ccad323 Mon Sep 17 00:00:00 2001
From: Trond Myklebust <trond.myklebust(a)hammerspace.com>
Date: Sun, 3 Aug 2025 14:31:59 -0700
Subject: [PATCH] NFS: Fix the setting of capabilities when automounting a new
filesystem
Capabilities cannot be inherited when we cross into a new filesystem.
They need to be reset to the minimal defaults, and then probed for
again.
Fixes: 54ceac451598 ("NFS: Share NFS superblocks per-protocol per-server per-FSID")
Cc: stable(a)vger.kernel.org
Reviewed-by: Benjamin Coddington <bcodding(a)redhat.com>
Signed-off-by: Trond Myklebust <trond.myklebust(a)hammerspace.com>
diff --git a/fs/nfs/client.c b/fs/nfs/client.c
index e13eb429b8b5..8fb4a950dd55 100644
--- a/fs/nfs/client.c
+++ b/fs/nfs/client.c
@@ -682,6 +682,44 @@ struct nfs_client *nfs_init_client(struct nfs_client *clp,
}
EXPORT_SYMBOL_GPL(nfs_init_client);
+static void nfs4_server_set_init_caps(struct nfs_server *server)
+{
+#if IS_ENABLED(CONFIG_NFS_V4)
+ /* Set the basic capabilities */
+ server->caps = server->nfs_client->cl_mvops->init_caps;
+ if (server->flags & NFS_MOUNT_NORDIRPLUS)
+ server->caps &= ~NFS_CAP_READDIRPLUS;
+ if (server->nfs_client->cl_proto == XPRT_TRANSPORT_RDMA)
+ server->caps &= ~NFS_CAP_READ_PLUS;
+
+ /*
+ * Don't use NFS uid/gid mapping if we're using AUTH_SYS or lower
+ * authentication.
+ */
+ if (nfs4_disable_idmapping &&
+ server->client->cl_auth->au_flavor == RPC_AUTH_UNIX)
+ server->caps |= NFS_CAP_UIDGID_NOMAP;
+#endif
+}
+
+void nfs_server_set_init_caps(struct nfs_server *server)
+{
+ switch (server->nfs_client->rpc_ops->version) {
+ case 2:
+ server->caps = NFS_CAP_HARDLINKS | NFS_CAP_SYMLINKS;
+ break;
+ case 3:
+ server->caps = NFS_CAP_HARDLINKS | NFS_CAP_SYMLINKS;
+ if (!(server->flags & NFS_MOUNT_NORDIRPLUS))
+ server->caps |= NFS_CAP_READDIRPLUS;
+ break;
+ default:
+ nfs4_server_set_init_caps(server);
+ break;
+ }
+}
+EXPORT_SYMBOL_GPL(nfs_server_set_init_caps);
+
/*
* Create a version 2 or 3 client
*/
@@ -726,7 +764,6 @@ static int nfs_init_server(struct nfs_server *server,
/* Initialise the client representation from the mount data */
server->flags = ctx->flags;
server->options = ctx->options;
- server->caps |= NFS_CAP_HARDLINKS | NFS_CAP_SYMLINKS;
switch (clp->rpc_ops->version) {
case 2:
@@ -762,6 +799,8 @@ static int nfs_init_server(struct nfs_server *server,
if (error < 0)
goto error;
+ nfs_server_set_init_caps(server);
+
/* Preserve the values of mount_server-related mount options */
if (ctx->mount_server.addrlen) {
memcpy(&server->mountd_address, &ctx->mount_server.address,
@@ -934,7 +973,6 @@ void nfs_server_copy_userdata(struct nfs_server *target, struct nfs_server *sour
target->acregmax = source->acregmax;
target->acdirmin = source->acdirmin;
target->acdirmax = source->acdirmax;
- target->caps = source->caps;
target->options = source->options;
target->auth_info = source->auth_info;
target->port = source->port;
@@ -1169,6 +1207,8 @@ struct nfs_server *nfs_clone_server(struct nfs_server *source,
if (error < 0)
goto out_free_server;
+ nfs_server_set_init_caps(server);
+
/* probe the filesystem info for this server filesystem */
error = nfs_probe_server(server, fh);
if (error < 0)
diff --git a/fs/nfs/internal.h b/fs/nfs/internal.h
index 0143e0794d32..1a18d8d9be25 100644
--- a/fs/nfs/internal.h
+++ b/fs/nfs/internal.h
@@ -231,7 +231,7 @@ extern struct nfs_client *
nfs4_find_client_sessionid(struct net *, const struct sockaddr *,
struct nfs4_sessionid *, u32);
extern struct nfs_server *nfs_create_server(struct fs_context *);
-extern void nfs4_server_set_init_caps(struct nfs_server *);
+extern void nfs_server_set_init_caps(struct nfs_server *);
extern struct nfs_server *nfs4_create_server(struct fs_context *);
extern struct nfs_server *nfs4_create_referral_server(struct fs_context *);
extern int nfs4_update_server(struct nfs_server *server, const char *hostname,
diff --git a/fs/nfs/nfs4client.c b/fs/nfs/nfs4client.c
index 2ea98f1f116f..6fddf43d729c 100644
--- a/fs/nfs/nfs4client.c
+++ b/fs/nfs/nfs4client.c
@@ -1074,24 +1074,6 @@ static void nfs4_session_limit_xasize(struct nfs_server *server)
#endif
}
-void nfs4_server_set_init_caps(struct nfs_server *server)
-{
- /* Set the basic capabilities */
- server->caps |= server->nfs_client->cl_mvops->init_caps;
- if (server->flags & NFS_MOUNT_NORDIRPLUS)
- server->caps &= ~NFS_CAP_READDIRPLUS;
- if (server->nfs_client->cl_proto == XPRT_TRANSPORT_RDMA)
- server->caps &= ~NFS_CAP_READ_PLUS;
-
- /*
- * Don't use NFS uid/gid mapping if we're using AUTH_SYS or lower
- * authentication.
- */
- if (nfs4_disable_idmapping &&
- server->client->cl_auth->au_flavor == RPC_AUTH_UNIX)
- server->caps |= NFS_CAP_UIDGID_NOMAP;
-}
-
static int nfs4_server_common_setup(struct nfs_server *server,
struct nfs_fh *mntfh, bool auth_probe)
{
@@ -1110,7 +1092,7 @@ static int nfs4_server_common_setup(struct nfs_server *server,
if (error < 0)
return error;
- nfs4_server_set_init_caps(server);
+ nfs_server_set_init_caps(server);
/* Probe the root fh to retrieve its FSID and filehandle */
error = nfs4_get_rootfh(server, mntfh, auth_probe);
diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c
index d7dc669d84c5..c7c7ec22f21d 100644
--- a/fs/nfs/nfs4proc.c
+++ b/fs/nfs/nfs4proc.c
@@ -4092,7 +4092,7 @@ int nfs4_server_capabilities(struct nfs_server *server, struct nfs_fh *fhandle)
};
int err;
- nfs4_server_set_init_caps(server);
+ nfs_server_set_init_caps(server);
do {
err = nfs4_handle_exception(server,
_nfs4_server_capabilities(server, fhandle),
1 month
- 2
- 4
FAILED: patch "[PATCH] nfsd: handle get_client_locked() failure in" failed to apply to 5.4-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.4-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y
git checkout FETCH_HEAD
git cherry-pick -x 908e4ead7f757504d8b345452730636e298cbf68
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081525-comprised-nastily-418e@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 908e4ead7f757504d8b345452730636e298cbf68 Mon Sep 17 00:00:00 2001
From: Jeff Layton <jlayton(a)kernel.org>
Date: Wed, 4 Jun 2025 12:01:10 -0400
Subject: [PATCH] nfsd: handle get_client_locked() failure in
nfsd4_setclientid_confirm()
Lei Lu recently reported that nfsd4_setclientid_confirm() did not check
the return value from get_client_locked(). a SETCLIENTID_CONFIRM could
race with a confirmed client expiring and fail to get a reference. That
could later lead to a UAF.
Fix this by getting a reference early in the case where there is an
extant confirmed client. If that fails then treat it as if there were no
confirmed client found at all.
In the case where the unconfirmed client is expiring, just fail and
return the result from get_client_locked().
Reported-by: lei lu <llfamsec(a)gmail.com>
Closes: https://lore.kernel.org/linux-nfs/CAEBF3_b=UvqzNKdnfD_52L05Mqrqui9vZ2eFamgA…
Fixes: d20c11d86d8f ("nfsd: Protect session creation and client confirm using client_lock")
Cc: stable(a)vger.kernel.org
Signed-off-by: Jeff Layton <jlayton(a)kernel.org>
Signed-off-by: Chuck Lever <chuck.lever(a)oracle.com>
diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c
index a0e3fa2718c7..95d88555648d 100644
--- a/fs/nfsd/nfs4state.c
+++ b/fs/nfsd/nfs4state.c
@@ -4690,10 +4690,16 @@ nfsd4_setclientid_confirm(struct svc_rqst *rqstp,
}
status = nfs_ok;
if (conf) {
- old = unconf;
- unhash_client_locked(old);
- nfsd4_change_callback(conf, &unconf->cl_cb_conn);
- } else {
+ if (get_client_locked(conf) == nfs_ok) {
+ old = unconf;
+ unhash_client_locked(old);
+ nfsd4_change_callback(conf, &unconf->cl_cb_conn);
+ } else {
+ conf = NULL;
+ }
+ }
+
+ if (!conf) {
old = find_confirmed_client_by_name(&unconf->cl_name, nn);
if (old) {
status = nfserr_clid_inuse;
@@ -4710,10 +4716,14 @@ nfsd4_setclientid_confirm(struct svc_rqst *rqstp,
}
trace_nfsd_clid_replaced(&old->cl_clientid);
}
+ status = get_client_locked(unconf);
+ if (status != nfs_ok) {
+ old = NULL;
+ goto out;
+ }
move_to_confirmed(unconf);
conf = unconf;
}
- get_client_locked(conf);
spin_unlock(&nn->client_lock);
if (conf == unconf)
fsnotify_dentry(conf->cl_nfsd_info_dentry, FS_MODIFY);
1 month
- 2
- 1
FAILED: patch "[PATCH] net: enetc: fix device and OF node leak at probe" failed to apply to 5.15-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.15-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y
git checkout FETCH_HEAD
git cherry-pick -x 70458f8a6b44daf3ad39f0d9b6d1097c8a7780ed
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081557-glimmer-distill-dc47@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 70458f8a6b44daf3ad39f0d9b6d1097c8a7780ed Mon Sep 17 00:00:00 2001
From: Johan Hovold <johan(a)kernel.org>
Date: Fri, 25 Jul 2025 19:12:10 +0200
Subject: [PATCH] net: enetc: fix device and OF node leak at probe
Make sure to drop the references to the IERB OF node and platform device
taken by of_parse_phandle() and of_find_device_by_node() during probe.
Fixes: e7d48e5fbf30 ("net: enetc: add a mini driver for the Integrated Endpoint Register Block")
Cc: stable(a)vger.kernel.org # 5.13
Cc: Vladimir Oltean <vladimir.oltean(a)nxp.com>
Signed-off-by: Johan Hovold <johan(a)kernel.org>
Reviewed-by: Simon Horman <horms(a)kernel.org>
Link: https://patch.msgid.link/20250725171213.880-3-johan@kernel.org
Signed-off-by: Jakub Kicinski <kuba(a)kernel.org>
diff --git a/drivers/net/ethernet/freescale/enetc/enetc_pf.c b/drivers/net/ethernet/freescale/enetc/enetc_pf.c
index f63a29e2e031..de0fb272c847 100644
--- a/drivers/net/ethernet/freescale/enetc/enetc_pf.c
+++ b/drivers/net/ethernet/freescale/enetc/enetc_pf.c
@@ -829,19 +829,29 @@ static int enetc_pf_register_with_ierb(struct pci_dev *pdev)
{
struct platform_device *ierb_pdev;
struct device_node *ierb_node;
+ int ret;
ierb_node = of_find_compatible_node(NULL, NULL,
"fsl,ls1028a-enetc-ierb");
- if (!ierb_node || !of_device_is_available(ierb_node))
+ if (!ierb_node)
return -ENODEV;
+ if (!of_device_is_available(ierb_node)) {
+ of_node_put(ierb_node);
+ return -ENODEV;
+ }
+
ierb_pdev = of_find_device_by_node(ierb_node);
of_node_put(ierb_node);
if (!ierb_pdev)
return -EPROBE_DEFER;
- return enetc_ierb_register_pf(ierb_pdev, pdev);
+ ret = enetc_ierb_register_pf(ierb_pdev, pdev);
+
+ put_device(&ierb_pdev->dev);
+
+ return ret;
}
static const struct enetc_si_ops enetc_psi_ops = {
1 month
- 2
- 1
FAILED: patch "[PATCH] NFS: Fix the setting of capabilities when automounting a new" failed to apply to 5.15-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.15-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y
git checkout FETCH_HEAD
git cherry-pick -x b01f21cacde9f2878492cf318fee61bf4ccad323
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081556-hazard-eccentric-fcb9@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From b01f21cacde9f2878492cf318fee61bf4ccad323 Mon Sep 17 00:00:00 2001
From: Trond Myklebust <trond.myklebust(a)hammerspace.com>
Date: Sun, 3 Aug 2025 14:31:59 -0700
Subject: [PATCH] NFS: Fix the setting of capabilities when automounting a new
filesystem
Capabilities cannot be inherited when we cross into a new filesystem.
They need to be reset to the minimal defaults, and then probed for
again.
Fixes: 54ceac451598 ("NFS: Share NFS superblocks per-protocol per-server per-FSID")
Cc: stable(a)vger.kernel.org
Reviewed-by: Benjamin Coddington <bcodding(a)redhat.com>
Signed-off-by: Trond Myklebust <trond.myklebust(a)hammerspace.com>
diff --git a/fs/nfs/client.c b/fs/nfs/client.c
index e13eb429b8b5..8fb4a950dd55 100644
--- a/fs/nfs/client.c
+++ b/fs/nfs/client.c
@@ -682,6 +682,44 @@ struct nfs_client *nfs_init_client(struct nfs_client *clp,
}
EXPORT_SYMBOL_GPL(nfs_init_client);
+static void nfs4_server_set_init_caps(struct nfs_server *server)
+{
+#if IS_ENABLED(CONFIG_NFS_V4)
+ /* Set the basic capabilities */
+ server->caps = server->nfs_client->cl_mvops->init_caps;
+ if (server->flags & NFS_MOUNT_NORDIRPLUS)
+ server->caps &= ~NFS_CAP_READDIRPLUS;
+ if (server->nfs_client->cl_proto == XPRT_TRANSPORT_RDMA)
+ server->caps &= ~NFS_CAP_READ_PLUS;
+
+ /*
+ * Don't use NFS uid/gid mapping if we're using AUTH_SYS or lower
+ * authentication.
+ */
+ if (nfs4_disable_idmapping &&
+ server->client->cl_auth->au_flavor == RPC_AUTH_UNIX)
+ server->caps |= NFS_CAP_UIDGID_NOMAP;
+#endif
+}
+
+void nfs_server_set_init_caps(struct nfs_server *server)
+{
+ switch (server->nfs_client->rpc_ops->version) {
+ case 2:
+ server->caps = NFS_CAP_HARDLINKS | NFS_CAP_SYMLINKS;
+ break;
+ case 3:
+ server->caps = NFS_CAP_HARDLINKS | NFS_CAP_SYMLINKS;
+ if (!(server->flags & NFS_MOUNT_NORDIRPLUS))
+ server->caps |= NFS_CAP_READDIRPLUS;
+ break;
+ default:
+ nfs4_server_set_init_caps(server);
+ break;
+ }
+}
+EXPORT_SYMBOL_GPL(nfs_server_set_init_caps);
+
/*
* Create a version 2 or 3 client
*/
@@ -726,7 +764,6 @@ static int nfs_init_server(struct nfs_server *server,
/* Initialise the client representation from the mount data */
server->flags = ctx->flags;
server->options = ctx->options;
- server->caps |= NFS_CAP_HARDLINKS | NFS_CAP_SYMLINKS;
switch (clp->rpc_ops->version) {
case 2:
@@ -762,6 +799,8 @@ static int nfs_init_server(struct nfs_server *server,
if (error < 0)
goto error;
+ nfs_server_set_init_caps(server);
+
/* Preserve the values of mount_server-related mount options */
if (ctx->mount_server.addrlen) {
memcpy(&server->mountd_address, &ctx->mount_server.address,
@@ -934,7 +973,6 @@ void nfs_server_copy_userdata(struct nfs_server *target, struct nfs_server *sour
target->acregmax = source->acregmax;
target->acdirmin = source->acdirmin;
target->acdirmax = source->acdirmax;
- target->caps = source->caps;
target->options = source->options;
target->auth_info = source->auth_info;
target->port = source->port;
@@ -1169,6 +1207,8 @@ struct nfs_server *nfs_clone_server(struct nfs_server *source,
if (error < 0)
goto out_free_server;
+ nfs_server_set_init_caps(server);
+
/* probe the filesystem info for this server filesystem */
error = nfs_probe_server(server, fh);
if (error < 0)
diff --git a/fs/nfs/internal.h b/fs/nfs/internal.h
index 0143e0794d32..1a18d8d9be25 100644
--- a/fs/nfs/internal.h
+++ b/fs/nfs/internal.h
@@ -231,7 +231,7 @@ extern struct nfs_client *
nfs4_find_client_sessionid(struct net *, const struct sockaddr *,
struct nfs4_sessionid *, u32);
extern struct nfs_server *nfs_create_server(struct fs_context *);
-extern void nfs4_server_set_init_caps(struct nfs_server *);
+extern void nfs_server_set_init_caps(struct nfs_server *);
extern struct nfs_server *nfs4_create_server(struct fs_context *);
extern struct nfs_server *nfs4_create_referral_server(struct fs_context *);
extern int nfs4_update_server(struct nfs_server *server, const char *hostname,
diff --git a/fs/nfs/nfs4client.c b/fs/nfs/nfs4client.c
index 2ea98f1f116f..6fddf43d729c 100644
--- a/fs/nfs/nfs4client.c
+++ b/fs/nfs/nfs4client.c
@@ -1074,24 +1074,6 @@ static void nfs4_session_limit_xasize(struct nfs_server *server)
#endif
}
-void nfs4_server_set_init_caps(struct nfs_server *server)
-{
- /* Set the basic capabilities */
- server->caps |= server->nfs_client->cl_mvops->init_caps;
- if (server->flags & NFS_MOUNT_NORDIRPLUS)
- server->caps &= ~NFS_CAP_READDIRPLUS;
- if (server->nfs_client->cl_proto == XPRT_TRANSPORT_RDMA)
- server->caps &= ~NFS_CAP_READ_PLUS;
-
- /*
- * Don't use NFS uid/gid mapping if we're using AUTH_SYS or lower
- * authentication.
- */
- if (nfs4_disable_idmapping &&
- server->client->cl_auth->au_flavor == RPC_AUTH_UNIX)
- server->caps |= NFS_CAP_UIDGID_NOMAP;
-}
-
static int nfs4_server_common_setup(struct nfs_server *server,
struct nfs_fh *mntfh, bool auth_probe)
{
@@ -1110,7 +1092,7 @@ static int nfs4_server_common_setup(struct nfs_server *server,
if (error < 0)
return error;
- nfs4_server_set_init_caps(server);
+ nfs_server_set_init_caps(server);
/* Probe the root fh to retrieve its FSID and filehandle */
error = nfs4_get_rootfh(server, mntfh, auth_probe);
diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c
index d7dc669d84c5..c7c7ec22f21d 100644
--- a/fs/nfs/nfs4proc.c
+++ b/fs/nfs/nfs4proc.c
@@ -4092,7 +4092,7 @@ int nfs4_server_capabilities(struct nfs_server *server, struct nfs_fh *fhandle)
};
int err;
- nfs4_server_set_init_caps(server);
+ nfs_server_set_init_caps(server);
do {
err = nfs4_handle_exception(server,
_nfs4_server_capabilities(server, fhandle),
1 month
- 2
- 2
FAILED: patch "[PATCH] net: enetc: fix device and OF node leak at probe" failed to apply to 6.1-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.1-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y
git checkout FETCH_HEAD
git cherry-pick -x 70458f8a6b44daf3ad39f0d9b6d1097c8a7780ed
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081556-icon-nursing-ee42@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 70458f8a6b44daf3ad39f0d9b6d1097c8a7780ed Mon Sep 17 00:00:00 2001
From: Johan Hovold <johan(a)kernel.org>
Date: Fri, 25 Jul 2025 19:12:10 +0200
Subject: [PATCH] net: enetc: fix device and OF node leak at probe
Make sure to drop the references to the IERB OF node and platform device
taken by of_parse_phandle() and of_find_device_by_node() during probe.
Fixes: e7d48e5fbf30 ("net: enetc: add a mini driver for the Integrated Endpoint Register Block")
Cc: stable(a)vger.kernel.org # 5.13
Cc: Vladimir Oltean <vladimir.oltean(a)nxp.com>
Signed-off-by: Johan Hovold <johan(a)kernel.org>
Reviewed-by: Simon Horman <horms(a)kernel.org>
Link: https://patch.msgid.link/20250725171213.880-3-johan@kernel.org
Signed-off-by: Jakub Kicinski <kuba(a)kernel.org>
diff --git a/drivers/net/ethernet/freescale/enetc/enetc_pf.c b/drivers/net/ethernet/freescale/enetc/enetc_pf.c
index f63a29e2e031..de0fb272c847 100644
--- a/drivers/net/ethernet/freescale/enetc/enetc_pf.c
+++ b/drivers/net/ethernet/freescale/enetc/enetc_pf.c
@@ -829,19 +829,29 @@ static int enetc_pf_register_with_ierb(struct pci_dev *pdev)
{
struct platform_device *ierb_pdev;
struct device_node *ierb_node;
+ int ret;
ierb_node = of_find_compatible_node(NULL, NULL,
"fsl,ls1028a-enetc-ierb");
- if (!ierb_node || !of_device_is_available(ierb_node))
+ if (!ierb_node)
return -ENODEV;
+ if (!of_device_is_available(ierb_node)) {
+ of_node_put(ierb_node);
+ return -ENODEV;
+ }
+
ierb_pdev = of_find_device_by_node(ierb_node);
of_node_put(ierb_node);
if (!ierb_pdev)
return -EPROBE_DEFER;
- return enetc_ierb_register_pf(ierb_pdev, pdev);
+ ret = enetc_ierb_register_pf(ierb_pdev, pdev);
+
+ put_device(&ierb_pdev->dev);
+
+ return ret;
}
static const struct enetc_si_ops enetc_psi_ops = {
1 month
- 2
- 1
FAILED: patch "[PATCH] leds: flash: leds-qcom-flash: Fix registry access after" failed to apply to 6.6-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.6-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y
git checkout FETCH_HEAD
git cherry-pick -x fab15f57360b1e6620a1d0d6b0fbee896e6c1f07
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081544-skillet-cofounder-e278@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From fab15f57360b1e6620a1d0d6b0fbee896e6c1f07 Mon Sep 17 00:00:00 2001
From: Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org>
Date: Thu, 29 May 2025 08:33:36 +0200
Subject: [PATCH] leds: flash: leds-qcom-flash: Fix registry access after
re-bind
Driver in probe() updates each of 'reg_field' with 'reg_base':
for (i = 0; i < REG_MAX_COUNT; i++)
regs[i].reg += reg_base;
'reg_field' array (under variable 'regs' above) is statically allocated,
thus each re-bind would add another 'reg_base' leading to bogus
register addresses. Constify the local 'reg_field' array and duplicate
it in probe to solve this.
Fixes: 96a2e242a5dc ("leds: flash: Add driver to support flash LED module in QCOM PMICs")
Cc: stable(a)vger.kernel.org
Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org>
Reviewed-by: Fenglin Wu <fenglin.wu(a)oss.qualcomm.com>
Link: https://lore.kernel.org/r/20250529063335.8785-2-krzysztof.kozlowski@linaro.…
Signed-off-by: Lee Jones <lee(a)kernel.org>
diff --git a/drivers/leds/flash/leds-qcom-flash.c b/drivers/leds/flash/leds-qcom-flash.c
index b4c19be51c4d..89cf5120f5d5 100644
--- a/drivers/leds/flash/leds-qcom-flash.c
+++ b/drivers/leds/flash/leds-qcom-flash.c
@@ -117,7 +117,7 @@ enum {
REG_MAX_COUNT,
};
-static struct reg_field mvflash_3ch_regs[REG_MAX_COUNT] = {
+static const struct reg_field mvflash_3ch_regs[REG_MAX_COUNT] = {
REG_FIELD(0x08, 0, 7), /* status1 */
REG_FIELD(0x09, 0, 7), /* status2 */
REG_FIELD(0x0a, 0, 7), /* status3 */
@@ -132,7 +132,7 @@ static struct reg_field mvflash_3ch_regs[REG_MAX_COUNT] = {
REG_FIELD(0x58, 0, 2), /* therm_thrsh3 */
};
-static struct reg_field mvflash_4ch_regs[REG_MAX_COUNT] = {
+static const struct reg_field mvflash_4ch_regs[REG_MAX_COUNT] = {
REG_FIELD(0x06, 0, 7), /* status1 */
REG_FIELD(0x07, 0, 6), /* status2 */
REG_FIELD(0x09, 0, 7), /* status3 */
@@ -854,11 +854,17 @@ static int qcom_flash_led_probe(struct platform_device *pdev)
if (val == FLASH_SUBTYPE_3CH_PM8150_VAL || val == FLASH_SUBTYPE_3CH_PMI8998_VAL) {
flash_data->hw_type = QCOM_MVFLASH_3CH;
flash_data->max_channels = 3;
- regs = mvflash_3ch_regs;
+ regs = devm_kmemdup(dev, mvflash_3ch_regs, sizeof(mvflash_3ch_regs),
+ GFP_KERNEL);
+ if (!regs)
+ return -ENOMEM;
} else if (val == FLASH_SUBTYPE_4CH_VAL) {
flash_data->hw_type = QCOM_MVFLASH_4CH;
flash_data->max_channels = 4;
- regs = mvflash_4ch_regs;
+ regs = devm_kmemdup(dev, mvflash_4ch_regs, sizeof(mvflash_4ch_regs),
+ GFP_KERNEL);
+ if (!regs)
+ return -ENOMEM;
rc = regmap_read(regmap, reg_base + FLASH_REVISION_REG, &val);
if (rc < 0) {
@@ -880,6 +886,7 @@ static int qcom_flash_led_probe(struct platform_device *pdev)
dev_err(dev, "Failed to allocate regmap field, rc=%d\n", rc);
return rc;
}
+ devm_kfree(dev, regs); /* devm_regmap_field_bulk_alloc() makes copies */
platform_set_drvdata(pdev, flash_data);
mutex_init(&flash_data->lock);
1 month
- 2
- 2
[PATCH 6.6] sched/fair: Fix frequency selection for non-invariant case
by Wentao Guan
Hi,
Please apply the commit e37617c8e53a1f7fcba6d5e1041f4fd8a2425c27,
it fix the REGRESSION by ada8d7fa0ad49a2a078f97f7f6e02d24d3c357a3
("sched/cpufreq: Rework schedutil governor performance estimation") which
introduced in v6.6.89.
Best Regards
Wentao Guan
1 month
- 3
- 5
FAILED: patch "[PATCH] arm64: dts: ti: k3-j722s-evm: Fix USB gpio-hog level for" failed to apply to 6.12-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.12-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.12.y
git checkout FETCH_HEAD
git cherry-pick -x 65ba2a6e77e9e5c843a591055789050e77b5c65e
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081521-dangle-drapery-9a9a@gregkh' --subject-prefix 'PATCH 6.12.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 65ba2a6e77e9e5c843a591055789050e77b5c65e Mon Sep 17 00:00:00 2001
From: Siddharth Vadapalli <s-vadapalli(a)ti.com>
Date: Mon, 23 Jun 2025 15:36:57 +0530
Subject: [PATCH] arm64: dts: ti: k3-j722s-evm: Fix USB gpio-hog level for
Type-C
According to the "GPIO Expander Map / Table" section of the J722S EVM
Schematic within the Evaluation Module Design Files package [0], the
GPIO Pin P05 located on the GPIO Expander 1 (I2C0/0x23) has to be pulled
down to select the Type-C interface. Since commit under Fixes claims to
enable the Type-C interface, update the property within "p05-hog" from
"output-high" to "output-low", thereby switching from the Type-A
interface to the Type-C interface.
[0]: https://www.ti.com/lit/zip/sprr495
Cc: stable(a)vger.kernel.org
Fixes: 485705df5d5f ("arm64: dts: ti: k3-j722s: Enable PCIe and USB support on J722S-EVM")
Signed-off-by: Siddharth Vadapalli <s-vadapalli(a)ti.com>
Link: https://lore.kernel.org/r/20250623100657.4082031-1-s-vadapalli@ti.com
Signed-off-by: Vignesh Raghavendra <vigneshr(a)ti.com>
diff --git a/arch/arm64/boot/dts/ti/k3-j722s-evm.dts b/arch/arm64/boot/dts/ti/k3-j722s-evm.dts
index a47852fdca70..d0533723412a 100644
--- a/arch/arm64/boot/dts/ti/k3-j722s-evm.dts
+++ b/arch/arm64/boot/dts/ti/k3-j722s-evm.dts
@@ -634,7 +634,7 @@ p05-hog {
/* P05 - USB2.0_MUX_SEL */
gpio-hog;
gpios = <5 GPIO_ACTIVE_LOW>;
- output-high;
+ output-low;
};
p01_hog: p01-hog {
1 month
- 2
- 2
FAILED: patch "[PATCH] eventpoll: Fix semi-unbounded recursion" failed to apply to 5.4-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.4-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y
git checkout FETCH_HEAD
git cherry-pick -x f2e467a48287c868818085aa35389a224d226732
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081535-enrage-raging-295b@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From f2e467a48287c868818085aa35389a224d226732 Mon Sep 17 00:00:00 2001
From: Jann Horn <jannh(a)google.com>
Date: Fri, 11 Jul 2025 18:33:36 +0200
Subject: [PATCH] eventpoll: Fix semi-unbounded recursion
Ensure that epoll instances can never form a graph deeper than
EP_MAX_NESTS+1 links.
Currently, ep_loop_check_proc() ensures that the graph is loop-free and
does some recursion depth checks, but those recursion depth checks don't
limit the depth of the resulting tree for two reasons:
- They don't look upwards in the tree.
- If there are multiple downwards paths of different lengths, only one of
the paths is actually considered for the depth check since commit
28d82dc1c4ed ("epoll: limit paths").
Essentially, the current recursion depth check in ep_loop_check_proc() just
serves to prevent it from recursing too deeply while checking for loops.
A more thorough check is done in reverse_path_check() after the new graph
edge has already been created; this checks, among other things, that no
paths going upwards from any non-epoll file with a length of more than 5
edges exist. However, this check does not apply to non-epoll files.
As a result, it is possible to recurse to a depth of at least roughly 500,
tested on v6.15. (I am unsure if deeper recursion is possible; and this may
have changed with commit 8c44dac8add7 ("eventpoll: Fix priority inversion
problem").)
To fix it:
1. In ep_loop_check_proc(), note the subtree depth of each visited node,
and use subtree depths for the total depth calculation even when a subtree
has already been visited.
2. Add ep_get_upwards_depth_proc() for similarly determining the maximum
depth of an upwards walk.
3. In ep_loop_check(), use these values to limit the total path length
between epoll nodes to EP_MAX_NESTS edges.
Fixes: 22bacca48a17 ("epoll: prevent creating circular epoll structures")
Cc: stable(a)vger.kernel.org
Signed-off-by: Jann Horn <jannh(a)google.com>
Link: https://lore.kernel.org/20250711-epoll-recursion-fix-v1-1-fb2457c33292@goog…
Signed-off-by: Christian Brauner <brauner(a)kernel.org>
diff --git a/fs/eventpoll.c b/fs/eventpoll.c
index d4dbffdedd08..44648cc09250 100644
--- a/fs/eventpoll.c
+++ b/fs/eventpoll.c
@@ -218,6 +218,7 @@ struct eventpoll {
/* used to optimize loop detection check */
u64 gen;
struct hlist_head refs;
+ u8 loop_check_depth;
/*
* usage count, used together with epitem->dying to
@@ -2142,23 +2143,24 @@ static int ep_poll(struct eventpoll *ep, struct epoll_event __user *events,
}
/**
- * ep_loop_check_proc - verify that adding an epoll file inside another
- * epoll structure does not violate the constraints, in
- * terms of closed loops, or too deep chains (which can
- * result in excessive stack usage).
+ * ep_loop_check_proc - verify that adding an epoll file @ep inside another
+ * epoll file does not create closed loops, and
+ * determine the depth of the subtree starting at @ep
*
* @ep: the &struct eventpoll to be currently checked.
* @depth: Current depth of the path being checked.
*
- * Return: %zero if adding the epoll @file inside current epoll
- * structure @ep does not violate the constraints, or %-1 otherwise.
+ * Return: depth of the subtree, or INT_MAX if we found a loop or went too deep.
*/
static int ep_loop_check_proc(struct eventpoll *ep, int depth)
{
- int error = 0;
+ int result = 0;
struct rb_node *rbp;
struct epitem *epi;
+ if (ep->gen == loop_check_gen)
+ return ep->loop_check_depth;
+
mutex_lock_nested(&ep->mtx, depth + 1);
ep->gen = loop_check_gen;
for (rbp = rb_first_cached(&ep->rbr); rbp; rbp = rb_next(rbp)) {
@@ -2166,13 +2168,11 @@ static int ep_loop_check_proc(struct eventpoll *ep, int depth)
if (unlikely(is_file_epoll(epi->ffd.file))) {
struct eventpoll *ep_tovisit;
ep_tovisit = epi->ffd.file->private_data;
- if (ep_tovisit->gen == loop_check_gen)
- continue;
if (ep_tovisit == inserting_into || depth > EP_MAX_NESTS)
- error = -1;
+ result = INT_MAX;
else
- error = ep_loop_check_proc(ep_tovisit, depth + 1);
- if (error != 0)
+ result = max(result, ep_loop_check_proc(ep_tovisit, depth + 1) + 1);
+ if (result > EP_MAX_NESTS)
break;
} else {
/*
@@ -2186,9 +2186,27 @@ static int ep_loop_check_proc(struct eventpoll *ep, int depth)
list_file(epi->ffd.file);
}
}
+ ep->loop_check_depth = result;
mutex_unlock(&ep->mtx);
- return error;
+ return result;
+}
+
+/**
+ * ep_get_upwards_depth_proc - determine depth of @ep when traversed upwards
+ */
+static int ep_get_upwards_depth_proc(struct eventpoll *ep, int depth)
+{
+ int result = 0;
+ struct epitem *epi;
+
+ if (ep->gen == loop_check_gen)
+ return ep->loop_check_depth;
+ hlist_for_each_entry_rcu(epi, &ep->refs, fllink)
+ result = max(result, ep_get_upwards_depth_proc(epi->ep, depth + 1) + 1);
+ ep->gen = loop_check_gen;
+ ep->loop_check_depth = result;
+ return result;
}
/**
@@ -2204,8 +2222,22 @@ static int ep_loop_check_proc(struct eventpoll *ep, int depth)
*/
static int ep_loop_check(struct eventpoll *ep, struct eventpoll *to)
{
+ int depth, upwards_depth;
+
inserting_into = ep;
- return ep_loop_check_proc(to, 0);
+ /*
+ * Check how deep down we can get from @to, and whether it is possible
+ * to loop up to @ep.
+ */
+ depth = ep_loop_check_proc(to, 0);
+ if (depth > EP_MAX_NESTS)
+ return -1;
+ /* Check how far up we can go from @ep. */
+ rcu_read_lock();
+ upwards_depth = ep_get_upwards_depth_proc(ep, 0);
+ rcu_read_unlock();
+
+ return (depth+1+upwards_depth > EP_MAX_NESTS) ? -1 : 0;
}
static void clear_tfile_check_list(void)
1 month
- 1
- 0
FAILED: patch "[PATCH] eventpoll: Fix semi-unbounded recursion" failed to apply to 5.10-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.10-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y
git checkout FETCH_HEAD
git cherry-pick -x f2e467a48287c868818085aa35389a224d226732
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081534-circling-deepen-8561@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From f2e467a48287c868818085aa35389a224d226732 Mon Sep 17 00:00:00 2001
From: Jann Horn <jannh(a)google.com>
Date: Fri, 11 Jul 2025 18:33:36 +0200
Subject: [PATCH] eventpoll: Fix semi-unbounded recursion
Ensure that epoll instances can never form a graph deeper than
EP_MAX_NESTS+1 links.
Currently, ep_loop_check_proc() ensures that the graph is loop-free and
does some recursion depth checks, but those recursion depth checks don't
limit the depth of the resulting tree for two reasons:
- They don't look upwards in the tree.
- If there are multiple downwards paths of different lengths, only one of
the paths is actually considered for the depth check since commit
28d82dc1c4ed ("epoll: limit paths").
Essentially, the current recursion depth check in ep_loop_check_proc() just
serves to prevent it from recursing too deeply while checking for loops.
A more thorough check is done in reverse_path_check() after the new graph
edge has already been created; this checks, among other things, that no
paths going upwards from any non-epoll file with a length of more than 5
edges exist. However, this check does not apply to non-epoll files.
As a result, it is possible to recurse to a depth of at least roughly 500,
tested on v6.15. (I am unsure if deeper recursion is possible; and this may
have changed with commit 8c44dac8add7 ("eventpoll: Fix priority inversion
problem").)
To fix it:
1. In ep_loop_check_proc(), note the subtree depth of each visited node,
and use subtree depths for the total depth calculation even when a subtree
has already been visited.
2. Add ep_get_upwards_depth_proc() for similarly determining the maximum
depth of an upwards walk.
3. In ep_loop_check(), use these values to limit the total path length
between epoll nodes to EP_MAX_NESTS edges.
Fixes: 22bacca48a17 ("epoll: prevent creating circular epoll structures")
Cc: stable(a)vger.kernel.org
Signed-off-by: Jann Horn <jannh(a)google.com>
Link: https://lore.kernel.org/20250711-epoll-recursion-fix-v1-1-fb2457c33292@goog…
Signed-off-by: Christian Brauner <brauner(a)kernel.org>
diff --git a/fs/eventpoll.c b/fs/eventpoll.c
index d4dbffdedd08..44648cc09250 100644
--- a/fs/eventpoll.c
+++ b/fs/eventpoll.c
@@ -218,6 +218,7 @@ struct eventpoll {
/* used to optimize loop detection check */
u64 gen;
struct hlist_head refs;
+ u8 loop_check_depth;
/*
* usage count, used together with epitem->dying to
@@ -2142,23 +2143,24 @@ static int ep_poll(struct eventpoll *ep, struct epoll_event __user *events,
}
/**
- * ep_loop_check_proc - verify that adding an epoll file inside another
- * epoll structure does not violate the constraints, in
- * terms of closed loops, or too deep chains (which can
- * result in excessive stack usage).
+ * ep_loop_check_proc - verify that adding an epoll file @ep inside another
+ * epoll file does not create closed loops, and
+ * determine the depth of the subtree starting at @ep
*
* @ep: the &struct eventpoll to be currently checked.
* @depth: Current depth of the path being checked.
*
- * Return: %zero if adding the epoll @file inside current epoll
- * structure @ep does not violate the constraints, or %-1 otherwise.
+ * Return: depth of the subtree, or INT_MAX if we found a loop or went too deep.
*/
static int ep_loop_check_proc(struct eventpoll *ep, int depth)
{
- int error = 0;
+ int result = 0;
struct rb_node *rbp;
struct epitem *epi;
+ if (ep->gen == loop_check_gen)
+ return ep->loop_check_depth;
+
mutex_lock_nested(&ep->mtx, depth + 1);
ep->gen = loop_check_gen;
for (rbp = rb_first_cached(&ep->rbr); rbp; rbp = rb_next(rbp)) {
@@ -2166,13 +2168,11 @@ static int ep_loop_check_proc(struct eventpoll *ep, int depth)
if (unlikely(is_file_epoll(epi->ffd.file))) {
struct eventpoll *ep_tovisit;
ep_tovisit = epi->ffd.file->private_data;
- if (ep_tovisit->gen == loop_check_gen)
- continue;
if (ep_tovisit == inserting_into || depth > EP_MAX_NESTS)
- error = -1;
+ result = INT_MAX;
else
- error = ep_loop_check_proc(ep_tovisit, depth + 1);
- if (error != 0)
+ result = max(result, ep_loop_check_proc(ep_tovisit, depth + 1) + 1);
+ if (result > EP_MAX_NESTS)
break;
} else {
/*
@@ -2186,9 +2186,27 @@ static int ep_loop_check_proc(struct eventpoll *ep, int depth)
list_file(epi->ffd.file);
}
}
+ ep->loop_check_depth = result;
mutex_unlock(&ep->mtx);
- return error;
+ return result;
+}
+
+/**
+ * ep_get_upwards_depth_proc - determine depth of @ep when traversed upwards
+ */
+static int ep_get_upwards_depth_proc(struct eventpoll *ep, int depth)
+{
+ int result = 0;
+ struct epitem *epi;
+
+ if (ep->gen == loop_check_gen)
+ return ep->loop_check_depth;
+ hlist_for_each_entry_rcu(epi, &ep->refs, fllink)
+ result = max(result, ep_get_upwards_depth_proc(epi->ep, depth + 1) + 1);
+ ep->gen = loop_check_gen;
+ ep->loop_check_depth = result;
+ return result;
}
/**
@@ -2204,8 +2222,22 @@ static int ep_loop_check_proc(struct eventpoll *ep, int depth)
*/
static int ep_loop_check(struct eventpoll *ep, struct eventpoll *to)
{
+ int depth, upwards_depth;
+
inserting_into = ep;
- return ep_loop_check_proc(to, 0);
+ /*
+ * Check how deep down we can get from @to, and whether it is possible
+ * to loop up to @ep.
+ */
+ depth = ep_loop_check_proc(to, 0);
+ if (depth > EP_MAX_NESTS)
+ return -1;
+ /* Check how far up we can go from @ep. */
+ rcu_read_lock();
+ upwards_depth = ep_get_upwards_depth_proc(ep, 0);
+ rcu_read_unlock();
+
+ return (depth+1+upwards_depth > EP_MAX_NESTS) ? -1 : 0;
}
static void clear_tfile_check_list(void)
1 month
- 1
- 0
Re:
by Greg KH
On Wed, Aug 13, 2025 at 06:25:32PM +0100, Jon Hunter wrote:
> On Wed, Aug 13, 2025 at 08:48:28AM -0700, Jon Hunter wrote:
> > On Tue, 12 Aug 2025 19:43:28 +0200, Greg Kroah-Hartman wrote:
> > > This is the start of the stable review cycle for the 6.15.10 release.
> > > There are 480 patches in this series, all will be posted as a response
> > > to this one. If anyone has any issues with these being applied, please
> > > let me know.
> > >
> > > Responses should be made by Thu, 14 Aug 2025 17:42:20 +0000.
> > > Anything received after that time might be too late.
> > >
> > > The whole patch series can be found in one patch at:
> > > https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.15.10-rc…
> > > or in the git tree and branch at:
> > > git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.15.y
> > > and the diffstat can be found below.
> > >
> > > thanks,
> > >
> > > greg k-h
> >
> > Failures detected for Tegra ...
> >
> > Test results for stable-v6.15:
> > 10 builds: 10 pass, 0 fail
> > 28 boots: 28 pass, 0 fail
> > 120 tests: 119 pass, 1 fail
> >
> > Linux version: 6.15.10-rc1-g2510f67e2e34
> > Boards tested: tegra124-jetson-tk1, tegra186-p2771-0000,
> > tegra186-p3509-0000+p3636-0001, tegra194-p2972-0000,
> > tegra194-p3509-0000+p3668-0000, tegra20-ventana,
> > tegra210-p2371-2180, tegra210-p3450-0000,
> > tegra30-cardhu-a04
> >
> > Test failures: tegra194-p2972-0000: boot.py
>
> I am seeing the following kernel warning for both linux-6.15.y and linux-6.16.y …
>
> WARNING KERN sched: DL replenish lagged too much
>
> I believe that this is introduced by …
>
> Peter Zijlstra <peterz(a)infradead.org>
> sched/deadline: Less agressive dl_server handling
>
> This has been reported here: https://lore.kernel.org/all/CAMuHMdXn4z1pioTtBGMfQM0jsLviqS2jwysaWXpoLxWYoG…
I've now dropped this.
Is that causing the test failure for you?
thanks,
greg k-h
1 month
- 2
- 2
FAILED: patch "[PATCH] lib/crypto: arm64/poly1305: Fix register corruption in" failed to apply to 5.4-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.4-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y
git checkout FETCH_HEAD
git cherry-pick -x eec76ea5a7213c48529a46eed1b343e5cee3aaab
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081559-frighten-antivirus-2da1@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From eec76ea5a7213c48529a46eed1b343e5cee3aaab Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers(a)kernel.org>
Date: Sun, 6 Jul 2025 16:10:58 -0700
Subject: [PATCH] lib/crypto: arm64/poly1305: Fix register corruption in
no-SIMD contexts
Restore the SIMD usability check that was removed by commit a59e5468a921
("crypto: arm64/poly1305 - Add block-only interface").
This safety check is cheap and is well worth eliminating a footgun.
While the Poly1305 functions should not be called when SIMD registers
are unusable, if they are anyway, they should just do the right thing
instead of corrupting random tasks' registers and/or computing incorrect
MACs. Fixing this is also needed for poly1305_kunit to pass.
Just use may_use_simd() instead of the original crypto_simd_usable(),
since poly1305_kunit won't rely on crypto_simd_disabled_for_test.
Fixes: a59e5468a921 ("crypto: arm64/poly1305 - Add block-only interface")
Cc: stable(a)vger.kernel.org
Reviewed-by: Ard Biesheuvel <ardb(a)kernel.org>
Link: https://lore.kernel.org/r/20250706231100.176113-4-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers(a)kernel.org>
diff --git a/lib/crypto/arm64/poly1305-glue.c b/lib/crypto/arm64/poly1305-glue.c
index c9a74766785b..31aea21ce42f 100644
--- a/lib/crypto/arm64/poly1305-glue.c
+++ b/lib/crypto/arm64/poly1305-glue.c
@@ -7,6 +7,7 @@
#include <asm/hwcap.h>
#include <asm/neon.h>
+#include <asm/simd.h>
#include <crypto/internal/poly1305.h>
#include <linux/cpufeature.h>
#include <linux/jump_label.h>
@@ -33,7 +34,7 @@ void poly1305_blocks_arch(struct poly1305_block_state *state, const u8 *src,
unsigned int len, u32 padbit)
{
len = round_down(len, POLY1305_BLOCK_SIZE);
- if (static_branch_likely(&have_neon)) {
+ if (static_branch_likely(&have_neon) && likely(may_use_simd())) {
do {
unsigned int todo = min_t(unsigned int, len, SZ_4K);
1 month
- 1
- 0
FAILED: patch "[PATCH] lib/crypto: arm64/poly1305: Fix register corruption in" failed to apply to 5.10-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.10-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y
git checkout FETCH_HEAD
git cherry-pick -x eec76ea5a7213c48529a46eed1b343e5cee3aaab
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081558-designate-eatery-407a@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From eec76ea5a7213c48529a46eed1b343e5cee3aaab Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers(a)kernel.org>
Date: Sun, 6 Jul 2025 16:10:58 -0700
Subject: [PATCH] lib/crypto: arm64/poly1305: Fix register corruption in
no-SIMD contexts
Restore the SIMD usability check that was removed by commit a59e5468a921
("crypto: arm64/poly1305 - Add block-only interface").
This safety check is cheap and is well worth eliminating a footgun.
While the Poly1305 functions should not be called when SIMD registers
are unusable, if they are anyway, they should just do the right thing
instead of corrupting random tasks' registers and/or computing incorrect
MACs. Fixing this is also needed for poly1305_kunit to pass.
Just use may_use_simd() instead of the original crypto_simd_usable(),
since poly1305_kunit won't rely on crypto_simd_disabled_for_test.
Fixes: a59e5468a921 ("crypto: arm64/poly1305 - Add block-only interface")
Cc: stable(a)vger.kernel.org
Reviewed-by: Ard Biesheuvel <ardb(a)kernel.org>
Link: https://lore.kernel.org/r/20250706231100.176113-4-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers(a)kernel.org>
diff --git a/lib/crypto/arm64/poly1305-glue.c b/lib/crypto/arm64/poly1305-glue.c
index c9a74766785b..31aea21ce42f 100644
--- a/lib/crypto/arm64/poly1305-glue.c
+++ b/lib/crypto/arm64/poly1305-glue.c
@@ -7,6 +7,7 @@
#include <asm/hwcap.h>
#include <asm/neon.h>
+#include <asm/simd.h>
#include <crypto/internal/poly1305.h>
#include <linux/cpufeature.h>
#include <linux/jump_label.h>
@@ -33,7 +34,7 @@ void poly1305_blocks_arch(struct poly1305_block_state *state, const u8 *src,
unsigned int len, u32 padbit)
{
len = round_down(len, POLY1305_BLOCK_SIZE);
- if (static_branch_likely(&have_neon)) {
+ if (static_branch_likely(&have_neon) && likely(may_use_simd())) {
do {
unsigned int todo = min_t(unsigned int, len, SZ_4K);
1 month
- 1
- 0
FAILED: patch "[PATCH] lib/crypto: arm64/poly1305: Fix register corruption in" failed to apply to 5.15-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.15-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y
git checkout FETCH_HEAD
git cherry-pick -x eec76ea5a7213c48529a46eed1b343e5cee3aaab
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081558-kissable-seducing-8159@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From eec76ea5a7213c48529a46eed1b343e5cee3aaab Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers(a)kernel.org>
Date: Sun, 6 Jul 2025 16:10:58 -0700
Subject: [PATCH] lib/crypto: arm64/poly1305: Fix register corruption in
no-SIMD contexts
Restore the SIMD usability check that was removed by commit a59e5468a921
("crypto: arm64/poly1305 - Add block-only interface").
This safety check is cheap and is well worth eliminating a footgun.
While the Poly1305 functions should not be called when SIMD registers
are unusable, if they are anyway, they should just do the right thing
instead of corrupting random tasks' registers and/or computing incorrect
MACs. Fixing this is also needed for poly1305_kunit to pass.
Just use may_use_simd() instead of the original crypto_simd_usable(),
since poly1305_kunit won't rely on crypto_simd_disabled_for_test.
Fixes: a59e5468a921 ("crypto: arm64/poly1305 - Add block-only interface")
Cc: stable(a)vger.kernel.org
Reviewed-by: Ard Biesheuvel <ardb(a)kernel.org>
Link: https://lore.kernel.org/r/20250706231100.176113-4-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers(a)kernel.org>
diff --git a/lib/crypto/arm64/poly1305-glue.c b/lib/crypto/arm64/poly1305-glue.c
index c9a74766785b..31aea21ce42f 100644
--- a/lib/crypto/arm64/poly1305-glue.c
+++ b/lib/crypto/arm64/poly1305-glue.c
@@ -7,6 +7,7 @@
#include <asm/hwcap.h>
#include <asm/neon.h>
+#include <asm/simd.h>
#include <crypto/internal/poly1305.h>
#include <linux/cpufeature.h>
#include <linux/jump_label.h>
@@ -33,7 +34,7 @@ void poly1305_blocks_arch(struct poly1305_block_state *state, const u8 *src,
unsigned int len, u32 padbit)
{
len = round_down(len, POLY1305_BLOCK_SIZE);
- if (static_branch_likely(&have_neon)) {
+ if (static_branch_likely(&have_neon) && likely(may_use_simd())) {
do {
unsigned int todo = min_t(unsigned int, len, SZ_4K);
1 month
- 1
- 0
FAILED: patch "[PATCH] lib/crypto: arm64/poly1305: Fix register corruption in" failed to apply to 6.1-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.1-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y
git checkout FETCH_HEAD
git cherry-pick -x eec76ea5a7213c48529a46eed1b343e5cee3aaab
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081557-unnatural-unexpired-089f@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From eec76ea5a7213c48529a46eed1b343e5cee3aaab Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers(a)kernel.org>
Date: Sun, 6 Jul 2025 16:10:58 -0700
Subject: [PATCH] lib/crypto: arm64/poly1305: Fix register corruption in
no-SIMD contexts
Restore the SIMD usability check that was removed by commit a59e5468a921
("crypto: arm64/poly1305 - Add block-only interface").
This safety check is cheap and is well worth eliminating a footgun.
While the Poly1305 functions should not be called when SIMD registers
are unusable, if they are anyway, they should just do the right thing
instead of corrupting random tasks' registers and/or computing incorrect
MACs. Fixing this is also needed for poly1305_kunit to pass.
Just use may_use_simd() instead of the original crypto_simd_usable(),
since poly1305_kunit won't rely on crypto_simd_disabled_for_test.
Fixes: a59e5468a921 ("crypto: arm64/poly1305 - Add block-only interface")
Cc: stable(a)vger.kernel.org
Reviewed-by: Ard Biesheuvel <ardb(a)kernel.org>
Link: https://lore.kernel.org/r/20250706231100.176113-4-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers(a)kernel.org>
diff --git a/lib/crypto/arm64/poly1305-glue.c b/lib/crypto/arm64/poly1305-glue.c
index c9a74766785b..31aea21ce42f 100644
--- a/lib/crypto/arm64/poly1305-glue.c
+++ b/lib/crypto/arm64/poly1305-glue.c
@@ -7,6 +7,7 @@
#include <asm/hwcap.h>
#include <asm/neon.h>
+#include <asm/simd.h>
#include <crypto/internal/poly1305.h>
#include <linux/cpufeature.h>
#include <linux/jump_label.h>
@@ -33,7 +34,7 @@ void poly1305_blocks_arch(struct poly1305_block_state *state, const u8 *src,
unsigned int len, u32 padbit)
{
len = round_down(len, POLY1305_BLOCK_SIZE);
- if (static_branch_likely(&have_neon)) {
+ if (static_branch_likely(&have_neon) && likely(may_use_simd())) {
do {
unsigned int todo = min_t(unsigned int, len, SZ_4K);
1 month
- 1
- 0
FAILED: patch "[PATCH] lib/crypto: arm64/poly1305: Fix register corruption in" failed to apply to 6.6-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.6-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y
git checkout FETCH_HEAD
git cherry-pick -x eec76ea5a7213c48529a46eed1b343e5cee3aaab
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081557-sinless-cleat-22ee@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From eec76ea5a7213c48529a46eed1b343e5cee3aaab Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers(a)kernel.org>
Date: Sun, 6 Jul 2025 16:10:58 -0700
Subject: [PATCH] lib/crypto: arm64/poly1305: Fix register corruption in
no-SIMD contexts
Restore the SIMD usability check that was removed by commit a59e5468a921
("crypto: arm64/poly1305 - Add block-only interface").
This safety check is cheap and is well worth eliminating a footgun.
While the Poly1305 functions should not be called when SIMD registers
are unusable, if they are anyway, they should just do the right thing
instead of corrupting random tasks' registers and/or computing incorrect
MACs. Fixing this is also needed for poly1305_kunit to pass.
Just use may_use_simd() instead of the original crypto_simd_usable(),
since poly1305_kunit won't rely on crypto_simd_disabled_for_test.
Fixes: a59e5468a921 ("crypto: arm64/poly1305 - Add block-only interface")
Cc: stable(a)vger.kernel.org
Reviewed-by: Ard Biesheuvel <ardb(a)kernel.org>
Link: https://lore.kernel.org/r/20250706231100.176113-4-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers(a)kernel.org>
diff --git a/lib/crypto/arm64/poly1305-glue.c b/lib/crypto/arm64/poly1305-glue.c
index c9a74766785b..31aea21ce42f 100644
--- a/lib/crypto/arm64/poly1305-glue.c
+++ b/lib/crypto/arm64/poly1305-glue.c
@@ -7,6 +7,7 @@
#include <asm/hwcap.h>
#include <asm/neon.h>
+#include <asm/simd.h>
#include <crypto/internal/poly1305.h>
#include <linux/cpufeature.h>
#include <linux/jump_label.h>
@@ -33,7 +34,7 @@ void poly1305_blocks_arch(struct poly1305_block_state *state, const u8 *src,
unsigned int len, u32 padbit)
{
len = round_down(len, POLY1305_BLOCK_SIZE);
- if (static_branch_likely(&have_neon)) {
+ if (static_branch_likely(&have_neon) && likely(may_use_simd())) {
do {
unsigned int todo = min_t(unsigned int, len, SZ_4K);
1 month
- 1
- 0
FAILED: patch "[PATCH] lib/crypto: arm64/poly1305: Fix register corruption in" failed to apply to 6.12-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.12-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.12.y
git checkout FETCH_HEAD
git cherry-pick -x eec76ea5a7213c48529a46eed1b343e5cee3aaab
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081556-relish-alongside-9c22@gregkh' --subject-prefix 'PATCH 6.12.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From eec76ea5a7213c48529a46eed1b343e5cee3aaab Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers(a)kernel.org>
Date: Sun, 6 Jul 2025 16:10:58 -0700
Subject: [PATCH] lib/crypto: arm64/poly1305: Fix register corruption in
no-SIMD contexts
Restore the SIMD usability check that was removed by commit a59e5468a921
("crypto: arm64/poly1305 - Add block-only interface").
This safety check is cheap and is well worth eliminating a footgun.
While the Poly1305 functions should not be called when SIMD registers
are unusable, if they are anyway, they should just do the right thing
instead of corrupting random tasks' registers and/or computing incorrect
MACs. Fixing this is also needed for poly1305_kunit to pass.
Just use may_use_simd() instead of the original crypto_simd_usable(),
since poly1305_kunit won't rely on crypto_simd_disabled_for_test.
Fixes: a59e5468a921 ("crypto: arm64/poly1305 - Add block-only interface")
Cc: stable(a)vger.kernel.org
Reviewed-by: Ard Biesheuvel <ardb(a)kernel.org>
Link: https://lore.kernel.org/r/20250706231100.176113-4-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers(a)kernel.org>
diff --git a/lib/crypto/arm64/poly1305-glue.c b/lib/crypto/arm64/poly1305-glue.c
index c9a74766785b..31aea21ce42f 100644
--- a/lib/crypto/arm64/poly1305-glue.c
+++ b/lib/crypto/arm64/poly1305-glue.c
@@ -7,6 +7,7 @@
#include <asm/hwcap.h>
#include <asm/neon.h>
+#include <asm/simd.h>
#include <crypto/internal/poly1305.h>
#include <linux/cpufeature.h>
#include <linux/jump_label.h>
@@ -33,7 +34,7 @@ void poly1305_blocks_arch(struct poly1305_block_state *state, const u8 *src,
unsigned int len, u32 padbit)
{
len = round_down(len, POLY1305_BLOCK_SIZE);
- if (static_branch_likely(&have_neon)) {
+ if (static_branch_likely(&have_neon) && likely(may_use_simd())) {
do {
unsigned int todo = min_t(unsigned int, len, SZ_4K);
1 month
- 1
- 0
FAILED: patch "[PATCH] lib/crypto: arm64/poly1305: Fix register corruption in" failed to apply to 6.15-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.15-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.15.y
git checkout FETCH_HEAD
git cherry-pick -x eec76ea5a7213c48529a46eed1b343e5cee3aaab
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081556-septic-skeleton-d360@gregkh' --subject-prefix 'PATCH 6.15.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From eec76ea5a7213c48529a46eed1b343e5cee3aaab Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers(a)kernel.org>
Date: Sun, 6 Jul 2025 16:10:58 -0700
Subject: [PATCH] lib/crypto: arm64/poly1305: Fix register corruption in
no-SIMD contexts
Restore the SIMD usability check that was removed by commit a59e5468a921
("crypto: arm64/poly1305 - Add block-only interface").
This safety check is cheap and is well worth eliminating a footgun.
While the Poly1305 functions should not be called when SIMD registers
are unusable, if they are anyway, they should just do the right thing
instead of corrupting random tasks' registers and/or computing incorrect
MACs. Fixing this is also needed for poly1305_kunit to pass.
Just use may_use_simd() instead of the original crypto_simd_usable(),
since poly1305_kunit won't rely on crypto_simd_disabled_for_test.
Fixes: a59e5468a921 ("crypto: arm64/poly1305 - Add block-only interface")
Cc: stable(a)vger.kernel.org
Reviewed-by: Ard Biesheuvel <ardb(a)kernel.org>
Link: https://lore.kernel.org/r/20250706231100.176113-4-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers(a)kernel.org>
diff --git a/lib/crypto/arm64/poly1305-glue.c b/lib/crypto/arm64/poly1305-glue.c
index c9a74766785b..31aea21ce42f 100644
--- a/lib/crypto/arm64/poly1305-glue.c
+++ b/lib/crypto/arm64/poly1305-glue.c
@@ -7,6 +7,7 @@
#include <asm/hwcap.h>
#include <asm/neon.h>
+#include <asm/simd.h>
#include <crypto/internal/poly1305.h>
#include <linux/cpufeature.h>
#include <linux/jump_label.h>
@@ -33,7 +34,7 @@ void poly1305_blocks_arch(struct poly1305_block_state *state, const u8 *src,
unsigned int len, u32 padbit)
{
len = round_down(len, POLY1305_BLOCK_SIZE);
- if (static_branch_likely(&have_neon)) {
+ if (static_branch_likely(&have_neon) && likely(may_use_simd())) {
do {
unsigned int todo = min_t(unsigned int, len, SZ_4K);
1 month
- 1
- 0
[PATCH] netfs: Fix unbuffered write error handling
by David Howells
If all the subrequests in an unbuffered write stream fail, the subrequest
collector doesn't update the stream->transferred value and it retains its
initial LONG_MAX value. Unfortunately, if all active streams fail, then we
take the smallest value of { LONG_MAX, LONG_MAX, ... } as the value to set
in wreq->transferred - which is then returned from ->write_iter().
LONG_MAX was chosen as the initial value so that all the streams can be
quickly assessed by taking the smallest value of all stream->transferred -
but this only works if we've set any of them.
Fix this by adding a flag to indicate whether the value in
stream->transferred is valid and checking that when we integrate the
values. stream->transferred can then be initialised to zero.
This was found by running the generic/750 xfstest against cifs with
cache=none. It splices data to the target file. Once (if) it has used up
all the available scratch space, the writes start failing with ENOSPC.
This causes ->write_iter() to fail. However, it was returning
wreq->transferred, i.e. LONG_MAX, rather than an error (because it thought
the amount transferred was non-zero) and iter_file_splice_write() would
then try to clean up that amount of pipe bufferage - leading to an oops
when it overran. The kernel log showed:
CIFS: VFS: Send error in write = -28
followed by:
BUG: kernel NULL pointer dereference, address: 0000000000000008
with:
RIP: 0010:iter_file_splice_write+0x3a4/0x520
do_splice+0x197/0x4e0
or:
RIP: 0010:pipe_buf_release (include/linux/pipe_fs_i.h:282)
iter_file_splice_write (fs/splice.c:755)
Also put a warning check into splice to announce if ->write_iter() returned
that it had written more than it was asked to.
Fixes: 288ace2f57c9 ("netfs: New writeback implementation")
Reported-by: Xiaoli Feng <fengxiaoli0714(a)gmail.com>
Closes: https://bugzilla.kernel.org/show_bug.cgi?id=220445
Signed-off-by: David Howells <dhowells(a)redhat.com>
cc: Paulo Alcantara <pc(a)manguebit.org>
cc: Steve French <sfrench(a)samba.org>
cc: Shyam Prasad N <sprasad(a)microsoft.com>
cc: netfs(a)lists.linux.dev
cc: linux-cifs(a)vger.kernel.org
cc: linux-fsdevel(a)vger.kernel.org
cc: stable(a)vger.kernel.org
---
fs/netfs/read_collect.c | 4 +++-
fs/netfs/write_collect.c | 10 ++++++++--
fs/netfs/write_issue.c | 4 ++--
fs/splice.c | 3 +++
include/linux/netfs.h | 1 +
5 files changed, 17 insertions(+), 5 deletions(-)
diff --git a/fs/netfs/read_collect.c b/fs/netfs/read_collect.c
index 3e804da1e1eb..a95e7aadafd0 100644
--- a/fs/netfs/read_collect.c
+++ b/fs/netfs/read_collect.c
@@ -281,8 +281,10 @@ static void netfs_collect_read_results(struct netfs_io_request *rreq)
} else if (test_bit(NETFS_RREQ_SHORT_TRANSFER, &rreq->flags)) {
notes |= MADE_PROGRESS;
} else {
- if (!stream->failed)
+ if (!stream->failed) {
stream->transferred += transferred;
+ stream->transferred_valid = true;
+ }
if (front->transferred < front->len)
set_bit(NETFS_RREQ_SHORT_TRANSFER, &rreq->flags);
notes |= MADE_PROGRESS;
diff --git a/fs/netfs/write_collect.c b/fs/netfs/write_collect.c
index 0f3a36852a4d..cbf3d9194c7b 100644
--- a/fs/netfs/write_collect.c
+++ b/fs/netfs/write_collect.c
@@ -254,6 +254,7 @@ static void netfs_collect_write_results(struct netfs_io_request *wreq)
if (front->start + front->transferred > stream->collected_to) {
stream->collected_to = front->start + front->transferred;
stream->transferred = stream->collected_to - wreq->start;
+ stream->transferred_valid = true;
notes |= MADE_PROGRESS;
}
if (test_bit(NETFS_SREQ_FAILED, &front->flags)) {
@@ -356,6 +357,7 @@ bool netfs_write_collection(struct netfs_io_request *wreq)
{
struct netfs_inode *ictx = netfs_inode(wreq->inode);
size_t transferred;
+ bool transferred_valid = false;
int s;
_enter("R=%x", wreq->debug_id);
@@ -376,12 +378,16 @@ bool netfs_write_collection(struct netfs_io_request *wreq)
continue;
if (!list_empty(&stream->subrequests))
return false;
- if (stream->transferred < transferred)
+ if (stream->transferred_valid &&
+ stream->transferred < transferred) {
transferred = stream->transferred;
+ transferred_valid = true;
+ }
}
/* Okay, declare that all I/O is complete. */
- wreq->transferred = transferred;
+ if (transferred_valid)
+ wreq->transferred = transferred;
trace_netfs_rreq(wreq, netfs_rreq_trace_write_done);
if (wreq->io_streams[1].active &&
diff --git a/fs/netfs/write_issue.c b/fs/netfs/write_issue.c
index 50bee2c4130d..0584cba1a043 100644
--- a/fs/netfs/write_issue.c
+++ b/fs/netfs/write_issue.c
@@ -118,12 +118,12 @@ struct netfs_io_request *netfs_create_write_req(struct address_space *mapping,
wreq->io_streams[0].prepare_write = ictx->ops->prepare_write;
wreq->io_streams[0].issue_write = ictx->ops->issue_write;
wreq->io_streams[0].collected_to = start;
- wreq->io_streams[0].transferred = LONG_MAX;
+ wreq->io_streams[0].transferred = 0;
wreq->io_streams[1].stream_nr = 1;
wreq->io_streams[1].source = NETFS_WRITE_TO_CACHE;
wreq->io_streams[1].collected_to = start;
- wreq->io_streams[1].transferred = LONG_MAX;
+ wreq->io_streams[1].transferred = 0;
if (fscache_resources_valid(&wreq->cache_resources)) {
wreq->io_streams[1].avail = true;
wreq->io_streams[1].active = true;
diff --git a/fs/splice.c b/fs/splice.c
index 4d6df083e0c0..f5094b6d00a0 100644
--- a/fs/splice.c
+++ b/fs/splice.c
@@ -739,6 +739,9 @@ iter_file_splice_write(struct pipe_inode_info *pipe, struct file *out,
sd.pos = kiocb.ki_pos;
if (ret <= 0)
break;
+ WARN_ONCE(ret > sd.total_len - left,
+ "Splice Exceeded! ret=%zd tot=%zu left=%zu\n",
+ ret, sd.total_len, left);
sd.num_spliced += ret;
sd.total_len -= ret;
diff --git a/include/linux/netfs.h b/include/linux/netfs.h
index 185bd8196503..98c96d649bf9 100644
--- a/include/linux/netfs.h
+++ b/include/linux/netfs.h
@@ -150,6 +150,7 @@ struct netfs_io_stream {
bool active; /* T if stream is active */
bool need_retry; /* T if this stream needs retrying */
bool failed; /* T if this stream failed */
+ bool transferred_valid; /* T is ->transferred is valid */
};
/*
1 month
- 3
- 2
FAILED: patch "[PATCH] lib/crypto: x86/poly1305: Fix register corruption in no-SIMD" failed to apply to 5.4-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.4-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y
git checkout FETCH_HEAD
git cherry-pick -x 16f2c30e290e04135b70ad374fb7e1d1ed9ff5e7
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081509-octopus-proponent-0409@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 16f2c30e290e04135b70ad374fb7e1d1ed9ff5e7 Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers(a)kernel.org>
Date: Sun, 6 Jul 2025 16:10:59 -0700
Subject: [PATCH] lib/crypto: x86/poly1305: Fix register corruption in no-SIMD
contexts
Restore the SIMD usability check and base conversion that were removed
by commit 318c53ae02f2 ("crypto: x86/poly1305 - Add block-only
interface").
This safety check is cheap and is well worth eliminating a footgun.
While the Poly1305 functions should not be called when SIMD registers
are unusable, if they are anyway, they should just do the right thing
instead of corrupting random tasks' registers and/or computing incorrect
MACs. Fixing this is also needed for poly1305_kunit to pass.
Just use irq_fpu_usable() instead of the original crypto_simd_usable(),
since poly1305_kunit won't rely on crypto_simd_disabled_for_test.
Fixes: 318c53ae02f2 ("crypto: x86/poly1305 - Add block-only interface")
Cc: stable(a)vger.kernel.org
Reviewed-by: Ard Biesheuvel <ardb(a)kernel.org>
Link: https://lore.kernel.org/r/20250706231100.176113-5-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers(a)kernel.org>
diff --git a/lib/crypto/x86/poly1305_glue.c b/lib/crypto/x86/poly1305_glue.c
index b7e78a583e07..968d84677631 100644
--- a/lib/crypto/x86/poly1305_glue.c
+++ b/lib/crypto/x86/poly1305_glue.c
@@ -25,6 +25,42 @@ struct poly1305_arch_internal {
struct { u32 r2, r1, r4, r3; } rn[9];
};
+/*
+ * The AVX code uses base 2^26, while the scalar code uses base 2^64. If we hit
+ * the unfortunate situation of using AVX and then having to go back to scalar
+ * -- because the user is silly and has called the update function from two
+ * separate contexts -- then we need to convert back to the original base before
+ * proceeding. It is possible to reason that the initial reduction below is
+ * sufficient given the implementation invariants. However, for an avoidance of
+ * doubt and because this is not performance critical, we do the full reduction
+ * anyway. Z3 proof of below function: https://xn--4db.cc/ltPtHCKN/py
+ */
+static void convert_to_base2_64(void *ctx)
+{
+ struct poly1305_arch_internal *state = ctx;
+ u32 cy;
+
+ if (!state->is_base2_26)
+ return;
+
+ cy = state->h[0] >> 26; state->h[0] &= 0x3ffffff; state->h[1] += cy;
+ cy = state->h[1] >> 26; state->h[1] &= 0x3ffffff; state->h[2] += cy;
+ cy = state->h[2] >> 26; state->h[2] &= 0x3ffffff; state->h[3] += cy;
+ cy = state->h[3] >> 26; state->h[3] &= 0x3ffffff; state->h[4] += cy;
+ state->hs[0] = ((u64)state->h[2] << 52) | ((u64)state->h[1] << 26) | state->h[0];
+ state->hs[1] = ((u64)state->h[4] << 40) | ((u64)state->h[3] << 14) | (state->h[2] >> 12);
+ state->hs[2] = state->h[4] >> 24;
+ /* Unsigned Less Than: branchlessly produces 1 if a < b, else 0. */
+#define ULT(a, b) ((a ^ ((a ^ b) | ((a - b) ^ b))) >> (sizeof(a) * 8 - 1))
+ cy = (state->hs[2] >> 2) + (state->hs[2] & ~3ULL);
+ state->hs[2] &= 3;
+ state->hs[0] += cy;
+ state->hs[1] += (cy = ULT(state->hs[0], cy));
+ state->hs[2] += ULT(state->hs[1], cy);
+#undef ULT
+ state->is_base2_26 = 0;
+}
+
asmlinkage void poly1305_block_init_arch(
struct poly1305_block_state *state,
const u8 raw_key[POLY1305_BLOCK_SIZE]);
@@ -62,7 +98,9 @@ void poly1305_blocks_arch(struct poly1305_block_state *state, const u8 *inp,
BUILD_BUG_ON(SZ_4K < POLY1305_BLOCK_SIZE ||
SZ_4K % POLY1305_BLOCK_SIZE);
- if (!static_branch_likely(&poly1305_use_avx)) {
+ if (!static_branch_likely(&poly1305_use_avx) ||
+ unlikely(!irq_fpu_usable())) {
+ convert_to_base2_64(ctx);
poly1305_blocks_x86_64(ctx, inp, len, padbit);
return;
}
1 month
- 1
- 0
FAILED: patch "[PATCH] lib/crypto: x86/poly1305: Fix register corruption in no-SIMD" failed to apply to 5.10-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.10-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y
git checkout FETCH_HEAD
git cherry-pick -x 16f2c30e290e04135b70ad374fb7e1d1ed9ff5e7
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081508-pelt-scouting-b79c@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 16f2c30e290e04135b70ad374fb7e1d1ed9ff5e7 Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers(a)kernel.org>
Date: Sun, 6 Jul 2025 16:10:59 -0700
Subject: [PATCH] lib/crypto: x86/poly1305: Fix register corruption in no-SIMD
contexts
Restore the SIMD usability check and base conversion that were removed
by commit 318c53ae02f2 ("crypto: x86/poly1305 - Add block-only
interface").
This safety check is cheap and is well worth eliminating a footgun.
While the Poly1305 functions should not be called when SIMD registers
are unusable, if they are anyway, they should just do the right thing
instead of corrupting random tasks' registers and/or computing incorrect
MACs. Fixing this is also needed for poly1305_kunit to pass.
Just use irq_fpu_usable() instead of the original crypto_simd_usable(),
since poly1305_kunit won't rely on crypto_simd_disabled_for_test.
Fixes: 318c53ae02f2 ("crypto: x86/poly1305 - Add block-only interface")
Cc: stable(a)vger.kernel.org
Reviewed-by: Ard Biesheuvel <ardb(a)kernel.org>
Link: https://lore.kernel.org/r/20250706231100.176113-5-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers(a)kernel.org>
diff --git a/lib/crypto/x86/poly1305_glue.c b/lib/crypto/x86/poly1305_glue.c
index b7e78a583e07..968d84677631 100644
--- a/lib/crypto/x86/poly1305_glue.c
+++ b/lib/crypto/x86/poly1305_glue.c
@@ -25,6 +25,42 @@ struct poly1305_arch_internal {
struct { u32 r2, r1, r4, r3; } rn[9];
};
+/*
+ * The AVX code uses base 2^26, while the scalar code uses base 2^64. If we hit
+ * the unfortunate situation of using AVX and then having to go back to scalar
+ * -- because the user is silly and has called the update function from two
+ * separate contexts -- then we need to convert back to the original base before
+ * proceeding. It is possible to reason that the initial reduction below is
+ * sufficient given the implementation invariants. However, for an avoidance of
+ * doubt and because this is not performance critical, we do the full reduction
+ * anyway. Z3 proof of below function: https://xn--4db.cc/ltPtHCKN/py
+ */
+static void convert_to_base2_64(void *ctx)
+{
+ struct poly1305_arch_internal *state = ctx;
+ u32 cy;
+
+ if (!state->is_base2_26)
+ return;
+
+ cy = state->h[0] >> 26; state->h[0] &= 0x3ffffff; state->h[1] += cy;
+ cy = state->h[1] >> 26; state->h[1] &= 0x3ffffff; state->h[2] += cy;
+ cy = state->h[2] >> 26; state->h[2] &= 0x3ffffff; state->h[3] += cy;
+ cy = state->h[3] >> 26; state->h[3] &= 0x3ffffff; state->h[4] += cy;
+ state->hs[0] = ((u64)state->h[2] << 52) | ((u64)state->h[1] << 26) | state->h[0];
+ state->hs[1] = ((u64)state->h[4] << 40) | ((u64)state->h[3] << 14) | (state->h[2] >> 12);
+ state->hs[2] = state->h[4] >> 24;
+ /* Unsigned Less Than: branchlessly produces 1 if a < b, else 0. */
+#define ULT(a, b) ((a ^ ((a ^ b) | ((a - b) ^ b))) >> (sizeof(a) * 8 - 1))
+ cy = (state->hs[2] >> 2) + (state->hs[2] & ~3ULL);
+ state->hs[2] &= 3;
+ state->hs[0] += cy;
+ state->hs[1] += (cy = ULT(state->hs[0], cy));
+ state->hs[2] += ULT(state->hs[1], cy);
+#undef ULT
+ state->is_base2_26 = 0;
+}
+
asmlinkage void poly1305_block_init_arch(
struct poly1305_block_state *state,
const u8 raw_key[POLY1305_BLOCK_SIZE]);
@@ -62,7 +98,9 @@ void poly1305_blocks_arch(struct poly1305_block_state *state, const u8 *inp,
BUILD_BUG_ON(SZ_4K < POLY1305_BLOCK_SIZE ||
SZ_4K % POLY1305_BLOCK_SIZE);
- if (!static_branch_likely(&poly1305_use_avx)) {
+ if (!static_branch_likely(&poly1305_use_avx) ||
+ unlikely(!irq_fpu_usable())) {
+ convert_to_base2_64(ctx);
poly1305_blocks_x86_64(ctx, inp, len, padbit);
return;
}
1 month
- 1
- 0
FAILED: patch "[PATCH] lib/crypto: x86/poly1305: Fix register corruption in no-SIMD" failed to apply to 5.15-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.15-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y
git checkout FETCH_HEAD
git cherry-pick -x 16f2c30e290e04135b70ad374fb7e1d1ed9ff5e7
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081508-handcart-oversweet-f21e@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 16f2c30e290e04135b70ad374fb7e1d1ed9ff5e7 Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers(a)kernel.org>
Date: Sun, 6 Jul 2025 16:10:59 -0700
Subject: [PATCH] lib/crypto: x86/poly1305: Fix register corruption in no-SIMD
contexts
Restore the SIMD usability check and base conversion that were removed
by commit 318c53ae02f2 ("crypto: x86/poly1305 - Add block-only
interface").
This safety check is cheap and is well worth eliminating a footgun.
While the Poly1305 functions should not be called when SIMD registers
are unusable, if they are anyway, they should just do the right thing
instead of corrupting random tasks' registers and/or computing incorrect
MACs. Fixing this is also needed for poly1305_kunit to pass.
Just use irq_fpu_usable() instead of the original crypto_simd_usable(),
since poly1305_kunit won't rely on crypto_simd_disabled_for_test.
Fixes: 318c53ae02f2 ("crypto: x86/poly1305 - Add block-only interface")
Cc: stable(a)vger.kernel.org
Reviewed-by: Ard Biesheuvel <ardb(a)kernel.org>
Link: https://lore.kernel.org/r/20250706231100.176113-5-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers(a)kernel.org>
diff --git a/lib/crypto/x86/poly1305_glue.c b/lib/crypto/x86/poly1305_glue.c
index b7e78a583e07..968d84677631 100644
--- a/lib/crypto/x86/poly1305_glue.c
+++ b/lib/crypto/x86/poly1305_glue.c
@@ -25,6 +25,42 @@ struct poly1305_arch_internal {
struct { u32 r2, r1, r4, r3; } rn[9];
};
+/*
+ * The AVX code uses base 2^26, while the scalar code uses base 2^64. If we hit
+ * the unfortunate situation of using AVX and then having to go back to scalar
+ * -- because the user is silly and has called the update function from two
+ * separate contexts -- then we need to convert back to the original base before
+ * proceeding. It is possible to reason that the initial reduction below is
+ * sufficient given the implementation invariants. However, for an avoidance of
+ * doubt and because this is not performance critical, we do the full reduction
+ * anyway. Z3 proof of below function: https://xn--4db.cc/ltPtHCKN/py
+ */
+static void convert_to_base2_64(void *ctx)
+{
+ struct poly1305_arch_internal *state = ctx;
+ u32 cy;
+
+ if (!state->is_base2_26)
+ return;
+
+ cy = state->h[0] >> 26; state->h[0] &= 0x3ffffff; state->h[1] += cy;
+ cy = state->h[1] >> 26; state->h[1] &= 0x3ffffff; state->h[2] += cy;
+ cy = state->h[2] >> 26; state->h[2] &= 0x3ffffff; state->h[3] += cy;
+ cy = state->h[3] >> 26; state->h[3] &= 0x3ffffff; state->h[4] += cy;
+ state->hs[0] = ((u64)state->h[2] << 52) | ((u64)state->h[1] << 26) | state->h[0];
+ state->hs[1] = ((u64)state->h[4] << 40) | ((u64)state->h[3] << 14) | (state->h[2] >> 12);
+ state->hs[2] = state->h[4] >> 24;
+ /* Unsigned Less Than: branchlessly produces 1 if a < b, else 0. */
+#define ULT(a, b) ((a ^ ((a ^ b) | ((a - b) ^ b))) >> (sizeof(a) * 8 - 1))
+ cy = (state->hs[2] >> 2) + (state->hs[2] & ~3ULL);
+ state->hs[2] &= 3;
+ state->hs[0] += cy;
+ state->hs[1] += (cy = ULT(state->hs[0], cy));
+ state->hs[2] += ULT(state->hs[1], cy);
+#undef ULT
+ state->is_base2_26 = 0;
+}
+
asmlinkage void poly1305_block_init_arch(
struct poly1305_block_state *state,
const u8 raw_key[POLY1305_BLOCK_SIZE]);
@@ -62,7 +98,9 @@ void poly1305_blocks_arch(struct poly1305_block_state *state, const u8 *inp,
BUILD_BUG_ON(SZ_4K < POLY1305_BLOCK_SIZE ||
SZ_4K % POLY1305_BLOCK_SIZE);
- if (!static_branch_likely(&poly1305_use_avx)) {
+ if (!static_branch_likely(&poly1305_use_avx) ||
+ unlikely(!irq_fpu_usable())) {
+ convert_to_base2_64(ctx);
poly1305_blocks_x86_64(ctx, inp, len, padbit);
return;
}
1 month
- 1
- 0
FAILED: patch "[PATCH] lib/crypto: x86/poly1305: Fix register corruption in no-SIMD" failed to apply to 6.1-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.1-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y
git checkout FETCH_HEAD
git cherry-pick -x 16f2c30e290e04135b70ad374fb7e1d1ed9ff5e7
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081507-raking-viewless-4b7d@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 16f2c30e290e04135b70ad374fb7e1d1ed9ff5e7 Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers(a)kernel.org>
Date: Sun, 6 Jul 2025 16:10:59 -0700
Subject: [PATCH] lib/crypto: x86/poly1305: Fix register corruption in no-SIMD
contexts
Restore the SIMD usability check and base conversion that were removed
by commit 318c53ae02f2 ("crypto: x86/poly1305 - Add block-only
interface").
This safety check is cheap and is well worth eliminating a footgun.
While the Poly1305 functions should not be called when SIMD registers
are unusable, if they are anyway, they should just do the right thing
instead of corrupting random tasks' registers and/or computing incorrect
MACs. Fixing this is also needed for poly1305_kunit to pass.
Just use irq_fpu_usable() instead of the original crypto_simd_usable(),
since poly1305_kunit won't rely on crypto_simd_disabled_for_test.
Fixes: 318c53ae02f2 ("crypto: x86/poly1305 - Add block-only interface")
Cc: stable(a)vger.kernel.org
Reviewed-by: Ard Biesheuvel <ardb(a)kernel.org>
Link: https://lore.kernel.org/r/20250706231100.176113-5-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers(a)kernel.org>
diff --git a/lib/crypto/x86/poly1305_glue.c b/lib/crypto/x86/poly1305_glue.c
index b7e78a583e07..968d84677631 100644
--- a/lib/crypto/x86/poly1305_glue.c
+++ b/lib/crypto/x86/poly1305_glue.c
@@ -25,6 +25,42 @@ struct poly1305_arch_internal {
struct { u32 r2, r1, r4, r3; } rn[9];
};
+/*
+ * The AVX code uses base 2^26, while the scalar code uses base 2^64. If we hit
+ * the unfortunate situation of using AVX and then having to go back to scalar
+ * -- because the user is silly and has called the update function from two
+ * separate contexts -- then we need to convert back to the original base before
+ * proceeding. It is possible to reason that the initial reduction below is
+ * sufficient given the implementation invariants. However, for an avoidance of
+ * doubt and because this is not performance critical, we do the full reduction
+ * anyway. Z3 proof of below function: https://xn--4db.cc/ltPtHCKN/py
+ */
+static void convert_to_base2_64(void *ctx)
+{
+ struct poly1305_arch_internal *state = ctx;
+ u32 cy;
+
+ if (!state->is_base2_26)
+ return;
+
+ cy = state->h[0] >> 26; state->h[0] &= 0x3ffffff; state->h[1] += cy;
+ cy = state->h[1] >> 26; state->h[1] &= 0x3ffffff; state->h[2] += cy;
+ cy = state->h[2] >> 26; state->h[2] &= 0x3ffffff; state->h[3] += cy;
+ cy = state->h[3] >> 26; state->h[3] &= 0x3ffffff; state->h[4] += cy;
+ state->hs[0] = ((u64)state->h[2] << 52) | ((u64)state->h[1] << 26) | state->h[0];
+ state->hs[1] = ((u64)state->h[4] << 40) | ((u64)state->h[3] << 14) | (state->h[2] >> 12);
+ state->hs[2] = state->h[4] >> 24;
+ /* Unsigned Less Than: branchlessly produces 1 if a < b, else 0. */
+#define ULT(a, b) ((a ^ ((a ^ b) | ((a - b) ^ b))) >> (sizeof(a) * 8 - 1))
+ cy = (state->hs[2] >> 2) + (state->hs[2] & ~3ULL);
+ state->hs[2] &= 3;
+ state->hs[0] += cy;
+ state->hs[1] += (cy = ULT(state->hs[0], cy));
+ state->hs[2] += ULT(state->hs[1], cy);
+#undef ULT
+ state->is_base2_26 = 0;
+}
+
asmlinkage void poly1305_block_init_arch(
struct poly1305_block_state *state,
const u8 raw_key[POLY1305_BLOCK_SIZE]);
@@ -62,7 +98,9 @@ void poly1305_blocks_arch(struct poly1305_block_state *state, const u8 *inp,
BUILD_BUG_ON(SZ_4K < POLY1305_BLOCK_SIZE ||
SZ_4K % POLY1305_BLOCK_SIZE);
- if (!static_branch_likely(&poly1305_use_avx)) {
+ if (!static_branch_likely(&poly1305_use_avx) ||
+ unlikely(!irq_fpu_usable())) {
+ convert_to_base2_64(ctx);
poly1305_blocks_x86_64(ctx, inp, len, padbit);
return;
}
1 month
- 1
- 0
FAILED: patch "[PATCH] lib/crypto: x86/poly1305: Fix register corruption in no-SIMD" failed to apply to 6.6-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.6-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.6.y
git checkout FETCH_HEAD
git cherry-pick -x 16f2c30e290e04135b70ad374fb7e1d1ed9ff5e7
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081507-verse-prozac-3c44@gregkh' --subject-prefix 'PATCH 6.6.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 16f2c30e290e04135b70ad374fb7e1d1ed9ff5e7 Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers(a)kernel.org>
Date: Sun, 6 Jul 2025 16:10:59 -0700
Subject: [PATCH] lib/crypto: x86/poly1305: Fix register corruption in no-SIMD
contexts
Restore the SIMD usability check and base conversion that were removed
by commit 318c53ae02f2 ("crypto: x86/poly1305 - Add block-only
interface").
This safety check is cheap and is well worth eliminating a footgun.
While the Poly1305 functions should not be called when SIMD registers
are unusable, if they are anyway, they should just do the right thing
instead of corrupting random tasks' registers and/or computing incorrect
MACs. Fixing this is also needed for poly1305_kunit to pass.
Just use irq_fpu_usable() instead of the original crypto_simd_usable(),
since poly1305_kunit won't rely on crypto_simd_disabled_for_test.
Fixes: 318c53ae02f2 ("crypto: x86/poly1305 - Add block-only interface")
Cc: stable(a)vger.kernel.org
Reviewed-by: Ard Biesheuvel <ardb(a)kernel.org>
Link: https://lore.kernel.org/r/20250706231100.176113-5-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers(a)kernel.org>
diff --git a/lib/crypto/x86/poly1305_glue.c b/lib/crypto/x86/poly1305_glue.c
index b7e78a583e07..968d84677631 100644
--- a/lib/crypto/x86/poly1305_glue.c
+++ b/lib/crypto/x86/poly1305_glue.c
@@ -25,6 +25,42 @@ struct poly1305_arch_internal {
struct { u32 r2, r1, r4, r3; } rn[9];
};
+/*
+ * The AVX code uses base 2^26, while the scalar code uses base 2^64. If we hit
+ * the unfortunate situation of using AVX and then having to go back to scalar
+ * -- because the user is silly and has called the update function from two
+ * separate contexts -- then we need to convert back to the original base before
+ * proceeding. It is possible to reason that the initial reduction below is
+ * sufficient given the implementation invariants. However, for an avoidance of
+ * doubt and because this is not performance critical, we do the full reduction
+ * anyway. Z3 proof of below function: https://xn--4db.cc/ltPtHCKN/py
+ */
+static void convert_to_base2_64(void *ctx)
+{
+ struct poly1305_arch_internal *state = ctx;
+ u32 cy;
+
+ if (!state->is_base2_26)
+ return;
+
+ cy = state->h[0] >> 26; state->h[0] &= 0x3ffffff; state->h[1] += cy;
+ cy = state->h[1] >> 26; state->h[1] &= 0x3ffffff; state->h[2] += cy;
+ cy = state->h[2] >> 26; state->h[2] &= 0x3ffffff; state->h[3] += cy;
+ cy = state->h[3] >> 26; state->h[3] &= 0x3ffffff; state->h[4] += cy;
+ state->hs[0] = ((u64)state->h[2] << 52) | ((u64)state->h[1] << 26) | state->h[0];
+ state->hs[1] = ((u64)state->h[4] << 40) | ((u64)state->h[3] << 14) | (state->h[2] >> 12);
+ state->hs[2] = state->h[4] >> 24;
+ /* Unsigned Less Than: branchlessly produces 1 if a < b, else 0. */
+#define ULT(a, b) ((a ^ ((a ^ b) | ((a - b) ^ b))) >> (sizeof(a) * 8 - 1))
+ cy = (state->hs[2] >> 2) + (state->hs[2] & ~3ULL);
+ state->hs[2] &= 3;
+ state->hs[0] += cy;
+ state->hs[1] += (cy = ULT(state->hs[0], cy));
+ state->hs[2] += ULT(state->hs[1], cy);
+#undef ULT
+ state->is_base2_26 = 0;
+}
+
asmlinkage void poly1305_block_init_arch(
struct poly1305_block_state *state,
const u8 raw_key[POLY1305_BLOCK_SIZE]);
@@ -62,7 +98,9 @@ void poly1305_blocks_arch(struct poly1305_block_state *state, const u8 *inp,
BUILD_BUG_ON(SZ_4K < POLY1305_BLOCK_SIZE ||
SZ_4K % POLY1305_BLOCK_SIZE);
- if (!static_branch_likely(&poly1305_use_avx)) {
+ if (!static_branch_likely(&poly1305_use_avx) ||
+ unlikely(!irq_fpu_usable())) {
+ convert_to_base2_64(ctx);
poly1305_blocks_x86_64(ctx, inp, len, padbit);
return;
}
1 month
- 1
- 0
FAILED: patch "[PATCH] lib/crypto: x86/poly1305: Fix register corruption in no-SIMD" failed to apply to 6.12-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.12-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.12.y
git checkout FETCH_HEAD
git cherry-pick -x 16f2c30e290e04135b70ad374fb7e1d1ed9ff5e7
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081506-outsource-shorter-c39a@gregkh' --subject-prefix 'PATCH 6.12.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 16f2c30e290e04135b70ad374fb7e1d1ed9ff5e7 Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers(a)kernel.org>
Date: Sun, 6 Jul 2025 16:10:59 -0700
Subject: [PATCH] lib/crypto: x86/poly1305: Fix register corruption in no-SIMD
contexts
Restore the SIMD usability check and base conversion that were removed
by commit 318c53ae02f2 ("crypto: x86/poly1305 - Add block-only
interface").
This safety check is cheap and is well worth eliminating a footgun.
While the Poly1305 functions should not be called when SIMD registers
are unusable, if they are anyway, they should just do the right thing
instead of corrupting random tasks' registers and/or computing incorrect
MACs. Fixing this is also needed for poly1305_kunit to pass.
Just use irq_fpu_usable() instead of the original crypto_simd_usable(),
since poly1305_kunit won't rely on crypto_simd_disabled_for_test.
Fixes: 318c53ae02f2 ("crypto: x86/poly1305 - Add block-only interface")
Cc: stable(a)vger.kernel.org
Reviewed-by: Ard Biesheuvel <ardb(a)kernel.org>
Link: https://lore.kernel.org/r/20250706231100.176113-5-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers(a)kernel.org>
diff --git a/lib/crypto/x86/poly1305_glue.c b/lib/crypto/x86/poly1305_glue.c
index b7e78a583e07..968d84677631 100644
--- a/lib/crypto/x86/poly1305_glue.c
+++ b/lib/crypto/x86/poly1305_glue.c
@@ -25,6 +25,42 @@ struct poly1305_arch_internal {
struct { u32 r2, r1, r4, r3; } rn[9];
};
+/*
+ * The AVX code uses base 2^26, while the scalar code uses base 2^64. If we hit
+ * the unfortunate situation of using AVX and then having to go back to scalar
+ * -- because the user is silly and has called the update function from two
+ * separate contexts -- then we need to convert back to the original base before
+ * proceeding. It is possible to reason that the initial reduction below is
+ * sufficient given the implementation invariants. However, for an avoidance of
+ * doubt and because this is not performance critical, we do the full reduction
+ * anyway. Z3 proof of below function: https://xn--4db.cc/ltPtHCKN/py
+ */
+static void convert_to_base2_64(void *ctx)
+{
+ struct poly1305_arch_internal *state = ctx;
+ u32 cy;
+
+ if (!state->is_base2_26)
+ return;
+
+ cy = state->h[0] >> 26; state->h[0] &= 0x3ffffff; state->h[1] += cy;
+ cy = state->h[1] >> 26; state->h[1] &= 0x3ffffff; state->h[2] += cy;
+ cy = state->h[2] >> 26; state->h[2] &= 0x3ffffff; state->h[3] += cy;
+ cy = state->h[3] >> 26; state->h[3] &= 0x3ffffff; state->h[4] += cy;
+ state->hs[0] = ((u64)state->h[2] << 52) | ((u64)state->h[1] << 26) | state->h[0];
+ state->hs[1] = ((u64)state->h[4] << 40) | ((u64)state->h[3] << 14) | (state->h[2] >> 12);
+ state->hs[2] = state->h[4] >> 24;
+ /* Unsigned Less Than: branchlessly produces 1 if a < b, else 0. */
+#define ULT(a, b) ((a ^ ((a ^ b) | ((a - b) ^ b))) >> (sizeof(a) * 8 - 1))
+ cy = (state->hs[2] >> 2) + (state->hs[2] & ~3ULL);
+ state->hs[2] &= 3;
+ state->hs[0] += cy;
+ state->hs[1] += (cy = ULT(state->hs[0], cy));
+ state->hs[2] += ULT(state->hs[1], cy);
+#undef ULT
+ state->is_base2_26 = 0;
+}
+
asmlinkage void poly1305_block_init_arch(
struct poly1305_block_state *state,
const u8 raw_key[POLY1305_BLOCK_SIZE]);
@@ -62,7 +98,9 @@ void poly1305_blocks_arch(struct poly1305_block_state *state, const u8 *inp,
BUILD_BUG_ON(SZ_4K < POLY1305_BLOCK_SIZE ||
SZ_4K % POLY1305_BLOCK_SIZE);
- if (!static_branch_likely(&poly1305_use_avx)) {
+ if (!static_branch_likely(&poly1305_use_avx) ||
+ unlikely(!irq_fpu_usable())) {
+ convert_to_base2_64(ctx);
poly1305_blocks_x86_64(ctx, inp, len, padbit);
return;
}
1 month
- 1
- 0
FAILED: patch "[PATCH] lib/crypto: x86/poly1305: Fix register corruption in no-SIMD" failed to apply to 6.15-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.15-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.15.y
git checkout FETCH_HEAD
git cherry-pick -x 16f2c30e290e04135b70ad374fb7e1d1ed9ff5e7
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081506-washable-climatic-2c7b@gregkh' --subject-prefix 'PATCH 6.15.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 16f2c30e290e04135b70ad374fb7e1d1ed9ff5e7 Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers(a)kernel.org>
Date: Sun, 6 Jul 2025 16:10:59 -0700
Subject: [PATCH] lib/crypto: x86/poly1305: Fix register corruption in no-SIMD
contexts
Restore the SIMD usability check and base conversion that were removed
by commit 318c53ae02f2 ("crypto: x86/poly1305 - Add block-only
interface").
This safety check is cheap and is well worth eliminating a footgun.
While the Poly1305 functions should not be called when SIMD registers
are unusable, if they are anyway, they should just do the right thing
instead of corrupting random tasks' registers and/or computing incorrect
MACs. Fixing this is also needed for poly1305_kunit to pass.
Just use irq_fpu_usable() instead of the original crypto_simd_usable(),
since poly1305_kunit won't rely on crypto_simd_disabled_for_test.
Fixes: 318c53ae02f2 ("crypto: x86/poly1305 - Add block-only interface")
Cc: stable(a)vger.kernel.org
Reviewed-by: Ard Biesheuvel <ardb(a)kernel.org>
Link: https://lore.kernel.org/r/20250706231100.176113-5-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers(a)kernel.org>
diff --git a/lib/crypto/x86/poly1305_glue.c b/lib/crypto/x86/poly1305_glue.c
index b7e78a583e07..968d84677631 100644
--- a/lib/crypto/x86/poly1305_glue.c
+++ b/lib/crypto/x86/poly1305_glue.c
@@ -25,6 +25,42 @@ struct poly1305_arch_internal {
struct { u32 r2, r1, r4, r3; } rn[9];
};
+/*
+ * The AVX code uses base 2^26, while the scalar code uses base 2^64. If we hit
+ * the unfortunate situation of using AVX and then having to go back to scalar
+ * -- because the user is silly and has called the update function from two
+ * separate contexts -- then we need to convert back to the original base before
+ * proceeding. It is possible to reason that the initial reduction below is
+ * sufficient given the implementation invariants. However, for an avoidance of
+ * doubt and because this is not performance critical, we do the full reduction
+ * anyway. Z3 proof of below function: https://xn--4db.cc/ltPtHCKN/py
+ */
+static void convert_to_base2_64(void *ctx)
+{
+ struct poly1305_arch_internal *state = ctx;
+ u32 cy;
+
+ if (!state->is_base2_26)
+ return;
+
+ cy = state->h[0] >> 26; state->h[0] &= 0x3ffffff; state->h[1] += cy;
+ cy = state->h[1] >> 26; state->h[1] &= 0x3ffffff; state->h[2] += cy;
+ cy = state->h[2] >> 26; state->h[2] &= 0x3ffffff; state->h[3] += cy;
+ cy = state->h[3] >> 26; state->h[3] &= 0x3ffffff; state->h[4] += cy;
+ state->hs[0] = ((u64)state->h[2] << 52) | ((u64)state->h[1] << 26) | state->h[0];
+ state->hs[1] = ((u64)state->h[4] << 40) | ((u64)state->h[3] << 14) | (state->h[2] >> 12);
+ state->hs[2] = state->h[4] >> 24;
+ /* Unsigned Less Than: branchlessly produces 1 if a < b, else 0. */
+#define ULT(a, b) ((a ^ ((a ^ b) | ((a - b) ^ b))) >> (sizeof(a) * 8 - 1))
+ cy = (state->hs[2] >> 2) + (state->hs[2] & ~3ULL);
+ state->hs[2] &= 3;
+ state->hs[0] += cy;
+ state->hs[1] += (cy = ULT(state->hs[0], cy));
+ state->hs[2] += ULT(state->hs[1], cy);
+#undef ULT
+ state->is_base2_26 = 0;
+}
+
asmlinkage void poly1305_block_init_arch(
struct poly1305_block_state *state,
const u8 raw_key[POLY1305_BLOCK_SIZE]);
@@ -62,7 +98,9 @@ void poly1305_blocks_arch(struct poly1305_block_state *state, const u8 *inp,
BUILD_BUG_ON(SZ_4K < POLY1305_BLOCK_SIZE ||
SZ_4K % POLY1305_BLOCK_SIZE);
- if (!static_branch_likely(&poly1305_use_avx)) {
+ if (!static_branch_likely(&poly1305_use_avx) ||
+ unlikely(!irq_fpu_usable())) {
+ convert_to_base2_64(ctx);
poly1305_blocks_x86_64(ctx, inp, len, padbit);
return;
}
1 month
- 1
- 0
FAILED: patch "[PATCH] fscrypt: Don't use problematic non-inline crypto engines" failed to apply to 5.4-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.4-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y
git checkout FETCH_HEAD
git cherry-pick -x b41c1d8d07906786c60893980d52688f31d114a6
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081520-around-unsliced-699b@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From b41c1d8d07906786c60893980d52688f31d114a6 Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers(a)kernel.org>
Date: Fri, 4 Jul 2025 00:03:22 -0700
Subject: [PATCH] fscrypt: Don't use problematic non-inline crypto engines
Make fscrypt no longer use Crypto API drivers for non-inline crypto
engines, even when the Crypto API prioritizes them over CPU-based code
(which unfortunately it often does). These drivers tend to be really
problematic, especially for fscrypt's workload. This commit has no
effect on inline crypto engines, which are different and do work well.
Specifically, exclude drivers that have CRYPTO_ALG_KERN_DRIVER_ONLY or
CRYPTO_ALG_ALLOCATES_MEMORY set. (Later, CRYPTO_ALG_ASYNC should be
excluded too. That's omitted for now to keep this commit backportable,
since until recently some CPU-based code had CRYPTO_ALG_ASYNC set.)
There are two major issues with these drivers: bugs and performance.
First, these drivers tend to be buggy. They're fundamentally much more
error-prone and harder to test than the CPU-based code. They often
don't get tested before kernel releases, and even if they do, the crypto
self-tests don't properly test these drivers. Released drivers have
en/decrypted or hashed data incorrectly. These bugs cause issues for
fscrypt users who often didn't even want to use these drivers, e.g.:
- https://github.com/google/fscryptctl/issues/32
- https://github.com/google/fscryptctl/issues/9
- https://lore.kernel.org/r/PH0PR02MB731916ECDB6C613665863B6CFFAA2@PH0PR02MB7…
These drivers have also similarly caused issues for dm-crypt users,
including data corruption and deadlocks. Since Linux v5.10, dm-crypt
has disabled most of them by excluding CRYPTO_ALG_ALLOCATES_MEMORY.
Second, these drivers tend to be *much* slower than the CPU-based code.
This may seem counterintuitive, but benchmarks clearly show it. There's
a *lot* of overhead associated with going to a hardware driver, off the
CPU, and back again. To prove this, I gathered as many systems with
this type of crypto engine as I could, and I measured synchronous
encryption of 4096-byte messages (which matches fscrypt's workload):
Intel Emerald Rapids server:
AES-256-XTS:
xts-aes-vaes-avx512 16171 MB/s [CPU-based, Vector AES]
qat_aes_xts 289 MB/s [Offload, Intel QuickAssist]
Qualcomm SM8650 HDK:
AES-256-XTS:
xts-aes-ce 4301 MB/s [CPU-based, ARMv8 Crypto Extensions]
xts-aes-qce 73 MB/s [Offload, Qualcomm Crypto Engine]
i.MX 8M Nano LPDDR4 EVK:
AES-256-XTS:
xts-aes-ce 647 MB/s [CPU-based, ARMv8 Crypto Extensions]
xts(ecb-aes-caam) 20 MB/s [Offload, CAAM]
AES-128-CBC-ESSIV:
essiv(cbc-aes-caam,sha256-lib) 23 MB/s [Offload, CAAM]
STM32MP157F-DK2:
AES-256-XTS:
xts-aes-neonbs 13.2 MB/s [CPU-based, ARM NEON]
xts(stm32-ecb-aes) 3.1 MB/s [Offload, STM32 crypto engine]
AES-128-CBC-ESSIV:
essiv(cbc-aes-neonbs,sha256-lib)
14.7 MB/s [CPU-based, ARM NEON]
essiv(stm32-cbc-aes,sha256-lib)
3.2 MB/s [Offload, STM32 crypto engine]
Adiantum:
adiantum(xchacha12-arm,aes-arm,nhpoly1305-neon)
52.8 MB/s [CPU-based, ARM scalar + NEON]
So, there was no case in which the crypto engine was even *close* to
being faster. On the first three, which have AES instructions in the
CPU, the CPU was 30 to 55 times faster (!). Even on STM32MP157F-DK2
which has a Cortex-A7 CPU that doesn't have AES instructions, AES was
over 4 times faster on the CPU. And Adiantum encryption, which is what
actually should be used on CPUs like that, was over 17 times faster.
Other justifications that have been given for these non-inline crypto
engines (almost always coming from the hardware vendors, not actual
users) don't seem very plausible either:
- The crypto engine throughput could be improved by processing
multiple requests concurrently. Currently irrelevant to fscrypt,
since it doesn't do that. This would also be complex, and unhelpful
in many cases. 2 of the 4 engines I tested even had only one queue.
- Some of the engines, e.g. STM32, support hardware keys. Also
currently irrelevant to fscrypt, since it doesn't support these.
Interestingly, the STM32 driver itself doesn't support this either.
- Free up CPU for other tasks and/or reduce energy usage. Not very
plausible considering the "short" message length, driver overhead,
and scheduling overhead. There's just very little time for the CPU
to do something else like run another task or enter low-power state,
before the message finishes and it's time to process the next one.
- Some of these engines resist power analysis and electromagnetic
attacks, while the CPU-based crypto generally does not. In theory,
this sounds great. In practice, if this benefit requires the use of
an off-CPU offload that massively regresses performance and has a
low-quality, buggy driver, the price for this hardening (which is
not relevant to most fscrypt users, and tends to be incomplete) is
just too high. Inline crypto engines are much more promising here,
as are on-CPU solutions like RISC-V High Assurance Cryptography.
Fixes: b30ab0e03407 ("ext4 crypto: add ext4 encryption facilities")
Cc: stable(a)vger.kernel.org
Acked-by: Ard Biesheuvel <ardb(a)kernel.org>
Link: https://lore.kernel.org/r/20250704070322.20692-1-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers(a)kernel.org>
diff --git a/Documentation/filesystems/fscrypt.rst b/Documentation/filesystems/fscrypt.rst
index f63791641c1d..696a5844bfa3 100644
--- a/Documentation/filesystems/fscrypt.rst
+++ b/Documentation/filesystems/fscrypt.rst
@@ -147,9 +147,8 @@ However, these ioctls have some limitations:
were wiped. To partially solve this, you can add init_on_free=1 to
your kernel command line. However, this has a performance cost.
-- Secret keys might still exist in CPU registers, in crypto
- accelerator hardware (if used by the crypto API to implement any of
- the algorithms), or in other places not explicitly considered here.
+- Secret keys might still exist in CPU registers or in other places
+ not explicitly considered here.
Full system compromise
~~~~~~~~~~~~~~~~~~~~~~
@@ -406,9 +405,12 @@ the work is done by XChaCha12, which is much faster than AES when AES
acceleration is unavailable. For more information about Adiantum, see
`the Adiantum paper <https://eprint.iacr.org/2018/720.pdf>`_.
-The (AES-128-CBC-ESSIV, AES-128-CBC-CTS) pair exists only to support
-systems whose only form of AES acceleration is an off-CPU crypto
-accelerator such as CAAM or CESA that does not support XTS.
+The (AES-128-CBC-ESSIV, AES-128-CBC-CTS) pair was added to try to
+provide a more efficient option for systems that lack AES instructions
+in the CPU but do have a non-inline crypto engine such as CAAM or CESA
+that supports AES-CBC (and not AES-XTS). This is deprecated. It has
+been shown that just doing AES on the CPU is actually faster.
+Moreover, Adiantum is faster still and is recommended on such systems.
The remaining mode pairs are the "national pride ciphers":
@@ -1318,22 +1320,13 @@ this by validating all top-level encryption policies prior to access.
Inline encryption support
=========================
-By default, fscrypt uses the kernel crypto API for all cryptographic
-operations (other than HKDF, which fscrypt partially implements
-itself). The kernel crypto API supports hardware crypto accelerators,
-but only ones that work in the traditional way where all inputs and
-outputs (e.g. plaintexts and ciphertexts) are in memory. fscrypt can
-take advantage of such hardware, but the traditional acceleration
-model isn't particularly efficient and fscrypt hasn't been optimized
-for it.
-
-Instead, many newer systems (especially mobile SoCs) have *inline
-encryption hardware* that can encrypt/decrypt data while it is on its
-way to/from the storage device. Linux supports inline encryption
-through a set of extensions to the block layer called *blk-crypto*.
-blk-crypto allows filesystems to attach encryption contexts to bios
-(I/O requests) to specify how the data will be encrypted or decrypted
-in-line. For more information about blk-crypto, see
+Many newer systems (especially mobile SoCs) have *inline encryption
+hardware* that can encrypt/decrypt data while it is on its way to/from
+the storage device. Linux supports inline encryption through a set of
+extensions to the block layer called *blk-crypto*. blk-crypto allows
+filesystems to attach encryption contexts to bios (I/O requests) to
+specify how the data will be encrypted or decrypted in-line. For more
+information about blk-crypto, see
:ref:`Documentation/block/inline-encryption.rst <inline_encryption>`.
On supported filesystems (currently ext4 and f2fs), fscrypt can use
diff --git a/fs/crypto/fscrypt_private.h b/fs/crypto/fscrypt_private.h
index c1d92074b65c..6e7164530a1e 100644
--- a/fs/crypto/fscrypt_private.h
+++ b/fs/crypto/fscrypt_private.h
@@ -45,6 +45,23 @@
*/
#undef FSCRYPT_MAX_KEY_SIZE
+/*
+ * This mask is passed as the third argument to the crypto_alloc_*() functions
+ * to prevent fscrypt from using the Crypto API drivers for non-inline crypto
+ * engines. Those drivers have been problematic for fscrypt. fscrypt users
+ * have reported hangs and even incorrect en/decryption with these drivers.
+ * Since going to the driver, off CPU, and back again is really slow, such
+ * drivers can be over 50 times slower than the CPU-based code for fscrypt's
+ * workload. Even on platforms that lack AES instructions on the CPU, using the
+ * offloads has been shown to be slower, even staying with AES. (Of course,
+ * Adiantum is faster still, and is the recommended option on such platforms...)
+ *
+ * Note that fscrypt also supports inline crypto engines. Those don't use the
+ * Crypto API and work much better than the old-style (non-inline) engines.
+ */
+#define FSCRYPT_CRYPTOAPI_MASK \
+ (CRYPTO_ALG_ALLOCATES_MEMORY | CRYPTO_ALG_KERN_DRIVER_ONLY)
+
#define FSCRYPT_CONTEXT_V1 1
#define FSCRYPT_CONTEXT_V2 2
diff --git a/fs/crypto/hkdf.c b/fs/crypto/hkdf.c
index 5c095c8aa3b5..b1ef506cd341 100644
--- a/fs/crypto/hkdf.c
+++ b/fs/crypto/hkdf.c
@@ -58,7 +58,7 @@ int fscrypt_init_hkdf(struct fscrypt_hkdf *hkdf, const u8 *master_key,
u8 prk[HKDF_HASHLEN];
int err;
- hmac_tfm = crypto_alloc_shash(HKDF_HMAC_ALG, 0, 0);
+ hmac_tfm = crypto_alloc_shash(HKDF_HMAC_ALG, 0, FSCRYPT_CRYPTOAPI_MASK);
if (IS_ERR(hmac_tfm)) {
fscrypt_err(NULL, "Error allocating " HKDF_HMAC_ALG ": %ld",
PTR_ERR(hmac_tfm));
diff --git a/fs/crypto/keysetup.c b/fs/crypto/keysetup.c
index a67e20d126c9..74d4a2e1ad23 100644
--- a/fs/crypto/keysetup.c
+++ b/fs/crypto/keysetup.c
@@ -104,7 +104,8 @@ fscrypt_allocate_skcipher(struct fscrypt_mode *mode, const u8 *raw_key,
struct crypto_skcipher *tfm;
int err;
- tfm = crypto_alloc_skcipher(mode->cipher_str, 0, 0);
+ tfm = crypto_alloc_skcipher(mode->cipher_str, 0,
+ FSCRYPT_CRYPTOAPI_MASK);
if (IS_ERR(tfm)) {
if (PTR_ERR(tfm) == -ENOENT) {
fscrypt_warn(inode,
diff --git a/fs/crypto/keysetup_v1.c b/fs/crypto/keysetup_v1.c
index b70521c55132..158ceae8a5bc 100644
--- a/fs/crypto/keysetup_v1.c
+++ b/fs/crypto/keysetup_v1.c
@@ -52,7 +52,8 @@ static int derive_key_aes(const u8 *master_key,
struct skcipher_request *req = NULL;
DECLARE_CRYPTO_WAIT(wait);
struct scatterlist src_sg, dst_sg;
- struct crypto_skcipher *tfm = crypto_alloc_skcipher("ecb(aes)", 0, 0);
+ struct crypto_skcipher *tfm =
+ crypto_alloc_skcipher("ecb(aes)", 0, FSCRYPT_CRYPTOAPI_MASK);
if (IS_ERR(tfm)) {
res = PTR_ERR(tfm);
1 month
- 1
- 0
FAILED: patch "[PATCH] fscrypt: Don't use problematic non-inline crypto engines" failed to apply to 5.10-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.10-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y
git checkout FETCH_HEAD
git cherry-pick -x b41c1d8d07906786c60893980d52688f31d114a6
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081518-cusp-plausibly-6afc@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From b41c1d8d07906786c60893980d52688f31d114a6 Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers(a)kernel.org>
Date: Fri, 4 Jul 2025 00:03:22 -0700
Subject: [PATCH] fscrypt: Don't use problematic non-inline crypto engines
Make fscrypt no longer use Crypto API drivers for non-inline crypto
engines, even when the Crypto API prioritizes them over CPU-based code
(which unfortunately it often does). These drivers tend to be really
problematic, especially for fscrypt's workload. This commit has no
effect on inline crypto engines, which are different and do work well.
Specifically, exclude drivers that have CRYPTO_ALG_KERN_DRIVER_ONLY or
CRYPTO_ALG_ALLOCATES_MEMORY set. (Later, CRYPTO_ALG_ASYNC should be
excluded too. That's omitted for now to keep this commit backportable,
since until recently some CPU-based code had CRYPTO_ALG_ASYNC set.)
There are two major issues with these drivers: bugs and performance.
First, these drivers tend to be buggy. They're fundamentally much more
error-prone and harder to test than the CPU-based code. They often
don't get tested before kernel releases, and even if they do, the crypto
self-tests don't properly test these drivers. Released drivers have
en/decrypted or hashed data incorrectly. These bugs cause issues for
fscrypt users who often didn't even want to use these drivers, e.g.:
- https://github.com/google/fscryptctl/issues/32
- https://github.com/google/fscryptctl/issues/9
- https://lore.kernel.org/r/PH0PR02MB731916ECDB6C613665863B6CFFAA2@PH0PR02MB7…
These drivers have also similarly caused issues for dm-crypt users,
including data corruption and deadlocks. Since Linux v5.10, dm-crypt
has disabled most of them by excluding CRYPTO_ALG_ALLOCATES_MEMORY.
Second, these drivers tend to be *much* slower than the CPU-based code.
This may seem counterintuitive, but benchmarks clearly show it. There's
a *lot* of overhead associated with going to a hardware driver, off the
CPU, and back again. To prove this, I gathered as many systems with
this type of crypto engine as I could, and I measured synchronous
encryption of 4096-byte messages (which matches fscrypt's workload):
Intel Emerald Rapids server:
AES-256-XTS:
xts-aes-vaes-avx512 16171 MB/s [CPU-based, Vector AES]
qat_aes_xts 289 MB/s [Offload, Intel QuickAssist]
Qualcomm SM8650 HDK:
AES-256-XTS:
xts-aes-ce 4301 MB/s [CPU-based, ARMv8 Crypto Extensions]
xts-aes-qce 73 MB/s [Offload, Qualcomm Crypto Engine]
i.MX 8M Nano LPDDR4 EVK:
AES-256-XTS:
xts-aes-ce 647 MB/s [CPU-based, ARMv8 Crypto Extensions]
xts(ecb-aes-caam) 20 MB/s [Offload, CAAM]
AES-128-CBC-ESSIV:
essiv(cbc-aes-caam,sha256-lib) 23 MB/s [Offload, CAAM]
STM32MP157F-DK2:
AES-256-XTS:
xts-aes-neonbs 13.2 MB/s [CPU-based, ARM NEON]
xts(stm32-ecb-aes) 3.1 MB/s [Offload, STM32 crypto engine]
AES-128-CBC-ESSIV:
essiv(cbc-aes-neonbs,sha256-lib)
14.7 MB/s [CPU-based, ARM NEON]
essiv(stm32-cbc-aes,sha256-lib)
3.2 MB/s [Offload, STM32 crypto engine]
Adiantum:
adiantum(xchacha12-arm,aes-arm,nhpoly1305-neon)
52.8 MB/s [CPU-based, ARM scalar + NEON]
So, there was no case in which the crypto engine was even *close* to
being faster. On the first three, which have AES instructions in the
CPU, the CPU was 30 to 55 times faster (!). Even on STM32MP157F-DK2
which has a Cortex-A7 CPU that doesn't have AES instructions, AES was
over 4 times faster on the CPU. And Adiantum encryption, which is what
actually should be used on CPUs like that, was over 17 times faster.
Other justifications that have been given for these non-inline crypto
engines (almost always coming from the hardware vendors, not actual
users) don't seem very plausible either:
- The crypto engine throughput could be improved by processing
multiple requests concurrently. Currently irrelevant to fscrypt,
since it doesn't do that. This would also be complex, and unhelpful
in many cases. 2 of the 4 engines I tested even had only one queue.
- Some of the engines, e.g. STM32, support hardware keys. Also
currently irrelevant to fscrypt, since it doesn't support these.
Interestingly, the STM32 driver itself doesn't support this either.
- Free up CPU for other tasks and/or reduce energy usage. Not very
plausible considering the "short" message length, driver overhead,
and scheduling overhead. There's just very little time for the CPU
to do something else like run another task or enter low-power state,
before the message finishes and it's time to process the next one.
- Some of these engines resist power analysis and electromagnetic
attacks, while the CPU-based crypto generally does not. In theory,
this sounds great. In practice, if this benefit requires the use of
an off-CPU offload that massively regresses performance and has a
low-quality, buggy driver, the price for this hardening (which is
not relevant to most fscrypt users, and tends to be incomplete) is
just too high. Inline crypto engines are much more promising here,
as are on-CPU solutions like RISC-V High Assurance Cryptography.
Fixes: b30ab0e03407 ("ext4 crypto: add ext4 encryption facilities")
Cc: stable(a)vger.kernel.org
Acked-by: Ard Biesheuvel <ardb(a)kernel.org>
Link: https://lore.kernel.org/r/20250704070322.20692-1-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers(a)kernel.org>
diff --git a/Documentation/filesystems/fscrypt.rst b/Documentation/filesystems/fscrypt.rst
index f63791641c1d..696a5844bfa3 100644
--- a/Documentation/filesystems/fscrypt.rst
+++ b/Documentation/filesystems/fscrypt.rst
@@ -147,9 +147,8 @@ However, these ioctls have some limitations:
were wiped. To partially solve this, you can add init_on_free=1 to
your kernel command line. However, this has a performance cost.
-- Secret keys might still exist in CPU registers, in crypto
- accelerator hardware (if used by the crypto API to implement any of
- the algorithms), or in other places not explicitly considered here.
+- Secret keys might still exist in CPU registers or in other places
+ not explicitly considered here.
Full system compromise
~~~~~~~~~~~~~~~~~~~~~~
@@ -406,9 +405,12 @@ the work is done by XChaCha12, which is much faster than AES when AES
acceleration is unavailable. For more information about Adiantum, see
`the Adiantum paper <https://eprint.iacr.org/2018/720.pdf>`_.
-The (AES-128-CBC-ESSIV, AES-128-CBC-CTS) pair exists only to support
-systems whose only form of AES acceleration is an off-CPU crypto
-accelerator such as CAAM or CESA that does not support XTS.
+The (AES-128-CBC-ESSIV, AES-128-CBC-CTS) pair was added to try to
+provide a more efficient option for systems that lack AES instructions
+in the CPU but do have a non-inline crypto engine such as CAAM or CESA
+that supports AES-CBC (and not AES-XTS). This is deprecated. It has
+been shown that just doing AES on the CPU is actually faster.
+Moreover, Adiantum is faster still and is recommended on such systems.
The remaining mode pairs are the "national pride ciphers":
@@ -1318,22 +1320,13 @@ this by validating all top-level encryption policies prior to access.
Inline encryption support
=========================
-By default, fscrypt uses the kernel crypto API for all cryptographic
-operations (other than HKDF, which fscrypt partially implements
-itself). The kernel crypto API supports hardware crypto accelerators,
-but only ones that work in the traditional way where all inputs and
-outputs (e.g. plaintexts and ciphertexts) are in memory. fscrypt can
-take advantage of such hardware, but the traditional acceleration
-model isn't particularly efficient and fscrypt hasn't been optimized
-for it.
-
-Instead, many newer systems (especially mobile SoCs) have *inline
-encryption hardware* that can encrypt/decrypt data while it is on its
-way to/from the storage device. Linux supports inline encryption
-through a set of extensions to the block layer called *blk-crypto*.
-blk-crypto allows filesystems to attach encryption contexts to bios
-(I/O requests) to specify how the data will be encrypted or decrypted
-in-line. For more information about blk-crypto, see
+Many newer systems (especially mobile SoCs) have *inline encryption
+hardware* that can encrypt/decrypt data while it is on its way to/from
+the storage device. Linux supports inline encryption through a set of
+extensions to the block layer called *blk-crypto*. blk-crypto allows
+filesystems to attach encryption contexts to bios (I/O requests) to
+specify how the data will be encrypted or decrypted in-line. For more
+information about blk-crypto, see
:ref:`Documentation/block/inline-encryption.rst <inline_encryption>`.
On supported filesystems (currently ext4 and f2fs), fscrypt can use
diff --git a/fs/crypto/fscrypt_private.h b/fs/crypto/fscrypt_private.h
index c1d92074b65c..6e7164530a1e 100644
--- a/fs/crypto/fscrypt_private.h
+++ b/fs/crypto/fscrypt_private.h
@@ -45,6 +45,23 @@
*/
#undef FSCRYPT_MAX_KEY_SIZE
+/*
+ * This mask is passed as the third argument to the crypto_alloc_*() functions
+ * to prevent fscrypt from using the Crypto API drivers for non-inline crypto
+ * engines. Those drivers have been problematic for fscrypt. fscrypt users
+ * have reported hangs and even incorrect en/decryption with these drivers.
+ * Since going to the driver, off CPU, and back again is really slow, such
+ * drivers can be over 50 times slower than the CPU-based code for fscrypt's
+ * workload. Even on platforms that lack AES instructions on the CPU, using the
+ * offloads has been shown to be slower, even staying with AES. (Of course,
+ * Adiantum is faster still, and is the recommended option on such platforms...)
+ *
+ * Note that fscrypt also supports inline crypto engines. Those don't use the
+ * Crypto API and work much better than the old-style (non-inline) engines.
+ */
+#define FSCRYPT_CRYPTOAPI_MASK \
+ (CRYPTO_ALG_ALLOCATES_MEMORY | CRYPTO_ALG_KERN_DRIVER_ONLY)
+
#define FSCRYPT_CONTEXT_V1 1
#define FSCRYPT_CONTEXT_V2 2
diff --git a/fs/crypto/hkdf.c b/fs/crypto/hkdf.c
index 5c095c8aa3b5..b1ef506cd341 100644
--- a/fs/crypto/hkdf.c
+++ b/fs/crypto/hkdf.c
@@ -58,7 +58,7 @@ int fscrypt_init_hkdf(struct fscrypt_hkdf *hkdf, const u8 *master_key,
u8 prk[HKDF_HASHLEN];
int err;
- hmac_tfm = crypto_alloc_shash(HKDF_HMAC_ALG, 0, 0);
+ hmac_tfm = crypto_alloc_shash(HKDF_HMAC_ALG, 0, FSCRYPT_CRYPTOAPI_MASK);
if (IS_ERR(hmac_tfm)) {
fscrypt_err(NULL, "Error allocating " HKDF_HMAC_ALG ": %ld",
PTR_ERR(hmac_tfm));
diff --git a/fs/crypto/keysetup.c b/fs/crypto/keysetup.c
index a67e20d126c9..74d4a2e1ad23 100644
--- a/fs/crypto/keysetup.c
+++ b/fs/crypto/keysetup.c
@@ -104,7 +104,8 @@ fscrypt_allocate_skcipher(struct fscrypt_mode *mode, const u8 *raw_key,
struct crypto_skcipher *tfm;
int err;
- tfm = crypto_alloc_skcipher(mode->cipher_str, 0, 0);
+ tfm = crypto_alloc_skcipher(mode->cipher_str, 0,
+ FSCRYPT_CRYPTOAPI_MASK);
if (IS_ERR(tfm)) {
if (PTR_ERR(tfm) == -ENOENT) {
fscrypt_warn(inode,
diff --git a/fs/crypto/keysetup_v1.c b/fs/crypto/keysetup_v1.c
index b70521c55132..158ceae8a5bc 100644
--- a/fs/crypto/keysetup_v1.c
+++ b/fs/crypto/keysetup_v1.c
@@ -52,7 +52,8 @@ static int derive_key_aes(const u8 *master_key,
struct skcipher_request *req = NULL;
DECLARE_CRYPTO_WAIT(wait);
struct scatterlist src_sg, dst_sg;
- struct crypto_skcipher *tfm = crypto_alloc_skcipher("ecb(aes)", 0, 0);
+ struct crypto_skcipher *tfm =
+ crypto_alloc_skcipher("ecb(aes)", 0, FSCRYPT_CRYPTOAPI_MASK);
if (IS_ERR(tfm)) {
res = PTR_ERR(tfm);
1 month
- 1
- 0
FAILED: patch "[PATCH] fscrypt: Don't use problematic non-inline crypto engines" failed to apply to 5.15-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.15-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y
git checkout FETCH_HEAD
git cherry-pick -x b41c1d8d07906786c60893980d52688f31d114a6
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081516-syndrome-awkward-ef0d@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From b41c1d8d07906786c60893980d52688f31d114a6 Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers(a)kernel.org>
Date: Fri, 4 Jul 2025 00:03:22 -0700
Subject: [PATCH] fscrypt: Don't use problematic non-inline crypto engines
Make fscrypt no longer use Crypto API drivers for non-inline crypto
engines, even when the Crypto API prioritizes them over CPU-based code
(which unfortunately it often does). These drivers tend to be really
problematic, especially for fscrypt's workload. This commit has no
effect on inline crypto engines, which are different and do work well.
Specifically, exclude drivers that have CRYPTO_ALG_KERN_DRIVER_ONLY or
CRYPTO_ALG_ALLOCATES_MEMORY set. (Later, CRYPTO_ALG_ASYNC should be
excluded too. That's omitted for now to keep this commit backportable,
since until recently some CPU-based code had CRYPTO_ALG_ASYNC set.)
There are two major issues with these drivers: bugs and performance.
First, these drivers tend to be buggy. They're fundamentally much more
error-prone and harder to test than the CPU-based code. They often
don't get tested before kernel releases, and even if they do, the crypto
self-tests don't properly test these drivers. Released drivers have
en/decrypted or hashed data incorrectly. These bugs cause issues for
fscrypt users who often didn't even want to use these drivers, e.g.:
- https://github.com/google/fscryptctl/issues/32
- https://github.com/google/fscryptctl/issues/9
- https://lore.kernel.org/r/PH0PR02MB731916ECDB6C613665863B6CFFAA2@PH0PR02MB7…
These drivers have also similarly caused issues for dm-crypt users,
including data corruption and deadlocks. Since Linux v5.10, dm-crypt
has disabled most of them by excluding CRYPTO_ALG_ALLOCATES_MEMORY.
Second, these drivers tend to be *much* slower than the CPU-based code.
This may seem counterintuitive, but benchmarks clearly show it. There's
a *lot* of overhead associated with going to a hardware driver, off the
CPU, and back again. To prove this, I gathered as many systems with
this type of crypto engine as I could, and I measured synchronous
encryption of 4096-byte messages (which matches fscrypt's workload):
Intel Emerald Rapids server:
AES-256-XTS:
xts-aes-vaes-avx512 16171 MB/s [CPU-based, Vector AES]
qat_aes_xts 289 MB/s [Offload, Intel QuickAssist]
Qualcomm SM8650 HDK:
AES-256-XTS:
xts-aes-ce 4301 MB/s [CPU-based, ARMv8 Crypto Extensions]
xts-aes-qce 73 MB/s [Offload, Qualcomm Crypto Engine]
i.MX 8M Nano LPDDR4 EVK:
AES-256-XTS:
xts-aes-ce 647 MB/s [CPU-based, ARMv8 Crypto Extensions]
xts(ecb-aes-caam) 20 MB/s [Offload, CAAM]
AES-128-CBC-ESSIV:
essiv(cbc-aes-caam,sha256-lib) 23 MB/s [Offload, CAAM]
STM32MP157F-DK2:
AES-256-XTS:
xts-aes-neonbs 13.2 MB/s [CPU-based, ARM NEON]
xts(stm32-ecb-aes) 3.1 MB/s [Offload, STM32 crypto engine]
AES-128-CBC-ESSIV:
essiv(cbc-aes-neonbs,sha256-lib)
14.7 MB/s [CPU-based, ARM NEON]
essiv(stm32-cbc-aes,sha256-lib)
3.2 MB/s [Offload, STM32 crypto engine]
Adiantum:
adiantum(xchacha12-arm,aes-arm,nhpoly1305-neon)
52.8 MB/s [CPU-based, ARM scalar + NEON]
So, there was no case in which the crypto engine was even *close* to
being faster. On the first three, which have AES instructions in the
CPU, the CPU was 30 to 55 times faster (!). Even on STM32MP157F-DK2
which has a Cortex-A7 CPU that doesn't have AES instructions, AES was
over 4 times faster on the CPU. And Adiantum encryption, which is what
actually should be used on CPUs like that, was over 17 times faster.
Other justifications that have been given for these non-inline crypto
engines (almost always coming from the hardware vendors, not actual
users) don't seem very plausible either:
- The crypto engine throughput could be improved by processing
multiple requests concurrently. Currently irrelevant to fscrypt,
since it doesn't do that. This would also be complex, and unhelpful
in many cases. 2 of the 4 engines I tested even had only one queue.
- Some of the engines, e.g. STM32, support hardware keys. Also
currently irrelevant to fscrypt, since it doesn't support these.
Interestingly, the STM32 driver itself doesn't support this either.
- Free up CPU for other tasks and/or reduce energy usage. Not very
plausible considering the "short" message length, driver overhead,
and scheduling overhead. There's just very little time for the CPU
to do something else like run another task or enter low-power state,
before the message finishes and it's time to process the next one.
- Some of these engines resist power analysis and electromagnetic
attacks, while the CPU-based crypto generally does not. In theory,
this sounds great. In practice, if this benefit requires the use of
an off-CPU offload that massively regresses performance and has a
low-quality, buggy driver, the price for this hardening (which is
not relevant to most fscrypt users, and tends to be incomplete) is
just too high. Inline crypto engines are much more promising here,
as are on-CPU solutions like RISC-V High Assurance Cryptography.
Fixes: b30ab0e03407 ("ext4 crypto: add ext4 encryption facilities")
Cc: stable(a)vger.kernel.org
Acked-by: Ard Biesheuvel <ardb(a)kernel.org>
Link: https://lore.kernel.org/r/20250704070322.20692-1-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers(a)kernel.org>
diff --git a/Documentation/filesystems/fscrypt.rst b/Documentation/filesystems/fscrypt.rst
index f63791641c1d..696a5844bfa3 100644
--- a/Documentation/filesystems/fscrypt.rst
+++ b/Documentation/filesystems/fscrypt.rst
@@ -147,9 +147,8 @@ However, these ioctls have some limitations:
were wiped. To partially solve this, you can add init_on_free=1 to
your kernel command line. However, this has a performance cost.
-- Secret keys might still exist in CPU registers, in crypto
- accelerator hardware (if used by the crypto API to implement any of
- the algorithms), or in other places not explicitly considered here.
+- Secret keys might still exist in CPU registers or in other places
+ not explicitly considered here.
Full system compromise
~~~~~~~~~~~~~~~~~~~~~~
@@ -406,9 +405,12 @@ the work is done by XChaCha12, which is much faster than AES when AES
acceleration is unavailable. For more information about Adiantum, see
`the Adiantum paper <https://eprint.iacr.org/2018/720.pdf>`_.
-The (AES-128-CBC-ESSIV, AES-128-CBC-CTS) pair exists only to support
-systems whose only form of AES acceleration is an off-CPU crypto
-accelerator such as CAAM or CESA that does not support XTS.
+The (AES-128-CBC-ESSIV, AES-128-CBC-CTS) pair was added to try to
+provide a more efficient option for systems that lack AES instructions
+in the CPU but do have a non-inline crypto engine such as CAAM or CESA
+that supports AES-CBC (and not AES-XTS). This is deprecated. It has
+been shown that just doing AES on the CPU is actually faster.
+Moreover, Adiantum is faster still and is recommended on such systems.
The remaining mode pairs are the "national pride ciphers":
@@ -1318,22 +1320,13 @@ this by validating all top-level encryption policies prior to access.
Inline encryption support
=========================
-By default, fscrypt uses the kernel crypto API for all cryptographic
-operations (other than HKDF, which fscrypt partially implements
-itself). The kernel crypto API supports hardware crypto accelerators,
-but only ones that work in the traditional way where all inputs and
-outputs (e.g. plaintexts and ciphertexts) are in memory. fscrypt can
-take advantage of such hardware, but the traditional acceleration
-model isn't particularly efficient and fscrypt hasn't been optimized
-for it.
-
-Instead, many newer systems (especially mobile SoCs) have *inline
-encryption hardware* that can encrypt/decrypt data while it is on its
-way to/from the storage device. Linux supports inline encryption
-through a set of extensions to the block layer called *blk-crypto*.
-blk-crypto allows filesystems to attach encryption contexts to bios
-(I/O requests) to specify how the data will be encrypted or decrypted
-in-line. For more information about blk-crypto, see
+Many newer systems (especially mobile SoCs) have *inline encryption
+hardware* that can encrypt/decrypt data while it is on its way to/from
+the storage device. Linux supports inline encryption through a set of
+extensions to the block layer called *blk-crypto*. blk-crypto allows
+filesystems to attach encryption contexts to bios (I/O requests) to
+specify how the data will be encrypted or decrypted in-line. For more
+information about blk-crypto, see
:ref:`Documentation/block/inline-encryption.rst <inline_encryption>`.
On supported filesystems (currently ext4 and f2fs), fscrypt can use
diff --git a/fs/crypto/fscrypt_private.h b/fs/crypto/fscrypt_private.h
index c1d92074b65c..6e7164530a1e 100644
--- a/fs/crypto/fscrypt_private.h
+++ b/fs/crypto/fscrypt_private.h
@@ -45,6 +45,23 @@
*/
#undef FSCRYPT_MAX_KEY_SIZE
+/*
+ * This mask is passed as the third argument to the crypto_alloc_*() functions
+ * to prevent fscrypt from using the Crypto API drivers for non-inline crypto
+ * engines. Those drivers have been problematic for fscrypt. fscrypt users
+ * have reported hangs and even incorrect en/decryption with these drivers.
+ * Since going to the driver, off CPU, and back again is really slow, such
+ * drivers can be over 50 times slower than the CPU-based code for fscrypt's
+ * workload. Even on platforms that lack AES instructions on the CPU, using the
+ * offloads has been shown to be slower, even staying with AES. (Of course,
+ * Adiantum is faster still, and is the recommended option on such platforms...)
+ *
+ * Note that fscrypt also supports inline crypto engines. Those don't use the
+ * Crypto API and work much better than the old-style (non-inline) engines.
+ */
+#define FSCRYPT_CRYPTOAPI_MASK \
+ (CRYPTO_ALG_ALLOCATES_MEMORY | CRYPTO_ALG_KERN_DRIVER_ONLY)
+
#define FSCRYPT_CONTEXT_V1 1
#define FSCRYPT_CONTEXT_V2 2
diff --git a/fs/crypto/hkdf.c b/fs/crypto/hkdf.c
index 5c095c8aa3b5..b1ef506cd341 100644
--- a/fs/crypto/hkdf.c
+++ b/fs/crypto/hkdf.c
@@ -58,7 +58,7 @@ int fscrypt_init_hkdf(struct fscrypt_hkdf *hkdf, const u8 *master_key,
u8 prk[HKDF_HASHLEN];
int err;
- hmac_tfm = crypto_alloc_shash(HKDF_HMAC_ALG, 0, 0);
+ hmac_tfm = crypto_alloc_shash(HKDF_HMAC_ALG, 0, FSCRYPT_CRYPTOAPI_MASK);
if (IS_ERR(hmac_tfm)) {
fscrypt_err(NULL, "Error allocating " HKDF_HMAC_ALG ": %ld",
PTR_ERR(hmac_tfm));
diff --git a/fs/crypto/keysetup.c b/fs/crypto/keysetup.c
index a67e20d126c9..74d4a2e1ad23 100644
--- a/fs/crypto/keysetup.c
+++ b/fs/crypto/keysetup.c
@@ -104,7 +104,8 @@ fscrypt_allocate_skcipher(struct fscrypt_mode *mode, const u8 *raw_key,
struct crypto_skcipher *tfm;
int err;
- tfm = crypto_alloc_skcipher(mode->cipher_str, 0, 0);
+ tfm = crypto_alloc_skcipher(mode->cipher_str, 0,
+ FSCRYPT_CRYPTOAPI_MASK);
if (IS_ERR(tfm)) {
if (PTR_ERR(tfm) == -ENOENT) {
fscrypt_warn(inode,
diff --git a/fs/crypto/keysetup_v1.c b/fs/crypto/keysetup_v1.c
index b70521c55132..158ceae8a5bc 100644
--- a/fs/crypto/keysetup_v1.c
+++ b/fs/crypto/keysetup_v1.c
@@ -52,7 +52,8 @@ static int derive_key_aes(const u8 *master_key,
struct skcipher_request *req = NULL;
DECLARE_CRYPTO_WAIT(wait);
struct scatterlist src_sg, dst_sg;
- struct crypto_skcipher *tfm = crypto_alloc_skcipher("ecb(aes)", 0, 0);
+ struct crypto_skcipher *tfm =
+ crypto_alloc_skcipher("ecb(aes)", 0, FSCRYPT_CRYPTOAPI_MASK);
if (IS_ERR(tfm)) {
res = PTR_ERR(tfm);
1 month
- 1
- 0
[PATCH] ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6
by Evgeniy Harchenko
The HP EliteBook x360 830 G6 and HP EliteBook 830 G6 have
Realtek HDA codec ALC215. It needs the ALC285_FIXUP_HP_GPIO_LED
quirk to enable the mute LED.
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Evgeniy Harchenko <evgeniyharchenko.dev(a)gmail.com>
---
sound/hda/codecs/realtek/alc269.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/sound/hda/codecs/realtek/alc269.c b/sound/hda/codecs/realtek/alc269.c
index e27a36e4e92a..bc82f48c69ce 100644
--- a/sound/hda/codecs/realtek/alc269.c
+++ b/sound/hda/codecs/realtek/alc269.c
@@ -6368,6 +6368,8 @@ static const struct hda_quirk alc269_fixup_tbl[] = {
SND_PCI_QUIRK(0x103c, 0x84e7, "HP Pavilion 15", ALC269_FIXUP_HP_MUTE_LED_MIC3),
SND_PCI_QUIRK(0x103c, 0x8519, "HP Spectre x360 15-df0xxx", ALC285_FIXUP_HP_SPECTRE_X360),
SND_PCI_QUIRK(0x103c, 0x8537, "HP ProBook 440 G6", ALC236_FIXUP_HP_MUTE_LED_MICMUTE_VREF),
+ SND_PCI_QUIRK(0x103c, 0x8548, "HP EliteBook x360 830 G6", ALC285_FIXUP_HP_GPIO_LED),
+ SND_PCI_QUIRK(0x103c, 0x854a, "HP EliteBook 830 G6", ALC285_FIXUP_HP_GPIO_LED),
SND_PCI_QUIRK(0x103c, 0x85c6, "HP Pavilion x360 Convertible 14-dy1xxx", ALC295_FIXUP_HP_MUTE_LED_COEFBIT11),
SND_PCI_QUIRK(0x103c, 0x85de, "HP Envy x360 13-ar0xxx", ALC285_FIXUP_HP_ENVY_X360),
SND_PCI_QUIRK(0x103c, 0x860f, "HP ZBook 15 G6", ALC285_FIXUP_HP_GPIO_AMP_INIT),
--
2.50.1
1 month
- 2
- 1
Linux 6.16.1
by Greg Kroah-Hartman
I'm announcing the release of the 6.16.1 kernel.
All users of the 6.16 kernel series must upgrade.
The updated 6.16.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.16.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
.gitignore | 1
Documentation/admin-guide/kernel-parameters.txt | 8
Documentation/filesystems/f2fs.rst | 6
Documentation/netlink/specs/ethtool.yaml | 6
Makefile | 2
arch/arm/boot/dts/microchip/sam9x7.dtsi | 2
arch/arm/boot/dts/microchip/sama7d65.dtsi | 2
arch/arm/boot/dts/nxp/imx/imx6ul-kontron-bl-common.dtsi | 1
arch/arm/boot/dts/nxp/vf/vfxxx.dtsi | 2
arch/arm/boot/dts/ti/omap/am335x-boneblack.dts | 2
arch/arm/crypto/aes-neonbs-glue.c | 2
arch/arm/mach-s3c/gpio-samsung.c | 2
arch/arm64/boot/dts/exynos/google/gs101.dtsi | 3
arch/arm64/boot/dts/freescale/imx8mm-beacon-som.dtsi | 2
arch/arm64/boot/dts/freescale/imx8mn-beacon-som.dtsi | 2
arch/arm64/boot/dts/freescale/imx8mp-toradex-smarc-dev.dts | 5
arch/arm64/boot/dts/freescale/imx8mp-toradex-smarc.dtsi | 2
arch/arm64/boot/dts/freescale/imx8mp-venice-gw74xx.dts | 8
arch/arm64/boot/dts/freescale/imx93-tqma9352.dtsi | 6
arch/arm64/boot/dts/qcom/msm8976.dtsi | 2
arch/arm64/boot/dts/qcom/qcs615.dtsi | 4
arch/arm64/boot/dts/qcom/sa8775p.dtsi | 10
arch/arm64/boot/dts/qcom/sc7180.dtsi | 10
arch/arm64/boot/dts/qcom/sdm845.dtsi | 10
arch/arm64/boot/dts/qcom/x1e80100.dtsi | 2
arch/arm64/boot/dts/qcom/x1p42100.dtsi | 556 ++++++++
arch/arm64/boot/dts/renesas/Makefile | 1
arch/arm64/boot/dts/rockchip/px30-evb.dts | 3
arch/arm64/boot/dts/rockchip/px30-pp1516.dtsi | 3
arch/arm64/boot/dts/rockchip/px30.dtsi | 2
arch/arm64/boot/dts/rockchip/rk3528-pinctrl.dtsi | 20
arch/arm64/boot/dts/rockchip/rk3528-radxa-e20c.dts | 1
arch/arm64/boot/dts/rockchip/rk3528.dtsi | 16
arch/arm64/boot/dts/rockchip/rk3576-rock-4d.dts | 6
arch/arm64/boot/dts/st/stm32mp251.dtsi | 2
arch/arm64/boot/dts/ti/k3-am62p-j722s-common-main.dtsi | 2
arch/arm64/boot/dts/ti/k3-am62p-verdin.dtsi | 8
arch/arm64/boot/dts/ti/k3-am642-phyboard-electra-rdk.dts | 2
arch/arm64/include/asm/gcs.h | 2
arch/arm64/include/asm/kvm_host.h | 4
arch/arm64/kernel/Makefile | 2
arch/arm64/kernel/process.c | 6
arch/arm64/kvm/hyp/exception.c | 6
arch/arm64/kvm/hyp/vhe/switch.c | 14
arch/arm64/net/bpf_jit_comp.c | 1
arch/m68k/Kconfig.debug | 2
arch/m68k/kernel/early_printk.c | 42
arch/m68k/kernel/head.S | 8
arch/mips/alchemy/common/gpiolib.c | 12
arch/mips/mm/tlb-r4k.c | 56
arch/powerpc/configs/ppc6xx_defconfig | 1
arch/powerpc/kernel/eeh.c | 1
arch/powerpc/kernel/eeh_driver.c | 48
arch/powerpc/kernel/eeh_pe.c | 10
arch/powerpc/kernel/pci-hotplug.c | 3
arch/powerpc/platforms/pseries/dlpar.c | 52
arch/riscv/boot/dts/sophgo/sg2044-cpus.dtsi | 64 +
arch/riscv/kvm/vcpu_onereg.c | 83 -
arch/s390/boot/startup.c | 2
arch/s390/crypto/hmac_s390.c | 12
arch/s390/crypto/sha.h | 3
arch/s390/crypto/sha3_256_s390.c | 24
arch/s390/crypto/sha3_512_s390.c | 25
arch/s390/include/asm/ap.h | 2
arch/s390/kernel/setup.c | 6
arch/s390/mm/pgalloc.c | 5
arch/s390/mm/vmem.c | 5
arch/sh/Makefile | 10
arch/sh/boot/compressed/Makefile | 4
arch/sh/boot/romimage/Makefile | 4
arch/um/drivers/rtc_user.c | 2
arch/x86/boot/cpuflags.c | 13
arch/x86/boot/startup/sev-shared.c | 7
arch/x86/coco/sev/core.c | 21
arch/x86/include/asm/cpufeatures.h | 1
arch/x86/include/asm/hw_irq.h | 12
arch/x86/include/asm/kvm-x86-ops.h | 1
arch/x86/include/asm/kvm_host.h | 8
arch/x86/include/asm/msr-index.h | 1
arch/x86/include/asm/sev.h | 19
arch/x86/kernel/cpu/bugs.c | 56
arch/x86/kernel/cpu/scattered.c | 1
arch/x86/kernel/irq.c | 63 -
arch/x86/kvm/svm/svm.c | 14
arch/x86/kvm/vmx/main.c | 15
arch/x86/kvm/vmx/tdx.c | 18
arch/x86/kvm/vmx/vmx.c | 16
arch/x86/kvm/vmx/x86_ops.h | 4
arch/x86/kvm/x86.c | 13
arch/x86/mm/extable.c | 5
block/blk-mq.c | 84 +
block/blk-settings.c | 19
block/blk.h | 2
block/elevator.c | 10
crypto/ahash.c | 13
crypto/krb5/selftest.c | 1
drivers/base/auxiliary.c | 2
drivers/block/mtip32xx/mtip32xx.c | 27
drivers/block/nbd.c | 12
drivers/block/ublk_drv.c | 49
drivers/block/zloop.c | 3
drivers/bluetooth/btintel.c | 4
drivers/bluetooth/btintel.h | 2
drivers/bluetooth/btintel_pcie.c | 42
drivers/bluetooth/btusb.c | 14
drivers/bluetooth/hci_intel.c | 10
drivers/bus/mhi/host/pci_generic.c | 8
drivers/char/hw_random/mtk-rng.c | 4
drivers/clk/at91/sam9x7.c | 20
drivers/clk/clk-axi-clkgen.c | 2
drivers/clk/davinci/psc.c | 5
drivers/clk/imx/clk-imx95-blk-ctl.c | 13
drivers/clk/renesas/rzv2h-cpg.c | 1
drivers/clk/spacemit/ccu-k1.c | 3
drivers/clk/spacemit/ccu_mix.h | 11
drivers/clk/spacemit/ccu_pll.c | 2
drivers/clk/sunxi-ng/ccu-sun8i-v3s.c | 3
drivers/clk/thead/clk-th1520-ap.c | 104 -
drivers/clk/xilinx/clk-xlnx-clock-wizard.c | 2
drivers/clk/xilinx/xlnx_vcu.c | 4
drivers/cpufreq/Makefile | 1
drivers/cpufreq/armada-8k-cpufreq.c | 3
drivers/cpufreq/cpufreq.c | 21
drivers/cpufreq/intel_pstate.c | 4
drivers/cpufreq/powernv-cpufreq.c | 4
drivers/cpufreq/powernv-trace.h | 44
drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c | 4
drivers/crypto/ccp/ccp-debugfs.c | 3
drivers/crypto/ccp/sev-dev.c | 16
drivers/crypto/img-hash.c | 2
drivers/crypto/inside-secure/safexcel_hash.c | 8
drivers/crypto/intel/keembay/keembay-ocs-hcu-core.c | 8
drivers/crypto/intel/qat/qat_420xx/adf_420xx_hw_data.c | 9
drivers/crypto/intel/qat/qat_6xxx/adf_6xxx_hw_data.c | 20
drivers/crypto/intel/qat/qat_6xxx/adf_6xxx_hw_data.h | 2
drivers/crypto/intel/qat/qat_common/adf_gen4_hw_data.c | 29
drivers/crypto/intel/qat/qat_common/adf_sriov.c | 1
drivers/crypto/intel/qat/qat_common/adf_transport_debug.c | 4
drivers/crypto/intel/qat/qat_common/qat_bl.c | 6
drivers/crypto/intel/qat/qat_common/qat_compression.c | 8
drivers/crypto/marvell/cesa/cipher.c | 4
drivers/crypto/marvell/cesa/hash.c | 5
drivers/cxl/core/core.h | 1
drivers/cxl/core/edac.c | 5
drivers/cxl/core/hdm.c | 7
drivers/devfreq/devfreq.c | 12
drivers/dma-buf/Kconfig | 1
drivers/dma-buf/udmabuf.c | 23
drivers/dma/mmp_tdma.c | 2
drivers/dma/mv_xor.c | 21
drivers/dma/nbpfaxi.c | 13
drivers/firmware/arm_scmi/perf.c | 2
drivers/firmware/efi/libstub/Makefile.zboot | 2
drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd.c | 24
drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd.h | 25
drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_arcturus.c | 4
drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 11
drivers/gpu/drm/amd/amdgpu/amdgpu_job.c | 39
drivers/gpu/drm/amd/amdgpu/amdgpu_sdma.c | 10
drivers/gpu/drm/amd/amdgpu/amdgpu_userq.c | 2
drivers/gpu/drm/amd/amdgpu/gfx_v10_0.c | 38
drivers/gpu/drm/amd/amdgpu/gfx_v11_0.c | 12
drivers/gpu/drm/amd/amdgpu/gfx_v12_0.c | 12
drivers/gpu/drm/amd/amdgpu/gfx_v9_0.c | 9
drivers/gpu/drm/amd/amdgpu/gfx_v9_4_3.c | 10
drivers/gpu/drm/amd/amdgpu/jpeg_v2_0.c | 8
drivers/gpu/drm/amd/amdgpu/jpeg_v2_5.c | 8
drivers/gpu/drm/amd/amdgpu/jpeg_v3_0.c | 8
drivers/gpu/drm/amd/amdgpu/jpeg_v4_0.c | 8
drivers/gpu/drm/amd/amdgpu/jpeg_v4_0_3.c | 8
drivers/gpu/drm/amd/amdgpu/jpeg_v5_0_1.c | 8
drivers/gpu/drm/amd/amdgpu/nbio_v7_9.c | 20
drivers/gpu/drm/amd/amdgpu/sdma_v4_4_2.c | 35
drivers/gpu/drm/amd/amdgpu/sdma_v5_0.c | 5
drivers/gpu/drm/amd/amdgpu/sdma_v5_2.c | 5
drivers/gpu/drm/amd/amdgpu/sdma_v6_0.c | 6
drivers/gpu/drm/amd/amdgpu/sdma_v7_0.c | 6
drivers/gpu/drm/amd/amdgpu/vcn_v4_0.c | 7
drivers/gpu/drm/amd/amdgpu/vcn_v4_0_3.c | 6
drivers/gpu/drm/amd/amdgpu/vcn_v4_0_5.c | 7
drivers/gpu/drm/amd/amdgpu/vcn_v5_0_0.c | 7
drivers/gpu/drm/amd/amdkfd/kfd_device.c | 54
drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu_helper.c | 2
drivers/gpu/drm/display/drm_hdmi_state_helper.c | 4
drivers/gpu/drm/msm/disp/dpu1/catalog/dpu_5_1_sc8180x.h | 1
drivers/gpu/drm/panfrost/panfrost_devfreq.c | 4
drivers/gpu/drm/panthor/panthor_gem.c | 31
drivers/gpu/drm/panthor/panthor_gem.h | 3
drivers/gpu/drm/rockchip/rockchip_drm_fb.c | 9
drivers/gpu/drm/rockchip/rockchip_drm_vop2.c | 29
drivers/gpu/drm/rockchip/rockchip_drm_vop2.h | 33
drivers/gpu/drm/rockchip/rockchip_vop2_reg.c | 89 +
drivers/gpu/drm/sitronix/Kconfig | 10
drivers/gpu/drm/vmwgfx/vmwgfx_shader.c | 2
drivers/gpu/drm/xe/xe_configfs.c | 3
drivers/gpu/drm/xe/xe_device.c | 1
drivers/gpu/drm/xe/xe_gt_sriov_pf.c | 32
drivers/gpu/drm/xe/xe_vsec.c | 20
drivers/hid/hid-apple.c | 20
drivers/hid/hid-core.c | 6
drivers/hid/hid-magicmouse.c | 62
drivers/i2c/muxes/i2c-mux-mule.c | 3
drivers/i3c/master/svc-i3c-master.c | 22
drivers/infiniband/core/counters.c | 2
drivers/infiniband/core/device.c | 27
drivers/infiniband/core/nldev.c | 2
drivers/infiniband/core/rdma_core.c | 29
drivers/infiniband/core/uverbs_cmd.c | 7
drivers/infiniband/core/uverbs_std_types_qp.c | 2
drivers/infiniband/hw/erdma/erdma_verbs.c | 3
drivers/infiniband/hw/hns/hns_roce_device.h | 1
drivers/infiniband/hw/hns/hns_roce_hem.c | 18
drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 87 -
drivers/infiniband/hw/hns/hns_roce_hw_v2.h | 8
drivers/infiniband/hw/hns/hns_roce_main.c | 22
drivers/infiniband/hw/mana/qp.c | 2
drivers/infiniband/hw/mlx5/devx.c | 2
drivers/infiniband/hw/mlx5/dm.c | 2
drivers/infiniband/hw/mlx5/fs.c | 4
drivers/infiniband/hw/mlx5/umr.c | 6
drivers/infiniband/ulp/ipoib/ipoib_main.c | 2
drivers/interconnect/qcom/sc8180x.c | 6
drivers/interconnect/qcom/sc8280xp.c | 1
drivers/iommu/amd/iommu.c | 19
drivers/iommu/arm/arm-smmu/arm-smmu-qcom.c | 3
drivers/iommu/intel/cache.c | 18
drivers/iommu/intel/iommu.c | 3
drivers/irqchip/Kconfig | 1
drivers/leds/flash/Kconfig | 1
drivers/leds/leds-lp8860.c | 4
drivers/leds/leds-pca955x.c | 4
drivers/md/dm-flakey.c | 9
drivers/md/md.c | 41
drivers/md/raid10.c | 3
drivers/media/platform/nxp/imx-jpeg/mxc-jpeg.c | 47
drivers/media/platform/nxp/imx-jpeg/mxc-jpeg.h | 1
drivers/media/platform/ti/j721e-csi2rx/j721e-csi2rx.c | 1
drivers/media/v4l2-core/v4l2-ctrls-core.c | 8
drivers/mfd/tps65219.c | 2
drivers/misc/mei/platform-vsc.c | 8
drivers/misc/mei/vsc-tp.c | 68 -
drivers/misc/mei/vsc-tp.h | 3
drivers/misc/sram.c | 10
drivers/mtd/ftl.c | 2
drivers/mtd/nand/raw/atmel/nand-controller.c | 2
drivers/mtd/nand/raw/atmel/pmecc.c | 6
drivers/mtd/nand/raw/rockchip-nand-controller.c | 15
drivers/mtd/spi-nor/spansion.c | 31
drivers/net/can/kvaser_pciefd.c | 1
drivers/net/can/sja1000/Kconfig | 2
drivers/net/can/usb/kvaser_usb/kvaser_usb_core.c | 1
drivers/net/can/usb/peak_usb/pcan_usb_fd.c | 17
drivers/net/dsa/microchip/ksz8.c | 3
drivers/net/dsa/microchip/ksz8_reg.h | 4
drivers/net/ethernet/airoha/airoha_npu.c | 2
drivers/net/ethernet/airoha/airoha_ppe.c | 26
drivers/net/ethernet/emulex/benet/be_cmds.c | 2
drivers/net/ethernet/intel/igb/igb_xsk.c | 3
drivers/net/ethernet/mellanox/mlx5/core/en.h | 1
drivers/net/ethernet/mellanox/mlx5/core/en/port_buffer.c | 3
drivers/net/ethernet/mellanox/mlx5/core/en/reporter_rx.c | 7
drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec_rxtx.c | 4
drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 26
drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 1
drivers/net/ethernet/mellanox/mlx5/core/lib/dm.c | 4
drivers/net/ethernet/mellanox/mlx5/core/main.c | 3
drivers/net/ethernet/meta/fbnic/fbnic_netdev.c | 14
drivers/net/ethernet/meta/fbnic/fbnic_txrx.c | 4
drivers/net/ethernet/meta/fbnic/fbnic_txrx.h | 6
drivers/net/ethernet/microsoft/mana/mana_en.c | 28
drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 2
drivers/net/ethernet/ti/icssg/icssg_common.c | 15
drivers/net/ipa/Kconfig | 2
drivers/net/ipa/ipa_sysfs.c | 6
drivers/net/macsec.c | 2
drivers/net/mdio/mdio-bcm-unimac.c | 5
drivers/net/netconsole.c | 30
drivers/net/phy/mscc/mscc_ptp.c | 1
drivers/net/phy/mscc/mscc_ptp.h | 1
drivers/net/ppp/pptp.c | 18
drivers/net/team/team_core.c | 96 -
drivers/net/team/team_mode_activebackup.c | 3
drivers/net/team/team_mode_loadbalance.c | 13
drivers/net/usb/usbnet.c | 11
drivers/net/vrf.c | 2
drivers/net/wireless/ath/ath11k/hal.c | 4
drivers/net/wireless/ath/ath11k/mac.c | 12
drivers/net/wireless/ath/ath12k/core.c | 1
drivers/net/wireless/ath/ath12k/core.h | 8
drivers/net/wireless/ath/ath12k/debugfs_htt_stats.h | 6
drivers/net/wireless/ath/ath12k/dp.h | 1
drivers/net/wireless/ath/ath12k/dp_mon.c | 1
drivers/net/wireless/ath/ath12k/dp_tx.c | 10
drivers/net/wireless/ath/ath12k/mac.c | 118 +
drivers/net/wireless/ath/ath12k/p2p.c | 3
drivers/net/wireless/ath/ath12k/reg.c | 116 +
drivers/net/wireless/ath/ath12k/reg.h | 1
drivers/net/wireless/ath/ath12k/wmi.c | 14
drivers/net/wireless/ath/ath12k/wmi.h | 2
drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c | 38
drivers/net/wireless/broadcom/brcm80211/brcmfmac/cyw/core.c | 26
drivers/net/wireless/broadcom/brcm80211/brcmfmac/cyw/fwil_types.h | 2
drivers/net/wireless/intel/iwlwifi/dvm/main.c | 12
drivers/net/wireless/intel/iwlwifi/mld/rx.c | 9
drivers/net/wireless/intel/iwlwifi/mvm/ops.c | 4
drivers/net/wireless/marvell/mwl8k.c | 4
drivers/net/wireless/mediatek/mt76/mt7925/mcu.c | 4
drivers/net/wireless/mediatek/mt76/mt7996/main.c | 21
drivers/net/wireless/mediatek/mt76/mt7996/mcu.c | 3
drivers/net/wireless/purelifi/plfxlc/mac.c | 11
drivers/net/wireless/purelifi/plfxlc/mac.h | 2
drivers/net/wireless/purelifi/plfxlc/usb.c | 29
drivers/net/wireless/realtek/rtl818x/rtl8187/dev.c | 3
drivers/net/wireless/realtek/rtl8xxxu/core.c | 2
drivers/net/wireless/realtek/rtw88/main.c | 4
drivers/net/wireless/realtek/rtw89/core.c | 8
drivers/net/wireless/realtek/rtw89/phy.c | 12
drivers/net/wireless/realtek/rtw89/sar.c | 5
drivers/nvme/target/core.c | 14
drivers/nvme/target/pci-epf.c | 23
drivers/pci/controller/dwc/pcie-dw-rockchip.c | 1
drivers/pci/controller/dwc/pcie-qcom.c | 1
drivers/pci/controller/pcie-rockchip-host.c | 2
drivers/pci/controller/plda/pcie-starfive.c | 2
drivers/pci/endpoint/functions/pci-epf-vntb.c | 4
drivers/pci/hotplug/pnv_php.c | 233 +++
drivers/pci/pci-driver.c | 6
drivers/pci/pci.h | 2
drivers/pci/quirks.c | 6
drivers/perf/arm-ni.c | 2
drivers/phy/phy-snps-eusb2.c | 3
drivers/phy/qualcomm/phy-qcom-eusb2-repeater.c | 87 -
drivers/pinctrl/berlin/berlin.c | 8
drivers/pinctrl/cirrus/pinctrl-madera-core.c | 14
drivers/pinctrl/pinctrl-k230.c | 13
drivers/pinctrl/pinmux.c | 20
drivers/pinctrl/sunxi/pinctrl-sunxi.c | 11
drivers/platform/x86/intel/pmt/class.c | 3
drivers/platform/x86/intel/pmt/class.h | 1
drivers/platform/x86/oxpec.c | 37
drivers/power/reset/Kconfig | 1
drivers/power/sequencing/pwrseq-qcom-wcn.c | 2
drivers/power/supply/cpcap-charger.c | 5
drivers/power/supply/max14577_charger.c | 4
drivers/power/supply/max1720x_battery.c | 11
drivers/power/supply/qcom_pmi8998_charger.c | 4
drivers/powercap/dtpm_cpu.c | 2
drivers/pps/pps.c | 11
drivers/remoteproc/Kconfig | 11
drivers/remoteproc/qcom_q6v5_pas.c | 621 ++++------
drivers/remoteproc/xlnx_r5_remoteproc.c | 2
drivers/rtc/rtc-ds1307.c | 2
drivers/rtc/rtc-hym8563.c | 2
drivers/rtc/rtc-nct3018y.c | 2
drivers/rtc/rtc-pcf85063.c | 2
drivers/rtc/rtc-pcf8563.c | 2
drivers/rtc/rtc-rv3028.c | 2
drivers/s390/crypto/ap_bus.h | 2
drivers/scsi/elx/efct/efct_lio.c | 2
drivers/scsi/ibmvscsi_tgt/libsrp.c | 6
drivers/scsi/isci/request.c | 2
drivers/scsi/mpt3sas/mpt3sas_scsih.c | 3
drivers/scsi/mvsas/mv_sas.c | 4
drivers/scsi/scsi.c | 8
drivers/scsi/scsi_transport_iscsi.c | 2
drivers/scsi/sd.c | 4
drivers/soc/qcom/pmic_glink.c | 9
drivers/soc/qcom/qmi_encdec.c | 52
drivers/soc/qcom/qmi_interface.c | 6
drivers/soc/tegra/cbb/tegra234-cbb.c | 2
drivers/soundwire/debugfs.c | 6
drivers/soundwire/mipi_disco.c | 4
drivers/soundwire/stream.c | 2
drivers/spi/spi-cs42l43.c | 2
drivers/spi/spi-nxp-fspi.c | 4
drivers/spi/spi-stm32.c | 8
drivers/staging/fbtft/fbtft-core.c | 1
drivers/staging/gpib/cb7210/cb7210.c | 15
drivers/staging/gpib/common/gpib_os.c | 4
drivers/staging/greybus/gbphy.c | 6
drivers/staging/media/atomisp/pci/atomisp_gmin_platform.c | 9
drivers/staging/nvec/nvec_power.c | 2
drivers/ufs/core/ufshcd.c | 10
drivers/usb/early/xhci-dbc.c | 4
drivers/usb/gadget/composite.c | 5
drivers/usb/gadget/function/f_hid.c | 7
drivers/usb/gadget/function/uvc_configfs.c | 10
drivers/usb/host/xhci-plat.c | 2
drivers/usb/misc/apple-mfi-fastcharge.c | 24
drivers/usb/serial/option.c | 2
drivers/usb/typec/ucsi/ucsi_yoga_c630.c | 19
drivers/vdpa/mlx5/core/mr.c | 3
drivers/vdpa/mlx5/net/mlx5_vnet.c | 12
drivers/vdpa/vdpa_user/vduse_dev.c | 1
drivers/vfio/device_cdev.c | 38
drivers/vfio/group.c | 7
drivers/vfio/iommufd.c | 4
drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c | 1
drivers/vfio/pci/mlx5/main.c | 1
drivers/vfio/pci/nvgrace-gpu/main.c | 2
drivers/vfio/pci/pds/vfio_dev.c | 2
drivers/vfio/pci/qat/main.c | 1
drivers/vfio/pci/vfio_pci.c | 1
drivers/vfio/pci/vfio_pci_core.c | 24
drivers/vfio/pci/virtio/main.c | 3
drivers/vfio/vfio_main.c | 3
drivers/vhost/Kconfig | 18
drivers/vhost/scsi.c | 6
drivers/vhost/vhost.c | 244 +++
drivers/vhost/vhost.h | 22
drivers/video/fbdev/core/fbcon.c | 4
drivers/video/fbdev/imxfb.c | 9
drivers/watchdog/ziirave_wdt.c | 3
drivers/xen/gntdev-common.h | 4
drivers/xen/gntdev-dmabuf.c | 28
drivers/xen/gntdev.c | 71 -
fs/btrfs/ctree.c | 18
fs/ceph/crypto.c | 31
fs/eventpoll.c | 58
fs/exfat/file.c | 5
fs/ext4/inline.c | 2
fs/ext4/inode.c | 7
fs/ext4/page-io.c | 16
fs/f2fs/compress.c | 76 -
fs/f2fs/data.c | 7
fs/f2fs/debug.c | 17
fs/f2fs/extent_cache.c | 2
fs/f2fs/f2fs.h | 4
fs/f2fs/gc.c | 1
fs/f2fs/inode.c | 21
fs/f2fs/segment.h | 5
fs/f2fs/super.c | 1
fs/f2fs/sysfs.c | 21
fs/gfs2/glock.c | 3
fs/gfs2/util.c | 31
fs/hfs/inode.c | 1
fs/hfsplus/extents.c | 3
fs/hfsplus/inode.c | 1
fs/jfs/jfs_dmap.c | 4
fs/nfs/dir.c | 4
fs/nfs/export.c | 11
fs/nfs/flexfilelayout/flexfilelayout.c | 26
fs/nfs/flexfilelayout/flexfilelayoutdev.c | 6
fs/nfs/internal.h | 9
fs/nfs/nfs4proc.c | 10
fs/nfs_common/nfslocalio.c | 28
fs/nfsd/localio.c | 5
fs/nfsd/vfs.c | 10
fs/notify/fanotify/fanotify.c | 8
fs/ntfs3/file.c | 5
fs/ntfs3/frecord.c | 7
fs/ntfs3/namei.c | 10
fs/ntfs3/ntfs_fs.h | 3
fs/orangefs/orangefs-debugfs.c | 6
fs/proc/generic.c | 2
fs/proc/inode.c | 2
fs/proc/internal.h | 5
fs/smb/client/cifs_debug.c | 6
fs/smb/client/cifsencrypt.c | 4
fs/smb/client/cifsfs.c | 2
fs/smb/client/connect.c | 9
fs/smb/client/fs_context.c | 19
fs/smb/client/fs_context.h | 18
fs/smb/client/link.c | 11
fs/smb/client/reparse.c | 2
fs/smb/client/smbdirect.c | 116 -
fs/smb/client/smbdirect.h | 4
fs/smb/server/connection.h | 1
fs/smb/server/smb2pdu.c | 22
fs/smb/server/smb_common.c | 2
fs/smb/server/transport_rdma.c | 97 -
fs/smb/server/transport_tcp.c | 17
fs/smb/server/vfs.c | 3
fs/squashfs/block.c | 47
include/crypto/internal/hash.h | 6
include/linux/audit.h | 9
include/linux/bpf-cgroup.h | 5
include/linux/bpf.h | 60
include/linux/crypto.h | 3
include/linux/fortify-string.h | 2
include/linux/fs_context.h | 2
include/linux/i3c/device.h | 4
include/linux/if_team.h | 3
include/linux/ioprio.h | 3
include/linux/mlx5/device.h | 1
include/linux/mmap_lock.h | 30
include/linux/moduleparam.h | 5
include/linux/padata.h | 4
include/linux/pps_kernel.h | 1
include/linux/proc_fs.h | 1
include/linux/psi_types.h | 6
include/linux/ring_buffer.h | 4
include/linux/sched/task_stack.h | 2
include/linux/skbuff.h | 23
include/linux/soc/qcom/qmi.h | 6
include/linux/usb/usbnet.h | 1
include/linux/vfio.h | 4
include/linux/vfio_pci_core.h | 2
include/net/bluetooth/hci.h | 1
include/net/bluetooth/hci_core.h | 6
include/net/dst.h | 24
include/net/lwtunnel.h | 8
include/net/route.h | 4
include/net/sock.h | 12
include/net/tc_act/tc_ctinfo.h | 6
include/net/udp.h | 24
include/rdma/ib_verbs.h | 12
include/sound/tas2781-tlv.h | 2
include/trace/events/power.h | 22
include/uapi/drm/panthor_drm.h | 3
include/uapi/drm/xe_drm.h | 8
include/uapi/linux/vfio.h | 12
include/uapi/linux/vhost.h | 29
init/Kconfig | 2
kernel/audit.h | 2
kernel/auditsc.c | 2
kernel/bpf/cgroup.c | 8
kernel/bpf/core.c | 55
kernel/bpf/helpers.c | 11
kernel/bpf/preload/Kconfig | 1
kernel/bpf/syscall.c | 19
kernel/bpf/verifier.c | 1
kernel/cgroup/cgroup-v1.c | 14
kernel/events/core.c | 36
kernel/events/uprobes.c | 4
kernel/kcsan/kcsan_test.c | 2
kernel/kexec_core.c | 3
kernel/module/main.c | 6
kernel/padata.c | 132 --
kernel/rcu/refscale.c | 10
kernel/rcu/tree_nocb.h | 2
kernel/sched/deadline.c | 7
kernel/sched/psi.c | 123 +
kernel/trace/power-traces.c | 1
kernel/trace/preemptirq_delay_test.c | 13
kernel/trace/ring_buffer.c | 63 -
kernel/trace/rv/monitors/scpd/Kconfig | 2
kernel/trace/rv/monitors/sncid/Kconfig | 2
kernel/trace/rv/monitors/snep/Kconfig | 2
kernel/trace/rv/monitors/wip/Kconfig | 2
kernel/trace/rv/rv_trace.h | 84 -
kernel/trace/trace.c | 14
kernel/trace/trace_events_filter.c | 28
kernel/trace/trace_kdb.c | 8
kernel/ucount.c | 2
lib/tests/fortify_kunit.c | 4
mm/hmm.c | 2
mm/mmap_lock.c | 3
mm/shmem.c | 4
mm/slub.c | 10
mm/swapfile.c | 65 -
net/bluetooth/coredump.c | 6
net/bluetooth/hci_event.c | 8
net/caif/cfctrl.c | 294 ++--
net/core/devmem.c | 6
net/core/devmem.h | 7
net/core/dst.c | 8
net/core/filter.c | 23
net/core/neighbour.c | 88 -
net/core/netclassid_cgroup.c | 4
net/core/netpoll.c | 7
net/core/skmsg.c | 7
net/core/sock.c | 8
net/ipv4/inet_connection_sock.c | 4
net/ipv4/ping.c | 2
net/ipv4/raw.c | 2
net/ipv4/route.c | 7
net/ipv4/syncookies.c | 3
net/ipv4/tcp_input.c | 4
net/ipv4/udp.c | 3
net/ipv6/af_inet6.c | 2
net/ipv6/datagram.c | 2
net/ipv6/inet6_connection_sock.c | 4
net/ipv6/ip6_fib.c | 24
net/ipv6/ip6_offload.c | 4
net/ipv6/ip6mr.c | 3
net/ipv6/ping.c | 2
net/ipv6/raw.c | 2
net/ipv6/route.c | 75 -
net/ipv6/syncookies.c | 2
net/ipv6/tcp_ipv6.c | 2
net/ipv6/udp.c | 5
net/kcm/kcmsock.c | 6
net/l2tp/l2tp_ip6.c | 2
net/mac80211/cfg.c | 12
net/mac80211/ieee80211_i.h | 15
net/mac80211/main.c | 13
net/mac80211/tdls.c | 2
net/mac80211/tx.c | 14
net/mptcp/protocol.c | 2
net/netfilter/nf_bpf_link.c | 5
net/netfilter/nf_tables_api.c | 29
net/netfilter/xt_nfacct.c | 4
net/packet/af_packet.c | 12
net/sched/act_ctinfo.c | 19
net/sched/sch_mqprio.c | 2
net/sched/sch_netem.c | 40
net/sched/sch_taprio.c | 21
net/socket.c | 8
net/sunrpc/svcsock.c | 43
net/sunrpc/xprtsock.c | 40
net/tls/tls_sw.c | 13
net/vmw_vsock/af_vsock.c | 3
net/wireless/nl80211.c | 1
net/wireless/reg.c | 2
rust/kernel/devres.rs | 10
rust/kernel/miscdevice.rs | 8
samples/mei/mei-amt-version.c | 2
scripts/gdb/linux/constants.py.in | 12
scripts/kconfig/qconf.cc | 2
security/apparmor/include/match.h | 8
security/apparmor/match.c | 23
security/apparmor/policy_unpack_test.c | 6
security/landlock/id.c | 69 -
sound/pci/hda/patch_ca0132.c | 5
sound/pci/hda/patch_realtek.c | 3
sound/soc/amd/acp/acp-pci.c | 8
sound/soc/amd/acp/amd-acpi-mach.c | 4
sound/soc/amd/acp/amd.h | 8
sound/soc/fsl/fsl_xcvr.c | 25
sound/soc/mediatek/common/mtk-afe-platform-driver.c | 4
sound/soc/mediatek/common/mtk-base-afe.h | 1
sound/soc/mediatek/mt8173/mt8173-afe-pcm.c | 7
sound/soc/mediatek/mt8183/mt8183-afe-pcm.c | 21
sound/soc/mediatek/mt8186/mt8186-afe-pcm.c | 7
sound/soc/mediatek/mt8192/mt8192-afe-pcm.c | 7
sound/soc/rockchip/rockchip_sai.c | 16
sound/soc/sdca/sdca_asoc.c | 14
sound/soc/sdca/sdca_functions.c | 3
sound/soc/sdca/sdca_regmap.c | 16
sound/soc/soc-dai.c | 16
sound/soc/soc-ops.c | 26
sound/soc/sof/intel/Kconfig | 3
sound/usb/mixer_scarlett2.c | 14
sound/x86/intel_hdmi_audio.c | 2
tools/bpf/bpftool/net.c | 15
tools/cgroup/memcg_slabinfo.py | 4
tools/include/nolibc/stdio.h | 4
tools/include/nolibc/sys/wait.h | 2
tools/lib/subcmd/help.c | 12
tools/lib/subcmd/run-command.c | 15
tools/perf/.gitignore | 2
tools/perf/builtin-sched.c | 147 +-
tools/perf/tests/bp_account.c | 1
tools/perf/util/build-id.c | 2
tools/perf/util/evsel.c | 11
tools/perf/util/evsel.h | 2
tools/perf/util/hwmon_pmu.c | 2
tools/perf/util/parse-events.c | 11
tools/perf/util/pmu.c | 4
tools/perf/util/python.c | 49
tools/perf/util/symbol.c | 1
tools/power/cpupower/utils/idle_monitor/cpupower-monitor.c | 4
tools/power/x86/turbostat/turbostat.c | 34
tools/testing/selftests/alsa/utimer-test.c | 1
tools/testing/selftests/arm64/fp/sve-ptrace.c | 2
tools/testing/selftests/bpf/bpf_atomic.h | 2
tools/testing/selftests/bpf/prog_tests/sockmap_listen.c | 2
tools/testing/selftests/bpf/veristat.c | 1
tools/testing/selftests/breakpoints/step_after_suspend_test.c | 41
tools/testing/selftests/cgroup/test_cpu.c | 63 -
tools/testing/selftests/drivers/net/hw/tso.py | 99 -
tools/testing/selftests/drivers/net/lib/py/env.py | 2
tools/testing/selftests/ftrace/test.d/event/subsystem-enable.tc | 28
tools/testing/selftests/landlock/audit.h | 7
tools/testing/selftests/landlock/audit_test.c | 1
tools/testing/selftests/net/netfilter/ipvs.sh | 4
tools/testing/selftests/net/netfilter/nft_interface_stress.sh | 5
tools/testing/selftests/net/rtnetlink.sh | 6
tools/testing/selftests/net/vlan_hw_filter.sh | 16
tools/testing/selftests/nolibc/nolibc-test.c | 23
tools/testing/selftests/perf_events/.gitignore | 1
tools/testing/selftests/perf_events/Makefile | 2
tools/testing/selftests/perf_events/mmap.c | 236 +++
tools/testing/selftests/syscall_user_dispatch/sud_test.c | 50
tools/testing/selftests/vDSO/vdso_test_chacha.c | 3
tools/verification/rv/src/in_kernel.c | 4
677 files changed, 7139 insertions(+), 3478 deletions(-)
Aaradhana Sahu (2):
wifi: ath12k: Block radio bring-up in FTM mode
wifi: ath12k: Use HTT_TCL_METADATA_VER_V1 in FTM mode
Abdun Nihaal (1):
staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc()
Abinash Singh (1):
f2fs: fix KMSAN uninit-value in extent_info usage
Adam Ford (2):
arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed
arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed
Aditya Garg (2):
HID: magicmouse: avoid setting up battery timer when not needed
HID: apple: avoid setting up battery timer for devices without battery
Adrián Larumbe (1):
drm/panfrost: Fix panfrost device variable name in devfreq
Ahsan Atta (1):
crypto: qat - allow enabling VFs in the absence of IOMMU
Akash Kumar (1):
usb: gadget: uvc: Initialize frame-based format color matching descriptor
Akhilesh Patil (1):
clk: spacemit: ccu_pll: fix error return value in recalc_rate callback
Al Viro (2):
parse_longname(): strrchr() expects NUL-terminated string
xen: fix UAF in dmabuf_exp_from_pages()
Alan Stern (1):
HID: core: Harden s32ton() against conversion to 0 bits
Albin Törnqvist (1):
arm: dts: ti: omap: Fixup pinheader typo
Alex Deucher (6):
drm/amdgpu/sdma: handle paging queues in amdgpu_sdma_reset_engine()
drm/amdgpu: move force completion into ring resets
drm/amdgpu/gfx10: fix KGQ reset sequence
drm/amdgpu/gfx9: fix kiq locking in KCQ reset
drm/amdgpu/gfx9.4.3: fix kiq locking in KCQ reset
drm/amdgpu/gfx10: fix kiq locking in KCQ reset
Alex Elder (1):
clk: spacemit: mark K1 pll1_d8 as critical
Alex Williamson (1):
vfio/pci: Separate SR-IOV VF dev_set
Alexander Gordeev (1):
s390/mm: Set high_memory at the end of the identity mapping
Alexander Stein (1):
arm64: dts: freescale: imx93-tqma9352: Limit BUCK2 to 600mV
Alexander Wetzel (3):
wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac()
wifi: mac80211: Do not schedule stopped TXQs
wifi: mac80211: Don't call fq_flow_idx() for management frames
Alexander Wilhelm (2):
soc: qcom: QMI encoding/decoding for big endian
soc: qcom: fix endianness for QMI header
Alexei Lazar (1):
net/mlx5e: Clear Read-Only port buffer size in PBMC before update
Alexey Kardashevskiy (1):
crypto: ccp - Fix locking on alloc failure handling
Alok Tiwari (2):
staging: nvec: Fix incorrect null termination of battery manufacturer
vhost-scsi: Fix check for inline_sg_cnt exceeding preallocated limit
Amir Goldstein (1):
fanotify: sanitize handle_type values when reporting fid
Ammar Faizi (1):
net: usbnet: Fix the wrong netif_carrier_on() call
Anders Roxell (1):
vdpa: Fix IDR memory leak in VDUSE module exit
Andreas Gruenbacher (2):
gfs2: Minor do_xmote cancelation fix
gfs2: No more self recovery
André Apitzsch (1):
arm64: dts: qcom: msm8976: Make blsp_dma controlled-remotely
Andy Shevchenko (2):
leds: pca955x: Avoid potential overflow when filling default_label (take 2)
mm/hmm: move pmd_to_hmm_pfn_flags() to the respective #ifdeffery
Andy Yan (2):
drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed
drm/rockchip: vop2: Fix the update of LAYER/PORT select registers when there are multi display output on rk3588/rk3568
Annette Kobou (1):
ARM: dts: imx6ul-kontron-bl-common: Fix RTS polarity for RS485 interface
Antheas Kapenekakis (1):
platform/x86: oxpec: Fix turbo register for G1 AMD
Arnd Bergmann (10):
ASoC: ops: dynamically allocate struct snd_ctl_elem_value
cpufreq: armada-8k: make both cpu masks static
caif: reduce stack size, again
crypto: arm/aes-neonbs - work around gcc-15 warning
leds: tps6131x: Add V4L2_FLASH_LED_CLASS dependency
kernel: trace: preemptirq_delay_test: use offstack cpu mask
i3c: fix module_i3c_i2c_driver() with I3C=n
ipa: fix compile-testing with qcom-mdt=m
irqchip: Build IMX_MU_MSI only on ARM
ASoC: SOF: Intel: hda-sdw-bpt: fix SND_SOF_SOF_HDA_SDW_BPT dependencies
Arseniy Krasnov (1):
Bluetooth: hci_sync: fix double free in 'hci_discovery_filter_clear()'
Artem Sadovnikov (1):
refscale: Check that nreaders and loops multiplication doesn't overflow
Ashish Kalra (1):
crypto: ccp - Fix dereferencing uninitialized error pointer
Bagas Sanjaya (1):
scsi: core: Fix kernel doc for scsi_track_queue_full()
Bairavi Alagappan (1):
crypto: qat - disable ZUC-256 capability for QAT GEN5
Balamanikandan Gunasundar (1):
mtd: rawnand: atmel: set pmecc data setup time
Baochen Qiang (2):
wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask()
wifi: ath12k: install pairwise key first
Baojun Xu (1):
ASoC: tas2781: Fix the wrong step for TLV on tas2781
Baokun Li (1):
ext4: fix inode use after free in ext4_end_io_rsv_work()
Baolin Wang (1):
mm: shmem: fix the shmem large folio allocation for the i915 driver
Bard Liao (1):
soundwire: stream: restore params when prepare ports fail
Bartosz Golaszewski (2):
MIPS: alchemy: gpio: use new GPIO line value setter callbacks for the remaining chips
ARM: s3c/gpio: complete the conversion to new GPIO value setters
Ben Hutchings (1):
sh: Do not use hyphen in exported variable name
Bence Csókás (1):
net: mdio_bus: Use devm for getting reset GPIO
Benjamin Berg (1):
wifi: iwlwifi: mld: decode EOF bit for AMPDUs
Benjamin Coddington (1):
NFS: Fixup allocation flags for nfsiod's __GFP_NORETRY
Bitterblue Smith (1):
wifi: rtw88: Fix macid assigned to TDLS station
Bjorn Andersson (1):
remoteproc: qcom: pas: Conclude the rename from adsp
Boris Brezillon (1):
drm/panthor: Add missing explicit padding in drm_panthor_gpu_info
Brahmajit Das (1):
samples: mei: Fix building on musl libc
Breno Leitao (1):
netconsole: Only register console drivers when targets are configured
Brett Creeley (1):
vfio/pds: Fix missing detach_ioas op
Brian Masney (6):
rtc: ds1307: fix incorrect maximum clock rate handling
rtc: hym8563: fix incorrect maximum clock rate handling
rtc: nct3018y: fix incorrect maximum clock rate handling
rtc: pcf85063: fix incorrect maximum clock rate handling
rtc: pcf8563: fix incorrect maximum clock rate handling
rtc: rv3028: fix incorrect maximum clock rate handling
Budimir Markovic (1):
vsock: Do not allow binding to VMADDR_PORT_ANY
Caleb Sander Mateos (1):
ublk: use vmalloc for ublk_device's __queues
Casey Connolly (1):
power: supply: qcom_pmi8998_charger: fix wakeirq
Chanwoo Choi (1):
PM / devfreq: Fix a index typo in trans_stat
Chao Yu (10):
f2fs: fix to avoid invalid wait context issue
f2fs: fix to check upper boundary for gc_valid_thresh_ratio
f2fs: fix to check upper boundary for gc_no_zoned_gc_percent
f2fs: doc: fix wrong quota mount option description
f2fs: fix to avoid UAF in f2fs_sync_inode_meta()
f2fs: fix to avoid panic in f2fs_evict_inode
f2fs: fix to avoid out-of-boundary access in devs.path
f2fs: fix to update upper_p in __get_secs_required() correctly
f2fs: fix to calculate dirty data during has_not_enough_free_secs()
f2fs: fix to trigger foreground gc during f2fs_map_blocks() in lfs mode
Charalampos Mitrodimas (2):
usb: misc: apple-mfi-fastcharge: Make power supply names unique
net, bpf: Fix RCU usage in task_cls_state() for BPF programs
Charles Han (2):
power: supply: cpcap-charger: Fix null check for power_supply_get_by_name
power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set
Charles Keepax (5):
ASoC: SDCA: Add missing default in switch in entity_pde_event()
ASoC: SDCA: Update memory allocations to zero initialise
ASoC: SDCA: Allow read-only controls to be deferrable
soundwire: Correct some property names
ASoC: SDCA: Fix some holes in the regmap readable/writeable helpers
Chen Pei (1):
perf tools: Remove libtraceevent in .gitignore
Chen-Yu Tsai (2):
ASoC: mediatek: use reserved memory or enable buffer pre-allocation
ASoC: mediatek: mt8183-afe-pcm: Support >32 bit DMA addresses
Chenyuan Yang (1):
fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref
Chris Down (1):
Bluetooth: hci_event: Mask data status from LE ext adv reports
Christian König (1):
drm/amdgpu: rework queue reset scheduler interaction
Christoph Hellwig (1):
block: ensure discard_granularity is zero when discard is not supported
Christoph Paasch (1):
net/mlx5: Correctly set gso_segs when LRO is used
Christophe JAILLET (2):
staging: gpib: Fix error handling paths in cb_gpib_probe()
i2c: muxes: mule: Fix an error handling path in mule_i2c_mux_probe()
Cindy Lu (1):
vhost: Reintroduce kthread API and add mode selection
Clément Le Goffic (1):
spi: stm32: Check for cfg availability in stm32_spi_probe
Colin Ian King (2):
staging: gpib: fix unset padding field copy back to userspace
squashfs: fix incorrect argument to sizeof in kmalloc_array call
Cristian Ciocaltea (1):
drm/connector: hdmi: Evaluate limited range after computing format
Daeho Jeong (1):
f2fs: turn off one_time when forcibly set to foreground GC
Dan Carpenter (5):
wifi: rtw89: mcc: prevent shift wrapping in rtw89_core_mlsr_switch()
wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start()
wifi: mt76: mt7925: fix off by one in mt7925_mcu_hw_scan()
watchdog: ziirave_wdt: check record length in ziirave_firm_verify()
fs/orangefs: Allow 2 more characters in do_c_string()
Daniel Borkmann (4):
bpf: Add cookie object to bpf maps
bpf: Move bpf map owner out of common struct
bpf: Move cgroup iterator helpers to bpf.h
bpf: Fix oob access in cgroup local storage
Daniel Zahka (3):
selftests: drv-net: tso: enable test cases based on hw_features
selftests: drv-net: tso: fix vxlan tunnel flags to get correct gso_type
selftests: drv-net: tso: fix non-tunneled tso6 test case name
Daniil Dulov (1):
wifi: rtl818x: Kill URBs before clearing tx status queue
Danilo Krummrich (1):
rust: devres: require T: Send for Devres
Dave Hansen (1):
x86/fpu: Delay instruction pointer fixup until after warning
Denis OSTERLAND-HEIM (1):
pps: fix poll support
Dmitry Baryshkov (4):
usb: typec: ucsi: yoga-c630: fix error and remove paths
interconnect: qcom: sc8280xp: specify num_links for qnm_a1noc_cfg
interconnect: qcom: sc8180x: specify num_nodes
iommu/arm-smmu: disable PRR on SM8250
Dmitry Vyukov (1):
selftests: Fix errno checking in syscall_user_dispatch test
Dragos Tatulea (2):
vdpa/mlx5: Fix needs_teardown flag calculation
vdpa/mlx5: Fix release of uninitialized resources on error path
Easwar Hariharan (1):
iommu/amd: Enable PASID and ATS capabilities in the correct order
Edip Hazuri (3):
ALSA: hda/realtek - Fix mute LED for HP Victus 16-r1xxx
ALSA: hda/realtek - Fix mute LED for HP Victus 16-s0xxx
ALSA: hda/realtek - Fix mute LED for HP Victus 16-d1xxx (MB 8A26)
Eduard Zingerman (1):
bpf: handle jset (if a & b ...) as a jump in CFG computation
Edward Adam Davis (1):
fs/ntfs3: cancle set bad inode after removing name fails
Edward Srouji (1):
RDMA/mlx5: Fix UMR modifying of mkey page size
Emanuele Ghidoli (1):
arm64: dts: ti: k3-am62p-verdin: Enable pull-ups on I2C_3_HDMI
Emily Deng (1):
drm/amdkfd: Move the process suspend and resume out of full access
Eric Biggers (1):
crypto: krb5 - Fix memory leak in krb5_test_one_prf()
Eric Dumazet (14):
net: annotate races around sk->sk_uid
net: dst: annotate data-races around dst->input
net: dst: annotate data-races around dst->output
net: dst: add four helpers to annotate data-races around dst->dev
net_sched: act_ctinfo: use atomic64_t for three counters
tcp: call tcp_measure_rcv_mss() for ooo packets
ipv6: add a retry logic in net6_rt_notify()
ipv6: prevent infinite loop in rt6_nlmsg_size()
ipv6: fix possible infinite loop in fib6_info_uses_dev()
ipv6: annotate data-races around rt->fib6_nsiblings
pptp: ensure minimal skb length in pptp_xmit()
selftests: avoid using ifconfig
ipv6: reject malicious packets in ipv6_gso_segment()
pptp: fix pptp_xmit() error path
Erni Sri Satya Vennela (1):
net: mana: Fix potential deadlocks in mana napi ops
Ethan Milon (1):
iommu/vt-d: Fix missing PASID in dev TLB flush with cache_tag_flush_all
Fedor Pchelkin (4):
wifi: rtw89: sar: drop lockdep assertion in rtw89_set_sar_from_acpi
wifi: rtw89: sar: do not assert wiphy lock held until probing is done
drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value
netfilter: nf_tables: adjust lockdep assertions handling
Finn Thain (1):
m68k: Don't unregister boot console needlessly
Florian Fainelli (1):
net: mdio: mdio-bcm-unimac: Correct rate fallback logic
Florian Westphal (1):
netfilter: xt_nfacct: don't assume acct name is null-terminated
Francesco Dolcini (1):
arm64: dts: ti: k3-am62p-verdin: add SD_1 CD pull-up
Fushuai Wang (1):
selftests/bpf: fix signedness bug in redir_partial()
Gabriele Monaco (4):
tools/rv: Do not skip idle in trace
rv: Remove trailing whitespace from tracepoint string
rv: Use strings in da monitors tracepoints
rv: Adjust monitor dependencies
Gal Pressman (1):
selftests: drv-net: Fix remote command checking in require_cmd()
Gautham R. Shenoy (1):
pm: cpupower: Fix printing of CORE, CPU fields in cpupower-monitor
Geert Uytterhoeven (2):
drm/sitronix: Remove broken backwards-compatibility layer
power: reset: POWER_RESET_TORADEX_EC should depend on ARCH_MXC
Geoffrey D. Bennett (1):
ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx()
Gerald Schaefer (1):
s390/mm: Remove possible false-positive warning in pte_free_defer()
Giovanni Cabiddu (2):
crypto: qat - fix DMA direction for compression on GEN2 devices
crypto: qat - fix seq_file position update in adf_ring_next()
Gokul Sivakumar (1):
wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE
Greg Kroah-Hartman (4):
drivers: misc: sram: fix up some const issues with recent attribute changes
Revert "vmci: Prevent the dispatching of uninitialized payloads"
staging: greybus: gbphy: fix up const issue with the match callback
Linux 6.16.1
Guenter Roeck (1):
block: Fix default IO priority if there is no IO context
Hans Zhang (1):
PCI: rockchip-host: Fix "Unexpected Completion" log message
Hans de Goede (7):
mei: vsc: Don't re-init VSC from mei_vsc_hw_reset() on stop
mei: vsc: Destroy mutex after freeing the IRQ
mei: vsc: Event notifier fixes
mei: vsc: Unset the event callback on remove and probe errors
mei: vsc: Drop unused vsc_tp_request_irq() and vsc_tp_free_irq()
mei: vsc: Run event callback from a workqueue
mei: vsc: Fix "BUG: Invalid wait context" lockdep error
Harald Freudenberger (1):
s390/ap: Unmask SLCF bit in card and queue ap functions sysfs
Haren Myneni (1):
powerpc/pseries/dlpar: Search DRC index from ibm,drc-indexes for IO add
Harshit Mogalapalli (1):
staging: gpib: Fix error code in board_type_ioctl()
Harshitha Prem (1):
wifi: ath12k: update unsupported bandwidth flags in reg rules
Heiko Stuebner (1):
drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port
Helge Deller (1):
apparmor: Fix unaligned memory accesses in KUnit test
Heming Zhao (1):
md/md-cluster: handle REMOVE message earlier
Henry Martin (1):
clk: davinci: Add NULL check in davinci_lpsc_clk_register()
Herbert Xu (7):
crypto: marvell/cesa - Fix engine load inaccuracy
crypto: s390/hmac - Fix counter in export state
crypto: s390/sha3 - Use cpu byte-order when exporting
padata: Fix pd UAF once and for all
crypto: ahash - Add support for drivers with no fallback
crypto: ahash - Stop legacy tfms from using the set_virt fallback path
padata: Remove comment for reorder_work
Horatiu Vultur (1):
phy: mscc: Fix parsing of unicast frames
Huan Yang (2):
Revert "udmabuf: fix vmap_udmabuf error page set"
udmabuf: fix vmap missed offset page
Ian Forbes (1):
drm/vmwgfx: Fix Host-Backed userspace on Guest-Backed kernel
Ian Rogers (6):
perf dso: Add missed dso__put to dso__load_kcore
perf hwmon_pmu: Avoid shortening hwmon PMU name
perf python: Fix thread check in pyrf_evsel__read
perf python: Correct pyrf_evsel__read for tool PMUs
tools subcmd: Tighten the filename size in check_if_command_finished
perf pmu: Switch FILENAME_MAX to NAME_MAX
Inochi Amaoto (1):
riscv: dts: sophgo: sg2044: Add missing riscv,cbop-block-size property
Ivan Pravdin (1):
Bluetooth: hci_devcd_dump: fix out-of-bounds via dev_coredumpv
Ivan Stepchenko (1):
mtd: fix possible integer overflow in erase_xfer()
Jacob Pan (2):
vfio: Fix unbalanced vfio_df_close call in no-iommu mode
vfio: Prevent open_count decrement to negative
Jakub Kicinski (6):
netpoll: prevent hanging NAPI when netcons gets enabled
netlink: specs: ethtool: fix module EEPROM input/output arguments
eth: fbnic: unlink NAPIs from queues on error to open
net: devmem: fix DMA direction on unmapping
Revert "net: mdio_bus: Use devm for getting reset GPIO"
eth: fbnic: remove the debugging trick of super high page bias
James Cowgill (1):
media: v4l2-ctrls: Fix H264 SEPARATE_COLOUR_PLANE check
Jan Kara (1):
ext4: Make sure BH_New bit is cleared in ->write_end handler
Jan Prusakowski (1):
f2fs: vm_unmap_ram() may be called from an invalid context
Jann Horn (2):
eventpoll: Fix semi-unbounded recursion
eventpoll: fix sphinx documentation build warning
Jason Gunthorpe (3):
iommu/vt-d: Do not wipe out the page table NID when devices detach
iommu/amd: Fix geometry.aperture_end for V2 tables
vfio/pci: Do vf_token checks for VFIO_DEVICE_BIND_IOMMUFD
Jason Xing (2):
stmmac: xsk: fix negative overflow of budget in zerocopy mode
igb: xsk: solve negative overflow of nb_pkts in zerocopy mode
Jeff Johnson (1):
wifi: ath12k: pack HTT pdev rate stats structs
Jeff Layton (1):
nfsd: don't set the ctime on delegated atime updates
Jeremy Linton (1):
arm64/gcs: task_gcs_el0_enable() should use passed task
Jerome Brunet (1):
PCI: endpoint: pci-epf-vntb: Return -ENOENT if pci_epc_get_next_free_bar() fails
Jianbo Liu (1):
net/mlx5e: Remove skb secpath if xfrm state is not found
Jiasheng Jiang (1):
iwlwifi: Add missing check for alloc_ordered_workqueue
Jiaxun Yang (1):
MIPS: mm: tlb-r4k: Uniquify TLB entries on init
Jiayuan Chen (2):
bpf, sockmap: Fix psock incorrectly pointing to sk
bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls
Jie Gan (2):
arm64: dts: qcom: qcs615: fix a crash issue caused by infinite loop for Coresight
arm64: dts: qcom: qcs615: disable the CTI device of the camera block
Jimmy Assarsson (2):
can: kvaser_pciefd: Store device channel index
can: kvaser_usb: Assign netdev.dev_port based on device channel index
Jiri Olsa (1):
uprobes: revert ref_ctr_offset in uprobe_unregister error path
Jiwei Sun (1):
PCI: Adjust the position of reading the Link Control 2 register
Johan Hovold (2):
driver core: auxiliary bus: fix OF node leak
soc: qcom: pmic_glink: fix OF node leak
Johan Korsnes (1):
arch: powerpc: defconfig: Drop obsolete CONFIG_NET_CLS_TCINDEX
Johannes Berg (2):
wifi: mac80211: fix WARN_ON for monitor mode on some devices
scripts: gdb: move MNT_* constants to gdb-parsed
John Ernberg (1):
net: usbnet: Avoid potential RCU stall on LINK_CHANGE event
John Garry (2):
md/raid10: fix set but not used variable in sync_request_write()
block: sanitize chunk_sectors for atomic write limits
Jonas Karlman (3):
arm64: dts: rockchip: Enable eMMC HS200 mode on Radxa E20C
arm64: dts: rockchip: Fix pinctrl node names for RK3528
arm64: dts: rockchip: Fix UART DMA support for RK3528
Jonathan Corbet (1):
slub: Fix a documentation build error for krealloc()
Juergen Gross (1):
xen/gntdev: remove struct gntdev_copy_batch from stack
Julien Massot (1):
media: ti: j721e-csi2rx: fix list_del corruption
Junxian Huang (4):
RDMA/hns: Get message length of ack_req from FW
RDMA/hns: Fix accessing uninitialized resources
RDMA/hns: Drop GFP_NOWARN
RDMA/hns: Fix -Wframe-larger-than issue
Juri Lelli (1):
sched/deadline: Reset extra_bw to max_bw when clearing root domains
Kang Yang (1):
wifi: ath12k: update channel list in worker when wait flag is set
Kees Cook (7):
kunit/fortify: Add back "volatile" for sizeof() constants
sched/task_stack: Add missing const qualifier to end_of_stack()
wifi: mac80211: Write cnt before copying in ieee80211_copy_rnr_beacon()
wifi: nl80211: Set num_sub_specs before looping through sub_specs
wifi: brcmfmac: cyw: Fix __counted_by to be LE variant
staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int()
fortify: Fix incorrect reporting of read buffer size
Kemeng Shi (3):
mm: swap: correctly use maxpages in swapon syscall to avoid potential deadloop
mm: swap: fix potential buffer overflow in setup_clusters()
mm: swap: move nr_swap_pages counter decrement from folio_alloc_swap() to swap_range_alloc()
Kent Overstreet (1):
dm-flakey: Fix corrupt_bio_byte setup checks
Kiran K (2):
Bluetooth: btintel: Define a macro for Intel Reset vendor command
Bluetooth: btintel_pcie: Make driver wait for alive interrupt
Konrad Dybcio (5):
arm64: dts: qcom: x1p42100: Fix thermal sensor configuration
arm64: dts: qcom: sdm845: Expand IMEM region
arm64: dts: qcom: sc7180: Expand IMEM region
power: sequencing: qcom-wcn: fix bluetooth-wifi copypasta for WCN6855
drm/msm/dpu: Fill in min_prefill_lines for SC8180X
Konstantin Komarov (1):
Revert "fs/ntfs3: Replace inode_trylock with inode_lock"
Krzysztof Kozlowski (2):
ARM: dts: vfxxx: Correctly use two tuples for timer address
dmaengine: mmp: Fix again Wvoid-pointer-to-enum-cast warning
Kuan-Chung Chen (1):
wifi: rtw89: fix EHT 20MHz TX rate for non-AP STA
Kumar Kartikeya Dwivedi (1):
bpf: Ensure RCU lock is held around bpf_prog_ksym_find
Kuninori Morimoto (1):
ASoC: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask()
Kuniyuki Iwashima (2):
bpf: Disable migration in nf_hook_run_bpf().
neighbour: Fix null-ptr-deref in neigh_flush_dev().
Lad Prabhakar (1):
clk: renesas: rzv2h: Fix missing CLK_SET_RATE_PARENT flag for ddiv clocks
Laurentiu Palcu (1):
clk: imx95-blk-ctl: Fix synchronous abort
Len Brown (1):
tools/power turbostat: regression fix: --show C1E%
Leo Yan (1):
perf tests bp_account: Fix leaked file descriptor
Leon Romanovsky (1):
RDMA/uverbs: Add empty rdma_uattrs_has_raw_cap() declaration
Li Lingfeng (1):
scsi: Revert "scsi: iscsi: Fix HW conn removal use after free"
Li Ming (2):
cxl/core: Introduce a new helper cxl_resource_contains_addr()
cxl/edac: Fix wrong dpa checking for PPR operation
Lifeng Zheng (3):
PM / devfreq: Check governor before using governor->name
cpufreq: Initialize cpufreq-based frequency-invariance later
cpufreq: Init policy->rwsem before it may be possibly used
Lijo Lazar (1):
drm/amdgpu: Remove nbiov7.9 replay count reporting
Lijuan Gao (1):
arm64: dts: qcom: sa8775p: Correct the interrupt for remoteproc
Lizhi Xu (1):
vmci: Prevent the dispatching of uninitialized payloads
Lorenzo Bianconi (5):
wifi: mt76: mt7996: Fix secondary link lookup in mt7996_mcu_sta_mld_setup_tlv()
wifi: mt76: mt7996: Fix possible OOB access in mt7996_tx()
wifi: mt76: mt7996: Fix valid_links bitmask in mt7996_mac_sta_{add,remove}
net: airoha: Fix PPE table access in airoha_ppe_debugfs_foe_show()
net: airoha: npu: Add missing MODULE_FIRMWARE macros
Lorenzo Stoakes (1):
selftests/perf_events: Add a mmap() correctness test
Lu Baolu (1):
iommu/vt-d: Fix UAF on sva unbind with pending IOPFs
Luca Weiss (3):
phy: qualcomm: phy-qcom-eusb2-repeater: Don't zero-out registers
phy: qcom: phy-qcom-snps-eusb2: Add missing write from init sequence
net: ipa: add IPA v5.1 and v5.5 to ipa_version_string()
Lucas De Marchi (1):
usb: early: xhci-dbc: Fix early_ioremap leak
Lukasz Laguna (1):
drm/xe/vf: Disable CSC support on VF
Maharaja Kennadyrajan (1):
wifi: mac80211: use RCU-safe iteration in ieee80211_csa_finish
Maher Azzouzi (1):
net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing
Manivannan Sadhasivam (1):
PCI: endpoint: pci-epf-vntb: Fix the incorrect usage of __iomem attribute
Marc Zyngier (2):
KVM: arm64: Check for SYSREGS_ON_CPU before accessing the CPU state
KVM: arm64: Filter out HCR_EL2 bits when running in hypervisor context
Marco Elver (1):
kcsan: test: Initialize dummy variable
Mark Bloch (1):
RDMA/ipoib: Use parent rdma device net namespace
Mark Brown (1):
kselftest/arm64: Fix check for setting new VLs in sve-ptrace
Martin Kaistra (1):
wifi: rtl8xxxu: Fix RX skb size for aggregation disabled
Masahiro Yamada (2):
arm64: fix unnecessary rebuilding when CONFIG_DEBUG_EFI=y
kconfig: qconf: fix ConfigList::updateListAllforAll()
Matthew Wilcox (Oracle) (2):
memcg_slabinfo: Fix use of PG_slab
squashfs: use folios in squashfs_bio_read_cached()
Max Krummenacher (1):
arm64: dts: freescale: imx8mp-toradex-smarc: fix lvds dsi mux gpio
Meghana Malladi (1):
net: ti: icssg-prueth: Fix skb handling for XDP_PASS
Mengbiao Xiong (1):
crypto: ccp - Fix crash when rebind ccp device for ccp.ko
Michael J. Ruhl (3):
drm/xe: Correct the rev value for the DVSEC entries
drm/xe: Correct BMG VSEC header sizing
platform/x86/intel/pmt: fix a crashlog NULL pointer access
Michael Walle (1):
arm64: dts: ti: k3-am62p-j722s: fix pinctrl-single size
Michal Koutný (1):
cgroup: Add compatibility option for content of /proc/cgroups
Michal Luczaj (1):
kcm: Fix splice support
Michal Schmidt (1):
benet: fix BUG when creating VFs
Michal Wajdeczko (2):
drm/xe/configfs: Fix pci_dev reference leak
drm/xe/pf: Disable PF restart worker on device removal
Mickaël Salaün (1):
selftests/landlock: Fix readlink check
Mike Christie (1):
vhost-scsi: Fix log flooding with target does not exist errors
Mikhail Zaslonko (1):
s390/boot: Fix startup debugging log
Ming Lei (2):
nbd: fix lockdep deadlock warning
ublk: validate ublk server pid
Ming Qian (1):
media: imx-jpeg: Account for data_offset when getting image address
Mohamed Khalfella (2):
nvmet: initialize discovery subsys after debugfs is initialized
nvmet: exit debugfs after discovery subsystem exits
Mohsin Bashir (2):
eth: fbnic: Fix tx_dropped reporting
eth: fbnic: Lock the tx_dropped update
Moon Hee Lee (2):
selftests: breakpoints: use suspend_stats to reliably check suspend success
wifi: mac80211: reject TDLS operations when station is not associated
Mukesh Ojha (1):
pinmux: fix race causing mux_owner NULL with active mux_usecount
Murad Masimov (1):
wifi: plfxlc: Fix error handling in usb driver probe
Mykyta Yatsenko (1):
selftests/bpf: Fix unintentional switch case fall through
Namhyung Kim (10):
perf parse-events: Set default GH modifier properly
perf tools: Fix use-after-free in help_unknown_cmd()
perf sched: Make sure it frees the usage string
perf sched: Free thread->priv using priv_destructor
perf sched: Fix memory leaks in 'perf sched map'
perf sched: Fix thread leaks in 'perf sched timehist'
perf sched: Fix memory leaks for evsel->priv in timehist
perf sched: Use RC_CHK_EQUAL() to compare pointers
perf sched: Fix memory leaks in 'perf sched latency'
perf record: Cache build-ID of hit DSOs only
Namjae Jeon (4):
ksmbd: fix null pointer dereference error in generate_encryptionkey
ksmbd: fix Preauh_HashValue race condition
ksmbd: fix corrupted mtime and ctime in smb2_open
ksmbd: limit repeated connections from clients with the same IP
NeilBrown (1):
nfsd: avoid ref leak in nfsd_open_local_fh()
Niklas Cassel (3):
PCI: Rename PCIE_RESET_CONFIG_DEVICE_WAIT_MS to PCIE_RESET_CONFIG_WAIT_MS
PCI: dw-rockchip: Wait PCIE_RESET_CONFIG_WAIT_MS after link-up IRQ
PCI: qcom: Wait PCIE_RESET_CONFIG_WAIT_MS after link-up IRQ
Niklas Söderlund (1):
arm64: dts: renesas: r8a779g3-sparrow-hawk-fan-pwm: Add missing install target
Nilay Shroff (1):
block: restore two stage elevator switch while running nr_hw_queue update
Nuno Sá (1):
clk: clk-axi-clkgen: fix fpfd_max frequency for zynq
Olga Kornievskaia (3):
NFSv4.2: another fix for listxattr
sunrpc: fix client side handling of tls alerts
sunrpc: fix handling of server side tls alerts
Ovidiu Panait (2):
crypto: sun8i-ce - fix nents passed to dma_unmap_sg()
hwrng: mtk - handle devm_pm_runtime_enable errors
P Praneesh (1):
wifi: ath12k: Fix double budget decrement while reaping monitor ring
Parav Pandit (8):
RDMA/uverbs: Check CAP_NET_RAW in user namespace for flow create
RDMA/mlx5: Check CAP_NET_RAW in user namespace for flow create
RDMA/mlx5: Check CAP_NET_RAW in user namespace for anchor create
RDMA/uverbs: Check CAP_NET_RAW in user namespace for QP create
RDMA/uverbs: Check CAP_NET_RAW in user namespace for RAW QP create
RDMA/mlx5: Check CAP_NET_RAW in user namespace for devx create
RDMA/nldev: Check CAP_NET_RAW in user namespace for QP modify
RDMA/counter: Check CAP_NET_RAW check in user namespace for RDMA counters
Parth Pancholi (1):
arm64: dts: ti: k3-am62p-verdin: fix PWM_3_DSI GPIO direction
Patrick Delaunay (1):
arm64: dts: st: fix timer used for ticks
Paul Chaignon (3):
bpf: Reject narrower access to pointer ctx fields
bpf: Check flow_dissector ctx accesses are aligned
bpf: Check netfilter ctx accesses are aligned
Paul Kocialkowski (1):
clk: sunxi-ng: v3s: Fix de clock definition
Paulo Alcantara (3):
smb: client: allow parsing zero-length AV pairs
smb: client: set symlink type as native for POSIX mounts
smb: client: default to nonativesocket under POSIX mounts
Pawan Gupta (4):
x86/bugs: Avoid AUTO after the select step in the retbleed mitigation
x86/bugs: Simplify the retbleed=stuff checks
x86/bugs: Introduce cdt_possible()
x86/bugs: Allow ITS stuffing in eIBRS+retpoline mode also
Pei Xiao (1):
ASOC: rockchip: fix capture stream handling in rockchip_sai_xfer_stop
Peter Zijlstra (2):
sched/psi: Optimize psi_group_change() cpu_clock() usage
sched/psi: Fix psi_seq initialization
Petr Machata (1):
net: ipv6: ip6mr: Fix in/out netdev to pass to the FORWARD chain
Petr Pavlu (1):
module: Restore the moduleparam prefix length check
Phil Sutter (2):
netfilter: nf_tables: Drop dead code from fill_*_info routines
selftests: netfilter: Ignore tainted kernels in interface stress test
Puranjay Mohan (2):
selftests/bpf: fix implementation of smp_mb()
bpf, arm64: Fix fp initialization for exception boundary
Qasim Ijaz (1):
HID: apple: validate feature-report field count to prevent NULL pointer dereference
Quang Le (1):
net/packet: fix a race in packet_set_ring() and packet_notifier()
Quentin Schulz (1):
arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP
Rafael J. Wysocki (2):
cpufreq: intel_pstate: Always use HWP_DESIRED_PERF in passive mode
kexec_core: Fix error code path in the KEXEC_JUMP flow
Rameshkumar Sundaram (2):
wifi: mac80211: Fix bssid_indicator for MBSSID in AP mode
wifi: ath12k: Avoid accessing uninitialized arvif->ar during beacon miss
Randy Dunlap (2):
io_uring: fix breakage in EXPERT menu
can: tscan1: CAN_TSCAN1 can depend on PC104
Remi Pommarel (2):
wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key()
Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()"
Richard Guy Briggs (1):
audit,module: restore audit logging in load failure case
Rick Wertenbroek (1):
nvmet: pci-epf: Do not complete commands twice if nvmet_req_init() fails
Robin Murphy (2):
PCI: Fix driver_managed_dma check
perf/arm-ni: Set initial IRQ affinity
Rodrigo Gobbi (1):
soundwire: debugfs: move debug statement outside of error handling
Rohit Visavalia (1):
clk: xilinx: vcu: unregister pll_post only if registered correctly
RubenKelevra (1):
fs_context: fix parameter name in infofc() macro
Ryan Lee (2):
apparmor: ensure WB_HISTORY_SIZE value is a power of 2
apparmor: fix loop detection used in conflicting attachment resolution
Ryan Wanner (2):
ARM: dts: microchip: sama7d65: Add clock name property
ARM: dts: microchip: sam9x7: Add clock name property
Salomon Dushimirimana (1):
scsi: sd: Make sd shutdown issue START STOP UNIT appropriately
Samuel Holland (1):
RISC-V: KVM: Fix inclusion of Smnpm in the guest ISA bitmap
Sean Christopherson (3):
KVM: x86: Convert vcpu_run()'s immediate exit param into a generic bitmap
KVM: x86: Drop kvm_x86_ops.set_dr6() in favor of a new KVM_RUN flag
KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is supported
Sebastian Reichel (1):
arm64: dts: rockchip: fix PHY handling for ROCK 4D
Sergey Senozhatsky (1):
wifi: ath11k: clear initialized flag for deinit-ed srng lists
Seunghui Lee (1):
scsi: ufs: core: Use link recovery when h8 exit fails during runtime resume
Seungjin Bae (1):
usb: host: xhci-plat: fix incorrect type for of_match variable in xhci_plat_probe()
Shahar Shitrit (1):
net/mlx5e: Fix potential deadlock by deferring RX timeout recovery
Shankari Anand (1):
rust: miscdevice: clarify invariant for `MiscDeviceRegistration`
Shashank Balaji (1):
selftests/cgroup: fix cpu.max tests
Sheng Yong (1):
f2fs: fix bio memleak when committing super block
Shengjiu Wang (2):
ASoC: fsl_xcvr: get channel status data when PHY is not exists
ASoC: fsl_xcvr: get channel status data with firmware exists
Shin'ichiro Kawasaki (1):
zloop: fix KASAN use-after-free of tag set
Shiraz Saleem (1):
RDMA/mana_ib: Fix DSCP value in modify QP
Shixiong Ou (1):
fbcon: Fix outdated registered_fb reference in comment
Shree Ramamoorthy (1):
mfd: tps65219: Update TPS65214 MFD cell's GPIO compatible string
Shubhrajyoti Datta (1):
clk: clocking-wizard: Fix the round rate handling for versal
Shuicheng Lin (1):
drm/xe/uapi: Correct sync type definition in comments
Sibi Sankar (1):
firmware: arm_scmi: Fix up turbo frequencies selection
Simon Trimmer (1):
spi: cs42l43: Property entry should be a null-terminated array
Simona Vetter (1):
drm/panthor: Fix UAF in panthor_gem_create_with_handle() debugfs code
Sivan Zohar-Kotzer (1):
powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw()
Slark Xiao (2):
bus: mhi: host: pci_generic: Fix the modem name of Foxconn T99W640
USB: serial: option: add Foxconn T99W709
Song Liu (1):
selftests/landlock: Fix build of audit_test
Stanislav Fomichev (3):
team: replace team lock with rtnl lock
macsec: set IFF_UNICAST_FLT priv flag
vrf: Drop existing dst reference in vrf_ip6_input_dst
Stanley Chu (1):
i3c: master: svc: Fix npcm845 FIFO_EMPTY quirk
Stav Aviram (1):
net/mlx5: Check device memory pointer before usage
Stefan Metzmacher (9):
smb: server: remove separate empty_recvmsg_queue
smb: server: make sure we call ib_dma_unmap_single() only if we called ib_dma_map_single already
smb: server: let recv_done() consistently call put_recvmsg/smb_direct_disconnect_rdma_connection
smb: server: let recv_done() avoid touching data_transfer after cleanup/move
smb: client: remove separate empty_packet_queue
smb: client: make sure we call ib_dma_unmap_single() only if we called ib_dma_map_single already
smb: client: let recv_done() cleanup before notifying the callers.
smb: client: let recv_done() avoid touching data_transfer after cleanup/move
smb: client: return an error if rdma_connect does not return within 5 seconds
Stephane Grosjean (1):
can: peak_usb: fix USB FD devices potential malfunction
Steven Rostedt (4):
selftests/tracing: Fix false failure of subsystem event test
PM: cpufreq: powernv/tracing: Move powernv_throttle trace event
ring-buffer: Remove ring_buffer_read_prepare_sync()
tracing: Use queue_rcu_work() to free filters
Suman Kumar Chakraborty (3):
crypto: qat - use unmanaged allocation for dc_data
crypto: qat - restore ASYM service support for GEN6 devices
crypto: qat - fix virtual channel configuration for GEN6 devices
Sumanth Korikkar (1):
s390/mm: Allocate page table with PAGE_SIZE granularity
Sumit Gupta (1):
soc/tegra: cbb: Clear ERR_FORCE register with ERR_STATUS
Sun YangKai (1):
btrfs: remove partial support for lowest level from btrfs_search_forward()
Suren Baghdasaryan (1):
mm: fix a UAF when vma->mm is freed after vma->vm_refcnt got dropped
Svyatoslav Pankratov (1):
crypto: qat - fix state restore for banks with exceptions
Takahiro Kuwano (1):
mtd: spi-nor: spansion: Fixup params->set_4byte_addr_mode for SEMPER
Takamitsu Iwai (1):
net/sched: taprio: enforce minimum value for picos_per_byte
Takashi Iwai (2):
ALSA: usb: scarlett2: Fix missing NULL check
ALSA: hda/ca0132: Fix missing error handling in ca0132_alt_select_out()
Tamizh Chelvam Raja (2):
wifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type()
wifi: ath12k: fix endianness handling while accessing wmi service bit
Tanmay Shah (1):
remoteproc: xlnx: Disable unsupported features
Tao Xue (1):
usb: gadget : fix use-after-free in composite_dev_cleanup()
Thiraviyam Mariyappan (1):
wifi: ath12k: Clear auth flag only for actual association in security mode
Thomas Antoine (1):
power: supply: max1720x correct capacity computation
Thomas Fourier (14):
block: mtip32xx: Fix usage of dma_map_sg()
mwl8k: Add missing check after DMA map
Fix dma_unmap_sg() nents value
crypto: inside-secure - Fix `dma_unmap_sg()` nents value
scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value
scsi: elx: efct: Fix dma_unmap_sg() nents value
scsi: mvsas: Fix dma_unmap_sg() nents value
scsi: isci: Fix dma_unmap_sg() nents value
crypto: keembay - Fix dma_unmap_sg() nents value
crypto: img-hash - Fix dma_unmap_sg() nents value
dmaengine: mv_xor: Fix missing check after DMA map and missing unmap
dmaengine: nbpfaxi: Add missing check after DMA map
mtd: rawnand: atmel: Fix dma_mapping_error() address
mtd: rawnand: rockchip: Add missing check after DMA map
Thomas Gleixner (6):
x86/irq: Plug vector setup race
perf/core: Preserve AUX buffer allocation failure result
perf/core: Don't leak AUX buffer refcount on allocation failure
perf/core: Exit early on perf_mmap() fail
perf/core: Handle buffer mapping fail correctly in perf_mmap()
perf/core: Prevent VMA split of buffer mappings
Thomas Richard (1):
pinctrl: cirrus: madera-core: Use devm_pinctrl_register_mappings()
Thomas Weißschuh (6):
selftests: vDSO: chacha: Correctly skip test if necessary
selftests/nolibc: correctly report errors from printf() and friends
tools/nolibc: avoid false-positive -Wmaybe-uninitialized through waitpid()
spi: spi-nxp-fspi: Check return value of devm_mutex_init()
leds: lp8860: Check return value of devm_mutex_init()
bpf/preload: Don't select USERMODE_DRIVER
Thorsten Blum (2):
smb: server: Fix extension string in ksmbd_extract_shortname()
ALSA: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe()
Tigran Mkrtchyan (1):
pNFS/flexfiles: don't attempt pnfs on fatal DS errors
Tim Harvey (1):
arm64: dts: imx8mp-venice-gw74xx: update name of M2SKT_WDIS2# gpio
Timothy Pearson (5):
PCI: pnv_php: Clean up allocated IRQs on unplug
PCI: pnv_php: Work around switches with broken presence detection
powerpc/eeh: Export eeh_unfreeze_pe()
powerpc/eeh: Make EEH driver device hotplug safe
PCI: pnv_php: Fix surprise plug detection and recovery
Ting-Ying Li (1):
wifi: brcmfmac: fix EXTSAE WPA3 connection failure due to AUTH TX failure
Tingmao Wang (1):
landlock: Fix warning from KUnit tests
Tiwei Bie (1):
um: rtc: Avoid shadowing err in uml_rtc_start()
Tom Lendacky (1):
x86/sev: Evict cache lines during SNP memory validation
Tomas Henzl (1):
scsi: mpt3sas: Fix a fw_event memory leak
Tristram Ha (1):
net: dsa: microchip: Fix wrong rx drop MIB counter for KSZ8863
Trond Myklebust (5):
NFS: Fix wakeup of __nfs_lookup_revalidate() in unblock_revalidate()
NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()
NFS/localio: nfs_close_local_fh() fix check for file closed
NFS/localio: nfs_uuid_put() fix races with nfs_open/close_local_fh()
NFS/localio: nfs_uuid_put() fix the wake up after unlinking the file
Tze-nan Wu (1):
rcu: Fix delayed execution of hurry callbacks
Uday Shankar (1):
ublk: speed up ublk server exit handling
Uros Bizjak (1):
ucount: fix atomic_long_inc_below() argument type
Varshini Rajendran (1):
clk: at91: sam9x7: update pll clk ranges
Venkata Prasad Potturu (1):
ASoC: amd: acp: Fix pointer assignments for snd_soc_acpi_mach structures
Vincent Mailhol (1):
can: tscan1: Kconfig: add COMPILE_TEST
Vitaly Prosyak (3):
drm/amdgpu: fix slab-use-after-free in amdgpu_userq_mgr_fini+0x70c
Revert "drm/amdgpu: fix slab-use-after-free in amdgpu_userq_mgr_fini"
drm/amdgpu: fix use-after-free in amdgpu_userq_suspend+0x51a/0x5a0
Wadim Egorov (1):
arm64: dts: ti: k3-am642-phyboard-electra: Fix PRU-ICSSG Ethernet ports
Wang Liang (1):
net: drop UFO packets in udp_rcv_segment()
Wang Zhaolong (1):
smb: client: fix netns refcount leak after net_passive changes
WangYuli (2):
gitignore: allow .pylintrc to be tracked
selftests: ALSA: fix memory leak in utimer test
Will Deacon (1):
arm64: dts: exynos: gs101: Add 'local-timer-stop' to cpuidle nodes
William Liu (1):
net/sched: Restrict conditions for adding duplicating netems to qdisc tree
Xiu Jianfeng (1):
wifi: iwlwifi: Fix memory leak in iwl_mvm_init()
Xiumei Mu (1):
selftests: rtnetlink.sh: remove esp4_offload after test
Yang Erkun (1):
md: make rdev_addable usable for rcu mode
Yangtao Li (3):
hfsplus: make splice write available again
hfs: make splice write available again
hfsplus: remove mutex_lock check in hfsplus_free_extents
Yao Zi (2):
clk: thead: th1520-ap: Correctly refer the parent of osc_12m
clk: thead: th1520-ap: Describe mux clocks with clk_mux
Yi Chen (1):
selftests: netfilter: ipvs.sh: Explicity disable rp_filter on interface tunl0
Yuan Chen (3):
bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure
pinctrl: sunxi: Fix memory leak on krealloc failure
pinctrl: berlin: fix memory leak in berlin_pinctrl_build_state()
Yuhao Jiang (1):
USB: gadget: f_hid: Fix memory leak in hidg_bind error path
Ze Huang (2):
pinctrl: canaan: k230: add NULL check in DT parse
pinctrl: canaan: k230: Fix order of DT parse and pinctrl register
Zenm Chen (1):
Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano
Zhang Rui (2):
tools/power turbostat: Fix bogus SysWatt for forked program
tools/power turbostat: Fix DMR support
Zhang Yi (1):
ext4: fix insufficient credits calculation in ext4_meta_trans_blocks()
Zheng Qixing (1):
md: allow removing faulty rdev during resync
Zheng Yu (1):
jfs: fix metapage reference count leak in dbAllocCtl
Zhengxu Zhang (1):
exfat: fdatasync flag should be same like generic_write_sync()
Zhiguo Niu (2):
f2fs: compress: change the first parameter of page_array_{alloc,free} to sbi
f2fs: compress: fix UAF of f2fs_inode_info in f2fs_free_dic
Zhongqiu Han (1):
Bluetooth: btusb: Fix potential NULL dereference on kmalloc failure
Zong-Zhe Yang (1):
wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band
wangzijie (1):
proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al
wenglianfa (2):
RDMA/hns: Fix double destruction of rsv_qp
RDMA/hns: Fix HW configurations not cleared in error flow
xin.guo (1):
tcp: fix tcp_ofo_queue() to avoid including too much DUP SACK range
yohan.joung (1):
f2fs: fix to check upper boundary for value of gc_boost_zoned_gc_percent
1 month
- 1
- 1
[PATCH 6.1 000/253] 6.1.148-rc1 review
by Greg Kroah-Hartman
This is the start of the stable review cycle for the 6.1.148 release.
There are 253 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Thu, 14 Aug 2025 17:27:05 +0000.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.1.148-rc…
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.1.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Linux 6.1.148-rc1
Tao Xue <xuetao09(a)huawei.com>
usb: gadget : fix use-after-free in composite_dev_cleanup()
Andy Shevchenko <andriy.shevchenko(a)linux.intel.com>
mm/hmm: move pmd_to_hmm_pfn_flags() to the respective #ifdeffery
Jiaxun Yang <jiaxun.yang(a)flygoat.com>
MIPS: mm: tlb-r4k: Uniquify TLB entries on init
Dave Hansen <dave.hansen(a)linux.intel.com>
x86/fpu: Delay instruction pointer fixup until after warning
Geoffrey D. Bennett <g(a)b4.vu>
ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx()
Thorsten Blum <thorsten.blum(a)linux.dev>
ALSA: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe()
Tom Lendacky <thomas.lendacky(a)amd.com>
x86/sev: Evict cache lines during SNP memory validation
Ammar Faizi <ammarfaizi2(a)gnuweeb.org>
net: usbnet: Fix the wrong netif_carrier_on() call
John Ernberg <john.ernberg(a)actia.se>
net: usbnet: Avoid potential RCU stall on LINK_CHANGE event
Slark Xiao <slark_xiao(a)163.com>
USB: serial: option: add Foxconn T99W709
Thorsten Blum <thorsten.blum(a)linux.dev>
smb: server: Fix extension string in ksmbd_extract_shortname()
Namjae Jeon <linkinjeon(a)kernel.org>
ksmbd: limit repeated connections from clients with the same IP
Namjae Jeon <linkinjeon(a)kernel.org>
ksmbd: fix corrupted mtime and ctime in smb2_open
Namjae Jeon <linkinjeon(a)kernel.org>
ksmbd: fix Preauh_HashValue race condition
Namjae Jeon <linkinjeon(a)kernel.org>
ksmbd: fix null pointer dereference error in generate_encryptionkey
Budimir Markovic <markovicbudimir(a)gmail.com>
vsock: Do not allow binding to VMADDR_PORT_ANY
Quang Le <quanglex97(a)gmail.com>
net/packet: fix a race in packet_set_ring() and packet_notifier()
Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com>
selftests/perf_events: Add a mmap() correctness test
Thomas Gleixner <tglx(a)linutronix.de>
perf/core: Prevent VMA split of buffer mappings
Thomas Gleixner <tglx(a)linutronix.de>
perf/core: Exit early on perf_mmap() fail
Thomas Gleixner <tglx(a)linutronix.de>
perf/core: Don't leak AUX buffer refcount on allocation failure
Eric Dumazet <edumazet(a)google.com>
pptp: fix pptp_xmit() error path
Stefan Metzmacher <metze(a)samba.org>
smb: client: let recv_done() cleanup before notifying the callers.
Stefan Metzmacher <metze(a)samba.org>
smb: server: let recv_done() avoid touching data_transfer after cleanup/move
Stefan Metzmacher <metze(a)samba.org>
smb: server: let recv_done() consistently call put_recvmsg/smb_direct_disconnect_rdma_connection
Stefan Metzmacher <metze(a)samba.org>
smb: server: make sure we call ib_dma_unmap_single() only if we called ib_dma_map_single already
Stefan Metzmacher <metze(a)samba.org>
smb: server: remove separate empty_recvmsg_queue
Takashi Iwai <tiwai(a)suse.de>
ALSA: hda/ca0132: Fix missing error handling in ca0132_alt_select_out()
Arnd Bergmann <arnd(a)arndb.de>
irqchip: Build IMX_MU_MSI only on ARM
Michal Schmidt <mschmidt(a)redhat.com>
benet: fix BUG when creating VFs
Wang Liang <wangliang74(a)huawei.com>
net: drop UFO packets in udp_rcv_segment()
Eric Dumazet <edumazet(a)google.com>
ipv6: reject malicious packets in ipv6_gso_segment()
Christoph Paasch <cpaasch(a)openai.com>
net/mlx5: Correctly set gso_segs when LRO is used
Eric Dumazet <edumazet(a)google.com>
pptp: ensure minimal skb length in pptp_xmit()
Horatiu Vultur <horatiu.vultur(a)microchip.com>
phy: mscc: Fix parsing of unicast frames
Jakub Kicinski <kuba(a)kernel.org>
netpoll: prevent hanging NAPI when netcons gets enabled
Benjamin Coddington <bcodding(a)redhat.com>
NFS: Fixup allocation flags for nfsiod's __GFP_NORETRY
Olga Kornievskaia <okorniev(a)redhat.com>
NFSv4.2: another fix for listxattr
Trond Myklebust <trond.myklebust(a)hammerspace.com>
NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()
Trond Myklebust <trond.myklebust(a)hammerspace.com>
NFS: Fix wakeup of __nfs_lookup_revalidate() in unblock_revalidate()
NeilBrown <neilb(a)suse.de>
sched: Add test_and_clear_wake_up_bit() and atomic_dec_and_wake_up()
Tigran Mkrtchyan <tigran.mkrtchyan(a)desy.de>
pNFS/flexfiles: don't attempt pnfs on fatal DS errors
Timothy Pearson <tpearson(a)raptorengineering.com>
PCI: pnv_php: Fix surprise plug detection and recovery
Timothy Pearson <tpearson(a)raptorengineering.com>
powerpc/eeh: Make EEH driver device hotplug safe
Maciej W. Rozycki <macro(a)orcam.me.uk>
powerpc/eeh: Rely on dev->link_active_reporting
Timothy Pearson <tpearson(a)raptorengineering.com>
powerpc/eeh: Export eeh_unfreeze_pe()
Timothy Pearson <tpearson(a)raptorengineering.com>
PCI: pnv_php: Work around switches with broken presence detection
Timothy Pearson <tpearson(a)raptorengineering.com>
PCI: pnv_php: Clean up allocated IRQs on unplug
Masahiro Yamada <masahiroy(a)kernel.org>
kconfig: qconf: fix ConfigList::updateListAllforAll()
Salomon Dushimirimana <salomondush(a)google.com>
scsi: sd: Make sd shutdown issue START STOP UNIT appropriately
Seunghui Lee <sh043.lee(a)samsung.com>
scsi: ufs: core: Use link recovery when h8 exit fails during runtime resume
Li Lingfeng <lilingfeng3(a)huawei.com>
scsi: Revert "scsi: iscsi: Fix HW conn removal use after free"
Tomas Henzl <thenzl(a)redhat.com>
scsi: mpt3sas: Fix a fw_event memory leak
Alex Williamson <alex.williamson(a)redhat.com>
vfio/pci: Separate SR-IOV VF dev_set
Chao Yu <chao(a)kernel.org>
f2fs: fix to calculate dirty data during has_not_enough_free_secs()
Chao Yu <chao(a)kernel.org>
f2fs: fix to update upper_p in __get_secs_required() correctly
Jan Prusakowski <jprusakowski(a)google.com>
f2fs: vm_unmap_ram() may be called from an invalid context
Chao Yu <chao(a)kernel.org>
f2fs: fix to avoid out-of-boundary access in devs.path
Chao Yu <chao(a)kernel.org>
f2fs: fix to avoid panic in f2fs_evict_inode
Chao Yu <chao(a)kernel.org>
f2fs: fix to avoid UAF in f2fs_sync_inode_meta()
Chao Yu <chao(a)kernel.org>
f2fs: doc: fix wrong quota mount option description
Abinash Singh <abinashlalotra(a)gmail.com>
f2fs: fix KMSAN uninit-value in extent_info usage
Brian Masney <bmasney(a)redhat.com>
rtc: rv3028: fix incorrect maximum clock rate handling
Brian Masney <bmasney(a)redhat.com>
rtc: pcf8563: fix incorrect maximum clock rate handling
Brian Masney <bmasney(a)redhat.com>
rtc: pcf85063: fix incorrect maximum clock rate handling
Brian Masney <bmasney(a)redhat.com>
rtc: nct3018y: fix incorrect maximum clock rate handling
Brian Masney <bmasney(a)redhat.com>
rtc: hym8563: fix incorrect maximum clock rate handling
Brian Masney <bmasney(a)redhat.com>
rtc: ds1307: fix incorrect maximum clock rate handling
Uros Bizjak <ubizjak(a)gmail.com>
ucount: fix atomic_long_inc_below() argument type
Petr Pavlu <petr.pavlu(a)suse.com>
module: Restore the moduleparam prefix length check
Ryan Lee <ryan.lee(a)canonical.com>
apparmor: ensure WB_HISTORY_SIZE value is a power of 2
Paul Chaignon <paul.chaignon(a)gmail.com>
bpf: Check flow_dissector ctx accesses are aligned
Mike Christie <michael.christie(a)oracle.com>
vhost-scsi: Fix log flooding with target does not exist errors
Balamanikandan Gunasundar <balamanikandan.gunasundar(a)microchip.com>
mtd: rawnand: atmel: set pmecc data setup time
Thomas Fourier <fourier.thomas(a)gmail.com>
mtd: rawnand: rockchip: Add missing check after DMA map
Thomas Fourier <fourier.thomas(a)gmail.com>
mtd: rawnand: atmel: Fix dma_mapping_error() address
Zheng Yu <zheng.yu(a)northwestern.edu>
jfs: fix metapage reference count leak in dbAllocCtl
Chenyuan Yang <chenyuan0y(a)gmail.com>
fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref
Giovanni Cabiddu <giovanni.cabiddu(a)intel.com>
crypto: qat - fix seq_file position update in adf_ring_next()
Ben Hutchings <benh(a)debian.org>
sh: Do not use hyphen in exported variable name
Thomas Fourier <fourier.thomas(a)gmail.com>
dmaengine: nbpfaxi: Add missing check after DMA map
Thomas Fourier <fourier.thomas(a)gmail.com>
dmaengine: mv_xor: Fix missing check after DMA map and missing unmap
Dan Carpenter <dan.carpenter(a)linaro.org>
fs/orangefs: Allow 2 more characters in do_c_string()
Manivannan Sadhasivam <mani(a)kernel.org>
PCI: endpoint: pci-epf-vntb: Fix the incorrect usage of __iomem attribute
Bard Liao <yung-chuan.liao(a)linux.intel.com>
soundwire: stream: restore params when prepare ports fail
Thomas Fourier <fourier.thomas(a)gmail.com>
crypto: img-hash - Fix dma_unmap_sg() nents value
Thomas Fourier <fourier.thomas(a)gmail.com>
crypto: keembay - Fix dma_unmap_sg() nents value
Ovidiu Panait <ovidiu.panait.oss(a)gmail.com>
hwrng: mtk - handle devm_pm_runtime_enable errors
Dan Carpenter <dan.carpenter(a)linaro.org>
watchdog: ziirave_wdt: check record length in ziirave_firm_verify()
Thomas Fourier <fourier.thomas(a)gmail.com>
scsi: isci: Fix dma_unmap_sg() nents value
Thomas Fourier <fourier.thomas(a)gmail.com>
scsi: mvsas: Fix dma_unmap_sg() nents value
Thomas Fourier <fourier.thomas(a)gmail.com>
scsi: elx: efct: Fix dma_unmap_sg() nents value
Thomas Fourier <fourier.thomas(a)gmail.com>
scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value
Paul Kocialkowski <paulk(a)sys-base.io>
clk: sunxi-ng: v3s: Fix de clock definition
Leo Yan <leo.yan(a)arm.com>
perf tests bp_account: Fix leaked file descriptor
wangzijie <wangzijie1(a)honor.com>
proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al
Arnd Bergmann <arnd(a)arndb.de>
kernel: trace: preemptirq_delay_test: use offstack cpu mask
Junxian Huang <huangjunxian6(a)hisilicon.com>
RDMA/hns: Fix -Wframe-larger-than issue
Mengbiao Xiong <xisme1998(a)gmail.com>
crypto: ccp - Fix crash when rebind ccp device for ccp.ko
Thomas Fourier <fourier.thomas(a)gmail.com>
crypto: inside-secure - Fix `dma_unmap_sg()` nents value
Namhyung Kim <namhyung(a)kernel.org>
perf sched: Fix memory leaks in 'perf sched latency'
Namhyung Kim <namhyung(a)kernel.org>
perf sched: Fix memory leaks for evsel->priv in timehist
Nuno Sá <nuno.sa(a)analog.com>
clk: clk-axi-clkgen: fix fpfd_max frequency for zynq
Yuan Chen <chenyuan(a)kylinos.cn>
pinctrl: sunxi: Fix memory leak on krealloc failure
Jerome Brunet <jbrunet(a)baylibre.com>
PCI: endpoint: pci-epf-vntb: Return -ENOENT if pci_epc_get_next_free_bar() fails
Arnd Bergmann <arnd(a)arndb.de>
crypto: arm/aes-neonbs - work around gcc-15 warning
Charles Han <hanchunchao(a)inspur.com>
power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set
Charles Han <hanchunchao(a)inspur.com>
power: supply: cpcap-charger: Fix null check for power_supply_get_by_name
Rohit Visavalia <rohit.visavalia(a)amd.com>
clk: xilinx: vcu: unregister pll_post only if registered correctly
James Cowgill <james.cowgill(a)blaize.com>
media: v4l2-ctrls: Fix H264 SEPARATE_COLOUR_PLANE check
Henry Martin <bsdhenrymartin(a)gmail.com>
clk: davinci: Add NULL check in davinci_lpsc_clk_register()
Ivan Stepchenko <sid(a)itb.spb.ru>
mtd: fix possible integer overflow in erase_xfer()
Herbert Xu <herbert(a)gondor.apana.org.au>
crypto: marvell/cesa - Fix engine load inaccuracy
Ovidiu Panait <ovidiu.panait.oss(a)gmail.com>
crypto: sun8i-ce - fix nents passed to dma_unmap_sg()
Hans Zhang <18255117159(a)163.com>
PCI: rockchip-host: Fix "Unexpected Completion" log message
Thomas Weißschuh <thomas.weissschuh(a)linutronix.de>
bpf/preload: Don't select USERMODE_DRIVER
Eric Dumazet <edumazet(a)google.com>
ipv6: annotate data-races around rt->fib6_nsiblings
Eric Dumazet <edumazet(a)google.com>
ipv6: fix possible infinite loop in fib6_info_uses_dev()
Eric Dumazet <edumazet(a)google.com>
ipv6: prevent infinite loop in rt6_nlmsg_size()
Stanislav Fomichev <sdf(a)fomichev.me>
vrf: Drop existing dst reference in vrf_ip6_input_dst
Xiumei Mu <xmu(a)redhat.com>
selftests: rtnetlink.sh: remove esp4_offload after test
Florian Westphal <fw(a)strlen.de>
netfilter: xt_nfacct: don't assume acct name is null-terminated
Jimmy Assarsson <extja(a)kvaser.com>
can: kvaser_usb: Assign netdev.dev_port based on device channel index
Jimmy Assarsson <extja(a)kvaser.com>
can: kvaser_pciefd: Store device channel index
Stephane Grosjean <stephane.grosjean(a)hms-networks.com>
can: peak_usb: fix USB FD devices potential malfunction
Marco Elver <elver(a)google.com>
kcsan: test: Initialize dummy variable
Gokul Sivakumar <gokulkumar.sivakumar(a)infineon.com>
wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE
Remi Pommarel <repk(a)triplefau.lt>
Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()"
Remi Pommarel <repk(a)triplefau.lt>
wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key()
Alexander Wetzel <Alexander(a)wetzel-home.de>
wifi: mac80211: Don't call fq_flow_idx() for management frames
Alexander Wetzel <Alexander(a)wetzel-home.de>
wifi: mac80211: Do not schedule stopped TXQs
Murad Masimov <m.masimov(a)mt-integration.ru>
wifi: plfxlc: Fix error handling in usb driver probe
Moon Hee Lee <moonhee.lee.ca(a)gmail.com>
wifi: mac80211: reject TDLS operations when station is not associated
Thomas Fourier <fourier.thomas(a)gmail.com>
mwl8k: Add missing check after DMA map
Martin Kaistra <martin.kaistra(a)linutronix.de>
wifi: rtl8xxxu: Fix RX skb size for aggregation disabled
Juergen Gross <jgross(a)suse.com>
xen/gntdev: remove struct gntdev_copy_batch from stack
Eric Dumazet <edumazet(a)google.com>
net_sched: act_ctinfo: use atomic64_t for three counters
William Liu <will(a)willsroot.io>
net/sched: Restrict conditions for adding duplicating netems to qdisc tree
Tiwei Bie <tiwei.btw(a)antgroup.com>
um: rtc: Avoid shadowing err in uml_rtc_start()
Johan Korsnes <johan.korsnes(a)gmail.com>
arch: powerpc: defconfig: Drop obsolete CONFIG_NET_CLS_TCINDEX
Fedor Pchelkin <pchelkin(a)ispras.ru>
netfilter: nf_tables: adjust lockdep assertions handling
Shixiong Ou <oushixiong(a)kylinos.cn>
fbcon: Fix outdated registered_fb reference in comment
Fedor Pchelkin <pchelkin(a)ispras.ru>
drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value
Finn Thain <fthain(a)linux-m68k.org>
m68k: Don't unregister boot console needlessly
Mark Brown <broonie(a)kernel.org>
kselftest/arm64: Fix check for setting new VLs in sve-ptrace
Stav Aviram <saviram(a)nvidia.com>
net/mlx5: Check device memory pointer before usage
xin.guo <guoxin0309(a)gmail.com>
tcp: fix tcp_ofo_queue() to avoid including too much DUP SACK range
Sergey Senozhatsky <senozhatsky(a)chromium.org>
wifi: ath11k: clear initialized flag for deinit-ed srng lists
Jiasheng Jiang <jiasheng(a)iscas.ac.cn>
iwlwifi: Add missing check for alloc_ordered_workqueue
Xiu Jianfeng <xiujianfeng(a)huawei.com>
wifi: iwlwifi: Fix memory leak in iwl_mvm_init()
Daniil Dulov <d.dulov(a)aladdin.ru>
wifi: rtl818x: Kill URBs before clearing tx status queue
Arnd Bergmann <arnd(a)arndb.de>
caif: reduce stack size, again
Yuan Chen <chenyuan(a)kylinos.cn>
bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure
Petr Machata <petrm(a)nvidia.com>
net: ipv6: ip6mr: Fix in/out netdev to pass to the FORWARD chain
Jiayuan Chen <jiayuan.chen(a)linux.dev>
bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls
Jiayuan Chen <jiayuan.chen(a)linux.dev>
bpf, sockmap: Fix psock incorrectly pointing to sk
Andy Yan <andy.yan(a)rock-chips.com>
drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed
Steven Rostedt <rostedt(a)goodmis.org>
selftests/tracing: Fix false failure of subsystem event test
Alok Tiwari <alok.a.tiwari(a)oracle.com>
staging: nvec: Fix incorrect null termination of battery manufacturer
Dmitry Baryshkov <dmitry.baryshkov(a)oss.qualcomm.com>
interconnect: qcom: sc8180x: specify num_nodes
Dmitry Baryshkov <dmitry.baryshkov(a)oss.qualcomm.com>
interconnect: qcom: sc8280xp: specify num_links for qnm_a1noc_cfg
Brahmajit Das <listout(a)listout.xyz>
samples: mei: Fix building on musl libc
Lifeng Zheng <zhenglifeng1(a)huawei.com>
cpufreq: Init policy->rwsem before it may be possibly used
Lifeng Zheng <zhenglifeng1(a)huawei.com>
cpufreq: Initialize cpufreq-based frequency-invariance later
Rafael J. Wysocki <rafael.j.wysocki(a)intel.com>
cpufreq: intel_pstate: Always use HWP_DESIRED_PERF in passive mode
Lifeng Zheng <zhenglifeng1(a)huawei.com>
PM / devfreq: Check governor before using governor->name
Adam Ford <aford173(a)gmail.com>
arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed
Adam Ford <aford173(a)gmail.com>
arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed
Annette Kobou <annette.kobou(a)kontron.de>
ARM: dts: imx6ul-kontron-bl-common: Fix RTS polarity for RS485 interface
Sumit Gupta <sumitg(a)nvidia.com>
soc/tegra: cbb: Clear ERR_FORCE register with ERR_STATUS
Albin Törnqvist <albin.tornqvist(a)codiax.se>
arm: dts: ti: omap: Fixup pinheader typo
Lucas De Marchi <lucas.demarchi(a)intel.com>
usb: early: xhci-dbc: Fix early_ioremap leak
Sivan Zohar-Kotzer <sivany32(a)gmail.com>
powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw()
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Revert "vmci: Prevent the dispatching of uninitialized payloads"
Denis OSTERLAND-HEIM <denis.osterland(a)diehl.com>
pps: fix poll support
Lizhi Xu <lizhi.xu(a)windriver.com>
vmci: Prevent the dispatching of uninitialized payloads
Abdun Nihaal <abdun.nihaal(a)gmail.com>
staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc()
Charalampos Mitrodimas <charmitro(a)posteo.net>
usb: misc: apple-mfi-fastcharge: Make power supply names unique
Seungjin Bae <eeodqql09(a)gmail.com>
usb: host: xhci-plat: fix incorrect type for of_match variable in xhci_plat_probe()
Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org>
ARM: dts: vfxxx: Correctly use two tuples for timer address
Konrad Dybcio <konrad.dybcio(a)oss.qualcomm.com>
arm64: dts: qcom: sc7180: Expand IMEM region
Konrad Dybcio <konrad.dybcio(a)oss.qualcomm.com>
arm64: dts: qcom: sdm845: Expand IMEM region
Alexander Wilhelm <alexander.wilhelm(a)westermo.com>
soc: qcom: QMI encoding/decoding for big endian
Dmitry Vyukov <dvyukov(a)google.com>
selftests: Fix errno checking in syscall_user_dispatch test
Arnd Bergmann <arnd(a)arndb.de>
ASoC: ops: dynamically allocate struct snd_ctl_elem_value
Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com>
ASoC: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask()
Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com>
Revert "fs/ntfs3: Replace inode_trylock with inode_lock"
Yangtao Li <frank.li(a)vivo.com>
hfsplus: remove mutex_lock check in hfsplus_free_extents
Caleb Sander Mateos <csander(a)purestorage.com>
ublk: use vmalloc for ublk_device's __queues
RubenKelevra <rubenkelevra(a)gmail.com>
fs_context: fix parameter name in infofc() macro
Arnd Bergmann <arnd(a)arndb.de>
ASoC: Intel: fix SND_SOC_SOF dependencies
Adam Queler <queler(a)gmail.com>
ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx
Arnd Bergmann <arnd(a)arndb.de>
ethernet: intel: fix building with large NR_CPUS
Xu Yang <xu.yang_2(a)nxp.com>
usb: phy: mxs: disconnect line when USB charger is attached
Xu Yang <xu.yang_2(a)nxp.com>
usb: chipidea: add USB PHY event
Gao Xiang <xiang(a)kernel.org>
erofs: address D-cache aliasing
Gao Xiang <xiang(a)kernel.org>
erofs: simplify z_erofs_transform_plain()
Gao Xiang <xiang(a)kernel.org>
erofs: drop z_erofs_page_mark_eio()
Gao Xiang <xiang(a)kernel.org>
erofs: sunset erofs_dbg()
Gao Xiang <xiang(a)kernel.org>
erofs: get rid of debug_one_dentry()
Liu Shixin <liushixin2(a)huawei.com>
mm: khugepaged: fix call hpage_collapse_scan_file() for anonymous vma
Ville Syrjälä <ville.syrjala(a)linux.intel.com>
drm/i915/dp: Fix 2.7 Gbps DP_LINK_BW value on g4x
Daniel Dadap <ddadap(a)nvidia.com>
ALSA: hda: Add missing NVIDIA HDA codec IDs
Mohan Kumar D <mkumard(a)nvidia.com>
ALSA: hda/tegra: Add Tegra264 support
Ian Abbott <abbotti(a)mev.co.uk>
comedi: comedi_test: Fix possible deletion of uninitialized timers
Dmitry Antipov <dmantipov(a)yandex.ru>
jfs: reject on-disk inodes of an unsupported type
Michael Zhivich <mzhivich(a)akamai.com>
x86/bugs: Fix use of possibly uninit value in amd_check_tsa_microcode()
RD Babiera <rdbabiera(a)google.com>
usb: typec: tcpm: apply vbus before data bringup in tcpm_src_attach
Michael Grzeschik <m.grzeschik(a)pengutronix.de>
usb: typec: tcpm: allow switching to mode accessory to mux properly
Michael Grzeschik <m.grzeschik(a)pengutronix.de>
usb: typec: tcpm: allow to use sink in accessory mode
Philip Yang <Philip.Yang(a)amd.com>
drm/amdkfd: Don't call mmput from MMU notifier callback
Harry Yoo <harry.yoo(a)oracle.com>
mm/zsmalloc: do not pass __GFP_MOVABLE if CONFIG_COMPACTION=n
Matthieu Baerts (NGI0) <matttbe(a)kernel.org>
selftests: mptcp: connect: also cover checksum
Matthieu Baerts (NGI0) <matttbe(a)kernel.org>
selftests: mptcp: connect: also cover alt modes
Ryusuke Konishi <konishi.ryusuke(a)gmail.com>
nilfs2: reject invalid file types when reading inodes
Marco Elver <elver(a)google.com>
kasan: use vmalloc_dump_obj() for vmalloc error reports
Haoxiang Li <haoxiang_li2024(a)163.com>
ice: Fix a null pointer dereference in ice_copy_and_init_pkg()
Praveen Kaligineedi <pkaligineedi(a)google.com>
gve: Fix stuck TX queue for DQ queue format
Jacek Kowalski <jacek(a)jacekk.info>
e1000e: ignore uninitialized checksum word on tgp
Jacek Kowalski <jacek(a)jacekk.info>
e1000e: disregard NVM checksum on tgp when valid checksum bit is not set
Ma Ke <make24(a)iscas.ac.cn>
dpaa2-switch: Fix device reference count leak in MAC endpoint handling
Ma Ke <make24(a)iscas.ac.cn>
dpaa2-eth: Fix device reference count leak in MAC endpoint handling
Dawid Rezler <dawidrezler.patches(a)gmail.com>
ALSA: hda/realtek - Add mute LED support for HP Pavilion 15-eg0xxx
Ma Ke <make24(a)iscas.ac.cn>
bus: fsl-mc: Fix potential double device reference in fsl_mc_get_endpoint()
Viresh Kumar <viresh.kumar(a)linaro.org>
i2c: virtio: Avoid hang by using interruptible completion wait
Akhil R <akhilrajeev(a)nvidia.com>
i2c: tegra: Fix reset error handling with ACPI
Yang Xiwen <forbidden405(a)outlook.com>
i2c: qup: jump out of the loop in case of timeout
Rong Zhang <i(a)rong.moe>
platform/x86: ideapad-laptop: Fix kbd backlight not remembered among boots
Jian Shen <shenjian15(a)huawei.com>
net: hns3: fixed vf get max channels bug
Yonglong Liu <liuyonglong(a)huawei.com>
net: hns3: disable interrupt when ptp init failed
Jian Shen <shenjian15(a)huawei.com>
net: hns3: fix concurrent setting vlan filter issue
Douglas Anderson <dianders(a)chromium.org>
drm/bridge: ti-sn65dsi86: Remove extra semicolon in ti_sn_bridge_probe()
Marc Kleine-Budde <mkl(a)pengutronix.de>
can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode
Marc Kleine-Budde <mkl(a)pengutronix.de>
can: dev: can_restart(): move debug message and stats after successful restart
Marc Kleine-Budde <mkl(a)pengutronix.de>
can: dev: can_restart(): reverse logic to remove need for goto
Xiang Mei <xmei5(a)asu.edu>
net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class
Kito Xu (veritas501) <hxzene(a)gmail.com>
net: appletalk: Fix use-after-free in AARP proxy probe
Jamie Bainbridge <jamie.bainbridge(a)gmail.com>
i40e: When removing VF MAC filters, only check PF-set MAC
Dennis Chen <dechen(a)redhat.com>
i40e: report VF tx_dropped with tx_errors instead of tx_discards
Yajun Deng <yajun.deng(a)linux.dev>
i40e: Add rx_missed_errors for buffer exhaustion
Chiara Meiohas <cmeiohas(a)nvidia.com>
net/mlx5: Fix memory leak in cmd_exec()
Eyal Birger <eyal.birger(a)gmail.com>
xfrm: interface: fix use-after-free after changing collect_md xfrm interface
Stefan Wahren <wahrenst(a)gmx.net>
staging: vchiq_arm: Make vchiq_shutdown never fail
Umang Jain <umang.jain(a)ideasonboard.com>
staging: vc04_services: Drop VCHIQ_RETRY usage
Umang Jain <umang.jain(a)ideasonboard.com>
staging: vc04_services: Drop VCHIQ_ERROR usage
Umang Jain <umang.jain(a)ideasonboard.com>
staging: vc04_services: Drop VCHIQ_SUCCESS usage
Nuno Das Neves <nunodasneves(a)linux.microsoft.com>
x86/hyperv: Fix usage of cpu_online_mask to get valid cpu
Abdun Nihaal <abdun.nihaal(a)gmail.com>
regmap: fix potential memory leak of regmap_bus
David Lechner <dlechner(a)baylibre.com>
iio: adc: ad7949: use spi_is_bpw_supported()
Xilin Wu <sophon(a)radxa.com>
interconnect: qcom: sc7280: Add missing num_links to xm_pcie3_1 node
Maor Gottlieb <maorg(a)nvidia.com>
RDMA/core: Rate limit GID cache warning messages
Alessandro Carminati <acarmina(a)redhat.com>
regulator: core: fix NULL dereference on unbind due to stale coupling data
Fabrice Gasnier <fabrice.gasnier(a)foss.st.com>
Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT
-------------
Diffstat:
Documentation/filesystems/f2fs.rst | 6 +-
Makefile | 4 +-
arch/arm/boot/dts/am335x-boneblack.dts | 2 +-
arch/arm/boot/dts/imx6ul-kontron-bl-common.dtsi | 1 -
arch/arm/boot/dts/vfxxx.dtsi | 2 +-
arch/arm/crypto/aes-neonbs-glue.c | 2 +-
.../boot/dts/freescale/imx8mm-beacon-som.dtsi | 2 +
.../boot/dts/freescale/imx8mn-beacon-som.dtsi | 2 +
arch/arm64/boot/dts/qcom/sc7180.dtsi | 10 +-
arch/arm64/boot/dts/qcom/sdm845.dtsi | 10 +-
arch/m68k/Kconfig.debug | 2 +-
arch/m68k/kernel/early_printk.c | 42 +--
arch/m68k/kernel/head.S | 8 +-
arch/mips/mm/tlb-r4k.c | 56 +++-
arch/powerpc/configs/ppc6xx_defconfig | 1 -
arch/powerpc/kernel/eeh.c | 1 +
arch/powerpc/kernel/eeh_driver.c | 48 ++--
arch/powerpc/kernel/eeh_pe.c | 11 +-
arch/powerpc/kernel/pci-hotplug.c | 3 +
arch/sh/Makefile | 10 +-
arch/sh/boot/compressed/Makefile | 4 +-
arch/sh/boot/romimage/Makefile | 4 +-
arch/um/drivers/rtc_user.c | 2 +-
arch/x86/boot/compressed/sev.c | 7 +
arch/x86/boot/cpuflags.c | 13 +
arch/x86/hyperv/irqdomain.c | 4 +-
arch/x86/include/asm/cpufeatures.h | 1 +
arch/x86/kernel/cpu/amd.c | 2 +
arch/x86/kernel/cpu/scattered.c | 1 +
arch/x86/kernel/sev-shared.c | 18 ++
arch/x86/kernel/sev.c | 11 +-
arch/x86/mm/extable.c | 5 +-
drivers/base/regmap/regmap.c | 2 +
drivers/block/ublk_drv.c | 4 +-
drivers/bus/fsl-mc/fsl-mc-bus.c | 19 +-
drivers/char/hw_random/mtk-rng.c | 4 +-
drivers/clk/clk-axi-clkgen.c | 2 +-
drivers/clk/davinci/psc.c | 5 +
drivers/clk/sunxi-ng/ccu-sun8i-v3s.c | 3 +-
drivers/clk/xilinx/xlnx_vcu.c | 4 +-
drivers/comedi/drivers/comedi_test.c | 2 +-
drivers/cpufreq/cpufreq.c | 21 +-
drivers/cpufreq/intel_pstate.c | 4 +-
.../crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c | 4 +-
drivers/crypto/ccp/ccp-debugfs.c | 3 +
drivers/crypto/img-hash.c | 2 +-
drivers/crypto/inside-secure/safexcel_hash.c | 8 +-
drivers/crypto/keembay/keembay-ocs-hcu-core.c | 8 +-
drivers/crypto/marvell/cesa/cipher.c | 4 +-
drivers/crypto/marvell/cesa/hash.c | 5 +-
.../crypto/qat/qat_common/adf_transport_debug.c | 4 +-
drivers/devfreq/devfreq.c | 10 +-
drivers/dma/mv_xor.c | 21 +-
drivers/dma/nbpfaxi.c | 13 +
drivers/gpu/drm/amd/amdkfd/kfd_svm.c | 47 ++--
.../gpu/drm/amd/pm/powerplay/hwmgr/smu_helper.c | 2 +-
drivers/gpu/drm/bridge/ti-sn65dsi86.c | 2 +-
drivers/gpu/drm/i915/display/intel_dp.c | 6 +
drivers/gpu/drm/rockchip/rockchip_drm_fb.c | 9 +-
drivers/i2c/busses/i2c-qup.c | 4 +-
drivers/i2c/busses/i2c-tegra.c | 24 +-
drivers/i2c/busses/i2c-virtio.c | 15 +-
drivers/iio/adc/ad7949.c | 7 +-
drivers/infiniband/core/cache.c | 4 +-
drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 15 +-
drivers/infiniband/hw/mlx5/dm.c | 2 +-
drivers/input/keyboard/gpio_keys.c | 4 +-
drivers/interconnect/qcom/sc7280.c | 1 +
drivers/interconnect/qcom/sc8180x.c | 6 +
drivers/interconnect/qcom/sc8280xp.c | 1 +
drivers/irqchip/Kconfig | 1 +
drivers/media/v4l2-core/v4l2-ctrls-core.c | 8 +-
drivers/mtd/ftl.c | 2 +-
drivers/mtd/nand/raw/atmel/nand-controller.c | 2 +-
drivers/mtd/nand/raw/atmel/pmecc.c | 6 +
drivers/mtd/nand/raw/rockchip-nand-controller.c | 15 ++
drivers/net/can/dev/dev.c | 31 ++-
drivers/net/can/dev/netlink.c | 12 +
drivers/net/can/kvaser_pciefd.c | 1 +
drivers/net/can/usb/kvaser_usb/kvaser_usb_core.c | 1 +
drivers/net/can/usb/peak_usb/pcan_usb_fd.c | 17 +-
drivers/net/ethernet/emulex/benet/be_cmds.c | 2 +-
drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.c | 15 +-
.../net/ethernet/freescale/dpaa2/dpaa2-switch.c | 15 +-
drivers/net/ethernet/google/gve/gve_main.c | 67 ++---
.../ethernet/hisilicon/hns3/hns3pf/hclge_main.c | 36 +--
.../net/ethernet/hisilicon/hns3/hns3pf/hclge_ptp.c | 9 +-
.../ethernet/hisilicon/hns3/hns3vf/hclgevf_main.c | 6 +-
drivers/net/ethernet/intel/e1000e/defines.h | 3 +
drivers/net/ethernet/intel/e1000e/ich8lan.c | 2 +
drivers/net/ethernet/intel/e1000e/nvm.c | 6 +
drivers/net/ethernet/intel/fm10k/fm10k.h | 3 +-
drivers/net/ethernet/intel/i40e/i40e.h | 2 +-
drivers/net/ethernet/intel/i40e/i40e_ethtool.c | 3 +-
drivers/net/ethernet/intel/i40e/i40e_main.c | 18 +-
drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 8 +-
drivers/net/ethernet/intel/ice/ice_flex_pipe.c | 2 +
drivers/net/ethernet/intel/ixgbe/ixgbe.h | 3 +-
drivers/net/ethernet/mellanox/mlx5/core/cmd.c | 4 +-
drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 1 +
drivers/net/ethernet/mellanox/mlx5/core/lib/dm.c | 4 +-
drivers/net/ethernet/mellanox/mlx5/core/main.c | 3 -
drivers/net/phy/mscc/mscc_ptp.c | 1 +
drivers/net/phy/mscc/mscc_ptp.h | 1 +
drivers/net/ppp/pptp.c | 18 +-
drivers/net/usb/usbnet.c | 11 +-
drivers/net/vrf.c | 2 +
drivers/net/wireless/ath/ath11k/hal.c | 4 +
.../broadcom/brcm80211/brcmfmac/cfg80211.c | 8 +-
drivers/net/wireless/intel/iwlwifi/dvm/main.c | 11 +-
drivers/net/wireless/intel/iwlwifi/mvm/ops.c | 4 +-
drivers/net/wireless/marvell/mwl8k.c | 4 +
drivers/net/wireless/purelifi/plfxlc/mac.c | 11 +-
drivers/net/wireless/purelifi/plfxlc/mac.h | 2 +-
drivers/net/wireless/purelifi/plfxlc/usb.c | 29 +-
drivers/net/wireless/realtek/rtl818x/rtl8187/dev.c | 3 +-
.../net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c | 2 +-
drivers/pci/controller/pcie-rockchip-host.c | 2 +-
drivers/pci/endpoint/functions/pci-epf-vntb.c | 4 +-
drivers/pci/hotplug/pnv_php.c | 235 ++++++++++++++--
drivers/pinctrl/sunxi/pinctrl-sunxi.c | 11 +-
drivers/platform/x86/ideapad-laptop.c | 2 +-
drivers/power/supply/cpcap-charger.c | 5 +-
drivers/power/supply/max14577_charger.c | 4 +-
drivers/powercap/dtpm_cpu.c | 2 +
drivers/pps/pps.c | 11 +-
drivers/regulator/core.c | 1 +
drivers/rtc/rtc-ds1307.c | 2 +-
drivers/rtc/rtc-hym8563.c | 2 +-
drivers/rtc/rtc-nct3018y.c | 2 +-
drivers/rtc/rtc-pcf85063.c | 2 +-
drivers/rtc/rtc-pcf8563.c | 2 +-
drivers/rtc/rtc-rv3028.c | 2 +-
drivers/scsi/elx/efct/efct_lio.c | 2 +-
drivers/scsi/ibmvscsi_tgt/libsrp.c | 6 +-
drivers/scsi/isci/request.c | 2 +-
drivers/scsi/mpt3sas/mpt3sas_scsih.c | 3 +-
drivers/scsi/mvsas/mv_sas.c | 4 +-
drivers/scsi/scsi_transport_iscsi.c | 2 +
drivers/scsi/sd.c | 4 +-
drivers/soc/qcom/qmi_encdec.c | 46 +++-
drivers/soc/tegra/cbb/tegra234-cbb.c | 2 +
drivers/soundwire/stream.c | 2 +-
drivers/staging/fbtft/fbtft-core.c | 1 +
drivers/staging/nvec/nvec_power.c | 2 +-
.../vc04_services/bcm2835-audio/bcm2835-vchiq.c | 4 +-
.../include/linux/raspberrypi/vchiq.h | 2 -
.../vc04_services/interface/vchiq_arm/vchiq_arm.c | 79 +++---
.../vc04_services/interface/vchiq_arm/vchiq_core.c | 172 ++++++------
.../vc04_services/interface/vchiq_arm/vchiq_dev.c | 36 +--
.../staging/vc04_services/vchiq-mmal/mmal-vchiq.c | 4 +-
drivers/ufs/core/ufshcd.c | 10 +-
drivers/usb/chipidea/ci.h | 18 +-
drivers/usb/chipidea/udc.c | 10 +
drivers/usb/early/xhci-dbc.c | 4 +
drivers/usb/gadget/composite.c | 5 +
drivers/usb/host/xhci-plat.c | 2 +-
drivers/usb/misc/apple-mfi-fastcharge.c | 24 +-
drivers/usb/phy/phy-mxs-usb.c | 4 +-
drivers/usb/serial/option.c | 2 +
drivers/usb/typec/tcpm/tcpm.c | 64 +++--
drivers/vfio/pci/vfio_pci_core.c | 2 +-
drivers/vhost/scsi.c | 4 +-
drivers/video/fbdev/core/fbcon.c | 4 +-
drivers/video/fbdev/imxfb.c | 9 +-
drivers/watchdog/ziirave_wdt.c | 3 +
drivers/xen/gntdev-common.h | 4 +
drivers/xen/gntdev.c | 71 +++--
fs/erofs/decompressor.c | 23 +-
fs/erofs/dir.c | 17 --
fs/erofs/inode.c | 3 -
fs/erofs/internal.h | 2 -
fs/erofs/namei.c | 9 +-
fs/erofs/zdata.c | 56 ++--
fs/erofs/zmap.c | 3 -
fs/f2fs/data.c | 2 +-
fs/f2fs/extent_cache.c | 2 +-
fs/f2fs/f2fs.h | 2 +-
fs/f2fs/inode.c | 21 +-
fs/f2fs/segment.h | 5 +-
fs/hfsplus/extents.c | 3 -
fs/jfs/jfs_dmap.c | 4 +-
fs/jfs/jfs_imap.c | 13 +-
fs/nfs/dir.c | 4 +-
fs/nfs/export.c | 11 +-
fs/nfs/flexfilelayout/flexfilelayout.c | 26 +-
fs/nfs/flexfilelayout/flexfilelayoutdev.c | 6 +-
fs/nfs/internal.h | 9 +-
fs/nfs/nfs4proc.c | 10 +-
fs/nilfs2/inode.c | 9 +-
fs/ntfs3/file.c | 5 +-
fs/orangefs/orangefs-debugfs.c | 6 +-
fs/proc/generic.c | 2 +
fs/proc/inode.c | 2 +-
fs/proc/internal.h | 5 +
fs/smb/client/smbdirect.c | 14 +-
fs/smb/server/connection.h | 1 +
fs/smb/server/smb2pdu.c | 22 +-
fs/smb/server/smb_common.c | 2 +-
fs/smb/server/transport_rdma.c | 97 +++----
fs/smb/server/transport_tcp.c | 17 ++
fs/smb/server/vfs.c | 3 +-
include/linux/fs_context.h | 2 +-
include/linux/moduleparam.h | 5 +-
include/linux/pps_kernel.h | 1 +
include/linux/proc_fs.h | 1 +
include/linux/skbuff.h | 23 ++
include/linux/usb/usbnet.h | 1 +
include/linux/wait_bit.h | 60 +++++
include/net/tc_act/tc_ctinfo.h | 6 +-
include/net/udp.h | 24 +-
kernel/bpf/preload/Kconfig | 1 -
kernel/events/core.c | 20 +-
kernel/kcsan/kcsan_test.c | 2 +-
kernel/trace/preemptirq_delay_test.c | 13 +-
kernel/ucount.c | 2 +-
mm/hmm.c | 2 +-
mm/kasan/report.c | 4 +-
mm/khugepaged.c | 4 +-
mm/zsmalloc.c | 3 +
net/appletalk/aarp.c | 24 +-
net/caif/cfctrl.c | 294 ++++++++++-----------
net/core/filter.c | 3 +
net/core/netpoll.c | 7 +
net/core/skmsg.c | 7 +
net/ipv4/tcp_input.c | 3 +-
net/ipv6/ip6_fib.c | 24 +-
net/ipv6/ip6_offload.c | 4 +-
net/ipv6/ip6mr.c | 3 +-
net/ipv6/route.c | 60 +++--
net/mac80211/tdls.c | 2 +-
net/mac80211/tx.c | 14 +-
net/netfilter/nf_tables_api.c | 4 +-
net/netfilter/xt_nfacct.c | 4 +-
net/packet/af_packet.c | 12 +-
net/sched/act_ctinfo.c | 19 +-
net/sched/sch_netem.c | 40 +++
net/sched/sch_qfq.c | 7 +-
net/tls/tls_sw.c | 13 +
net/vmw_vsock/af_vsock.c | 3 +-
net/xfrm/xfrm_interface_core.c | 7 +-
samples/mei/mei-amt-version.c | 2 +-
scripts/kconfig/qconf.cc | 2 +-
security/apparmor/include/match.h | 3 +-
security/apparmor/match.c | 1 +
sound/pci/hda/hda_tegra.c | 51 +++-
sound/pci/hda/patch_ca0132.c | 5 +-
sound/pci/hda/patch_hdmi.c | 20 ++
sound/pci/hda/patch_realtek.c | 1 +
sound/soc/amd/yc/acp6x-mach.c | 7 +
sound/soc/intel/boards/Kconfig | 2 +-
sound/soc/soc-dai.c | 16 +-
sound/soc/soc-ops.c | 28 +-
sound/usb/mixer_scarlett2.c | 7 +
sound/x86/intel_hdmi_audio.c | 2 +-
tools/bpf/bpftool/net.c | 15 +-
tools/perf/builtin-sched.c | 39 ++-
tools/perf/tests/bp_account.c | 1 +
tools/perf/util/evsel.c | 11 +
tools/perf/util/evsel.h | 2 +
tools/testing/selftests/arm64/fp/sve-ptrace.c | 2 +-
.../ftrace/test.d/event/subsystem-enable.tc | 28 +-
tools/testing/selftests/net/mptcp/Makefile | 3 +-
.../selftests/net/mptcp/mptcp_connect_checksum.sh | 5 +
.../selftests/net/mptcp/mptcp_connect_mmap.sh | 5 +
.../selftests/net/mptcp/mptcp_connect_sendfile.sh | 5 +
tools/testing/selftests/net/rtnetlink.sh | 6 +
tools/testing/selftests/perf_events/.gitignore | 1 +
tools/testing/selftests/perf_events/Makefile | 2 +-
tools/testing/selftests/perf_events/mmap.c | 236 +++++++++++++++++
.../selftests/syscall_user_dispatch/sud_test.c | 50 ++--
271 files changed, 2449 insertions(+), 1170 deletions(-)
1 month
- 11
- 264
Linux 6.15.10
by Greg Kroah-Hartman
I'm announcing the release of the 6.15.10 kernel.
All users of the 6.15 kernel series must upgrade.
The updated 6.15.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.15.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
Documentation/filesystems/f2fs.rst | 6
Documentation/netlink/specs/ethtool.yaml | 6
Makefile | 2
arch/arm/boot/dts/microchip/sam9x7.dtsi | 2
arch/arm/boot/dts/microchip/sama7d65.dtsi | 2
arch/arm/boot/dts/nxp/imx/imx6ul-kontron-bl-common.dtsi | 1
arch/arm/boot/dts/nxp/vf/vfxxx.dtsi | 2
arch/arm/boot/dts/ti/omap/am335x-boneblack.dts | 2
arch/arm/crypto/aes-neonbs-glue.c | 2
arch/arm64/boot/dts/exynos/google/gs101.dtsi | 3
arch/arm64/boot/dts/freescale/imx8mm-beacon-som.dtsi | 2
arch/arm64/boot/dts/freescale/imx8mn-beacon-som.dtsi | 2
arch/arm64/boot/dts/freescale/imx8mp-venice-gw74xx.dts | 8
arch/arm64/boot/dts/freescale/imx93-tqma9352.dtsi | 6
arch/arm64/boot/dts/qcom/msm8976.dtsi | 2
arch/arm64/boot/dts/qcom/qcs615.dtsi | 4
arch/arm64/boot/dts/qcom/sa8775p.dtsi | 10
arch/arm64/boot/dts/qcom/sc7180.dtsi | 10
arch/arm64/boot/dts/qcom/sdm845.dtsi | 10
arch/arm64/boot/dts/rockchip/rk3528-pinctrl.dtsi | 20
arch/arm64/boot/dts/rockchip/rk3528-radxa-e20c.dts | 1
arch/arm64/boot/dts/rockchip/rk3576-rock-4d.dts | 6
arch/arm64/boot/dts/st/stm32mp251.dtsi | 2
arch/arm64/boot/dts/ti/k3-am62p-j722s-common-main.dtsi | 2
arch/arm64/boot/dts/ti/k3-am642-phyboard-electra-rdk.dts | 2
arch/arm64/include/asm/gcs.h | 2
arch/arm64/kernel/process.c | 6
arch/arm64/net/bpf_jit_comp.c | 1
arch/m68k/Kconfig.debug | 2
arch/m68k/kernel/early_printk.c | 42
arch/m68k/kernel/head.S | 8
arch/mips/mm/tlb-r4k.c | 56
arch/powerpc/configs/ppc6xx_defconfig | 1
arch/powerpc/kernel/eeh.c | 1
arch/powerpc/kernel/eeh_driver.c | 48
arch/powerpc/kernel/eeh_pe.c | 10
arch/powerpc/kernel/pci-hotplug.c | 3
arch/powerpc/platforms/pseries/dlpar.c | 52
arch/riscv/kvm/vcpu_onereg.c | 83 -
arch/s390/boot/startup.c | 2
arch/s390/include/asm/ap.h | 2
arch/s390/kernel/setup.c | 6
arch/s390/mm/pgalloc.c | 5
arch/s390/mm/vmem.c | 5
arch/sh/Makefile | 10
arch/sh/boot/compressed/Makefile | 4
arch/sh/boot/romimage/Makefile | 4
arch/um/drivers/rtc_user.c | 2
arch/x86/boot/cpuflags.c | 13
arch/x86/coco/sev/shared.c | 46
arch/x86/include/asm/cpufeatures.h | 1
arch/x86/include/asm/hw_irq.h | 12
arch/x86/include/asm/msr-index.h | 1
arch/x86/kernel/cpu/scattered.c | 1
arch/x86/kernel/irq.c | 63 -
arch/x86/kvm/vmx/vmx.c | 4
arch/x86/mm/extable.c | 5
block/blk-settings.c | 19
crypto/krb5/selftest.c | 1
drivers/block/mtip32xx/mtip32xx.c | 27
drivers/block/ublk_drv.c | 4
drivers/bluetooth/btusb.c | 4
drivers/bus/mhi/host/pci_generic.c | 8
drivers/char/hw_random/mtk-rng.c | 4
drivers/clk/at91/sam9x7.c | 20
drivers/clk/clk-axi-clkgen.c | 2
drivers/clk/davinci/psc.c | 5
drivers/clk/imx/clk-imx95-blk-ctl.c | 13
drivers/clk/renesas/rzv2h-cpg.c | 1
drivers/clk/sunxi-ng/ccu-sun8i-v3s.c | 3
drivers/clk/thead/clk-th1520-ap.c | 9
drivers/clk/xilinx/clk-xlnx-clock-wizard.c | 2
drivers/clk/xilinx/xlnx_vcu.c | 4
drivers/cpufreq/Makefile | 1
drivers/cpufreq/armada-8k-cpufreq.c | 3
drivers/cpufreq/cpufreq.c | 21
drivers/cpufreq/intel_pstate.c | 4
drivers/cpufreq/powernv-cpufreq.c | 4
drivers/cpufreq/powernv-trace.h | 44
drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c | 4
drivers/crypto/ccp/ccp-debugfs.c | 3
drivers/crypto/ccp/sev-dev.c | 8
drivers/crypto/img-hash.c | 2
drivers/crypto/inside-secure/safexcel_hash.c | 8
drivers/crypto/intel/keembay/keembay-ocs-hcu-core.c | 8
drivers/crypto/intel/qat/qat_420xx/adf_420xx_hw_data.c | 9
drivers/crypto/intel/qat/qat_common/adf_gen4_hw_data.c | 29
drivers/crypto/intel/qat/qat_common/adf_sriov.c | 1
drivers/crypto/intel/qat/qat_common/adf_transport_debug.c | 4
drivers/crypto/intel/qat/qat_common/qat_bl.c | 6
drivers/crypto/intel/qat/qat_common/qat_compression.c | 8
drivers/crypto/marvell/cesa/cipher.c | 4
drivers/crypto/marvell/cesa/hash.c | 5
drivers/devfreq/devfreq.c | 12
drivers/dma/mmp_tdma.c | 2
drivers/dma/mv_xor.c | 21
drivers/dma/nbpfaxi.c | 13
drivers/firmware/arm_scmi/perf.c | 2
drivers/gpu/drm/amd/amdgpu/gfx_v10_0.c | 6
drivers/gpu/drm/amd/amdgpu/gfx_v9_0.c | 2
drivers/gpu/drm/amd/amdgpu/gfx_v9_4_3.c | 3
drivers/gpu/drm/amd/amdgpu/nbio_v7_9.c | 20
drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu_helper.c | 2
drivers/gpu/drm/display/drm_hdmi_state_helper.c | 4
drivers/gpu/drm/msm/disp/dpu1/catalog/dpu_5_1_sc8180x.h | 1
drivers/gpu/drm/panfrost/panfrost_devfreq.c | 4
drivers/gpu/drm/radeon/radeon_device.c | 8
drivers/gpu/drm/rockchip/rockchip_drm_fb.c | 9
drivers/gpu/drm/rockchip/rockchip_drm_vop2.c | 29
drivers/gpu/drm/rockchip/rockchip_drm_vop2.h | 33
drivers/gpu/drm/rockchip/rockchip_vop2_reg.c | 89 +
drivers/gpu/drm/vmwgfx/vmwgfx_shader.c | 2
drivers/gpu/drm/xe/xe_device.c | 1
drivers/gpu/drm/xe/xe_gt_sriov_pf.c | 32
drivers/gpu/drm/xe/xe_vsec.c | 20
drivers/hid/hid-apple.c | 20
drivers/hid/hid-core.c | 6
drivers/i2c/muxes/i2c-mux-mule.c | 3
drivers/i3c/master/svc-i3c-master.c | 22
drivers/infiniband/hw/erdma/erdma_verbs.c | 3
drivers/infiniband/hw/hns/hns_roce_device.h | 1
drivers/infiniband/hw/hns/hns_roce_hem.c | 18
drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 87 -
drivers/infiniband/hw/hns/hns_roce_hw_v2.h | 8
drivers/infiniband/hw/hns/hns_roce_main.c | 22
drivers/infiniband/hw/mana/qp.c | 2
drivers/infiniband/hw/mlx5/dm.c | 2
drivers/infiniband/hw/mlx5/umr.c | 6
drivers/interconnect/qcom/sc8180x.c | 6
drivers/interconnect/qcom/sc8280xp.c | 1
drivers/iommu/amd/iommu.c | 19
drivers/iommu/arm/arm-smmu/arm-smmu-qcom.c | 3
drivers/iommu/intel/iommu.c | 1
drivers/irqchip/Kconfig | 1
drivers/md/md.c | 33
drivers/media/platform/ti/j721e-csi2rx/j721e-csi2rx.c | 1
drivers/media/v4l2-core/v4l2-ctrls-core.c | 8
drivers/mfd/tps65219.c | 2
drivers/misc/mei/platform-vsc.c | 8
drivers/misc/mei/vsc-tp.c | 20
drivers/misc/sram.c | 10
drivers/mtd/ftl.c | 2
drivers/mtd/nand/raw/atmel/nand-controller.c | 2
drivers/mtd/nand/raw/atmel/pmecc.c | 6
drivers/mtd/nand/raw/rockchip-nand-controller.c | 15
drivers/mtd/spi-nor/spansion.c | 31
drivers/net/can/kvaser_pciefd.c | 1
drivers/net/can/usb/kvaser_usb/kvaser_usb_core.c | 1
drivers/net/can/usb/peak_usb/pcan_usb_fd.c | 17
drivers/net/dsa/microchip/ksz8.c | 3
drivers/net/dsa/microchip/ksz8_reg.h | 4
drivers/net/ethernet/airoha/airoha_npu.c | 2
drivers/net/ethernet/emulex/benet/be_cmds.c | 2
drivers/net/ethernet/intel/fm10k/fm10k.h | 3
drivers/net/ethernet/intel/i40e/i40e.h | 2
drivers/net/ethernet/intel/igb/igb_xsk.c | 3
drivers/net/ethernet/intel/ixgbe/ixgbe.h | 3
drivers/net/ethernet/mellanox/mlx5/core/en/port_buffer.c | 3
drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec_rxtx.c | 4
drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 1
drivers/net/ethernet/mellanox/mlx5/core/lib/dm.c | 4
drivers/net/ethernet/mellanox/mlx5/core/main.c | 3
drivers/net/ethernet/meta/fbnic/fbnic_netdev.c | 4
drivers/net/ethernet/meta/fbnic/fbnic_txrx.c | 4
drivers/net/ethernet/meta/fbnic/fbnic_txrx.h | 6
drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 2
drivers/net/ethernet/ti/icssg/icssg_common.c | 15
drivers/net/ipa/ipa_sysfs.c | 6
drivers/net/macsec.c | 2
drivers/net/mdio/mdio-bcm-unimac.c | 5
drivers/net/netconsole.c | 30
drivers/net/phy/mscc/mscc_ptp.c | 1
drivers/net/phy/mscc/mscc_ptp.h | 1
drivers/net/ppp/pptp.c | 18
drivers/net/team/team_core.c | 96 -
drivers/net/team/team_mode_activebackup.c | 3
drivers/net/team/team_mode_loadbalance.c | 13
drivers/net/usb/usbnet.c | 11
drivers/net/vrf.c | 2
drivers/net/wireless/ath/ath11k/hal.c | 4
drivers/net/wireless/ath/ath11k/mac.c | 12
drivers/net/wireless/ath/ath12k/dp.h | 1
drivers/net/wireless/ath/ath12k/dp_mon.c | 1
drivers/net/wireless/ath/ath12k/dp_tx.c | 10
drivers/net/wireless/ath/ath12k/mac.c | 29
drivers/net/wireless/ath/ath12k/p2p.c | 3
drivers/net/wireless/ath/ath12k/wmi.c | 14
drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c | 8
drivers/net/wireless/intel/iwlwifi/dvm/main.c | 12
drivers/net/wireless/intel/iwlwifi/mld/rx.c | 9
drivers/net/wireless/intel/iwlwifi/mvm/ops.c | 4
drivers/net/wireless/marvell/mwl8k.c | 4
drivers/net/wireless/mediatek/mt76/mt7996/main.c | 21
drivers/net/wireless/mediatek/mt76/mt7996/mcu.c | 3
drivers/net/wireless/purelifi/plfxlc/mac.c | 11
drivers/net/wireless/purelifi/plfxlc/mac.h | 2
drivers/net/wireless/purelifi/plfxlc/usb.c | 29
drivers/net/wireless/realtek/rtl818x/rtl8187/dev.c | 3
drivers/net/wireless/realtek/rtl8xxxu/core.c | 2
drivers/net/wireless/realtek/rtw88/main.c | 4
drivers/net/wireless/realtek/rtw89/core.c | 5
drivers/net/wireless/realtek/rtw89/phy.c | 12
drivers/nvme/target/core.c | 14
drivers/pci/controller/pcie-rockchip-host.c | 2
drivers/pci/endpoint/functions/pci-epf-vntb.c | 4
drivers/pci/hotplug/pnv_php.c | 233 +++
drivers/pci/pci-driver.c | 6
drivers/pci/quirks.c | 6
drivers/perf/arm-ni.c | 2
drivers/phy/qualcomm/phy-qcom-eusb2-repeater.c | 87 -
drivers/pinctrl/berlin/berlin.c | 8
drivers/pinctrl/pinctrl-k230.c | 13
drivers/pinctrl/pinmux.c | 20
drivers/pinctrl/sunxi/pinctrl-sunxi.c | 11
drivers/platform/x86/intel/pmt/class.c | 3
drivers/platform/x86/intel/pmt/class.h | 1
drivers/power/sequencing/pwrseq-qcom-wcn.c | 2
drivers/power/supply/cpcap-charger.c | 5
drivers/power/supply/max14577_charger.c | 4
drivers/power/supply/max1720x_battery.c | 11
drivers/power/supply/qcom_pmi8998_charger.c | 4
drivers/powercap/dtpm_cpu.c | 2
drivers/pps/pps.c | 11
drivers/remoteproc/Kconfig | 11
drivers/remoteproc/qcom_q6v5_pas.c | 621 ++++------
drivers/remoteproc/xlnx_r5_remoteproc.c | 2
drivers/rtc/rtc-ds1307.c | 2
drivers/rtc/rtc-hym8563.c | 2
drivers/rtc/rtc-nct3018y.c | 2
drivers/rtc/rtc-pcf85063.c | 2
drivers/rtc/rtc-pcf8563.c | 2
drivers/rtc/rtc-rv3028.c | 2
drivers/s390/crypto/ap_bus.h | 2
drivers/scsi/elx/efct/efct_lio.c | 2
drivers/scsi/ibmvscsi_tgt/libsrp.c | 6
drivers/scsi/isci/request.c | 2
drivers/scsi/mpt3sas/mpt3sas_scsih.c | 3
drivers/scsi/mvsas/mv_sas.c | 4
drivers/scsi/scsi_transport_iscsi.c | 2
drivers/scsi/sd.c | 4
drivers/soc/qcom/pmic_glink.c | 9
drivers/soc/qcom/qmi_encdec.c | 46
drivers/soc/tegra/cbb/tegra234-cbb.c | 2
drivers/soundwire/debugfs.c | 6
drivers/soundwire/mipi_disco.c | 4
drivers/soundwire/stream.c | 2
drivers/spi/spi-cs42l43.c | 2
drivers/spi/spi-stm32.c | 8
drivers/staging/fbtft/fbtft-core.c | 1
drivers/staging/gpib/cb7210/cb7210.c | 15
drivers/staging/gpib/common/gpib_os.c | 2
drivers/staging/greybus/gbphy.c | 6
drivers/staging/media/atomisp/pci/atomisp_gmin_platform.c | 9
drivers/staging/nvec/nvec_power.c | 2
drivers/ufs/core/ufshcd.c | 10
drivers/usb/early/xhci-dbc.c | 4
drivers/usb/gadget/composite.c | 5
drivers/usb/gadget/function/f_hid.c | 7
drivers/usb/gadget/function/uvc_configfs.c | 10
drivers/usb/host/xhci-plat.c | 2
drivers/usb/misc/apple-mfi-fastcharge.c | 24
drivers/usb/serial/option.c | 2
drivers/usb/typec/ucsi/ucsi_yoga_c630.c | 19
drivers/vdpa/mlx5/core/mr.c | 3
drivers/vdpa/mlx5/net/mlx5_vnet.c | 12
drivers/vdpa/vdpa_user/vduse_dev.c | 1
drivers/vfio/device_cdev.c | 38
drivers/vfio/group.c | 7
drivers/vfio/iommufd.c | 4
drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c | 1
drivers/vfio/pci/mlx5/main.c | 1
drivers/vfio/pci/nvgrace-gpu/main.c | 2
drivers/vfio/pci/pds/vfio_dev.c | 2
drivers/vfio/pci/qat/main.c | 1
drivers/vfio/pci/vfio_pci.c | 1
drivers/vfio/pci/vfio_pci_core.c | 24
drivers/vfio/pci/virtio/main.c | 3
drivers/vfio/vfio_main.c | 3
drivers/vhost/Kconfig | 18
drivers/vhost/scsi.c | 6
drivers/vhost/vhost.c | 244 +++
drivers/vhost/vhost.h | 22
drivers/video/fbdev/core/fbcon.c | 4
drivers/video/fbdev/imxfb.c | 9
drivers/watchdog/ziirave_wdt.c | 3
drivers/xen/gntdev-common.h | 4
drivers/xen/gntdev-dmabuf.c | 28
drivers/xen/gntdev.c | 71 -
fs/btrfs/ctree.c | 18
fs/ceph/crypto.c | 31
fs/exfat/file.c | 5
fs/ext4/inline.c | 2
fs/ext4/inode.c | 3
fs/ext4/page-io.c | 16
fs/f2fs/data.c | 7
fs/f2fs/debug.c | 17
fs/f2fs/extent_cache.c | 2
fs/f2fs/f2fs.h | 2
fs/f2fs/gc.c | 1
fs/f2fs/inode.c | 21
fs/f2fs/segment.h | 5
fs/f2fs/super.c | 1
fs/f2fs/sysfs.c | 21
fs/gfs2/glock.c | 3
fs/gfs2/util.c | 31
fs/hfs/inode.c | 1
fs/hfsplus/extents.c | 3
fs/hfsplus/inode.c | 1
fs/jfs/jfs_dmap.c | 4
fs/nfs/dir.c | 4
fs/nfs/export.c | 11
fs/nfs/flexfilelayout/flexfilelayout.c | 26
fs/nfs/flexfilelayout/flexfilelayoutdev.c | 6
fs/nfs/internal.h | 9
fs/nfs/nfs4proc.c | 10
fs/nfs_common/nfslocalio.c | 28
fs/nfsd/localio.c | 5
fs/nfsd/vfs.c | 10
fs/notify/fanotify/fanotify.c | 8
fs/ntfs3/file.c | 5
fs/ntfs3/frecord.c | 7
fs/ntfs3/namei.c | 10
fs/ntfs3/ntfs_fs.h | 3
fs/orangefs/orangefs-debugfs.c | 6
fs/proc/generic.c | 2
fs/proc/inode.c | 2
fs/proc/internal.h | 5
fs/smb/client/cifs_debug.c | 6
fs/smb/client/cifsencrypt.c | 4
fs/smb/client/cifsfs.c | 2
fs/smb/client/connect.c | 9
fs/smb/client/fs_context.c | 19
fs/smb/client/fs_context.h | 18
fs/smb/client/link.c | 11
fs/smb/client/reparse.c | 2
fs/smb/client/smbdirect.c | 116 -
fs/smb/client/smbdirect.h | 4
fs/smb/server/connection.h | 1
fs/smb/server/smb2pdu.c | 22
fs/smb/server/smb_common.c | 2
fs/smb/server/transport_rdma.c | 97 -
fs/smb/server/transport_tcp.c | 17
fs/smb/server/vfs.c | 3
include/linux/audit.h | 9
include/linux/fortify-string.h | 2
include/linux/fs_context.h | 2
include/linux/if_team.h | 3
include/linux/ioprio.h | 3
include/linux/mlx5/device.h | 1
include/linux/mm.h | 30
include/linux/moduleparam.h | 5
include/linux/padata.h | 4
include/linux/pps_kernel.h | 1
include/linux/proc_fs.h | 1
include/linux/psi_types.h | 6
include/linux/ring_buffer.h | 4
include/linux/skbuff.h | 23
include/linux/usb/usbnet.h | 1
include/linux/vfio.h | 4
include/linux/vfio_pci_core.h | 2
include/net/bluetooth/hci.h | 1
include/net/bluetooth/hci_core.h | 6
include/net/dst.h | 24
include/net/lwtunnel.h | 8
include/net/tc_act/tc_ctinfo.h | 6
include/net/udp.h | 24
include/sound/tas2781-tlv.h | 2
include/trace/events/power.h | 22
include/uapi/drm/panthor_drm.h | 3
include/uapi/linux/vfio.h | 12
include/uapi/linux/vhost.h | 29
init/Kconfig | 2
kernel/audit.h | 2
kernel/auditsc.c | 2
kernel/bpf/core.c | 5
kernel/bpf/helpers.c | 11
kernel/bpf/preload/Kconfig | 1
kernel/bpf/verifier.c | 1
kernel/events/core.c | 38
kernel/kcsan/kcsan_test.c | 2
kernel/module/main.c | 6
kernel/padata.c | 132 --
kernel/rcu/refscale.c | 10
kernel/rcu/tree_nocb.h | 2
kernel/sched/deadline.c | 7
kernel/sched/psi.c | 123 +
kernel/trace/power-traces.c | 1
kernel/trace/preemptirq_delay_test.c | 13
kernel/trace/ring_buffer.c | 63 -
kernel/trace/rv/monitors/scpd/Kconfig | 2
kernel/trace/rv/monitors/sncid/Kconfig | 2
kernel/trace/rv/monitors/snep/Kconfig | 2
kernel/trace/rv/monitors/wip/Kconfig | 2
kernel/trace/trace.c | 14
kernel/trace/trace_events_filter.c | 28
kernel/trace/trace_kdb.c | 8
kernel/ucount.c | 2
lib/tests/fortify_kunit.c | 4
mm/hmm.c | 2
mm/memory.c | 3
mm/shmem.c | 4
mm/slub.c | 10
mm/swapfile.c | 65 -
net/bluetooth/coredump.c | 6
net/bluetooth/hci_event.c | 8
net/caif/cfctrl.c | 294 ++--
net/core/dst.c | 8
net/core/filter.c | 3
net/core/neighbour.c | 88 -
net/core/netpoll.c | 7
net/core/skmsg.c | 7
net/core/sock.c | 8
net/ipv4/route.c | 4
net/ipv4/tcp_input.c | 4
net/ipv6/ip6_fib.c | 24
net/ipv6/ip6_offload.c | 4
net/ipv6/ip6mr.c | 3
net/ipv6/route.c | 56
net/mac80211/cfg.c | 2
net/mac80211/main.c | 13
net/mac80211/tdls.c | 2
net/mac80211/tx.c | 14
net/netfilter/nf_bpf_link.c | 5
net/netfilter/nf_tables_api.c | 29
net/netfilter/xt_nfacct.c | 4
net/packet/af_packet.c | 12
net/sched/act_ctinfo.c | 19
net/sched/sch_mqprio.c | 2
net/sched/sch_netem.c | 40
net/sched/sch_taprio.c | 21
net/sunrpc/svcsock.c | 43
net/sunrpc/xprtsock.c | 40
net/tls/tls_sw.c | 13
net/vmw_vsock/af_vsock.c | 3
net/wireless/nl80211.c | 1
net/wireless/reg.c | 2
rust/kernel/miscdevice.rs | 8
samples/mei/mei-amt-version.c | 2
scripts/gdb/linux/constants.py.in | 12
scripts/kconfig/qconf.cc | 2
security/apparmor/include/match.h | 8
security/apparmor/match.c | 23
security/apparmor/policy_unpack_test.c | 6
security/landlock/id.c | 69 -
sound/pci/hda/cs35l56_hda.c | 110 +
sound/pci/hda/patch_ca0132.c | 5
sound/pci/hda/patch_realtek.c | 6
sound/soc/amd/acp/acp-pci.c | 8
sound/soc/amd/acp/amd-acpi-mach.c | 4
sound/soc/amd/acp/amd.h | 8
sound/soc/amd/yc/acp6x-mach.c | 21
sound/soc/fsl/fsl_xcvr.c | 25
sound/soc/intel/boards/Kconfig | 2
sound/soc/mediatek/common/mtk-afe-platform-driver.c | 4
sound/soc/mediatek/common/mtk-base-afe.h | 1
sound/soc/mediatek/mt8173/mt8173-afe-pcm.c | 7
sound/soc/mediatek/mt8183/mt8183-afe-pcm.c | 7
sound/soc/mediatek/mt8186/mt8186-afe-pcm.c | 7
sound/soc/mediatek/mt8192/mt8192-afe-pcm.c | 7
sound/soc/sdca/sdca_functions.c | 3
sound/soc/sdca/sdca_regmap.c | 16
sound/soc/soc-dai.c | 16
sound/soc/soc-ops.c | 26
sound/soc/sof/intel/Kconfig | 3
sound/usb/mixer_scarlett2.c | 14
sound/x86/intel_hdmi_audio.c | 2
tools/bpf/bpftool/net.c | 15
tools/cgroup/memcg_slabinfo.py | 4
tools/lib/subcmd/help.c | 12
tools/lib/subcmd/run-command.c | 15
tools/perf/.gitignore | 2
tools/perf/builtin-sched.c | 147 +-
tools/perf/tests/bp_account.c | 1
tools/perf/util/build-id.c | 2
tools/perf/util/evsel.c | 11
tools/perf/util/evsel.h | 2
tools/perf/util/hwmon_pmu.c | 2
tools/perf/util/parse-events.c | 11
tools/perf/util/symbol.c | 1
tools/power/cpupower/utils/idle_monitor/cpupower-monitor.c | 4
tools/power/x86/turbostat/turbostat.c | 5
tools/testing/selftests/alsa/utimer-test.c | 1
tools/testing/selftests/arm64/fp/sve-ptrace.c | 2
tools/testing/selftests/bpf/bpf_atomic.h | 2
tools/testing/selftests/bpf/prog_tests/sockmap_listen.c | 2
tools/testing/selftests/bpf/veristat.c | 1
tools/testing/selftests/breakpoints/step_after_suspend_test.c | 41
tools/testing/selftests/drivers/net/hw/tso.py | 99 -
tools/testing/selftests/drivers/net/lib/py/env.py | 2
tools/testing/selftests/ftrace/test.d/event/subsystem-enable.tc | 28
tools/testing/selftests/landlock/audit.h | 7
tools/testing/selftests/landlock/audit_test.c | 1
tools/testing/selftests/net/rtnetlink.sh | 6
tools/testing/selftests/perf_events/.gitignore | 1
tools/testing/selftests/perf_events/Makefile | 2
tools/testing/selftests/perf_events/mmap.c | 236 +++
tools/testing/selftests/syscall_user_dispatch/sud_test.c | 50
tools/testing/selftests/vDSO/vdso_test_chacha.c | 3
tools/verification/rv/src/in_kernel.c | 4
499 files changed, 4786 insertions(+), 2558 deletions(-)
Aaradhana Sahu (2):
wifi: ath12k: Block radio bring-up in FTM mode
wifi: ath12k: Use HTT_TCL_METADATA_VER_V1 in FTM mode
Abdun Nihaal (1):
staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc()
Abinash Singh (1):
f2fs: fix KMSAN uninit-value in extent_info usage
Adam Ford (2):
arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed
arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed
Adam Queler (1):
ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx
Aditya Garg (1):
HID: apple: avoid setting up battery timer for devices without battery
Adrián Larumbe (1):
drm/panfrost: Fix panfrost device variable name in devfreq
Ahsan Atta (1):
crypto: qat - allow enabling VFs in the absence of IOMMU
Akash Kumar (1):
usb: gadget: uvc: Initialize frame-based format color matching descriptor
Al Viro (2):
parse_longname(): strrchr() expects NUL-terminated string
xen: fix UAF in dmabuf_exp_from_pages()
Alan Stern (1):
HID: core: Harden s32ton() against conversion to 0 bits
Albin Törnqvist (1):
arm: dts: ti: omap: Fixup pinheader typo
Alex Deucher (3):
drm/amdgpu/gfx9: fix kiq locking in KCQ reset
drm/amdgpu/gfx9.4.3: fix kiq locking in KCQ reset
drm/amdgpu/gfx10: fix kiq locking in KCQ reset
Alex Williamson (1):
vfio/pci: Separate SR-IOV VF dev_set
Alexander Gordeev (1):
s390/mm: Set high_memory at the end of the identity mapping
Alexander Stein (1):
arm64: dts: freescale: imx93-tqma9352: Limit BUCK2 to 600mV
Alexander Wetzel (3):
wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac()
wifi: mac80211: Do not schedule stopped TXQs
wifi: mac80211: Don't call fq_flow_idx() for management frames
Alexander Wilhelm (1):
soc: qcom: QMI encoding/decoding for big endian
Alexandru Andries (1):
ASoC: amd: yc: add DMI quirk for ASUS M6501RM
Alexei Lazar (1):
net/mlx5e: Clear Read-Only port buffer size in PBMC before update
Alexey Kardashevskiy (1):
crypto: ccp - Fix locking on alloc failure handling
Alok Tiwari (2):
staging: nvec: Fix incorrect null termination of battery manufacturer
vhost-scsi: Fix check for inline_sg_cnt exceeding preallocated limit
Amir Goldstein (1):
fanotify: sanitize handle_type values when reporting fid
Ammar Faizi (1):
net: usbnet: Fix the wrong netif_carrier_on() call
Anders Roxell (1):
vdpa: Fix IDR memory leak in VDUSE module exit
Andreas Gruenbacher (2):
gfs2: Minor do_xmote cancelation fix
gfs2: No more self recovery
André Apitzsch (1):
arm64: dts: qcom: msm8976: Make blsp_dma controlled-remotely
Andy Shevchenko (1):
mm/hmm: move pmd_to_hmm_pfn_flags() to the respective #ifdeffery
Andy Yan (2):
drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed
drm/rockchip: vop2: Fix the update of LAYER/PORT select registers when there are multi display output on rk3588/rk3568
Annette Kobou (1):
ARM: dts: imx6ul-kontron-bl-common: Fix RTS polarity for RS485 interface
Arnd Bergmann (9):
ethernet: intel: fix building with large NR_CPUS
ASoC: Intel: fix SND_SOC_SOF dependencies
ASoC: ops: dynamically allocate struct snd_ctl_elem_value
cpufreq: armada-8k: make both cpu masks static
caif: reduce stack size, again
crypto: arm/aes-neonbs - work around gcc-15 warning
kernel: trace: preemptirq_delay_test: use offstack cpu mask
irqchip: Build IMX_MU_MSI only on ARM
ASoC: SOF: Intel: hda-sdw-bpt: fix SND_SOF_SOF_HDA_SDW_BPT dependencies
Arseniy Krasnov (1):
Bluetooth: hci_sync: fix double free in 'hci_discovery_filter_clear()'
Artem Sadovnikov (1):
refscale: Check that nreaders and loops multiplication doesn't overflow
Bairavi Alagappan (1):
crypto: qat - disable ZUC-256 capability for QAT GEN5
Balamanikandan Gunasundar (1):
mtd: rawnand: atmel: set pmecc data setup time
Baochen Qiang (1):
wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask()
Baojun Xu (1):
ASoC: tas2781: Fix the wrong step for TLV on tas2781
Baokun Li (1):
ext4: fix inode use after free in ext4_end_io_rsv_work()
Baolin Wang (1):
mm: shmem: fix the shmem large folio allocation for the i915 driver
Bard Liao (1):
soundwire: stream: restore params when prepare ports fail
Ben Hutchings (1):
sh: Do not use hyphen in exported variable name
Benjamin Berg (1):
wifi: iwlwifi: mld: decode EOF bit for AMPDUs
Benjamin Coddington (1):
NFS: Fixup allocation flags for nfsiod's __GFP_NORETRY
Bitterblue Smith (1):
wifi: rtw88: Fix macid assigned to TDLS station
Bjorn Andersson (1):
remoteproc: qcom: pas: Conclude the rename from adsp
Boris Brezillon (1):
drm/panthor: Add missing explicit padding in drm_panthor_gpu_info
Brahmajit Das (1):
samples: mei: Fix building on musl libc
Breno Leitao (1):
netconsole: Only register console drivers when targets are configured
Brett Creeley (1):
vfio/pds: Fix missing detach_ioas op
Brian Masney (6):
rtc: ds1307: fix incorrect maximum clock rate handling
rtc: hym8563: fix incorrect maximum clock rate handling
rtc: nct3018y: fix incorrect maximum clock rate handling
rtc: pcf85063: fix incorrect maximum clock rate handling
rtc: pcf8563: fix incorrect maximum clock rate handling
rtc: rv3028: fix incorrect maximum clock rate handling
Budimir Markovic (1):
vsock: Do not allow binding to VMADDR_PORT_ANY
Caleb Sander Mateos (1):
ublk: use vmalloc for ublk_device's __queues
Casey Connolly (1):
power: supply: qcom_pmi8998_charger: fix wakeirq
Chanwoo Choi (1):
PM / devfreq: Fix a index typo in trans_stat
Chao Yu (10):
f2fs: fix to avoid invalid wait context issue
f2fs: fix to check upper boundary for gc_valid_thresh_ratio
f2fs: fix to check upper boundary for gc_no_zoned_gc_percent
f2fs: doc: fix wrong quota mount option description
f2fs: fix to avoid UAF in f2fs_sync_inode_meta()
f2fs: fix to avoid panic in f2fs_evict_inode
f2fs: fix to avoid out-of-boundary access in devs.path
f2fs: fix to update upper_p in __get_secs_required() correctly
f2fs: fix to calculate dirty data during has_not_enough_free_secs()
f2fs: fix to trigger foreground gc during f2fs_map_blocks() in lfs mode
Charalampos Mitrodimas (1):
usb: misc: apple-mfi-fastcharge: Make power supply names unique
Charles Han (2):
power: supply: cpcap-charger: Fix null check for power_supply_get_by_name
power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set
Charles Keepax (3):
ASoC: SDCA: Allow read-only controls to be deferrable
soundwire: Correct some property names
ASoC: SDCA: Fix some holes in the regmap readable/writeable helpers
Chen Pei (1):
perf tools: Remove libtraceevent in .gitignore
Chen-Yu Tsai (1):
ASoC: mediatek: use reserved memory or enable buffer pre-allocation
Chenyuan Yang (1):
fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref
Chris Down (1):
Bluetooth: hci_event: Mask data status from LE ext adv reports
Christoph Hellwig (1):
block: ensure discard_granularity is zero when discard is not supported
Christoph Paasch (1):
net/mlx5: Correctly set gso_segs when LRO is used
Christophe JAILLET (2):
staging: gpib: Fix error handling paths in cb_gpib_probe()
i2c: muxes: mule: Fix an error handling path in mule_i2c_mux_probe()
Cindy Lu (1):
vhost: Reintroduce kthread API and add mode selection
Clément Le Goffic (1):
spi: stm32: Check for cfg availability in stm32_spi_probe
Cristian Ciocaltea (1):
drm/connector: hdmi: Evaluate limited range after computing format
Daeho Jeong (1):
f2fs: turn off one_time when forcibly set to foreground GC
Dan Carpenter (3):
wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start()
watchdog: ziirave_wdt: check record length in ziirave_firm_verify()
fs/orangefs: Allow 2 more characters in do_c_string()
Daniel Zahka (3):
selftests: drv-net: tso: enable test cases based on hw_features
selftests: drv-net: tso: fix vxlan tunnel flags to get correct gso_type
selftests: drv-net: tso: fix non-tunneled tso6 test case name
Daniil Dulov (1):
wifi: rtl818x: Kill URBs before clearing tx status queue
Dave Hansen (1):
x86/fpu: Delay instruction pointer fixup until after warning
Denis OSTERLAND-HEIM (1):
pps: fix poll support
Dmitry Baryshkov (4):
usb: typec: ucsi: yoga-c630: fix error and remove paths
interconnect: qcom: sc8280xp: specify num_links for qnm_a1noc_cfg
interconnect: qcom: sc8180x: specify num_nodes
iommu/arm-smmu: disable PRR on SM8250
Dmitry Vyukov (1):
selftests: Fix errno checking in syscall_user_dispatch test
Dragos Tatulea (2):
vdpa/mlx5: Fix needs_teardown flag calculation
vdpa/mlx5: Fix release of uninitialized resources on error path
Easwar Hariharan (1):
iommu/amd: Enable PASID and ATS capabilities in the correct order
Edip Hazuri (3):
ALSA: hda/realtek - Fix mute LED for HP Victus 16-r1xxx
ALSA: hda/realtek - Fix mute LED for HP Victus 16-s0xxx
ALSA: hda/realtek - Fix mute LED for HP Victus 16-d1xxx (MB 8A26)
Eduard Zingerman (1):
bpf: handle jset (if a & b ...) as a jump in CFG computation
Edward Adam Davis (1):
fs/ntfs3: cancle set bad inode after removing name fails
Edward Srouji (1):
RDMA/mlx5: Fix UMR modifying of mkey page size
Eric Biggers (1):
crypto: krb5 - Fix memory leak in krb5_test_one_prf()
Eric Dumazet (11):
net: dst: annotate data-races around dst->input
net: dst: annotate data-races around dst->output
net: dst: add four helpers to annotate data-races around dst->dev
net_sched: act_ctinfo: use atomic64_t for three counters
tcp: call tcp_measure_rcv_mss() for ooo packets
ipv6: prevent infinite loop in rt6_nlmsg_size()
ipv6: fix possible infinite loop in fib6_info_uses_dev()
ipv6: annotate data-races around rt->fib6_nsiblings
pptp: ensure minimal skb length in pptp_xmit()
ipv6: reject malicious packets in ipv6_gso_segment()
pptp: fix pptp_xmit() error path
Fedor Pchelkin (2):
drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value
netfilter: nf_tables: adjust lockdep assertions handling
Finn Thain (1):
m68k: Don't unregister boot console needlessly
Florian Fainelli (1):
net: mdio: mdio-bcm-unimac: Correct rate fallback logic
Florian Westphal (1):
netfilter: xt_nfacct: don't assume acct name is null-terminated
Fushuai Wang (1):
selftests/bpf: fix signedness bug in redir_partial()
Gabriele Monaco (2):
tools/rv: Do not skip idle in trace
rv: Adjust monitor dependencies
Gal Pressman (1):
selftests: drv-net: Fix remote command checking in require_cmd()
Gautham R. Shenoy (1):
pm: cpupower: Fix printing of CORE, CPU fields in cpupower-monitor
Geoffrey D. Bennett (1):
ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx()
Gerald Schaefer (1):
s390/mm: Remove possible false-positive warning in pte_free_defer()
Giovanni Cabiddu (2):
crypto: qat - fix DMA direction for compression on GEN2 devices
crypto: qat - fix seq_file position update in adf_ring_next()
Gokul Sivakumar (1):
wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE
Greg Kroah-Hartman (4):
drivers: misc: sram: fix up some const issues with recent attribute changes
Revert "vmci: Prevent the dispatching of uninitialized payloads"
staging: greybus: gbphy: fix up const issue with the match callback
Linux 6.15.10
Guenter Roeck (1):
block: Fix default IO priority if there is no IO context
Hans Zhang (1):
PCI: rockchip-host: Fix "Unexpected Completion" log message
Hans de Goede (4):
mei: vsc: Don't re-init VSC from mei_vsc_hw_reset() on stop
mei: vsc: Destroy mutex after freeing the IRQ
mei: vsc: Event notifier fixes
mei: vsc: Unset the event callback on remove and probe errors
Harald Freudenberger (1):
s390/ap: Unmask SLCF bit in card and queue ap functions sysfs
Haren Myneni (1):
powerpc/pseries/dlpar: Search DRC index from ibm,drc-indexes for IO add
Harshit Mogalapalli (1):
staging: gpib: Fix error code in board_type_ioctl()
Heiko Stuebner (1):
drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port
Helge Deller (1):
apparmor: Fix unaligned memory accesses in KUnit test
Heming Zhao (1):
md/md-cluster: handle REMOVE message earlier
Henry Martin (1):
clk: davinci: Add NULL check in davinci_lpsc_clk_register()
Herbert Xu (3):
crypto: marvell/cesa - Fix engine load inaccuracy
padata: Fix pd UAF once and for all
padata: Remove comment for reorder_work
Horatiu Vultur (1):
phy: mscc: Fix parsing of unicast frames
Ian Forbes (1):
drm/vmwgfx: Fix Host-Backed userspace on Guest-Backed kernel
Ian Rogers (3):
perf dso: Add missed dso__put to dso__load_kcore
perf hwmon_pmu: Avoid shortening hwmon PMU name
tools subcmd: Tighten the filename size in check_if_command_finished
Ivan Pravdin (1):
Bluetooth: hci_devcd_dump: fix out-of-bounds via dev_coredumpv
Ivan Stepchenko (1):
mtd: fix possible integer overflow in erase_xfer()
Jackie Dong (1):
ALSA: hda/realtek: Support mute LED for Yoga with ALC287
Jacob Pan (2):
vfio: Fix unbalanced vfio_df_close call in no-iommu mode
vfio: Prevent open_count decrement to negative
Jakub Kicinski (4):
netpoll: prevent hanging NAPI when netcons gets enabled
netlink: specs: ethtool: fix module EEPROM input/output arguments
eth: fbnic: unlink NAPIs from queues on error to open
eth: fbnic: remove the debugging trick of super high page bias
James Cowgill (1):
media: v4l2-ctrls: Fix H264 SEPARATE_COLOUR_PLANE check
Jan Kara (1):
ext4: Make sure BH_New bit is cleared in ->write_end handler
Jan Prusakowski (1):
f2fs: vm_unmap_ram() may be called from an invalid context
Jason Gunthorpe (3):
iommu/vt-d: Do not wipe out the page table NID when devices detach
iommu/amd: Fix geometry.aperture_end for V2 tables
vfio/pci: Do vf_token checks for VFIO_DEVICE_BIND_IOMMUFD
Jason Xing (2):
stmmac: xsk: fix negative overflow of budget in zerocopy mode
igb: xsk: solve negative overflow of nb_pkts in zerocopy mode
Jeff Layton (1):
nfsd: don't set the ctime on delegated atime updates
Jeremy Linton (1):
arm64/gcs: task_gcs_el0_enable() should use passed task
Jerome Brunet (1):
PCI: endpoint: pci-epf-vntb: Return -ENOENT if pci_epc_get_next_free_bar() fails
Jianbo Liu (1):
net/mlx5e: Remove skb secpath if xfrm state is not found
Jiasheng Jiang (1):
iwlwifi: Add missing check for alloc_ordered_workqueue
Jiaxun Yang (1):
MIPS: mm: tlb-r4k: Uniquify TLB entries on init
Jiayuan Chen (2):
bpf, sockmap: Fix psock incorrectly pointing to sk
bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls
Jie Gan (2):
arm64: dts: qcom: qcs615: fix a crash issue caused by infinite loop for Coresight
arm64: dts: qcom: qcs615: disable the CTI device of the camera block
Jimmy Assarsson (2):
can: kvaser_pciefd: Store device channel index
can: kvaser_usb: Assign netdev.dev_port based on device channel index
Jiwei Sun (1):
PCI: Adjust the position of reading the Link Control 2 register
Johan Hovold (1):
soc: qcom: pmic_glink: fix OF node leak
Johan Korsnes (1):
arch: powerpc: defconfig: Drop obsolete CONFIG_NET_CLS_TCINDEX
Johannes Berg (2):
wifi: mac80211: fix WARN_ON for monitor mode on some devices
scripts: gdb: move MNT_* constants to gdb-parsed
John Ernberg (1):
net: usbnet: Avoid potential RCU stall on LINK_CHANGE event
John Garry (1):
block: sanitize chunk_sectors for atomic write limits
Jonas Karlman (2):
arm64: dts: rockchip: Enable eMMC HS200 mode on Radxa E20C
arm64: dts: rockchip: Fix pinctrl node names for RK3528
Jonathan Corbet (1):
slub: Fix a documentation build error for krealloc()
Juergen Gross (1):
xen/gntdev: remove struct gntdev_copy_batch from stack
Julien Massot (1):
media: ti: j721e-csi2rx: fix list_del corruption
Junxian Huang (4):
RDMA/hns: Get message length of ack_req from FW
RDMA/hns: Fix accessing uninitialized resources
RDMA/hns: Drop GFP_NOWARN
RDMA/hns: Fix -Wframe-larger-than issue
Juri Lelli (1):
sched/deadline: Reset extra_bw to max_bw when clearing root domains
Kees Cook (5):
kunit/fortify: Add back "volatile" for sizeof() constants
wifi: mac80211: Write cnt before copying in ieee80211_copy_rnr_beacon()
wifi: nl80211: Set num_sub_specs before looping through sub_specs
staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int()
fortify: Fix incorrect reporting of read buffer size
Kemeng Shi (3):
mm: swap: correctly use maxpages in swapon syscall to avoid potential deadloop
mm: swap: fix potential buffer overflow in setup_clusters()
mm: swap: move nr_swap_pages counter decrement from folio_alloc_swap() to swap_range_alloc()
Konrad Dybcio (4):
arm64: dts: qcom: sdm845: Expand IMEM region
arm64: dts: qcom: sc7180: Expand IMEM region
power: sequencing: qcom-wcn: fix bluetooth-wifi copypasta for WCN6855
drm/msm/dpu: Fill in min_prefill_lines for SC8180X
Konstantin Komarov (1):
Revert "fs/ntfs3: Replace inode_trylock with inode_lock"
Krzysztof Kozlowski (2):
ARM: dts: vfxxx: Correctly use two tuples for timer address
dmaengine: mmp: Fix again Wvoid-pointer-to-enum-cast warning
Kuan-Chung Chen (1):
wifi: rtw89: fix EHT 20MHz TX rate for non-AP STA
Kumar Kartikeya Dwivedi (1):
bpf: Ensure RCU lock is held around bpf_prog_ksym_find
Kuninori Morimoto (1):
ASoC: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask()
Kuniyuki Iwashima (2):
bpf: Disable migration in nf_hook_run_bpf().
neighbour: Fix null-ptr-deref in neigh_flush_dev().
Lad Prabhakar (1):
clk: renesas: rzv2h: Fix missing CLK_SET_RATE_PARENT flag for ddiv clocks
Lane Odenbach (1):
ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx
Laurentiu Palcu (1):
clk: imx95-blk-ctl: Fix synchronous abort
Len Brown (1):
tools/power turbostat: regression fix: --show C1E%
Leo Yan (1):
perf tests bp_account: Fix leaked file descriptor
Li Lingfeng (1):
scsi: Revert "scsi: iscsi: Fix HW conn removal use after free"
Lifeng Zheng (3):
PM / devfreq: Check governor before using governor->name
cpufreq: Initialize cpufreq-based frequency-invariance later
cpufreq: Init policy->rwsem before it may be possibly used
Lijo Lazar (1):
drm/amdgpu: Remove nbiov7.9 replay count reporting
Lijuan Gao (1):
arm64: dts: qcom: sa8775p: Correct the interrupt for remoteproc
Lizhi Xu (1):
vmci: Prevent the dispatching of uninitialized payloads
Lorenzo Bianconi (4):
wifi: mt76: mt7996: Fix secondary link lookup in mt7996_mcu_sta_mld_setup_tlv()
wifi: mt76: mt7996: Fix possible OOB access in mt7996_tx()
wifi: mt76: mt7996: Fix valid_links bitmask in mt7996_mac_sta_{add,remove}
net: airoha: npu: Add missing MODULE_FIRMWARE macros
Lorenzo Stoakes (1):
selftests/perf_events: Add a mmap() correctness test
Luca Weiss (2):
phy: qualcomm: phy-qcom-eusb2-repeater: Don't zero-out registers
net: ipa: add IPA v5.1 and v5.5 to ipa_version_string()
Lucas De Marchi (1):
usb: early: xhci-dbc: Fix early_ioremap leak
Lukasz Laguna (1):
drm/xe/vf: Disable CSC support on VF
Maher Azzouzi (1):
net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing
Manivannan Sadhasivam (1):
PCI: endpoint: pci-epf-vntb: Fix the incorrect usage of __iomem attribute
Marco Elver (1):
kcsan: test: Initialize dummy variable
Mark Brown (1):
kselftest/arm64: Fix check for setting new VLs in sve-ptrace
Martin Kaistra (1):
wifi: rtl8xxxu: Fix RX skb size for aggregation disabled
Masahiro Yamada (1):
kconfig: qconf: fix ConfigList::updateListAllforAll()
Matthew Wilcox (Oracle) (1):
memcg_slabinfo: Fix use of PG_slab
Meghana Malladi (1):
net: ti: icssg-prueth: Fix skb handling for XDP_PASS
Mengbiao Xiong (1):
crypto: ccp - Fix crash when rebind ccp device for ccp.ko
Michael J. Ruhl (3):
drm/xe: Correct the rev value for the DVSEC entries
drm/xe: Correct BMG VSEC header sizing
platform/x86/intel/pmt: fix a crashlog NULL pointer access
Michael Walle (1):
arm64: dts: ti: k3-am62p-j722s: fix pinctrl-single size
Michal Schmidt (1):
benet: fix BUG when creating VFs
Michal Wajdeczko (1):
drm/xe/pf: Disable PF restart worker on device removal
Mickaël Salaün (1):
selftests/landlock: Fix readlink check
Mike Christie (1):
vhost-scsi: Fix log flooding with target does not exist errors
Mikhail Zaslonko (1):
s390/boot: Fix startup debugging log
Mohamed Khalfella (2):
nvmet: initialize discovery subsys after debugfs is initialized
nvmet: exit debugfs after discovery subsystem exits
Moon Hee Lee (2):
selftests: breakpoints: use suspend_stats to reliably check suspend success
wifi: mac80211: reject TDLS operations when station is not associated
Mukesh Ojha (1):
pinmux: fix race causing mux_owner NULL with active mux_usecount
Murad Masimov (1):
wifi: plfxlc: Fix error handling in usb driver probe
Mykyta Yatsenko (1):
selftests/bpf: Fix unintentional switch case fall through
Namhyung Kim (10):
perf parse-events: Set default GH modifier properly
perf tools: Fix use-after-free in help_unknown_cmd()
perf sched: Make sure it frees the usage string
perf sched: Free thread->priv using priv_destructor
perf sched: Fix memory leaks in 'perf sched map'
perf sched: Fix thread leaks in 'perf sched timehist'
perf sched: Fix memory leaks for evsel->priv in timehist
perf sched: Use RC_CHK_EQUAL() to compare pointers
perf sched: Fix memory leaks in 'perf sched latency'
perf record: Cache build-ID of hit DSOs only
Namjae Jeon (4):
ksmbd: fix null pointer dereference error in generate_encryptionkey
ksmbd: fix Preauh_HashValue race condition
ksmbd: fix corrupted mtime and ctime in smb2_open
ksmbd: limit repeated connections from clients with the same IP
NeilBrown (1):
nfsd: avoid ref leak in nfsd_open_local_fh()
Nuno Sá (1):
clk: clk-axi-clkgen: fix fpfd_max frequency for zynq
Olga Kornievskaia (3):
NFSv4.2: another fix for listxattr
sunrpc: fix client side handling of tls alerts
sunrpc: fix handling of server side tls alerts
Ovidiu Panait (2):
crypto: sun8i-ce - fix nents passed to dma_unmap_sg()
hwrng: mtk - handle devm_pm_runtime_enable errors
P Praneesh (1):
wifi: ath12k: Fix double budget decrement while reaping monitor ring
Patrick Delaunay (1):
arm64: dts: st: fix timer used for ticks
Paul Chaignon (2):
bpf: Check flow_dissector ctx accesses are aligned
bpf: Check netfilter ctx accesses are aligned
Paul Kocialkowski (1):
clk: sunxi-ng: v3s: Fix de clock definition
Paulo Alcantara (3):
smb: client: allow parsing zero-length AV pairs
smb: client: set symlink type as native for POSIX mounts
smb: client: default to nonativesocket under POSIX mounts
Peter Zijlstra (2):
sched/psi: Optimize psi_group_change() cpu_clock() usage
sched/psi: Fix psi_seq initialization
Petr Machata (1):
net: ipv6: ip6mr: Fix in/out netdev to pass to the FORWARD chain
Petr Pavlu (1):
module: Restore the moduleparam prefix length check
Phil Sutter (1):
netfilter: nf_tables: Drop dead code from fill_*_info routines
Puranjay Mohan (2):
selftests/bpf: fix implementation of smp_mb()
bpf, arm64: Fix fp initialization for exception boundary
Qasim Ijaz (1):
HID: apple: validate feature-report field count to prevent NULL pointer dereference
Quang Le (1):
net/packet: fix a race in packet_set_ring() and packet_notifier()
Rafael J. Wysocki (1):
cpufreq: intel_pstate: Always use HWP_DESIRED_PERF in passive mode
Rameshkumar Sundaram (1):
wifi: ath12k: Avoid accessing uninitialized arvif->ar during beacon miss
Randy Dunlap (1):
io_uring: fix breakage in EXPERT menu
Remi Pommarel (2):
wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key()
Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()"
Richard Fitzgerald (1):
ALSA: hda/cs35l56: Workaround bad dev-index on Lenovo Yoga Book 9i GenX
Richard Guy Briggs (1):
audit,module: restore audit logging in load failure case
Robin Murphy (2):
PCI: Fix driver_managed_dma check
perf/arm-ni: Set initial IRQ affinity
Rodrigo Gobbi (1):
soundwire: debugfs: move debug statement outside of error handling
Rohit Visavalia (1):
clk: xilinx: vcu: unregister pll_post only if registered correctly
RubenKelevra (1):
fs_context: fix parameter name in infofc() macro
Ryan Lee (2):
apparmor: ensure WB_HISTORY_SIZE value is a power of 2
apparmor: fix loop detection used in conflicting attachment resolution
Ryan Wanner (2):
ARM: dts: microchip: sama7d65: Add clock name property
ARM: dts: microchip: sam9x7: Add clock name property
Salomon Dushimirimana (1):
scsi: sd: Make sd shutdown issue START STOP UNIT appropriately
Samuel Holland (1):
RISC-V: KVM: Fix inclusion of Smnpm in the guest ISA bitmap
Sean Christopherson (1):
KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is supported
Sebastian Reichel (1):
arm64: dts: rockchip: fix PHY handling for ROCK 4D
Sergey Senozhatsky (1):
wifi: ath11k: clear initialized flag for deinit-ed srng lists
Seunghui Lee (1):
scsi: ufs: core: Use link recovery when h8 exit fails during runtime resume
Seungjin Bae (1):
usb: host: xhci-plat: fix incorrect type for of_match variable in xhci_plat_probe()
Shankari Anand (1):
rust: miscdevice: clarify invariant for `MiscDeviceRegistration`
Sheng Yong (1):
f2fs: fix bio memleak when committing super block
Shengjiu Wang (2):
ASoC: fsl_xcvr: get channel status data when PHY is not exists
ASoC: fsl_xcvr: get channel status data with firmware exists
Shiraz Saleem (1):
RDMA/mana_ib: Fix DSCP value in modify QP
Shixiong Ou (1):
fbcon: Fix outdated registered_fb reference in comment
Shree Ramamoorthy (1):
mfd: tps65219: Update TPS65214 MFD cell's GPIO compatible string
Shubhrajyoti Datta (1):
clk: clocking-wizard: Fix the round rate handling for versal
Sibi Sankar (1):
firmware: arm_scmi: Fix up turbo frequencies selection
Simon Trimmer (1):
spi: cs42l43: Property entry should be a null-terminated array
Sivan Zohar-Kotzer (1):
powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw()
Slark Xiao (2):
bus: mhi: host: pci_generic: Fix the modem name of Foxconn T99W640
USB: serial: option: add Foxconn T99W709
Song Liu (1):
selftests/landlock: Fix build of audit_test
Stanislav Fomichev (3):
team: replace team lock with rtnl lock
macsec: set IFF_UNICAST_FLT priv flag
vrf: Drop existing dst reference in vrf_ip6_input_dst
Stanley Chu (1):
i3c: master: svc: Fix npcm845 FIFO_EMPTY quirk
Stav Aviram (1):
net/mlx5: Check device memory pointer before usage
Stefan Metzmacher (9):
smb: server: remove separate empty_recvmsg_queue
smb: server: make sure we call ib_dma_unmap_single() only if we called ib_dma_map_single already
smb: server: let recv_done() consistently call put_recvmsg/smb_direct_disconnect_rdma_connection
smb: server: let recv_done() avoid touching data_transfer after cleanup/move
smb: client: remove separate empty_packet_queue
smb: client: make sure we call ib_dma_unmap_single() only if we called ib_dma_map_single already
smb: client: let recv_done() cleanup before notifying the callers.
smb: client: let recv_done() avoid touching data_transfer after cleanup/move
smb: client: return an error if rdma_connect does not return within 5 seconds
Stephane Grosjean (1):
can: peak_usb: fix USB FD devices potential malfunction
Steven Rostedt (4):
selftests/tracing: Fix false failure of subsystem event test
PM: cpufreq: powernv/tracing: Move powernv_throttle trace event
ring-buffer: Remove ring_buffer_read_prepare_sync()
tracing: Use queue_rcu_work() to free filters
Suman Kumar Chakraborty (1):
crypto: qat - use unmanaged allocation for dc_data
Sumanth Korikkar (1):
s390/mm: Allocate page table with PAGE_SIZE granularity
Sumit Gupta (1):
soc/tegra: cbb: Clear ERR_FORCE register with ERR_STATUS
Sun YangKai (1):
btrfs: remove partial support for lowest level from btrfs_search_forward()
Suren Baghdasaryan (1):
mm: fix a UAF when vma->mm is freed after vma->vm_refcnt got dropped
Svyatoslav Pankratov (1):
crypto: qat - fix state restore for banks with exceptions
Takahiro Kuwano (1):
mtd: spi-nor: spansion: Fixup params->set_4byte_addr_mode for SEMPER
Takamitsu Iwai (1):
net/sched: taprio: enforce minimum value for picos_per_byte
Takashi Iwai (2):
ALSA: usb: scarlett2: Fix missing NULL check
ALSA: hda/ca0132: Fix missing error handling in ca0132_alt_select_out()
Tamizh Chelvam Raja (2):
wifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type()
wifi: ath12k: fix endianness handling while accessing wmi service bit
Tanmay Shah (1):
remoteproc: xlnx: Disable unsupported features
Tao Xue (1):
usb: gadget : fix use-after-free in composite_dev_cleanup()
Thiraviyam Mariyappan (1):
wifi: ath12k: Clear auth flag only for actual association in security mode
Thomas Antoine (1):
power: supply: max1720x correct capacity computation
Thomas Fourier (14):
block: mtip32xx: Fix usage of dma_map_sg()
mwl8k: Add missing check after DMA map
Fix dma_unmap_sg() nents value
crypto: inside-secure - Fix `dma_unmap_sg()` nents value
scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value
scsi: elx: efct: Fix dma_unmap_sg() nents value
scsi: mvsas: Fix dma_unmap_sg() nents value
scsi: isci: Fix dma_unmap_sg() nents value
crypto: keembay - Fix dma_unmap_sg() nents value
crypto: img-hash - Fix dma_unmap_sg() nents value
dmaengine: mv_xor: Fix missing check after DMA map and missing unmap
dmaengine: nbpfaxi: Add missing check after DMA map
mtd: rawnand: atmel: Fix dma_mapping_error() address
mtd: rawnand: rockchip: Add missing check after DMA map
Thomas Gleixner (6):
x86/irq: Plug vector setup race
perf/core: Preserve AUX buffer allocation failure result
perf/core: Don't leak AUX buffer refcount on allocation failure
perf/core: Exit early on perf_mmap() fail
perf/core: Handle buffer mapping fail correctly in perf_mmap()
perf/core: Prevent VMA split of buffer mappings
Thomas Weißschuh (2):
selftests: vDSO: chacha: Correctly skip test if necessary
bpf/preload: Don't select USERMODE_DRIVER
Thomas Zimmermann (1):
drm/radeon: Do not hold console lock while suspending clients
Thorsten Blum (2):
smb: server: Fix extension string in ksmbd_extract_shortname()
ALSA: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe()
Tigran Mkrtchyan (1):
pNFS/flexfiles: don't attempt pnfs on fatal DS errors
Tim Harvey (1):
arm64: dts: imx8mp-venice-gw74xx: update name of M2SKT_WDIS2# gpio
Timothy Pearson (5):
PCI: pnv_php: Clean up allocated IRQs on unplug
PCI: pnv_php: Work around switches with broken presence detection
powerpc/eeh: Export eeh_unfreeze_pe()
powerpc/eeh: Make EEH driver device hotplug safe
PCI: pnv_php: Fix surprise plug detection and recovery
Tingmao Wang (1):
landlock: Fix warning from KUnit tests
Tiwei Bie (1):
um: rtc: Avoid shadowing err in uml_rtc_start()
Tom Lendacky (1):
x86/sev: Evict cache lines during SNP memory validation
Tomas Henzl (1):
scsi: mpt3sas: Fix a fw_event memory leak
Tristram Ha (1):
net: dsa: microchip: Fix wrong rx drop MIB counter for KSZ8863
Trond Myklebust (5):
NFS: Fix wakeup of __nfs_lookup_revalidate() in unblock_revalidate()
NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()
NFS/localio: nfs_close_local_fh() fix check for file closed
NFS/localio: nfs_uuid_put() fix races with nfs_open/close_local_fh()
NFS/localio: nfs_uuid_put() fix the wake up after unlinking the file
Tze-nan Wu (1):
rcu: Fix delayed execution of hurry callbacks
Uros Bizjak (1):
ucount: fix atomic_long_inc_below() argument type
Varshini Rajendran (1):
clk: at91: sam9x7: update pll clk ranges
Venkata Prasad Potturu (1):
ASoC: amd: acp: Fix pointer assignments for snd_soc_acpi_mach structures
Wadim Egorov (1):
arm64: dts: ti: k3-am642-phyboard-electra: Fix PRU-ICSSG Ethernet ports
Wang Liang (1):
net: drop UFO packets in udp_rcv_segment()
Wang Zhaolong (1):
smb: client: fix netns refcount leak after net_passive changes
WangYuli (1):
selftests: ALSA: fix memory leak in utimer test
Will Deacon (1):
arm64: dts: exynos: gs101: Add 'local-timer-stop' to cpuidle nodes
William Liu (1):
net/sched: Restrict conditions for adding duplicating netems to qdisc tree
Xiu Jianfeng (1):
wifi: iwlwifi: Fix memory leak in iwl_mvm_init()
Xiumei Mu (1):
selftests: rtnetlink.sh: remove esp4_offload after test
Yangtao Li (3):
hfsplus: make splice write available again
hfs: make splice write available again
hfsplus: remove mutex_lock check in hfsplus_free_extents
Yao Zi (1):
clk: thead: th1520-ap: Correctly refer the parent of osc_12m
Yuan Chen (3):
bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure
pinctrl: sunxi: Fix memory leak on krealloc failure
pinctrl: berlin: fix memory leak in berlin_pinctrl_build_state()
Yuhao Jiang (1):
USB: gadget: f_hid: Fix memory leak in hidg_bind error path
Ze Huang (2):
pinctrl: canaan: k230: add NULL check in DT parse
pinctrl: canaan: k230: Fix order of DT parse and pinctrl register
Zenm Chen (1):
Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano
Zhang Rui (1):
tools/power turbostat: Fix bogus SysWatt for forked program
Zheng Qixing (1):
md: allow removing faulty rdev during resync
Zheng Yu (1):
jfs: fix metapage reference count leak in dbAllocCtl
Zhengxu Zhang (1):
exfat: fdatasync flag should be same like generic_write_sync()
Zong-Zhe Yang (1):
wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band
wangzijie (1):
proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al
wenglianfa (2):
RDMA/hns: Fix double destruction of rsv_qp
RDMA/hns: Fix HW configurations not cleared in error flow
xin.guo (1):
tcp: fix tcp_ofo_queue() to avoid including too much DUP SACK range
yohan.joung (1):
f2fs: fix to check upper boundary for value of gc_boost_zoned_gc_percent
1 month
- 1
- 1
Linux 6.12.42
by Greg Kroah-Hartman
I'm announcing the release of the 6.12.42 kernel.
All users of the 6.12 kernel series must upgrade.
The updated 6.12.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.12.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
Documentation/filesystems/f2fs.rst | 6
Documentation/netlink/specs/ethtool.yaml | 6
Makefile | 2
arch/arm/boot/dts/nxp/imx/imx6ul-kontron-bl-common.dtsi | 1
arch/arm/boot/dts/nxp/vf/vfxxx.dtsi | 2
arch/arm/boot/dts/ti/omap/am335x-boneblack.dts | 2
arch/arm/crypto/aes-neonbs-glue.c | 2
arch/arm64/boot/dts/exynos/google/gs101.dtsi | 3
arch/arm64/boot/dts/freescale/imx8mm-beacon-som.dtsi | 2
arch/arm64/boot/dts/freescale/imx8mn-beacon-som.dtsi | 2
arch/arm64/boot/dts/freescale/imx93-tqma9352.dtsi | 6
arch/arm64/boot/dts/qcom/msm8976.dtsi | 2
arch/arm64/boot/dts/qcom/sa8775p.dtsi | 10
arch/arm64/boot/dts/qcom/sc7180.dtsi | 10
arch/arm64/boot/dts/qcom/sdm845.dtsi | 10
arch/arm64/boot/dts/st/stm32mp251.dtsi | 2
arch/arm64/boot/dts/ti/k3-am62p-j722s-common-main.dtsi | 2
arch/arm64/boot/dts/ti/k3-am642-phyboard-electra-rdk.dts | 2
arch/arm64/net/bpf_jit_comp.c | 1
arch/m68k/Kconfig.debug | 2
arch/m68k/kernel/early_printk.c | 42 -
arch/m68k/kernel/head.S | 8
arch/mips/mm/tlb-r4k.c | 56 +
arch/powerpc/configs/ppc6xx_defconfig | 1
arch/powerpc/kernel/eeh.c | 1
arch/powerpc/kernel/eeh_driver.c | 48 +
arch/powerpc/kernel/eeh_pe.c | 10
arch/powerpc/kernel/pci-hotplug.c | 3
arch/powerpc/platforms/pseries/dlpar.c | 52 +
arch/s390/include/asm/ap.h | 2
arch/s390/mm/pgalloc.c | 5
arch/s390/mm/vmem.c | 5
arch/sh/Makefile | 10
arch/sh/boot/compressed/Makefile | 4
arch/sh/boot/romimage/Makefile | 4
arch/um/drivers/rtc_user.c | 2
arch/x86/boot/cpuflags.c | 13
arch/x86/coco/sev/shared.c | 46 +
arch/x86/include/asm/cpufeatures.h | 1
arch/x86/include/asm/hw_irq.h | 12
arch/x86/kernel/cpu/scattered.c | 1
arch/x86/kernel/irq.c | 63 +-
arch/x86/mm/extable.c | 5
block/blk-settings.c | 13
drivers/accel/ivpu/ivpu_debugfs.c | 42 -
drivers/block/ublk_drv.c | 4
drivers/bluetooth/btusb.c | 4
drivers/bus/mhi/host/pci_generic.c | 8
drivers/char/hw_random/mtk-rng.c | 4
drivers/clk/at91/sam9x7.c | 20
drivers/clk/clk-axi-clkgen.c | 2
drivers/clk/davinci/psc.c | 5
drivers/clk/imx/clk-imx95-blk-ctl.c | 13
drivers/clk/renesas/rzv2h-cpg.c | 1
drivers/clk/sunxi-ng/ccu-sun8i-v3s.c | 3
drivers/clk/thead/clk-th1520-ap.c | 9
drivers/clk/xilinx/xlnx_vcu.c | 4
drivers/cpufreq/armada-8k-cpufreq.c | 3
drivers/cpufreq/cpufreq.c | 21
drivers/cpufreq/intel_pstate.c | 4
drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c | 4
drivers/crypto/ccp/ccp-debugfs.c | 3
drivers/crypto/ccp/sev-dev.c | 8
drivers/crypto/img-hash.c | 2
drivers/crypto/inside-secure/safexcel_hash.c | 8
drivers/crypto/intel/keembay/keembay-ocs-hcu-core.c | 8
drivers/crypto/intel/qat/qat_420xx/adf_420xx_hw_data.c | 9
drivers/crypto/intel/qat/qat_common/adf_gen4_hw_data.c | 29
drivers/crypto/intel/qat/qat_common/adf_sriov.c | 1
drivers/crypto/intel/qat/qat_common/adf_transport_debug.c | 4
drivers/crypto/intel/qat/qat_common/qat_bl.c | 6
drivers/crypto/intel/qat/qat_common/qat_compression.c | 8
drivers/crypto/marvell/cesa/cipher.c | 4
drivers/crypto/marvell/cesa/hash.c | 5
drivers/devfreq/devfreq.c | 12
drivers/dma/mmp_tdma.c | 2
drivers/dma/mv_xor.c | 21
drivers/dma/nbpfaxi.c | 13
drivers/firmware/arm_scmi/perf.c | 2
drivers/gpu/drm/amd/amdgpu/gfx_v10_0.c | 6
drivers/gpu/drm/amd/amdgpu/gfx_v9_0.c | 2
drivers/gpu/drm/amd/amdgpu/gfx_v9_4_3.c | 3
drivers/gpu/drm/amd/amdgpu/nbio_v7_9.c | 20
drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu_helper.c | 2
drivers/gpu/drm/i915/display/g4x_hdmi.c | 35 -
drivers/gpu/drm/i915/display/g4x_hdmi.h | 5
drivers/gpu/drm/i915/display/intel_ddi.c | 37 -
drivers/gpu/drm/i915/display/intel_display_types.h | 13
drivers/gpu/drm/i915/display/intel_hdmi.c | 10
drivers/gpu/drm/i915/display/intel_hdmi.h | 2
drivers/gpu/drm/msm/disp/dpu1/catalog/dpu_5_1_sc8180x.h | 1
drivers/gpu/drm/panfrost/panfrost_devfreq.c | 4
drivers/gpu/drm/rockchip/rockchip_drm_fb.c | 9
drivers/gpu/drm/vmwgfx/vmwgfx_shader.c | 2
drivers/gpu/drm/xe/xe_device.c | 1
drivers/hid/hid-apple.c | 3
drivers/i2c/muxes/i2c-mux-mule.c | 3
drivers/infiniband/hw/erdma/erdma_verbs.c | 3
drivers/infiniband/hw/hns/hns_roce_device.h | 1
drivers/infiniband/hw/hns/hns_roce_hem.c | 18
drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 87 ++
drivers/infiniband/hw/hns/hns_roce_hw_v2.h | 8
drivers/infiniband/hw/hns/hns_roce_main.c | 22
drivers/infiniband/hw/mana/qp.c | 2
drivers/infiniband/hw/mlx5/dm.c | 2
drivers/infiniband/hw/mlx5/umr.c | 6
drivers/interconnect/qcom/sc8180x.c | 6
drivers/interconnect/qcom/sc8280xp.c | 1
drivers/iommu/amd/iommu.c | 19
drivers/irqchip/Kconfig | 1
drivers/md/bcache/alloc.c | 64 --
drivers/md/bcache/bcache.h | 2
drivers/md/bcache/bset.c | 124 +---
drivers/md/bcache/bset.h | 40 -
drivers/md/bcache/btree.c | 69 --
drivers/md/bcache/extents.c | 53 -
drivers/md/bcache/movinggc.c | 41 -
drivers/md/bcache/super.c | 3
drivers/md/bcache/sysfs.c | 4
drivers/md/bcache/util.h | 67 ++
drivers/md/bcache/writeback.c | 13
drivers/md/md.c | 9
drivers/media/platform/ti/j721e-csi2rx/j721e-csi2rx.c | 1
drivers/media/v4l2-core/v4l2-ctrls-core.c | 8
drivers/misc/mei/platform-vsc.c | 5
drivers/misc/mei/vsc-tp.c | 20
drivers/mtd/ftl.c | 2
drivers/mtd/nand/raw/atmel/nand-controller.c | 2
drivers/mtd/nand/raw/atmel/pmecc.c | 6
drivers/mtd/nand/raw/rockchip-nand-controller.c | 15
drivers/mtd/spi-nor/spansion.c | 31 +
drivers/net/can/kvaser_pciefd.c | 1
drivers/net/can/usb/kvaser_usb/kvaser_usb_core.c | 1
drivers/net/can/usb/peak_usb/pcan_usb_fd.c | 17
drivers/net/dsa/microchip/ksz8.c | 3
drivers/net/dsa/microchip/ksz8_reg.h | 4
drivers/net/ethernet/emulex/benet/be_cmds.c | 2
drivers/net/ethernet/intel/fm10k/fm10k.h | 3
drivers/net/ethernet/intel/i40e/i40e.h | 2
drivers/net/ethernet/intel/ice/ice_ptp.c | 1
drivers/net/ethernet/intel/ixgbe/ixgbe.h | 3
drivers/net/ethernet/mellanox/mlx5/core/en/port_buffer.c | 3
drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec_rxtx.c | 4
drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 1
drivers/net/ethernet/mellanox/mlx5/core/lib/dm.c | 4
drivers/net/ethernet/mellanox/mlx5/core/main.c | 3
drivers/net/ethernet/meta/fbnic/fbnic_txrx.c | 4
drivers/net/ethernet/meta/fbnic/fbnic_txrx.h | 6
drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 2
drivers/net/ipa/ipa_sysfs.c | 6
drivers/net/mdio/mdio-bcm-unimac.c | 5
drivers/net/phy/mscc/mscc_ptp.c | 1
drivers/net/phy/mscc/mscc_ptp.h | 1
drivers/net/ppp/pptp.c | 18
drivers/net/usb/usbnet.c | 11
drivers/net/vrf.c | 2
drivers/net/wireless/ath/ath11k/hal.c | 4
drivers/net/wireless/ath/ath11k/mac.c | 12
drivers/net/wireless/ath/ath12k/wmi.c | 12
drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c | 8
drivers/net/wireless/intel/iwlwifi/dvm/main.c | 11
drivers/net/wireless/intel/iwlwifi/mvm/ops.c | 4
drivers/net/wireless/marvell/mwl8k.c | 4
drivers/net/wireless/purelifi/plfxlc/mac.c | 11
drivers/net/wireless/purelifi/plfxlc/mac.h | 2
drivers/net/wireless/purelifi/plfxlc/usb.c | 29
drivers/net/wireless/realtek/rtl818x/rtl8187/dev.c | 3
drivers/net/wireless/realtek/rtl8xxxu/core.c | 2
drivers/net/wireless/realtek/rtw88/main.c | 4
drivers/net/wireless/realtek/rtw89/core.c | 5
drivers/nvme/target/core.c | 14
drivers/pci/controller/pcie-rockchip-host.c | 2
drivers/pci/endpoint/functions/pci-epf-vntb.c | 4
drivers/pci/hotplug/pnv_php.c | 233 +++++++
drivers/pci/pcie/aspm.c | 30 -
drivers/perf/arm-ni.c | 2
drivers/phy/qualcomm/phy-qcom-eusb2-repeater.c | 87 +-
drivers/pinctrl/berlin/berlin.c | 8
drivers/pinctrl/pinmux.c | 20
drivers/pinctrl/sunxi/pinctrl-sunxi.c | 11
drivers/platform/x86/intel/pmt/class.c | 3
drivers/platform/x86/intel/pmt/class.h | 1
drivers/power/supply/cpcap-charger.c | 5
drivers/power/supply/max14577_charger.c | 4
drivers/powercap/dtpm_cpu.c | 2
drivers/pps/pps.c | 11
drivers/remoteproc/xlnx_r5_remoteproc.c | 2
drivers/rtc/rtc-ds1307.c | 2
drivers/rtc/rtc-hym8563.c | 2
drivers/rtc/rtc-nct3018y.c | 2
drivers/rtc/rtc-pcf85063.c | 2
drivers/rtc/rtc-pcf8563.c | 2
drivers/rtc/rtc-rv3028.c | 2
drivers/s390/crypto/ap_bus.h | 2
drivers/scsi/elx/efct/efct_lio.c | 2
drivers/scsi/ibmvscsi_tgt/libsrp.c | 6
drivers/scsi/isci/request.c | 2
drivers/scsi/mpt3sas/mpt3sas_scsih.c | 3
drivers/scsi/mvsas/mv_sas.c | 4
drivers/scsi/scsi_transport_iscsi.c | 2
drivers/scsi/sd.c | 4
drivers/soc/qcom/pmic_glink.c | 9
drivers/soc/qcom/qmi_encdec.c | 46 +
drivers/soc/tegra/cbb/tegra234-cbb.c | 2
drivers/soundwire/stream.c | 2
drivers/spi/spi-cs42l43.c | 2
drivers/spi/spi-stm32.c | 8
drivers/staging/fbtft/fbtft-core.c | 1
drivers/staging/greybus/gbphy.c | 6
drivers/staging/media/atomisp/pci/atomisp_gmin_platform.c | 9
drivers/staging/nvec/nvec_power.c | 2
drivers/ufs/core/ufshcd.c | 10
drivers/usb/early/xhci-dbc.c | 4
drivers/usb/gadget/composite.c | 5
drivers/usb/gadget/function/f_hid.c | 7
drivers/usb/host/xhci-plat.c | 2
drivers/usb/misc/apple-mfi-fastcharge.c | 24
drivers/usb/serial/option.c | 2
drivers/usb/typec/ucsi/ucsi_yoga_c630.c | 19
drivers/vdpa/mlx5/core/mr.c | 3
drivers/vdpa/mlx5/net/mlx5_vnet.c | 12
drivers/vdpa/vdpa_user/vduse_dev.c | 1
drivers/vfio/group.c | 7
drivers/vfio/iommufd.c | 4
drivers/vfio/pci/pds/vfio_dev.c | 1
drivers/vfio/pci/vfio_pci_core.c | 2
drivers/vfio/vfio_main.c | 3
drivers/vhost/Kconfig | 18
drivers/vhost/scsi.c | 4
drivers/vhost/vhost.c | 244 +++++++-
drivers/vhost/vhost.h | 22
drivers/video/fbdev/core/fbcon.c | 4
drivers/video/fbdev/imxfb.c | 9
drivers/watchdog/ziirave_wdt.c | 3
drivers/xen/gntdev-common.h | 4
drivers/xen/gntdev-dmabuf.c | 28
drivers/xen/gntdev.c | 71 +-
fs/ceph/crypto.c | 31 -
fs/exfat/file.c | 5
fs/ext4/inline.c | 2
fs/ext4/inode.c | 3
fs/f2fs/data.c | 7
fs/f2fs/extent_cache.c | 2
fs/f2fs/f2fs.h | 2
fs/f2fs/gc.c | 1
fs/f2fs/inode.c | 21
fs/f2fs/segment.h | 5
fs/f2fs/super.c | 1
fs/f2fs/sysfs.c | 21
fs/gfs2/util.c | 31 -
fs/hfs/inode.c | 1
fs/hfsplus/extents.c | 3
fs/hfsplus/inode.c | 1
fs/jfs/jfs_dmap.c | 4
fs/nfs/dir.c | 4
fs/nfs/export.c | 11
fs/nfs/flexfilelayout/flexfilelayout.c | 26
fs/nfs/flexfilelayout/flexfilelayoutdev.c | 6
fs/nfs/internal.h | 9
fs/nfs/nfs4proc.c | 10
fs/notify/fanotify/fanotify.c | 8
fs/ntfs3/file.c | 5
fs/ntfs3/frecord.c | 7
fs/ntfs3/namei.c | 10
fs/ntfs3/ntfs_fs.h | 3
fs/orangefs/orangefs-debugfs.c | 6
fs/proc/generic.c | 2
fs/proc/inode.c | 2
fs/proc/internal.h | 5
fs/smb/client/cifs_debug.c | 6
fs/smb/client/smbdirect.c | 116 +--
fs/smb/client/smbdirect.h | 4
fs/smb/server/connection.h | 1
fs/smb/server/smb2pdu.c | 22
fs/smb/server/smb_common.c | 2
fs/smb/server/transport_rdma.c | 97 +--
fs/smb/server/transport_tcp.c | 17
fs/smb/server/vfs.c | 3
include/linux/audit.h | 9
include/linux/fortify-string.h | 2
include/linux/fs_context.h | 2
include/linux/ioprio.h | 3
include/linux/mlx5/device.h | 1
include/linux/moduleparam.h | 5
include/linux/pps_kernel.h | 1
include/linux/proc_fs.h | 1
include/linux/psi_types.h | 6
include/linux/ring_buffer.h | 4
include/linux/skbuff.h | 23
include/linux/usb/usbnet.h | 1
include/linux/wait_bit.h | 60 ++
include/net/bluetooth/hci.h | 1
include/net/bluetooth/hci_core.h | 6
include/net/dst.h | 4
include/net/lwtunnel.h | 8
include/net/tc_act/tc_ctinfo.h | 6
include/net/udp.h | 24
include/sound/tas2781-tlv.h | 2
include/uapi/drm/panthor_drm.h | 3
include/uapi/linux/vhost.h | 29
init/Kconfig | 2
kernel/audit.h | 2
kernel/auditsc.c | 2
kernel/bpf/core.c | 5
kernel/bpf/helpers.c | 11
kernel/bpf/preload/Kconfig | 1
kernel/events/core.c | 20
kernel/kcsan/kcsan_test.c | 2
kernel/module/main.c | 6
kernel/rcu/refscale.c | 10
kernel/rcu/tree_nocb.h | 2
kernel/sched/psi.c | 123 ++--
kernel/trace/preemptirq_delay_test.c | 13
kernel/trace/ring_buffer.c | 63 --
kernel/trace/trace.c | 14
kernel/trace/trace_kdb.c | 8
kernel/ucount.c | 2
mm/hmm.c | 2
mm/swapfile.c | 63 +-
net/bluetooth/hci_event.c | 8
net/caif/cfctrl.c | 294 ++++------
net/core/dst.c | 4
net/core/filter.c | 3
net/core/netpoll.c | 7
net/core/skmsg.c | 7
net/ipv4/route.c | 4
net/ipv4/tcp_input.c | 4
net/ipv6/ip6_fib.c | 24
net/ipv6/ip6_offload.c | 4
net/ipv6/ip6mr.c | 3
net/ipv6/route.c | 56 +
net/mac80211/cfg.c | 2
net/mac80211/tdls.c | 2
net/mac80211/tx.c | 14
net/netfilter/nf_bpf_link.c | 5
net/netfilter/nf_tables_api.c | 29
net/netfilter/xt_nfacct.c | 4
net/packet/af_packet.c | 12
net/sched/act_ctinfo.c | 19
net/sched/sch_mqprio.c | 2
net/sched/sch_netem.c | 40 +
net/sched/sch_taprio.c | 21
net/sunrpc/svcsock.c | 43 +
net/sunrpc/xprtsock.c | 40 +
net/tls/tls_sw.c | 13
net/vmw_vsock/af_vsock.c | 3
net/wireless/nl80211.c | 1
samples/mei/mei-amt-version.c | 2
scripts/kconfig/qconf.cc | 2
security/apparmor/include/match.h | 8
security/apparmor/match.c | 23
security/apparmor/policy_unpack_test.c | 6
sound/pci/hda/cs35l56_hda.c | 110 ++-
sound/pci/hda/patch_ca0132.c | 5
sound/pci/hda/patch_realtek.c | 3
sound/soc/amd/yc/acp6x-mach.c | 21
sound/soc/fsl/fsl_xcvr.c | 20
sound/soc/intel/boards/Kconfig | 2
sound/soc/mediatek/common/mtk-afe-platform-driver.c | 4
sound/soc/mediatek/common/mtk-base-afe.h | 1
sound/soc/mediatek/mt8173/mt8173-afe-pcm.c | 7
sound/soc/mediatek/mt8183/mt8183-afe-pcm.c | 7
sound/soc/mediatek/mt8186/mt8186-afe-pcm.c | 7
sound/soc/mediatek/mt8192/mt8192-afe-pcm.c | 7
sound/soc/soc-dai.c | 16
sound/soc/soc-ops.c | 26
sound/usb/mixer_scarlett2.c | 7
sound/x86/intel_hdmi_audio.c | 2
tools/bpf/bpftool/net.c | 15
tools/cgroup/memcg_slabinfo.py | 4
tools/lib/subcmd/help.c | 12
tools/perf/.gitignore | 2
tools/perf/builtin-sched.c | 99 ++-
tools/perf/tests/bp_account.c | 1
tools/perf/util/build-id.c | 2
tools/perf/util/evsel.c | 11
tools/perf/util/evsel.h | 2
tools/perf/util/symbol.c | 1
tools/testing/selftests/alsa/utimer-test.c | 1
tools/testing/selftests/arm64/fp/sve-ptrace.c | 2
tools/testing/selftests/bpf/prog_tests/sockmap_listen.c | 2
tools/testing/selftests/bpf/progs/verifier_arena_large.c | 110 +++
tools/testing/selftests/bpf/veristat.c | 1
tools/testing/selftests/breakpoints/step_after_suspend_test.c | 41 +
tools/testing/selftests/drivers/net/lib/py/env.py | 2
tools/testing/selftests/ftrace/test.d/event/subsystem-enable.tc | 28
tools/testing/selftests/net/rtnetlink.sh | 6
tools/testing/selftests/perf_events/.gitignore | 1
tools/testing/selftests/perf_events/Makefile | 2
tools/testing/selftests/perf_events/mmap.c | 236 ++++++++
tools/testing/selftests/syscall_user_dispatch/sud_test.c | 50 -
tools/testing/selftests/vDSO/vdso_test_chacha.c | 3
tools/verification/rv/src/in_kernel.c | 4
393 files changed, 3763 insertions(+), 1890 deletions(-)
Abdun Nihaal (1):
staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc()
Abinash Singh (1):
f2fs: fix KMSAN uninit-value in extent_info usage
Adam Ford (2):
arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed
arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed
Adam Queler (1):
ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx
Adrián Larumbe (1):
drm/panfrost: Fix panfrost device variable name in devfreq
Ahsan Atta (1):
crypto: qat - allow enabling VFs in the absence of IOMMU
Al Viro (2):
parse_longname(): strrchr() expects NUL-terminated string
xen: fix UAF in dmabuf_exp_from_pages()
Albin Törnqvist (1):
arm: dts: ti: omap: Fixup pinheader typo
Alex Deucher (3):
drm/amdgpu/gfx9: fix kiq locking in KCQ reset
drm/amdgpu/gfx9.4.3: fix kiq locking in KCQ reset
drm/amdgpu/gfx10: fix kiq locking in KCQ reset
Alex Williamson (1):
vfio/pci: Separate SR-IOV VF dev_set
Alexander Stein (1):
arm64: dts: freescale: imx93-tqma9352: Limit BUCK2 to 600mV
Alexander Wetzel (2):
wifi: mac80211: Do not schedule stopped TXQs
wifi: mac80211: Don't call fq_flow_idx() for management frames
Alexander Wilhelm (1):
soc: qcom: QMI encoding/decoding for big endian
Alexandru Andries (1):
ASoC: amd: yc: add DMI quirk for ASUS M6501RM
Alexei Lazar (1):
net/mlx5e: Clear Read-Only port buffer size in PBMC before update
Alexei Starovoitov (2):
selftests/bpf: Add a test for arena range tree algorithm
selftests/bpf: Fix build error with llvm 19
Alexey Kardashevskiy (1):
crypto: ccp - Fix locking on alloc failure handling
Alok Tiwari (1):
staging: nvec: Fix incorrect null termination of battery manufacturer
Amir Goldstein (1):
fanotify: sanitize handle_type values when reporting fid
Ammar Faizi (1):
net: usbnet: Fix the wrong netif_carrier_on() call
Anders Roxell (1):
vdpa: Fix IDR memory leak in VDUSE module exit
Andreas Gruenbacher (1):
gfs2: No more self recovery
Andrzej Kacprowski (1):
accel/ivpu: Fix reset_engine debugfs file logic
André Apitzsch (1):
arm64: dts: qcom: msm8976: Make blsp_dma controlled-remotely
Andy Shevchenko (1):
mm/hmm: move pmd_to_hmm_pfn_flags() to the respective #ifdeffery
Andy Yan (1):
drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed
Annette Kobou (1):
ARM: dts: imx6ul-kontron-bl-common: Fix RTS polarity for RS485 interface
Anton Nadezhdin (1):
ice/ptp: fix crosstimestamp reporting
Arnd Bergmann (8):
ethernet: intel: fix building with large NR_CPUS
ASoC: Intel: fix SND_SOC_SOF dependencies
ASoC: ops: dynamically allocate struct snd_ctl_elem_value
cpufreq: armada-8k: make both cpu masks static
caif: reduce stack size, again
crypto: arm/aes-neonbs - work around gcc-15 warning
kernel: trace: preemptirq_delay_test: use offstack cpu mask
irqchip: Build IMX_MU_MSI only on ARM
Arseniy Krasnov (1):
Bluetooth: hci_sync: fix double free in 'hci_discovery_filter_clear()'
Artem Sadovnikov (1):
refscale: Check that nreaders and loops multiplication doesn't overflow
Bairavi Alagappan (1):
crypto: qat - disable ZUC-256 capability for QAT GEN5
Balamanikandan Gunasundar (1):
mtd: rawnand: atmel: set pmecc data setup time
Baochen Qiang (1):
wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask()
Baojun Xu (1):
ASoC: tas2781: Fix the wrong step for TLV on tas2781
Bard Liao (1):
soundwire: stream: restore params when prepare ports fail
Ben Hutchings (1):
sh: Do not use hyphen in exported variable name
Benjamin Coddington (1):
NFS: Fixup allocation flags for nfsiod's __GFP_NORETRY
Bitterblue Smith (1):
wifi: rtw88: Fix macid assigned to TDLS station
Boris Brezillon (1):
drm/panthor: Add missing explicit padding in drm_panthor_gpu_info
Brahmajit Das (1):
samples: mei: Fix building on musl libc
Brett Creeley (1):
vfio/pds: Fix missing detach_ioas op
Brian Masney (6):
rtc: ds1307: fix incorrect maximum clock rate handling
rtc: hym8563: fix incorrect maximum clock rate handling
rtc: nct3018y: fix incorrect maximum clock rate handling
rtc: pcf85063: fix incorrect maximum clock rate handling
rtc: pcf8563: fix incorrect maximum clock rate handling
rtc: rv3028: fix incorrect maximum clock rate handling
Budimir Markovic (1):
vsock: Do not allow binding to VMADDR_PORT_ANY
Caleb Sander Mateos (1):
ublk: use vmalloc for ublk_device's __queues
Chanwoo Choi (1):
PM / devfreq: Fix a index typo in trans_stat
Chao Yu (9):
f2fs: fix to check upper boundary for gc_valid_thresh_ratio
f2fs: fix to check upper boundary for gc_no_zoned_gc_percent
f2fs: doc: fix wrong quota mount option description
f2fs: fix to avoid UAF in f2fs_sync_inode_meta()
f2fs: fix to avoid panic in f2fs_evict_inode
f2fs: fix to avoid out-of-boundary access in devs.path
f2fs: fix to update upper_p in __get_secs_required() correctly
f2fs: fix to calculate dirty data during has_not_enough_free_secs()
f2fs: fix to trigger foreground gc during f2fs_map_blocks() in lfs mode
Charalampos Mitrodimas (1):
usb: misc: apple-mfi-fastcharge: Make power supply names unique
Charles Han (2):
power: supply: cpcap-charger: Fix null check for power_supply_get_by_name
power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set
Chen Pei (1):
perf tools: Remove libtraceevent in .gitignore
Chen-Yu Tsai (1):
ASoC: mediatek: use reserved memory or enable buffer pre-allocation
Chenyuan Yang (1):
fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref
Chris Down (1):
Bluetooth: hci_event: Mask data status from LE ext adv reports
Christoph Hellwig (1):
block: ensure discard_granularity is zero when discard is not supported
Christoph Paasch (1):
net/mlx5: Correctly set gso_segs when LRO is used
Christophe JAILLET (1):
i2c: muxes: mule: Fix an error handling path in mule_i2c_mux_probe()
Cindy Lu (1):
vhost: Reintroduce kthread API and add mode selection
Clément Le Goffic (1):
spi: stm32: Check for cfg availability in stm32_spi_probe
Daeho Jeong (1):
f2fs: turn off one_time when forcibly set to foreground GC
Dan Carpenter (2):
watchdog: ziirave_wdt: check record length in ziirave_firm_verify()
fs/orangefs: Allow 2 more characters in do_c_string()
Daniil Dulov (1):
wifi: rtl818x: Kill URBs before clearing tx status queue
Dave Hansen (1):
x86/fpu: Delay instruction pointer fixup until after warning
Denis OSTERLAND-HEIM (1):
pps: fix poll support
Dmitry Baryshkov (3):
usb: typec: ucsi: yoga-c630: fix error and remove paths
interconnect: qcom: sc8280xp: specify num_links for qnm_a1noc_cfg
interconnect: qcom: sc8180x: specify num_nodes
Dmitry Vyukov (1):
selftests: Fix errno checking in syscall_user_dispatch test
Dragos Tatulea (2):
vdpa/mlx5: Fix needs_teardown flag calculation
vdpa/mlx5: Fix release of uninitialized resources on error path
Easwar Hariharan (1):
iommu/amd: Enable PASID and ATS capabilities in the correct order
Edip Hazuri (3):
ALSA: hda/realtek - Fix mute LED for HP Victus 16-r1xxx
ALSA: hda/realtek - Fix mute LED for HP Victus 16-s0xxx
ALSA: hda/realtek - Fix mute LED for HP Victus 16-d1xxx (MB 8A26)
Edward Adam Davis (1):
fs/ntfs3: cancle set bad inode after removing name fails
Edward Srouji (1):
RDMA/mlx5: Fix UMR modifying of mkey page size
Eric Dumazet (10):
net: dst: annotate data-races around dst->input
net: dst: annotate data-races around dst->output
net_sched: act_ctinfo: use atomic64_t for three counters
tcp: call tcp_measure_rcv_mss() for ooo packets
ipv6: prevent infinite loop in rt6_nlmsg_size()
ipv6: fix possible infinite loop in fib6_info_uses_dev()
ipv6: annotate data-races around rt->fib6_nsiblings
pptp: ensure minimal skb length in pptp_xmit()
ipv6: reject malicious packets in ipv6_gso_segment()
pptp: fix pptp_xmit() error path
Fedor Pchelkin (2):
drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value
netfilter: nf_tables: adjust lockdep assertions handling
Finn Thain (1):
m68k: Don't unregister boot console needlessly
Florian Fainelli (1):
net: mdio: mdio-bcm-unimac: Correct rate fallback logic
Florian Westphal (1):
netfilter: xt_nfacct: don't assume acct name is null-terminated
Fushuai Wang (1):
selftests/bpf: fix signedness bug in redir_partial()
Gabriele Monaco (1):
tools/rv: Do not skip idle in trace
Gal Pressman (1):
selftests: drv-net: Fix remote command checking in require_cmd()
Geoffrey D. Bennett (1):
ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx()
Gerald Schaefer (1):
s390/mm: Remove possible false-positive warning in pte_free_defer()
Giovanni Cabiddu (2):
crypto: qat - fix DMA direction for compression on GEN2 devices
crypto: qat - fix seq_file position update in adf_ring_next()
Gokul Sivakumar (1):
wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE
Greg Kroah-Hartman (3):
Revert "vmci: Prevent the dispatching of uninitialized payloads"
staging: greybus: gbphy: fix up const issue with the match callback
Linux 6.12.42
Guenter Roeck (1):
block: Fix default IO priority if there is no IO context
Hans Zhang (1):
PCI: rockchip-host: Fix "Unexpected Completion" log message
Hans de Goede (3):
mei: vsc: Destroy mutex after freeing the IRQ
mei: vsc: Event notifier fixes
mei: vsc: Unset the event callback on remove and probe errors
Harald Freudenberger (1):
s390/ap: Unmask SLCF bit in card and queue ap functions sysfs
Haren Myneni (1):
powerpc/pseries/dlpar: Search DRC index from ibm,drc-indexes for IO add
Helge Deller (1):
apparmor: Fix unaligned memory accesses in KUnit test
Heming Zhao (1):
md/md-cluster: handle REMOVE message earlier
Henry Martin (1):
clk: davinci: Add NULL check in davinci_lpsc_clk_register()
Herbert Xu (1):
crypto: marvell/cesa - Fix engine load inaccuracy
Horatiu Vultur (1):
phy: mscc: Fix parsing of unicast frames
Ian Forbes (1):
drm/vmwgfx: Fix Host-Backed userspace on Guest-Backed kernel
Ian Rogers (1):
perf dso: Add missed dso__put to dso__load_kcore
Ilpo Järvinen (1):
PCI/ASPM: Fix L1SS saving
Ivan Stepchenko (1):
mtd: fix possible integer overflow in erase_xfer()
Jacob Pan (2):
vfio: Fix unbalanced vfio_df_close call in no-iommu mode
vfio: Prevent open_count decrement to negative
Jakub Kicinski (3):
netpoll: prevent hanging NAPI when netcons gets enabled
netlink: specs: ethtool: fix module EEPROM input/output arguments
eth: fbnic: remove the debugging trick of super high page bias
James Cowgill (1):
media: v4l2-ctrls: Fix H264 SEPARATE_COLOUR_PLANE check
Jan Kara (1):
ext4: Make sure BH_New bit is cleared in ->write_end handler
Jan Prusakowski (1):
f2fs: vm_unmap_ram() may be called from an invalid context
Jani Nikula (6):
drm/i915/ddi: change intel_ddi_init_{dp, hdmi}_connector() return type
drm/i915/hdmi: propagate errors from intel_hdmi_init_connector()
drm/i915/hdmi: add error handling in g4x_hdmi_init()
drm/i915/ddi: gracefully handle errors from intel_ddi_init_hdmi_connector()
drm/i915/display: add intel_encoder_is_hdmi()
drm/i915/ddi: only call shutdown hooks for valid encoders
Jason Gunthorpe (1):
iommu/amd: Fix geometry.aperture_end for V2 tables
Jason Xing (1):
stmmac: xsk: fix negative overflow of budget in zerocopy mode
Jerome Brunet (1):
PCI: endpoint: pci-epf-vntb: Return -ENOENT if pci_epc_get_next_free_bar() fails
Jian-Hong Pan (1):
PCI/ASPM: Save parent L1SS config in pci_save_aspm_l1ss_state()
Jianbo Liu (1):
net/mlx5e: Remove skb secpath if xfrm state is not found
Jiasheng Jiang (1):
iwlwifi: Add missing check for alloc_ordered_workqueue
Jiaxun Yang (1):
MIPS: mm: tlb-r4k: Uniquify TLB entries on init
Jiayuan Chen (2):
bpf, sockmap: Fix psock incorrectly pointing to sk
bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls
Jimmy Assarsson (2):
can: kvaser_pciefd: Store device channel index
can: kvaser_usb: Assign netdev.dev_port based on device channel index
Johan Hovold (1):
soc: qcom: pmic_glink: fix OF node leak
Johan Korsnes (1):
arch: powerpc: defconfig: Drop obsolete CONFIG_NET_CLS_TCINDEX
John Ernberg (1):
net: usbnet: Avoid potential RCU stall on LINK_CHANGE event
Juergen Gross (1):
xen/gntdev: remove struct gntdev_copy_batch from stack
Julien Massot (1):
media: ti: j721e-csi2rx: fix list_del corruption
Junxian Huang (4):
RDMA/hns: Get message length of ack_req from FW
RDMA/hns: Fix accessing uninitialized resources
RDMA/hns: Drop GFP_NOWARN
RDMA/hns: Fix -Wframe-larger-than issue
Kees Cook (4):
wifi: mac80211: Write cnt before copying in ieee80211_copy_rnr_beacon()
wifi: nl80211: Set num_sub_specs before looping through sub_specs
staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int()
fortify: Fix incorrect reporting of read buffer size
Kemeng Shi (2):
mm: swap: correctly use maxpages in swapon syscall to avoid potential deadloop
mm: swap: fix potential buffer overflow in setup_clusters()
Konrad Dybcio (3):
arm64: dts: qcom: sdm845: Expand IMEM region
arm64: dts: qcom: sc7180: Expand IMEM region
drm/msm/dpu: Fill in min_prefill_lines for SC8180X
Konstantin Komarov (1):
Revert "fs/ntfs3: Replace inode_trylock with inode_lock"
Krzysztof Kozlowski (2):
ARM: dts: vfxxx: Correctly use two tuples for timer address
dmaengine: mmp: Fix again Wvoid-pointer-to-enum-cast warning
Kuan-Wei Chiu (1):
Revert "bcache: remove heap-related macros and switch to generic min_heap"
Kumar Kartikeya Dwivedi (1):
bpf: Ensure RCU lock is held around bpf_prog_ksym_find
Kuninori Morimoto (1):
ASoC: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask()
Kuniyuki Iwashima (1):
bpf: Disable migration in nf_hook_run_bpf().
Lad Prabhakar (1):
clk: renesas: rzv2h: Fix missing CLK_SET_RATE_PARENT flag for ddiv clocks
Lane Odenbach (1):
ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx
Laurentiu Palcu (1):
clk: imx95-blk-ctl: Fix synchronous abort
Leo Yan (1):
perf tests bp_account: Fix leaked file descriptor
Li Lingfeng (1):
scsi: Revert "scsi: iscsi: Fix HW conn removal use after free"
Lifeng Zheng (3):
PM / devfreq: Check governor before using governor->name
cpufreq: Initialize cpufreq-based frequency-invariance later
cpufreq: Init policy->rwsem before it may be possibly used
Lijo Lazar (1):
drm/amdgpu: Remove nbiov7.9 replay count reporting
Lijuan Gao (1):
arm64: dts: qcom: sa8775p: Correct the interrupt for remoteproc
Lizhi Xu (1):
vmci: Prevent the dispatching of uninitialized payloads
Lorenzo Stoakes (1):
selftests/perf_events: Add a mmap() correctness test
Luca Weiss (2):
phy: qualcomm: phy-qcom-eusb2-repeater: Don't zero-out registers
net: ipa: add IPA v5.1 and v5.5 to ipa_version_string()
Lucas De Marchi (1):
usb: early: xhci-dbc: Fix early_ioremap leak
Lukasz Laguna (1):
drm/xe/vf: Disable CSC support on VF
Maher Azzouzi (1):
net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing
Manivannan Sadhasivam (1):
PCI: endpoint: pci-epf-vntb: Fix the incorrect usage of __iomem attribute
Marco Elver (1):
kcsan: test: Initialize dummy variable
Mark Brown (1):
kselftest/arm64: Fix check for setting new VLs in sve-ptrace
Martin Kaistra (1):
wifi: rtl8xxxu: Fix RX skb size for aggregation disabled
Masahiro Yamada (1):
kconfig: qconf: fix ConfigList::updateListAllforAll()
Matthew Wilcox (Oracle) (1):
memcg_slabinfo: Fix use of PG_slab
Mengbiao Xiong (1):
crypto: ccp - Fix crash when rebind ccp device for ccp.ko
Michael J. Ruhl (1):
platform/x86/intel/pmt: fix a crashlog NULL pointer access
Michael Walle (1):
arm64: dts: ti: k3-am62p-j722s: fix pinctrl-single size
Michal Schmidt (1):
benet: fix BUG when creating VFs
Mike Christie (1):
vhost-scsi: Fix log flooding with target does not exist errors
Mohamed Khalfella (2):
nvmet: initialize discovery subsys after debugfs is initialized
nvmet: exit debugfs after discovery subsystem exits
Moon Hee Lee (2):
selftests: breakpoints: use suspend_stats to reliably check suspend success
wifi: mac80211: reject TDLS operations when station is not associated
Mukesh Ojha (1):
pinmux: fix race causing mux_owner NULL with active mux_usecount
Murad Masimov (1):
wifi: plfxlc: Fix error handling in usb driver probe
Mykyta Yatsenko (1):
selftests/bpf: Fix unintentional switch case fall through
Namhyung Kim (8):
perf tools: Fix use-after-free in help_unknown_cmd()
perf sched: Make sure it frees the usage string
perf sched: Free thread->priv using priv_destructor
perf sched: Fix memory leaks in 'perf sched map'
perf sched: Fix memory leaks for evsel->priv in timehist
perf sched: Use RC_CHK_EQUAL() to compare pointers
perf sched: Fix memory leaks in 'perf sched latency'
perf record: Cache build-ID of hit DSOs only
Namjae Jeon (4):
ksmbd: fix null pointer dereference error in generate_encryptionkey
ksmbd: fix Preauh_HashValue race condition
ksmbd: fix corrupted mtime and ctime in smb2_open
ksmbd: limit repeated connections from clients with the same IP
NeilBrown (1):
sched: Add test_and_clear_wake_up_bit() and atomic_dec_and_wake_up()
Nuno Sá (1):
clk: clk-axi-clkgen: fix fpfd_max frequency for zynq
Olga Kornievskaia (3):
NFSv4.2: another fix for listxattr
sunrpc: fix client side handling of tls alerts
sunrpc: fix handling of server side tls alerts
Ovidiu Panait (2):
crypto: sun8i-ce - fix nents passed to dma_unmap_sg()
hwrng: mtk - handle devm_pm_runtime_enable errors
Patrick Delaunay (1):
arm64: dts: st: fix timer used for ticks
Paul Chaignon (2):
bpf: Check flow_dissector ctx accesses are aligned
bpf: Check netfilter ctx accesses are aligned
Paul Kocialkowski (1):
clk: sunxi-ng: v3s: Fix de clock definition
Peter Zijlstra (2):
sched/psi: Optimize psi_group_change() cpu_clock() usage
sched/psi: Fix psi_seq initialization
Petr Machata (1):
net: ipv6: ip6mr: Fix in/out netdev to pass to the FORWARD chain
Petr Pavlu (1):
module: Restore the moduleparam prefix length check
Phil Sutter (1):
netfilter: nf_tables: Drop dead code from fill_*_info routines
Puranjay Mohan (1):
bpf, arm64: Fix fp initialization for exception boundary
Qasim Ijaz (1):
HID: apple: validate feature-report field count to prevent NULL pointer dereference
Quang Le (1):
net/packet: fix a race in packet_set_ring() and packet_notifier()
Rafael J. Wysocki (1):
cpufreq: intel_pstate: Always use HWP_DESIRED_PERF in passive mode
Randy Dunlap (1):
io_uring: fix breakage in EXPERT menu
Remi Pommarel (2):
wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key()
Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()"
Richard Fitzgerald (1):
ALSA: hda/cs35l56: Workaround bad dev-index on Lenovo Yoga Book 9i GenX
Richard Guy Briggs (1):
audit,module: restore audit logging in load failure case
Robin Murphy (1):
perf/arm-ni: Set initial IRQ affinity
Rohit Visavalia (1):
clk: xilinx: vcu: unregister pll_post only if registered correctly
RubenKelevra (1):
fs_context: fix parameter name in infofc() macro
Ryan Lee (2):
apparmor: ensure WB_HISTORY_SIZE value is a power of 2
apparmor: fix loop detection used in conflicting attachment resolution
Salomon Dushimirimana (1):
scsi: sd: Make sd shutdown issue START STOP UNIT appropriately
Sergey Senozhatsky (1):
wifi: ath11k: clear initialized flag for deinit-ed srng lists
Seunghui Lee (1):
scsi: ufs: core: Use link recovery when h8 exit fails during runtime resume
Seungjin Bae (1):
usb: host: xhci-plat: fix incorrect type for of_match variable in xhci_plat_probe()
Sheng Yong (1):
f2fs: fix bio memleak when committing super block
Shengjiu Wang (1):
ASoC: fsl_xcvr: get channel status data when PHY is not exists
Shiraz Saleem (1):
RDMA/mana_ib: Fix DSCP value in modify QP
Shixiong Ou (1):
fbcon: Fix outdated registered_fb reference in comment
Sibi Sankar (1):
firmware: arm_scmi: Fix up turbo frequencies selection
Simon Trimmer (1):
spi: cs42l43: Property entry should be a null-terminated array
Sivan Zohar-Kotzer (1):
powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw()
Slark Xiao (2):
bus: mhi: host: pci_generic: Fix the modem name of Foxconn T99W640
USB: serial: option: add Foxconn T99W709
Stanislav Fomichev (1):
vrf: Drop existing dst reference in vrf_ip6_input_dst
Stav Aviram (1):
net/mlx5: Check device memory pointer before usage
Stefan Metzmacher (9):
smb: server: remove separate empty_recvmsg_queue
smb: server: make sure we call ib_dma_unmap_single() only if we called ib_dma_map_single already
smb: server: let recv_done() consistently call put_recvmsg/smb_direct_disconnect_rdma_connection
smb: server: let recv_done() avoid touching data_transfer after cleanup/move
smb: client: remove separate empty_packet_queue
smb: client: make sure we call ib_dma_unmap_single() only if we called ib_dma_map_single already
smb: client: let recv_done() cleanup before notifying the callers.
smb: client: let recv_done() avoid touching data_transfer after cleanup/move
smb: client: return an error if rdma_connect does not return within 5 seconds
Stephane Grosjean (1):
can: peak_usb: fix USB FD devices potential malfunction
Steven Rostedt (2):
selftests/tracing: Fix false failure of subsystem event test
ring-buffer: Remove ring_buffer_read_prepare_sync()
Suman Kumar Chakraborty (1):
crypto: qat - use unmanaged allocation for dc_data
Sumanth Korikkar (1):
s390/mm: Allocate page table with PAGE_SIZE granularity
Sumit Gupta (1):
soc/tegra: cbb: Clear ERR_FORCE register with ERR_STATUS
Svyatoslav Pankratov (1):
crypto: qat - fix state restore for banks with exceptions
Takahiro Kuwano (1):
mtd: spi-nor: spansion: Fixup params->set_4byte_addr_mode for SEMPER
Takamitsu Iwai (1):
net/sched: taprio: enforce minimum value for picos_per_byte
Takashi Iwai (1):
ALSA: hda/ca0132: Fix missing error handling in ca0132_alt_select_out()
Tamizh Chelvam Raja (1):
wifi: ath12k: fix endianness handling while accessing wmi service bit
Tanmay Shah (1):
remoteproc: xlnx: Disable unsupported features
Tao Xue (1):
usb: gadget : fix use-after-free in composite_dev_cleanup()
Thomas Fourier (13):
mwl8k: Add missing check after DMA map
Fix dma_unmap_sg() nents value
crypto: inside-secure - Fix `dma_unmap_sg()` nents value
scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value
scsi: elx: efct: Fix dma_unmap_sg() nents value
scsi: mvsas: Fix dma_unmap_sg() nents value
scsi: isci: Fix dma_unmap_sg() nents value
crypto: keembay - Fix dma_unmap_sg() nents value
crypto: img-hash - Fix dma_unmap_sg() nents value
dmaengine: mv_xor: Fix missing check after DMA map and missing unmap
dmaengine: nbpfaxi: Add missing check after DMA map
mtd: rawnand: atmel: Fix dma_mapping_error() address
mtd: rawnand: rockchip: Add missing check after DMA map
Thomas Gleixner (4):
x86/irq: Plug vector setup race
perf/core: Don't leak AUX buffer refcount on allocation failure
perf/core: Exit early on perf_mmap() fail
perf/core: Prevent VMA split of buffer mappings
Thomas Weißschuh (2):
selftests: vDSO: chacha: Correctly skip test if necessary
bpf/preload: Don't select USERMODE_DRIVER
Thorsten Blum (2):
smb: server: Fix extension string in ksmbd_extract_shortname()
ALSA: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe()
Tigran Mkrtchyan (1):
pNFS/flexfiles: don't attempt pnfs on fatal DS errors
Timothy Pearson (5):
PCI: pnv_php: Clean up allocated IRQs on unplug
PCI: pnv_php: Work around switches with broken presence detection
powerpc/eeh: Export eeh_unfreeze_pe()
powerpc/eeh: Make EEH driver device hotplug safe
PCI: pnv_php: Fix surprise plug detection and recovery
Tiwei Bie (1):
um: rtc: Avoid shadowing err in uml_rtc_start()
Tom Lendacky (1):
x86/sev: Evict cache lines during SNP memory validation
Tomas Henzl (1):
scsi: mpt3sas: Fix a fw_event memory leak
Tristram Ha (1):
net: dsa: microchip: Fix wrong rx drop MIB counter for KSZ8863
Trond Myklebust (2):
NFS: Fix wakeup of __nfs_lookup_revalidate() in unblock_revalidate()
NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()
Tze-nan Wu (1):
rcu: Fix delayed execution of hurry callbacks
Uros Bizjak (1):
ucount: fix atomic_long_inc_below() argument type
Varshini Rajendran (1):
clk: at91: sam9x7: update pll clk ranges
Wadim Egorov (1):
arm64: dts: ti: k3-am642-phyboard-electra: Fix PRU-ICSSG Ethernet ports
Wang Liang (1):
net: drop UFO packets in udp_rcv_segment()
WangYuli (1):
selftests: ALSA: fix memory leak in utimer test
Will Deacon (1):
arm64: dts: exynos: gs101: Add 'local-timer-stop' to cpuidle nodes
William Liu (1):
net/sched: Restrict conditions for adding duplicating netems to qdisc tree
Xiu Jianfeng (1):
wifi: iwlwifi: Fix memory leak in iwl_mvm_init()
Xiumei Mu (1):
selftests: rtnetlink.sh: remove esp4_offload after test
Yangtao Li (3):
hfsplus: make splice write available again
hfs: make splice write available again
hfsplus: remove mutex_lock check in hfsplus_free_extents
Yao Zi (1):
clk: thead: th1520-ap: Correctly refer the parent of osc_12m
Yuan Chen (3):
bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure
pinctrl: sunxi: Fix memory leak on krealloc failure
pinctrl: berlin: fix memory leak in berlin_pinctrl_build_state()
Yuhao Jiang (1):
USB: gadget: f_hid: Fix memory leak in hidg_bind error path
Zenm Chen (1):
Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano
Zheng Yu (1):
jfs: fix metapage reference count leak in dbAllocCtl
Zhengxu Zhang (1):
exfat: fdatasync flag should be same like generic_write_sync()
Zong-Zhe Yang (1):
wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band
wangzijie (1):
proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al
wenglianfa (2):
RDMA/hns: Fix double destruction of rsv_qp
RDMA/hns: Fix HW configurations not cleared in error flow
xin.guo (1):
tcp: fix tcp_ofo_queue() to avoid including too much DUP SACK range
yohan.joung (1):
f2fs: fix to check upper boundary for value of gc_boost_zoned_gc_percent
1 month
- 1
- 1
Linux 6.6.102
by Greg Kroah-Hartman
I'm announcing the release of the 6.6.102 kernel.
All users of the 6.6 kernel series must upgrade.
The updated 6.6.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.6.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
Documentation/filesystems/f2fs.rst | 6
Documentation/netlink/specs/ethtool.yaml | 6
Makefile | 2
arch/arm/boot/dts/nxp/imx/imx6ul-kontron-bl-common.dtsi | 1
arch/arm/boot/dts/nxp/vf/vfxxx.dtsi | 2
arch/arm/boot/dts/ti/omap/am335x-boneblack.dts | 2
arch/arm/crypto/aes-neonbs-glue.c | 2
arch/arm64/boot/dts/freescale/imx8mm-beacon-som.dtsi | 2
arch/arm64/boot/dts/freescale/imx8mn-beacon-som.dtsi | 2
arch/arm64/boot/dts/qcom/msm8976.dtsi | 2
arch/arm64/boot/dts/qcom/sc7180.dtsi | 10
arch/arm64/boot/dts/qcom/sdm845.dtsi | 10
arch/m68k/Kconfig.debug | 2
arch/m68k/kernel/early_printk.c | 42 -
arch/m68k/kernel/head.S | 8
arch/mips/mm/tlb-r4k.c | 56 +
arch/powerpc/configs/ppc6xx_defconfig | 1
arch/powerpc/kernel/eeh.c | 1
arch/powerpc/kernel/eeh_driver.c | 48 +
arch/powerpc/kernel/eeh_pe.c | 10
arch/powerpc/kernel/pci-hotplug.c | 3
arch/sh/Makefile | 10
arch/sh/boot/compressed/Makefile | 4
arch/sh/boot/romimage/Makefile | 4
arch/um/drivers/rtc_user.c | 2
arch/x86/boot/compressed/sev.c | 7
arch/x86/boot/cpuflags.c | 13
arch/x86/include/asm/cpufeatures.h | 1
arch/x86/kernel/cpu/scattered.c | 1
arch/x86/kernel/sev-shared.c | 36 +
arch/x86/kernel/sev.c | 11
arch/x86/mm/extable.c | 5
drivers/block/ublk_drv.c | 4
drivers/bluetooth/btusb.c | 4
drivers/char/hw_random/mtk-rng.c | 4
drivers/clk/clk-axi-clkgen.c | 2
drivers/clk/davinci/psc.c | 5
drivers/clk/sunxi-ng/ccu-sun8i-v3s.c | 3
drivers/clk/xilinx/xlnx_vcu.c | 4
drivers/cpufreq/cpufreq.c | 21
drivers/cpufreq/intel_pstate.c | 4
drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c | 4
drivers/crypto/ccp/ccp-debugfs.c | 3
drivers/crypto/img-hash.c | 2
drivers/crypto/inside-secure/safexcel_hash.c | 8
drivers/crypto/intel/keembay/keembay-ocs-hcu-core.c | 8
drivers/crypto/intel/qat/qat_common/adf_transport_debug.c | 4
drivers/crypto/intel/qat/qat_common/qat_bl.c | 6
drivers/crypto/intel/qat/qat_common/qat_compression.c | 8
drivers/crypto/marvell/cesa/cipher.c | 4
drivers/crypto/marvell/cesa/hash.c | 5
drivers/devfreq/devfreq.c | 10
drivers/dma/mv_xor.c | 21
drivers/dma/nbpfaxi.c | 13
drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu_helper.c | 2
drivers/gpu/drm/msm/disp/dpu1/catalog/dpu_5_1_sc8180x.h | 1
drivers/gpu/drm/rockchip/rockchip_drm_fb.c | 9
drivers/gpu/drm/vmwgfx/vmwgfx_shader.c | 2
drivers/i2c/busses/i2c-stm32f7.c | 199 ++----
drivers/infiniband/hw/erdma/erdma_verbs.c | 3
drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 15
drivers/infiniband/hw/mlx5/dm.c | 2
drivers/interconnect/qcom/sc8180x.c | 6
drivers/interconnect/qcom/sc8280xp.c | 1
drivers/iommu/amd/iommu.c | 17
drivers/irqchip/Kconfig | 1
drivers/md/md.c | 9
drivers/media/v4l2-core/v4l2-ctrls-core.c | 8
drivers/mtd/ftl.c | 2
drivers/mtd/nand/raw/atmel/nand-controller.c | 2
drivers/mtd/nand/raw/atmel/pmecc.c | 6
drivers/mtd/nand/raw/rockchip-nand-controller.c | 15
drivers/net/can/kvaser_pciefd.c | 1
drivers/net/can/usb/kvaser_usb/kvaser_usb_core.c | 1
drivers/net/can/usb/peak_usb/pcan_usb_fd.c | 17
drivers/net/ethernet/emulex/benet/be_cmds.c | 2
drivers/net/ethernet/intel/fm10k/fm10k.h | 3
drivers/net/ethernet/intel/i40e/i40e.h | 2
drivers/net/ethernet/intel/ixgbe/ixgbe.h | 3
drivers/net/ethernet/mellanox/mlx5/core/en/port_buffer.c | 3
drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec_rxtx.c | 4
drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 1
drivers/net/ethernet/mellanox/mlx5/core/lib/dm.c | 4
drivers/net/ethernet/mellanox/mlx5/core/main.c | 3
drivers/net/ipa/ipa_sysfs.c | 6
drivers/net/phy/mscc/mscc_ptp.c | 1
drivers/net/phy/mscc/mscc_ptp.h | 1
drivers/net/ppp/pptp.c | 18
drivers/net/usb/usbnet.c | 11
drivers/net/vrf.c | 2
drivers/net/wireless/ath/ath11k/hal.c | 4
drivers/net/wireless/ath/ath12k/wmi.c | 12
drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c | 8
drivers/net/wireless/intel/iwlwifi/dvm/main.c | 11
drivers/net/wireless/intel/iwlwifi/mvm/ops.c | 4
drivers/net/wireless/marvell/mwl8k.c | 4
drivers/net/wireless/purelifi/plfxlc/mac.c | 11
drivers/net/wireless/purelifi/plfxlc/mac.h | 2
drivers/net/wireless/purelifi/plfxlc/usb.c | 29
drivers/net/wireless/realtek/rtl818x/rtl8187/dev.c | 3
drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c | 2
drivers/net/wireless/realtek/rtw89/core.c | 5
drivers/pci/controller/pcie-rockchip-host.c | 2
drivers/pci/endpoint/functions/pci-epf-vntb.c | 4
drivers/pci/hotplug/pnv_php.c | 233 +++++++
drivers/pinctrl/pinmux.c | 20
drivers/pinctrl/sunxi/pinctrl-sunxi.c | 11
drivers/power/supply/cpcap-charger.c | 5
drivers/power/supply/max14577_charger.c | 4
drivers/powercap/dtpm_cpu.c | 2
drivers/pps/pps.c | 11
drivers/rtc/rtc-ds1307.c | 2
drivers/rtc/rtc-hym8563.c | 2
drivers/rtc/rtc-nct3018y.c | 2
drivers/rtc/rtc-pcf85063.c | 2
drivers/rtc/rtc-pcf8563.c | 2
drivers/rtc/rtc-rv3028.c | 2
drivers/scsi/elx/efct/efct_lio.c | 2
drivers/scsi/ibmvscsi_tgt/libsrp.c | 6
drivers/scsi/isci/request.c | 2
drivers/scsi/mpt3sas/mpt3sas_scsih.c | 3
drivers/scsi/mvsas/mv_sas.c | 4
drivers/scsi/scsi_transport_iscsi.c | 2
drivers/scsi/sd.c | 4
drivers/soc/qcom/pmic_glink.c | 9
drivers/soc/qcom/qmi_encdec.c | 46 +
drivers/soc/tegra/cbb/tegra234-cbb.c | 2
drivers/soundwire/stream.c | 2
drivers/spi/spi-stm32.c | 8
drivers/staging/fbtft/fbtft-core.c | 1
drivers/staging/nvec/nvec_power.c | 2
drivers/ufs/core/ufshcd.c | 10
drivers/usb/early/xhci-dbc.c | 4
drivers/usb/gadget/composite.c | 5
drivers/usb/host/xhci-plat.c | 2
drivers/usb/misc/apple-mfi-fastcharge.c | 24
drivers/usb/serial/option.c | 2
drivers/vfio/group.c | 7
drivers/vfio/iommufd.c | 4
drivers/vfio/pci/pds/vfio_dev.c | 1
drivers/vfio/pci/vfio_pci_core.c | 2
drivers/vfio/vfio_main.c | 3
drivers/vhost/scsi.c | 4
drivers/video/fbdev/core/fbcon.c | 4
drivers/video/fbdev/imxfb.c | 9
drivers/watchdog/ziirave_wdt.c | 3
drivers/xen/gntdev-common.h | 4
drivers/xen/gntdev.c | 71 +-
fs/f2fs/data.c | 7
fs/f2fs/extent_cache.c | 2
fs/f2fs/f2fs.h | 2
fs/f2fs/inode.c | 21
fs/f2fs/segment.h | 5
fs/gfs2/util.c | 31 -
fs/hfs/inode.c | 1
fs/hfsplus/extents.c | 3
fs/hfsplus/inode.c | 1
fs/jfs/jfs_dmap.c | 4
fs/nfs/dir.c | 4
fs/nfs/export.c | 11
fs/nfs/flexfilelayout/flexfilelayout.c | 26
fs/nfs/flexfilelayout/flexfilelayoutdev.c | 6
fs/nfs/internal.h | 9
fs/nfs/nfs4proc.c | 10
fs/notify/fanotify/fanotify.c | 8
fs/ntfs3/file.c | 5
fs/ntfs3/frecord.c | 7
fs/ntfs3/namei.c | 10
fs/ntfs3/ntfs_fs.h | 3
fs/orangefs/orangefs-debugfs.c | 6
fs/proc/generic.c | 2
fs/proc/inode.c | 2
fs/proc/internal.h | 5
fs/smb/client/cifs_debug.c | 2
fs/smb/client/cifsacl.c | 2
fs/smb/client/cifsacl.h | 2
fs/smb/client/cifsencrypt.c | 2
fs/smb/client/cifsfs.c | 4
fs/smb/client/cifsglob.h | 2
fs/smb/client/cifspdu.h | 4
fs/smb/client/cifssmb.c | 6
fs/smb/client/file.c | 2
fs/smb/client/fs_context.h | 2
fs/smb/client/misc.c | 2
fs/smb/client/netmisc.c | 2
fs/smb/client/readdir.c | 4
fs/smb/client/smb2ops.c | 4
fs/smb/client/smb2pdu.c | 4
fs/smb/client/smb2transport.c | 2
fs/smb/client/smbdirect.c | 293 +++++----
fs/smb/client/smbdirect.h | 14
fs/smb/common/smbdirect/smbdirect_socket.h | 41 +
fs/smb/server/connection.h | 1
fs/smb/server/smb2pdu.c | 22
fs/smb/server/smb_common.c | 2
fs/smb/server/transport_rdma.c | 97 +--
fs/smb/server/transport_tcp.c | 17
fs/smb/server/vfs.c | 3
include/linux/audit.h | 9
include/linux/fs_context.h | 2
include/linux/moduleparam.h | 5
include/linux/pps_kernel.h | 1
include/linux/proc_fs.h | 1
include/linux/psi_types.h | 6
include/linux/sched.h | 2
include/linux/skbuff.h | 23
include/linux/usb/usbnet.h | 1
include/linux/wait_bit.h | 60 ++
include/net/bluetooth/hci.h | 1
include/net/dst.h | 4
include/net/lwtunnel.h | 8
include/net/tc_act/tc_ctinfo.h | 6
include/net/udp.h | 24
kernel/audit.h | 2
kernel/auditsc.c | 2
kernel/bpf/preload/Kconfig | 1
kernel/events/core.c | 20
kernel/freezer.c | 51 -
kernel/kcsan/kcsan_test.c | 2
kernel/module/main.c | 6
kernel/sched/core.c | 31 -
kernel/sched/psi.c | 123 ++--
kernel/trace/preemptirq_delay_test.c | 13
kernel/ucount.c | 2
mm/hmm.c | 2
net/bluetooth/hci_event.c | 8
net/caif/cfctrl.c | 294 ++++------
net/core/dst.c | 4
net/core/filter.c | 3
net/core/netpoll.c | 7
net/core/skmsg.c | 7
net/ipv4/route.c | 4
net/ipv4/tcp_input.c | 4
net/ipv6/ip6_fib.c | 24
net/ipv6/ip6_offload.c | 4
net/ipv6/ip6mr.c | 3
net/ipv6/route.c | 56 +
net/mac80211/cfg.c | 2
net/mac80211/tdls.c | 2
net/mac80211/tx.c | 14
net/netfilter/nf_bpf_link.c | 5
net/netfilter/nf_tables_api.c | 29
net/netfilter/xt_nfacct.c | 4
net/packet/af_packet.c | 12
net/sched/act_ctinfo.c | 19
net/sched/sch_mqprio.c | 2
net/sched/sch_netem.c | 40 +
net/sched/sch_taprio.c | 21
net/sunrpc/svcsock.c | 43 +
net/sunrpc/xprtsock.c | 40 +
net/tls/tls_sw.c | 13
net/vmw_vsock/af_vsock.c | 3
samples/mei/mei-amt-version.c | 2
scripts/kconfig/qconf.cc | 2
security/apparmor/include/match.h | 8
security/apparmor/match.c | 23
sound/pci/hda/patch_ca0132.c | 5
sound/soc/amd/yc/acp6x-mach.c | 21
sound/soc/fsl/fsl_xcvr.c | 20
sound/soc/intel/boards/Kconfig | 2
sound/soc/mediatek/common/mtk-afe-platform-driver.c | 4
sound/soc/mediatek/common/mtk-base-afe.h | 1
sound/soc/mediatek/mt8173/mt8173-afe-pcm.c | 7
sound/soc/mediatek/mt8183/mt8183-afe-pcm.c | 7
sound/soc/mediatek/mt8186/mt8186-afe-pcm.c | 7
sound/soc/mediatek/mt8192/mt8192-afe-pcm.c | 7
sound/soc/soc-dai.c | 16
sound/soc/soc-ops.c | 26
sound/usb/mixer_scarlett2.c | 7
sound/x86/intel_hdmi_audio.c | 2
tools/bpf/bpftool/net.c | 15
tools/lib/subcmd/help.c | 12
tools/perf/.gitignore | 2
tools/perf/builtin-sched.c | 41 +
tools/perf/tests/bp_account.c | 1
tools/perf/util/evsel.c | 11
tools/perf/util/evsel.h | 2
tools/perf/util/symbol.c | 1
tools/testing/selftests/arm64/fp/sve-ptrace.c | 2
tools/testing/selftests/bpf/prog_tests/sockmap_listen.c | 2
tools/testing/selftests/ftrace/test.d/event/subsystem-enable.tc | 28
tools/testing/selftests/net/rtnetlink.sh | 6
tools/testing/selftests/perf_events/.gitignore | 1
tools/testing/selftests/perf_events/Makefile | 2
tools/testing/selftests/perf_events/mmap.c | 236 ++++++++
tools/testing/selftests/syscall_user_dispatch/sud_test.c | 50 -
tools/verification/rv/src/in_kernel.c | 4
287 files changed, 2609 insertions(+), 1269 deletions(-)
Abdun Nihaal (1):
staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc()
Abinash Singh (1):
f2fs: fix KMSAN uninit-value in extent_info usage
Adam Ford (2):
arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed
arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed
Adam Queler (1):
ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx
Alain Volmat (3):
i2c: stm32f7: use dev_err_probe upon calls of devm_request_irq
i2c: stm32f7: perform most of irq job in threaded handler
i2c: stm32f7: simplify status messages in case of errors
Albin Törnqvist (1):
arm: dts: ti: omap: Fixup pinheader typo
Alex Williamson (1):
vfio/pci: Separate SR-IOV VF dev_set
Alexander Wetzel (2):
wifi: mac80211: Do not schedule stopped TXQs
wifi: mac80211: Don't call fq_flow_idx() for management frames
Alexander Wilhelm (1):
soc: qcom: QMI encoding/decoding for big endian
Alexandru Andries (1):
ASoC: amd: yc: add DMI quirk for ASUS M6501RM
Alexei Lazar (1):
net/mlx5e: Clear Read-Only port buffer size in PBMC before update
Alok Tiwari (1):
staging: nvec: Fix incorrect null termination of battery manufacturer
Amir Goldstein (1):
fanotify: sanitize handle_type values when reporting fid
Ammar Faizi (1):
net: usbnet: Fix the wrong netif_carrier_on() call
Andi Shyti (1):
i2c: stm32f7: Use devm_clk_get_enabled()
Andreas Gruenbacher (1):
gfs2: No more self recovery
André Apitzsch (1):
arm64: dts: qcom: msm8976: Make blsp_dma controlled-remotely
Andy Shevchenko (1):
mm/hmm: move pmd_to_hmm_pfn_flags() to the respective #ifdeffery
Andy Yan (1):
drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed
Annette Kobou (1):
ARM: dts: imx6ul-kontron-bl-common: Fix RTS polarity for RS485 interface
Arnd Bergmann (7):
ethernet: intel: fix building with large NR_CPUS
ASoC: Intel: fix SND_SOC_SOF dependencies
ASoC: ops: dynamically allocate struct snd_ctl_elem_value
caif: reduce stack size, again
crypto: arm/aes-neonbs - work around gcc-15 warning
kernel: trace: preemptirq_delay_test: use offstack cpu mask
irqchip: Build IMX_MU_MSI only on ARM
Balamanikandan Gunasundar (1):
mtd: rawnand: atmel: set pmecc data setup time
Bard Liao (1):
soundwire: stream: restore params when prepare ports fail
Ben Hutchings (1):
sh: Do not use hyphen in exported variable name
Benjamin Coddington (1):
NFS: Fixup allocation flags for nfsiod's __GFP_NORETRY
Brahmajit Das (1):
samples: mei: Fix building on musl libc
Brett Creeley (1):
vfio/pds: Fix missing detach_ioas op
Brian Masney (6):
rtc: ds1307: fix incorrect maximum clock rate handling
rtc: hym8563: fix incorrect maximum clock rate handling
rtc: nct3018y: fix incorrect maximum clock rate handling
rtc: pcf85063: fix incorrect maximum clock rate handling
rtc: pcf8563: fix incorrect maximum clock rate handling
rtc: rv3028: fix incorrect maximum clock rate handling
Budimir Markovic (1):
vsock: Do not allow binding to VMADDR_PORT_ANY
Caleb Sander Mateos (1):
ublk: use vmalloc for ublk_device's __queues
Chao Yu (7):
f2fs: doc: fix wrong quota mount option description
f2fs: fix to avoid UAF in f2fs_sync_inode_meta()
f2fs: fix to avoid panic in f2fs_evict_inode
f2fs: fix to avoid out-of-boundary access in devs.path
f2fs: fix to update upper_p in __get_secs_required() correctly
f2fs: fix to calculate dirty data during has_not_enough_free_secs()
f2fs: fix to trigger foreground gc during f2fs_map_blocks() in lfs mode
Charalampos Mitrodimas (1):
usb: misc: apple-mfi-fastcharge: Make power supply names unique
Charles Han (2):
power: supply: cpcap-charger: Fix null check for power_supply_get_by_name
power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set
Chen Pei (1):
perf tools: Remove libtraceevent in .gitignore
Chen Ridong (1):
sched,freezer: Remove unnecessary warning in __thaw_task
Chen-Yu Tsai (1):
ASoC: mediatek: use reserved memory or enable buffer pre-allocation
Chenyuan Yang (1):
fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref
Chris Down (1):
Bluetooth: hci_event: Mask data status from LE ext adv reports
Christoph Paasch (1):
net/mlx5: Correctly set gso_segs when LRO is used
Clément Le Goffic (2):
spi: stm32: Check for cfg availability in stm32_spi_probe
i2c: stm32f7: unmap DMA mapped buffer
Dan Carpenter (2):
watchdog: ziirave_wdt: check record length in ziirave_firm_verify()
fs/orangefs: Allow 2 more characters in do_c_string()
Daniil Dulov (1):
wifi: rtl818x: Kill URBs before clearing tx status queue
Dave Hansen (1):
x86/fpu: Delay instruction pointer fixup until after warning
Denis OSTERLAND-HEIM (1):
pps: fix poll support
Dmitry Baryshkov (2):
interconnect: qcom: sc8280xp: specify num_links for qnm_a1noc_cfg
interconnect: qcom: sc8180x: specify num_nodes
Dmitry Vyukov (1):
selftests: Fix errno checking in syscall_user_dispatch test
Edward Adam Davis (1):
fs/ntfs3: cancle set bad inode after removing name fails
Elliot Berman (4):
sched/core: Remove ifdeffery for saved_state
freezer,sched: Use saved_state to reduce some spurious wakeups
freezer,sched: Do not restore saved_state of a thawed task
freezer,sched: Clean saved_state when restoring it during thaw
Eric Dumazet (10):
net: dst: annotate data-races around dst->input
net: dst: annotate data-races around dst->output
net_sched: act_ctinfo: use atomic64_t for three counters
tcp: call tcp_measure_rcv_mss() for ooo packets
ipv6: prevent infinite loop in rt6_nlmsg_size()
ipv6: fix possible infinite loop in fib6_info_uses_dev()
ipv6: annotate data-races around rt->fib6_nsiblings
pptp: ensure minimal skb length in pptp_xmit()
ipv6: reject malicious packets in ipv6_gso_segment()
pptp: fix pptp_xmit() error path
Fedor Pchelkin (2):
drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value
netfilter: nf_tables: adjust lockdep assertions handling
Finn Thain (1):
m68k: Don't unregister boot console needlessly
Florian Westphal (1):
netfilter: xt_nfacct: don't assume acct name is null-terminated
Fushuai Wang (1):
selftests/bpf: fix signedness bug in redir_partial()
Gabriele Monaco (1):
tools/rv: Do not skip idle in trace
Geoffrey D. Bennett (1):
ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx()
Giovanni Cabiddu (2):
crypto: qat - fix DMA direction for compression on GEN2 devices
crypto: qat - fix seq_file position update in adf_ring_next()
Gokul Sivakumar (1):
wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE
Greg Kroah-Hartman (2):
Revert "vmci: Prevent the dispatching of uninitialized payloads"
Linux 6.6.102
Hans Zhang (1):
PCI: rockchip-host: Fix "Unexpected Completion" log message
Heming Zhao (1):
md/md-cluster: handle REMOVE message earlier
Henry Martin (1):
clk: davinci: Add NULL check in davinci_lpsc_clk_register()
Herbert Xu (1):
crypto: marvell/cesa - Fix engine load inaccuracy
Horatiu Vultur (1):
phy: mscc: Fix parsing of unicast frames
Ian Forbes (1):
drm/vmwgfx: Fix Host-Backed userspace on Guest-Backed kernel
Ian Rogers (1):
perf dso: Add missed dso__put to dso__load_kcore
Ivan Stepchenko (1):
mtd: fix possible integer overflow in erase_xfer()
Jacob Pan (2):
vfio: Fix unbalanced vfio_df_close call in no-iommu mode
vfio: Prevent open_count decrement to negative
Jakub Kicinski (2):
netpoll: prevent hanging NAPI when netcons gets enabled
netlink: specs: ethtool: fix module EEPROM input/output arguments
James Cowgill (1):
media: v4l2-ctrls: Fix H264 SEPARATE_COLOUR_PLANE check
Jan Prusakowski (1):
f2fs: vm_unmap_ram() may be called from an invalid context
Jason Gunthorpe (1):
iommu/amd: Fix geometry.aperture_end for V2 tables
Jerome Brunet (1):
PCI: endpoint: pci-epf-vntb: Return -ENOENT if pci_epc_get_next_free_bar() fails
Jianbo Liu (1):
net/mlx5e: Remove skb secpath if xfrm state is not found
Jiasheng Jiang (1):
iwlwifi: Add missing check for alloc_ordered_workqueue
Jiaxun Yang (1):
MIPS: mm: tlb-r4k: Uniquify TLB entries on init
Jiayuan Chen (2):
bpf, sockmap: Fix psock incorrectly pointing to sk
bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls
Jimmy Assarsson (2):
can: kvaser_pciefd: Store device channel index
can: kvaser_usb: Assign netdev.dev_port based on device channel index
Johan Hovold (1):
soc: qcom: pmic_glink: fix OF node leak
Johan Korsnes (1):
arch: powerpc: defconfig: Drop obsolete CONFIG_NET_CLS_TCINDEX
John Ernberg (1):
net: usbnet: Avoid potential RCU stall on LINK_CHANGE event
Juergen Gross (1):
xen/gntdev: remove struct gntdev_copy_batch from stack
Junxian Huang (1):
RDMA/hns: Fix -Wframe-larger-than issue
Kees Cook (1):
wifi: mac80211: Write cnt before copying in ieee80211_copy_rnr_beacon()
Konrad Dybcio (3):
arm64: dts: qcom: sdm845: Expand IMEM region
arm64: dts: qcom: sc7180: Expand IMEM region
drm/msm/dpu: Fill in min_prefill_lines for SC8180X
Konstantin Komarov (1):
Revert "fs/ntfs3: Replace inode_trylock with inode_lock"
Krzysztof Kozlowski (1):
ARM: dts: vfxxx: Correctly use two tuples for timer address
Kuninori Morimoto (1):
ASoC: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask()
Kuniyuki Iwashima (1):
bpf: Disable migration in nf_hook_run_bpf().
Lane Odenbach (1):
ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx
Leo Yan (1):
perf tests bp_account: Fix leaked file descriptor
Li Lingfeng (1):
scsi: Revert "scsi: iscsi: Fix HW conn removal use after free"
Lifeng Zheng (3):
PM / devfreq: Check governor before using governor->name
cpufreq: Initialize cpufreq-based frequency-invariance later
cpufreq: Init policy->rwsem before it may be possibly used
Lizhi Xu (1):
vmci: Prevent the dispatching of uninitialized payloads
Lorenzo Stoakes (1):
selftests/perf_events: Add a mmap() correctness test
Luca Weiss (1):
net: ipa: add IPA v5.1 and v5.5 to ipa_version_string()
Lucas De Marchi (1):
usb: early: xhci-dbc: Fix early_ioremap leak
Maher Azzouzi (1):
net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing
Manivannan Sadhasivam (1):
PCI: endpoint: pci-epf-vntb: Fix the incorrect usage of __iomem attribute
Marco Elver (1):
kcsan: test: Initialize dummy variable
Mark Brown (1):
kselftest/arm64: Fix check for setting new VLs in sve-ptrace
Martin Kaistra (1):
wifi: rtl8xxxu: Fix RX skb size for aggregation disabled
Masahiro Yamada (1):
kconfig: qconf: fix ConfigList::updateListAllforAll()
Mengbiao Xiong (1):
crypto: ccp - Fix crash when rebind ccp device for ccp.ko
Michal Schmidt (1):
benet: fix BUG when creating VFs
Mike Christie (1):
vhost-scsi: Fix log flooding with target does not exist errors
Moon Hee Lee (1):
wifi: mac80211: reject TDLS operations when station is not associated
Mukesh Ojha (1):
pinmux: fix race causing mux_owner NULL with active mux_usecount
Murad Masimov (1):
wifi: plfxlc: Fix error handling in usb driver probe
Namhyung Kim (4):
perf tools: Fix use-after-free in help_unknown_cmd()
perf sched: Free thread->priv using priv_destructor
perf sched: Fix memory leaks for evsel->priv in timehist
perf sched: Fix memory leaks in 'perf sched latency'
Namjae Jeon (4):
ksmbd: fix null pointer dereference error in generate_encryptionkey
ksmbd: fix Preauh_HashValue race condition
ksmbd: fix corrupted mtime and ctime in smb2_open
ksmbd: limit repeated connections from clients with the same IP
NeilBrown (1):
sched: Add test_and_clear_wake_up_bit() and atomic_dec_and_wake_up()
Nuno Sá (1):
clk: clk-axi-clkgen: fix fpfd_max frequency for zynq
Olga Kornievskaia (3):
NFSv4.2: another fix for listxattr
sunrpc: fix client side handling of tls alerts
sunrpc: fix handling of server side tls alerts
Ovidiu Panait (2):
crypto: sun8i-ce - fix nents passed to dma_unmap_sg()
hwrng: mtk - handle devm_pm_runtime_enable errors
Paul Chaignon (2):
bpf: Check flow_dissector ctx accesses are aligned
bpf: Check netfilter ctx accesses are aligned
Paul Kocialkowski (1):
clk: sunxi-ng: v3s: Fix de clock definition
Peter Zijlstra (2):
sched/psi: Optimize psi_group_change() cpu_clock() usage
sched/psi: Fix psi_seq initialization
Petr Machata (1):
net: ipv6: ip6mr: Fix in/out netdev to pass to the FORWARD chain
Petr Pavlu (1):
module: Restore the moduleparam prefix length check
Phil Sutter (1):
netfilter: nf_tables: Drop dead code from fill_*_info routines
Quang Le (1):
net/packet: fix a race in packet_set_ring() and packet_notifier()
Rafael J. Wysocki (1):
cpufreq: intel_pstate: Always use HWP_DESIRED_PERF in passive mode
Remi Pommarel (2):
wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key()
Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()"
Richard Guy Briggs (1):
audit,module: restore audit logging in load failure case
Rohit Visavalia (1):
clk: xilinx: vcu: unregister pll_post only if registered correctly
RubenKelevra (1):
fs_context: fix parameter name in infofc() macro
Ryan Lee (2):
apparmor: ensure WB_HISTORY_SIZE value is a power of 2
apparmor: fix loop detection used in conflicting attachment resolution
Salomon Dushimirimana (1):
scsi: sd: Make sd shutdown issue START STOP UNIT appropriately
Sergey Senozhatsky (1):
wifi: ath11k: clear initialized flag for deinit-ed srng lists
Seunghui Lee (1):
scsi: ufs: core: Use link recovery when h8 exit fails during runtime resume
Seungjin Bae (1):
usb: host: xhci-plat: fix incorrect type for of_match variable in xhci_plat_probe()
Shen Lichuan (2):
smb: client: Use min() macro
smb: client: Correct typos in multiple comments across various files
Shengjiu Wang (1):
ASoC: fsl_xcvr: get channel status data when PHY is not exists
Shixiong Ou (1):
fbcon: Fix outdated registered_fb reference in comment
Sivan Zohar-Kotzer (1):
powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw()
Slark Xiao (1):
USB: serial: option: add Foxconn T99W709
Stanislav Fomichev (1):
vrf: Drop existing dst reference in vrf_ip6_input_dst
Stav Aviram (1):
net/mlx5: Check device memory pointer before usage
Stefan Metzmacher (9):
smb: server: remove separate empty_recvmsg_queue
smb: server: make sure we call ib_dma_unmap_single() only if we called ib_dma_map_single already
smb: server: let recv_done() consistently call put_recvmsg/smb_direct_disconnect_rdma_connection
smb: server: let recv_done() avoid touching data_transfer after cleanup/move
smb: smbdirect: add smbdirect_socket.h
smb: client: make use of common smbdirect_socket
smb: client: make sure we call ib_dma_unmap_single() only if we called ib_dma_map_single already
smb: client: let recv_done() cleanup before notifying the callers.
smb: client: return an error if rdma_connect does not return within 5 seconds
Stephane Grosjean (1):
can: peak_usb: fix USB FD devices potential malfunction
Steven Rostedt (1):
selftests/tracing: Fix false failure of subsystem event test
Suman Kumar Chakraborty (1):
crypto: qat - use unmanaged allocation for dc_data
Sumit Gupta (1):
soc/tegra: cbb: Clear ERR_FORCE register with ERR_STATUS
Takamitsu Iwai (1):
net/sched: taprio: enforce minimum value for picos_per_byte
Takashi Iwai (1):
ALSA: hda/ca0132: Fix missing error handling in ca0132_alt_select_out()
Tamizh Chelvam Raja (1):
wifi: ath12k: fix endianness handling while accessing wmi service bit
Tao Xue (1):
usb: gadget : fix use-after-free in composite_dev_cleanup()
Thomas Fourier (13):
mwl8k: Add missing check after DMA map
Fix dma_unmap_sg() nents value
crypto: inside-secure - Fix `dma_unmap_sg()` nents value
scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value
scsi: elx: efct: Fix dma_unmap_sg() nents value
scsi: mvsas: Fix dma_unmap_sg() nents value
scsi: isci: Fix dma_unmap_sg() nents value
crypto: keembay - Fix dma_unmap_sg() nents value
crypto: img-hash - Fix dma_unmap_sg() nents value
dmaengine: mv_xor: Fix missing check after DMA map and missing unmap
dmaengine: nbpfaxi: Add missing check after DMA map
mtd: rawnand: atmel: Fix dma_mapping_error() address
mtd: rawnand: rockchip: Add missing check after DMA map
Thomas Gleixner (3):
perf/core: Don't leak AUX buffer refcount on allocation failure
perf/core: Exit early on perf_mmap() fail
perf/core: Prevent VMA split of buffer mappings
Thomas Weißschuh (1):
bpf/preload: Don't select USERMODE_DRIVER
Thorsten Blum (2):
smb: server: Fix extension string in ksmbd_extract_shortname()
ALSA: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe()
Tigran Mkrtchyan (1):
pNFS/flexfiles: don't attempt pnfs on fatal DS errors
Timothy Pearson (5):
PCI: pnv_php: Clean up allocated IRQs on unplug
PCI: pnv_php: Work around switches with broken presence detection
powerpc/eeh: Export eeh_unfreeze_pe()
powerpc/eeh: Make EEH driver device hotplug safe
PCI: pnv_php: Fix surprise plug detection and recovery
Tiwei Bie (1):
um: rtc: Avoid shadowing err in uml_rtc_start()
Tom Lendacky (1):
x86/sev: Evict cache lines during SNP memory validation
Tomas Henzl (1):
scsi: mpt3sas: Fix a fw_event memory leak
Trond Myklebust (2):
NFS: Fix wakeup of __nfs_lookup_revalidate() in unblock_revalidate()
NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()
Uros Bizjak (1):
ucount: fix atomic_long_inc_below() argument type
Wang Liang (1):
net: drop UFO packets in udp_rcv_segment()
William Liu (1):
net/sched: Restrict conditions for adding duplicating netems to qdisc tree
Xiu Jianfeng (1):
wifi: iwlwifi: Fix memory leak in iwl_mvm_init()
Xiumei Mu (1):
selftests: rtnetlink.sh: remove esp4_offload after test
Yangtao Li (3):
hfsplus: make splice write available again
hfs: make splice write available again
hfsplus: remove mutex_lock check in hfsplus_free_extents
Yuan Chen (2):
bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure
pinctrl: sunxi: Fix memory leak on krealloc failure
Zenm Chen (1):
Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano
Zheng Yu (1):
jfs: fix metapage reference count leak in dbAllocCtl
Zong-Zhe Yang (1):
wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band
wangzijie (1):
proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al
xin.guo (1):
tcp: fix tcp_ofo_queue() to avoid including too much DUP SACK range
1 month
- 1
- 1
Linux 6.1.148
by Greg Kroah-Hartman
I'm announcing the release of the 6.1.148 kernel.
All users of the 6.1 kernel series must upgrade.
The updated 6.1.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.1.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
Documentation/filesystems/f2fs.rst | 6
Makefile | 2
arch/arm/boot/dts/am335x-boneblack.dts | 2
arch/arm/boot/dts/imx6ul-kontron-bl-common.dtsi | 1
arch/arm/boot/dts/vfxxx.dtsi | 2
arch/arm/crypto/aes-neonbs-glue.c | 2
arch/arm64/boot/dts/freescale/imx8mm-beacon-som.dtsi | 2
arch/arm64/boot/dts/freescale/imx8mn-beacon-som.dtsi | 2
arch/arm64/boot/dts/qcom/sc7180.dtsi | 10
arch/arm64/boot/dts/qcom/sdm845.dtsi | 10
arch/m68k/Kconfig.debug | 2
arch/m68k/kernel/early_printk.c | 42 -
arch/m68k/kernel/head.S | 8
arch/mips/mm/tlb-r4k.c | 56 +
arch/powerpc/configs/ppc6xx_defconfig | 1
arch/powerpc/kernel/eeh.c | 1
arch/powerpc/kernel/eeh_driver.c | 48 +
arch/powerpc/kernel/eeh_pe.c | 11
arch/powerpc/kernel/pci-hotplug.c | 3
arch/sh/Makefile | 10
arch/sh/boot/compressed/Makefile | 4
arch/sh/boot/romimage/Makefile | 4
arch/um/drivers/rtc_user.c | 2
arch/x86/boot/compressed/sev.c | 7
arch/x86/boot/cpuflags.c | 13
arch/x86/hyperv/irqdomain.c | 4
arch/x86/include/asm/cpufeatures.h | 1
arch/x86/kernel/cpu/amd.c | 2
arch/x86/kernel/cpu/scattered.c | 1
arch/x86/kernel/sev-shared.c | 18
arch/x86/kernel/sev.c | 11
arch/x86/mm/extable.c | 5
drivers/base/regmap/regmap.c | 2
drivers/block/ublk_drv.c | 4
drivers/bus/fsl-mc/fsl-mc-bus.c | 19
drivers/char/hw_random/mtk-rng.c | 4
drivers/clk/clk-axi-clkgen.c | 2
drivers/clk/davinci/psc.c | 5
drivers/clk/sunxi-ng/ccu-sun8i-v3s.c | 3
drivers/clk/xilinx/xlnx_vcu.c | 4
drivers/comedi/drivers/comedi_test.c | 2
drivers/cpufreq/cpufreq.c | 21
drivers/cpufreq/intel_pstate.c | 4
drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c | 4
drivers/crypto/ccp/ccp-debugfs.c | 3
drivers/crypto/img-hash.c | 2
drivers/crypto/inside-secure/safexcel_hash.c | 8
drivers/crypto/keembay/keembay-ocs-hcu-core.c | 8
drivers/crypto/marvell/cesa/cipher.c | 4
drivers/crypto/marvell/cesa/hash.c | 5
drivers/crypto/qat/qat_common/adf_transport_debug.c | 4
drivers/devfreq/devfreq.c | 10
drivers/dma/mv_xor.c | 21
drivers/dma/nbpfaxi.c | 13
drivers/gpu/drm/amd/amdkfd/kfd_svm.c | 47 -
drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu_helper.c | 2
drivers/gpu/drm/bridge/ti-sn65dsi86.c | 2
drivers/gpu/drm/i915/display/intel_dp.c | 6
drivers/gpu/drm/rockchip/rockchip_drm_fb.c | 9
drivers/i2c/busses/i2c-qup.c | 4
drivers/i2c/busses/i2c-tegra.c | 24
drivers/i2c/busses/i2c-virtio.c | 15
drivers/iio/adc/ad7949.c | 7
drivers/infiniband/core/cache.c | 4
drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 15
drivers/infiniband/hw/mlx5/dm.c | 2
drivers/input/keyboard/gpio_keys.c | 4
drivers/interconnect/qcom/sc7280.c | 1
drivers/interconnect/qcom/sc8180x.c | 6
drivers/interconnect/qcom/sc8280xp.c | 1
drivers/irqchip/Kconfig | 1
drivers/media/v4l2-core/v4l2-ctrls-core.c | 8
drivers/mtd/ftl.c | 2
drivers/mtd/nand/raw/atmel/nand-controller.c | 2
drivers/mtd/nand/raw/atmel/pmecc.c | 6
drivers/mtd/nand/raw/rockchip-nand-controller.c | 15
drivers/net/can/dev/dev.c | 31 -
drivers/net/can/dev/netlink.c | 12
drivers/net/can/kvaser_pciefd.c | 1
drivers/net/can/usb/kvaser_usb/kvaser_usb_core.c | 1
drivers/net/can/usb/peak_usb/pcan_usb_fd.c | 17
drivers/net/ethernet/emulex/benet/be_cmds.c | 2
drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.c | 15
drivers/net/ethernet/freescale/dpaa2/dpaa2-switch.c | 15
drivers/net/ethernet/google/gve/gve_main.c | 67 +-
drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c | 36 -
drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_ptp.c | 9
drivers/net/ethernet/hisilicon/hns3/hns3vf/hclgevf_main.c | 6
drivers/net/ethernet/intel/e1000e/defines.h | 3
drivers/net/ethernet/intel/e1000e/ich8lan.c | 2
drivers/net/ethernet/intel/e1000e/nvm.c | 6
drivers/net/ethernet/intel/fm10k/fm10k.h | 3
drivers/net/ethernet/intel/i40e/i40e.h | 2
drivers/net/ethernet/intel/i40e/i40e_ethtool.c | 3
drivers/net/ethernet/intel/i40e/i40e_main.c | 18
drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 8
drivers/net/ethernet/intel/ice/ice_flex_pipe.c | 2
drivers/net/ethernet/intel/ixgbe/ixgbe.h | 3
drivers/net/ethernet/mellanox/mlx5/core/cmd.c | 4
drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 1
drivers/net/ethernet/mellanox/mlx5/core/lib/dm.c | 4
drivers/net/ethernet/mellanox/mlx5/core/main.c | 3
drivers/net/phy/mscc/mscc_ptp.c | 1
drivers/net/phy/mscc/mscc_ptp.h | 1
drivers/net/ppp/pptp.c | 18
drivers/net/usb/usbnet.c | 11
drivers/net/vrf.c | 2
drivers/net/wireless/ath/ath11k/hal.c | 4
drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c | 8
drivers/net/wireless/intel/iwlwifi/dvm/main.c | 11
drivers/net/wireless/intel/iwlwifi/mvm/ops.c | 4
drivers/net/wireless/marvell/mwl8k.c | 4
drivers/net/wireless/purelifi/plfxlc/mac.c | 11
drivers/net/wireless/purelifi/plfxlc/mac.h | 2
drivers/net/wireless/purelifi/plfxlc/usb.c | 29
drivers/net/wireless/realtek/rtl818x/rtl8187/dev.c | 3
drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c | 2
drivers/pci/controller/pcie-rockchip-host.c | 2
drivers/pci/endpoint/functions/pci-epf-vntb.c | 4
drivers/pci/hotplug/pnv_php.c | 233 +++++++
drivers/pinctrl/sunxi/pinctrl-sunxi.c | 11
drivers/platform/x86/ideapad-laptop.c | 2
drivers/power/supply/cpcap-charger.c | 5
drivers/power/supply/max14577_charger.c | 4
drivers/powercap/dtpm_cpu.c | 2
drivers/pps/pps.c | 11
drivers/regulator/core.c | 1
drivers/rtc/rtc-ds1307.c | 2
drivers/rtc/rtc-hym8563.c | 2
drivers/rtc/rtc-nct3018y.c | 2
drivers/rtc/rtc-pcf85063.c | 2
drivers/rtc/rtc-pcf8563.c | 2
drivers/rtc/rtc-rv3028.c | 2
drivers/scsi/elx/efct/efct_lio.c | 2
drivers/scsi/ibmvscsi_tgt/libsrp.c | 6
drivers/scsi/isci/request.c | 2
drivers/scsi/mpt3sas/mpt3sas_scsih.c | 3
drivers/scsi/mvsas/mv_sas.c | 4
drivers/scsi/scsi_transport_iscsi.c | 2
drivers/scsi/sd.c | 4
drivers/soc/qcom/qmi_encdec.c | 46 +
drivers/soc/tegra/cbb/tegra234-cbb.c | 2
drivers/soundwire/stream.c | 2
drivers/staging/fbtft/fbtft-core.c | 1
drivers/staging/nvec/nvec_power.c | 2
drivers/staging/vc04_services/bcm2835-audio/bcm2835-vchiq.c | 4
drivers/staging/vc04_services/include/linux/raspberrypi/vchiq.h | 2
drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c | 79 +-
drivers/staging/vc04_services/interface/vchiq_arm/vchiq_core.c | 172 ++---
drivers/staging/vc04_services/interface/vchiq_arm/vchiq_dev.c | 36 -
drivers/staging/vc04_services/vchiq-mmal/mmal-vchiq.c | 4
drivers/ufs/core/ufshcd.c | 10
drivers/usb/chipidea/ci.h | 18
drivers/usb/chipidea/udc.c | 10
drivers/usb/early/xhci-dbc.c | 4
drivers/usb/gadget/composite.c | 5
drivers/usb/host/xhci-plat.c | 2
drivers/usb/misc/apple-mfi-fastcharge.c | 24
drivers/usb/phy/phy-mxs-usb.c | 4
drivers/usb/serial/option.c | 2
drivers/usb/typec/tcpm/tcpm.c | 64 +-
drivers/vfio/pci/vfio_pci_core.c | 2
drivers/vhost/scsi.c | 4
drivers/video/fbdev/core/fbcon.c | 4
drivers/video/fbdev/imxfb.c | 9
drivers/watchdog/ziirave_wdt.c | 3
drivers/xen/gntdev-common.h | 4
drivers/xen/gntdev.c | 71 +-
fs/erofs/decompressor.c | 23
fs/erofs/dir.c | 17
fs/erofs/inode.c | 3
fs/erofs/internal.h | 2
fs/erofs/namei.c | 9
fs/erofs/zdata.c | 56 -
fs/erofs/zmap.c | 3
fs/f2fs/data.c | 2
fs/f2fs/extent_cache.c | 2
fs/f2fs/f2fs.h | 2
fs/f2fs/inode.c | 21
fs/f2fs/segment.h | 5
fs/hfsplus/extents.c | 3
fs/jfs/jfs_dmap.c | 4
fs/jfs/jfs_imap.c | 13
fs/nfs/dir.c | 4
fs/nfs/export.c | 11
fs/nfs/flexfilelayout/flexfilelayout.c | 26
fs/nfs/flexfilelayout/flexfilelayoutdev.c | 6
fs/nfs/internal.h | 9
fs/nfs/nfs4proc.c | 10
fs/nilfs2/inode.c | 9
fs/ntfs3/file.c | 5
fs/orangefs/orangefs-debugfs.c | 6
fs/proc/generic.c | 2
fs/proc/inode.c | 2
fs/proc/internal.h | 5
fs/smb/client/smbdirect.c | 14
fs/smb/server/connection.h | 1
fs/smb/server/smb2pdu.c | 22
fs/smb/server/smb_common.c | 2
fs/smb/server/transport_rdma.c | 97 +--
fs/smb/server/transport_tcp.c | 17
fs/smb/server/vfs.c | 3
include/linux/fs_context.h | 2
include/linux/moduleparam.h | 5
include/linux/pps_kernel.h | 1
include/linux/proc_fs.h | 1
include/linux/skbuff.h | 23
include/linux/usb/usbnet.h | 1
include/linux/wait_bit.h | 60 ++
include/net/tc_act/tc_ctinfo.h | 6
include/net/udp.h | 24
kernel/bpf/preload/Kconfig | 1
kernel/events/core.c | 20
kernel/kcsan/kcsan_test.c | 2
kernel/trace/preemptirq_delay_test.c | 13
kernel/ucount.c | 2
mm/hmm.c | 2
mm/kasan/report.c | 4
mm/khugepaged.c | 4
mm/zsmalloc.c | 3
net/appletalk/aarp.c | 24
net/caif/cfctrl.c | 294 ++++------
net/core/filter.c | 3
net/core/netpoll.c | 7
net/core/skmsg.c | 7
net/ipv4/tcp_input.c | 3
net/ipv6/ip6_fib.c | 24
net/ipv6/ip6_offload.c | 4
net/ipv6/ip6mr.c | 3
net/ipv6/route.c | 56 +
net/mac80211/tdls.c | 2
net/mac80211/tx.c | 14
net/netfilter/nf_tables_api.c | 4
net/netfilter/xt_nfacct.c | 4
net/packet/af_packet.c | 12
net/sched/act_ctinfo.c | 19
net/sched/sch_netem.c | 40 +
net/sched/sch_qfq.c | 7
net/tls/tls_sw.c | 13
net/vmw_vsock/af_vsock.c | 3
net/xfrm/xfrm_interface_core.c | 7
samples/mei/mei-amt-version.c | 2
scripts/kconfig/qconf.cc | 2
security/apparmor/include/match.h | 3
security/apparmor/match.c | 1
sound/pci/hda/hda_tegra.c | 51 +
sound/pci/hda/patch_ca0132.c | 5
sound/pci/hda/patch_hdmi.c | 20
sound/pci/hda/patch_realtek.c | 1
sound/soc/amd/yc/acp6x-mach.c | 7
sound/soc/intel/boards/Kconfig | 2
sound/soc/soc-dai.c | 16
sound/soc/soc-ops.c | 26
sound/usb/mixer_scarlett2.c | 7
sound/x86/intel_hdmi_audio.c | 2
tools/bpf/bpftool/net.c | 15
tools/perf/builtin-sched.c | 39 +
tools/perf/tests/bp_account.c | 1
tools/perf/util/evsel.c | 11
tools/perf/util/evsel.h | 2
tools/testing/selftests/arm64/fp/sve-ptrace.c | 2
tools/testing/selftests/ftrace/test.d/event/subsystem-enable.tc | 28
tools/testing/selftests/net/mptcp/Makefile | 3
tools/testing/selftests/net/mptcp/mptcp_connect_checksum.sh | 5
tools/testing/selftests/net/mptcp/mptcp_connect_mmap.sh | 5
tools/testing/selftests/net/mptcp/mptcp_connect_sendfile.sh | 5
tools/testing/selftests/net/rtnetlink.sh | 6
tools/testing/selftests/perf_events/.gitignore | 1
tools/testing/selftests/perf_events/Makefile | 2
tools/testing/selftests/perf_events/mmap.c | 236 ++++++++
tools/testing/selftests/syscall_user_dispatch/sud_test.c | 50 -
271 files changed, 2444 insertions(+), 1165 deletions(-)
Abdun Nihaal (2):
regmap: fix potential memory leak of regmap_bus
staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc()
Abinash Singh (1):
f2fs: fix KMSAN uninit-value in extent_info usage
Adam Ford (2):
arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed
arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed
Adam Queler (1):
ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx
Akhil R (1):
i2c: tegra: Fix reset error handling with ACPI
Albin Törnqvist (1):
arm: dts: ti: omap: Fixup pinheader typo
Alessandro Carminati (1):
regulator: core: fix NULL dereference on unbind due to stale coupling data
Alex Williamson (1):
vfio/pci: Separate SR-IOV VF dev_set
Alexander Wetzel (2):
wifi: mac80211: Do not schedule stopped TXQs
wifi: mac80211: Don't call fq_flow_idx() for management frames
Alexander Wilhelm (1):
soc: qcom: QMI encoding/decoding for big endian
Alok Tiwari (1):
staging: nvec: Fix incorrect null termination of battery manufacturer
Ammar Faizi (1):
net: usbnet: Fix the wrong netif_carrier_on() call
Andy Shevchenko (1):
mm/hmm: move pmd_to_hmm_pfn_flags() to the respective #ifdeffery
Andy Yan (1):
drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed
Annette Kobou (1):
ARM: dts: imx6ul-kontron-bl-common: Fix RTS polarity for RS485 interface
Arnd Bergmann (7):
ethernet: intel: fix building with large NR_CPUS
ASoC: Intel: fix SND_SOC_SOF dependencies
ASoC: ops: dynamically allocate struct snd_ctl_elem_value
caif: reduce stack size, again
crypto: arm/aes-neonbs - work around gcc-15 warning
kernel: trace: preemptirq_delay_test: use offstack cpu mask
irqchip: Build IMX_MU_MSI only on ARM
Balamanikandan Gunasundar (1):
mtd: rawnand: atmel: set pmecc data setup time
Bard Liao (1):
soundwire: stream: restore params when prepare ports fail
Ben Hutchings (1):
sh: Do not use hyphen in exported variable name
Benjamin Coddington (1):
NFS: Fixup allocation flags for nfsiod's __GFP_NORETRY
Brahmajit Das (1):
samples: mei: Fix building on musl libc
Brian Masney (6):
rtc: ds1307: fix incorrect maximum clock rate handling
rtc: hym8563: fix incorrect maximum clock rate handling
rtc: nct3018y: fix incorrect maximum clock rate handling
rtc: pcf85063: fix incorrect maximum clock rate handling
rtc: pcf8563: fix incorrect maximum clock rate handling
rtc: rv3028: fix incorrect maximum clock rate handling
Budimir Markovic (1):
vsock: Do not allow binding to VMADDR_PORT_ANY
Caleb Sander Mateos (1):
ublk: use vmalloc for ublk_device's __queues
Chao Yu (6):
f2fs: doc: fix wrong quota mount option description
f2fs: fix to avoid UAF in f2fs_sync_inode_meta()
f2fs: fix to avoid panic in f2fs_evict_inode
f2fs: fix to avoid out-of-boundary access in devs.path
f2fs: fix to update upper_p in __get_secs_required() correctly
f2fs: fix to calculate dirty data during has_not_enough_free_secs()
Charalampos Mitrodimas (1):
usb: misc: apple-mfi-fastcharge: Make power supply names unique
Charles Han (2):
power: supply: cpcap-charger: Fix null check for power_supply_get_by_name
power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set
Chenyuan Yang (1):
fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref
Chiara Meiohas (1):
net/mlx5: Fix memory leak in cmd_exec()
Christoph Paasch (1):
net/mlx5: Correctly set gso_segs when LRO is used
Dan Carpenter (2):
watchdog: ziirave_wdt: check record length in ziirave_firm_verify()
fs/orangefs: Allow 2 more characters in do_c_string()
Daniel Dadap (1):
ALSA: hda: Add missing NVIDIA HDA codec IDs
Daniil Dulov (1):
wifi: rtl818x: Kill URBs before clearing tx status queue
Dave Hansen (1):
x86/fpu: Delay instruction pointer fixup until after warning
David Lechner (1):
iio: adc: ad7949: use spi_is_bpw_supported()
Dawid Rezler (1):
ALSA: hda/realtek - Add mute LED support for HP Pavilion 15-eg0xxx
Denis OSTERLAND-HEIM (1):
pps: fix poll support
Dennis Chen (1):
i40e: report VF tx_dropped with tx_errors instead of tx_discards
Dmitry Antipov (1):
jfs: reject on-disk inodes of an unsupported type
Dmitry Baryshkov (2):
interconnect: qcom: sc8280xp: specify num_links for qnm_a1noc_cfg
interconnect: qcom: sc8180x: specify num_nodes
Dmitry Vyukov (1):
selftests: Fix errno checking in syscall_user_dispatch test
Douglas Anderson (1):
drm/bridge: ti-sn65dsi86: Remove extra semicolon in ti_sn_bridge_probe()
Eric Dumazet (7):
net_sched: act_ctinfo: use atomic64_t for three counters
ipv6: prevent infinite loop in rt6_nlmsg_size()
ipv6: fix possible infinite loop in fib6_info_uses_dev()
ipv6: annotate data-races around rt->fib6_nsiblings
pptp: ensure minimal skb length in pptp_xmit()
ipv6: reject malicious packets in ipv6_gso_segment()
pptp: fix pptp_xmit() error path
Eyal Birger (1):
xfrm: interface: fix use-after-free after changing collect_md xfrm interface
Fabrice Gasnier (1):
Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT
Fedor Pchelkin (2):
drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value
netfilter: nf_tables: adjust lockdep assertions handling
Finn Thain (1):
m68k: Don't unregister boot console needlessly
Florian Westphal (1):
netfilter: xt_nfacct: don't assume acct name is null-terminated
Gao Xiang (5):
erofs: get rid of debug_one_dentry()
erofs: sunset erofs_dbg()
erofs: drop z_erofs_page_mark_eio()
erofs: simplify z_erofs_transform_plain()
erofs: address D-cache aliasing
Geoffrey D. Bennett (1):
ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx()
Giovanni Cabiddu (1):
crypto: qat - fix seq_file position update in adf_ring_next()
Gokul Sivakumar (1):
wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE
Greg Kroah-Hartman (2):
Revert "vmci: Prevent the dispatching of uninitialized payloads"
Linux 6.1.148
Hans Zhang (1):
PCI: rockchip-host: Fix "Unexpected Completion" log message
Haoxiang Li (1):
ice: Fix a null pointer dereference in ice_copy_and_init_pkg()
Harry Yoo (1):
mm/zsmalloc: do not pass __GFP_MOVABLE if CONFIG_COMPACTION=n
Henry Martin (1):
clk: davinci: Add NULL check in davinci_lpsc_clk_register()
Herbert Xu (1):
crypto: marvell/cesa - Fix engine load inaccuracy
Horatiu Vultur (1):
phy: mscc: Fix parsing of unicast frames
Ian Abbott (1):
comedi: comedi_test: Fix possible deletion of uninitialized timers
Ivan Stepchenko (1):
mtd: fix possible integer overflow in erase_xfer()
Jacek Kowalski (2):
e1000e: disregard NVM checksum on tgp when valid checksum bit is not set
e1000e: ignore uninitialized checksum word on tgp
Jakub Kicinski (1):
netpoll: prevent hanging NAPI when netcons gets enabled
James Cowgill (1):
media: v4l2-ctrls: Fix H264 SEPARATE_COLOUR_PLANE check
Jamie Bainbridge (1):
i40e: When removing VF MAC filters, only check PF-set MAC
Jan Prusakowski (1):
f2fs: vm_unmap_ram() may be called from an invalid context
Jerome Brunet (1):
PCI: endpoint: pci-epf-vntb: Return -ENOENT if pci_epc_get_next_free_bar() fails
Jian Shen (2):
net: hns3: fix concurrent setting vlan filter issue
net: hns3: fixed vf get max channels bug
Jiasheng Jiang (1):
iwlwifi: Add missing check for alloc_ordered_workqueue
Jiaxun Yang (1):
MIPS: mm: tlb-r4k: Uniquify TLB entries on init
Jiayuan Chen (2):
bpf, sockmap: Fix psock incorrectly pointing to sk
bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls
Jimmy Assarsson (2):
can: kvaser_pciefd: Store device channel index
can: kvaser_usb: Assign netdev.dev_port based on device channel index
Johan Korsnes (1):
arch: powerpc: defconfig: Drop obsolete CONFIG_NET_CLS_TCINDEX
John Ernberg (1):
net: usbnet: Avoid potential RCU stall on LINK_CHANGE event
Juergen Gross (1):
xen/gntdev: remove struct gntdev_copy_batch from stack
Junxian Huang (1):
RDMA/hns: Fix -Wframe-larger-than issue
Kito Xu (veritas501) (1):
net: appletalk: Fix use-after-free in AARP proxy probe
Konrad Dybcio (2):
arm64: dts: qcom: sdm845: Expand IMEM region
arm64: dts: qcom: sc7180: Expand IMEM region
Konstantin Komarov (1):
Revert "fs/ntfs3: Replace inode_trylock with inode_lock"
Krzysztof Kozlowski (1):
ARM: dts: vfxxx: Correctly use two tuples for timer address
Kuninori Morimoto (1):
ASoC: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask()
Leo Yan (1):
perf tests bp_account: Fix leaked file descriptor
Li Lingfeng (1):
scsi: Revert "scsi: iscsi: Fix HW conn removal use after free"
Lifeng Zheng (3):
PM / devfreq: Check governor before using governor->name
cpufreq: Initialize cpufreq-based frequency-invariance later
cpufreq: Init policy->rwsem before it may be possibly used
Liu Shixin (1):
mm: khugepaged: fix call hpage_collapse_scan_file() for anonymous vma
Lizhi Xu (1):
vmci: Prevent the dispatching of uninitialized payloads
Lorenzo Stoakes (1):
selftests/perf_events: Add a mmap() correctness test
Lucas De Marchi (1):
usb: early: xhci-dbc: Fix early_ioremap leak
Ma Ke (3):
bus: fsl-mc: Fix potential double device reference in fsl_mc_get_endpoint()
dpaa2-eth: Fix device reference count leak in MAC endpoint handling
dpaa2-switch: Fix device reference count leak in MAC endpoint handling
Maciej W. Rozycki (1):
powerpc/eeh: Rely on dev->link_active_reporting
Manivannan Sadhasivam (1):
PCI: endpoint: pci-epf-vntb: Fix the incorrect usage of __iomem attribute
Maor Gottlieb (1):
RDMA/core: Rate limit GID cache warning messages
Marc Kleine-Budde (3):
can: dev: can_restart(): reverse logic to remove need for goto
can: dev: can_restart(): move debug message and stats after successful restart
can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode
Marco Elver (2):
kasan: use vmalloc_dump_obj() for vmalloc error reports
kcsan: test: Initialize dummy variable
Mark Brown (1):
kselftest/arm64: Fix check for setting new VLs in sve-ptrace
Martin Kaistra (1):
wifi: rtl8xxxu: Fix RX skb size for aggregation disabled
Masahiro Yamada (1):
kconfig: qconf: fix ConfigList::updateListAllforAll()
Matthieu Baerts (NGI0) (2):
selftests: mptcp: connect: also cover alt modes
selftests: mptcp: connect: also cover checksum
Mengbiao Xiong (1):
crypto: ccp - Fix crash when rebind ccp device for ccp.ko
Michael Grzeschik (2):
usb: typec: tcpm: allow to use sink in accessory mode
usb: typec: tcpm: allow switching to mode accessory to mux properly
Michael Zhivich (1):
x86/bugs: Fix use of possibly uninit value in amd_check_tsa_microcode()
Michal Schmidt (1):
benet: fix BUG when creating VFs
Mike Christie (1):
vhost-scsi: Fix log flooding with target does not exist errors
Mohan Kumar D (1):
ALSA: hda/tegra: Add Tegra264 support
Moon Hee Lee (1):
wifi: mac80211: reject TDLS operations when station is not associated
Murad Masimov (1):
wifi: plfxlc: Fix error handling in usb driver probe
Namhyung Kim (2):
perf sched: Fix memory leaks for evsel->priv in timehist
perf sched: Fix memory leaks in 'perf sched latency'
Namjae Jeon (4):
ksmbd: fix null pointer dereference error in generate_encryptionkey
ksmbd: fix Preauh_HashValue race condition
ksmbd: fix corrupted mtime and ctime in smb2_open
ksmbd: limit repeated connections from clients with the same IP
NeilBrown (1):
sched: Add test_and_clear_wake_up_bit() and atomic_dec_and_wake_up()
Nuno Das Neves (1):
x86/hyperv: Fix usage of cpu_online_mask to get valid cpu
Nuno Sá (1):
clk: clk-axi-clkgen: fix fpfd_max frequency for zynq
Olga Kornievskaia (1):
NFSv4.2: another fix for listxattr
Ovidiu Panait (2):
crypto: sun8i-ce - fix nents passed to dma_unmap_sg()
hwrng: mtk - handle devm_pm_runtime_enable errors
Paul Chaignon (1):
bpf: Check flow_dissector ctx accesses are aligned
Paul Kocialkowski (1):
clk: sunxi-ng: v3s: Fix de clock definition
Petr Machata (1):
net: ipv6: ip6mr: Fix in/out netdev to pass to the FORWARD chain
Petr Pavlu (1):
module: Restore the moduleparam prefix length check
Philip Yang (1):
drm/amdkfd: Don't call mmput from MMU notifier callback
Praveen Kaligineedi (1):
gve: Fix stuck TX queue for DQ queue format
Quang Le (1):
net/packet: fix a race in packet_set_ring() and packet_notifier()
RD Babiera (1):
usb: typec: tcpm: apply vbus before data bringup in tcpm_src_attach
Rafael J. Wysocki (1):
cpufreq: intel_pstate: Always use HWP_DESIRED_PERF in passive mode
Remi Pommarel (2):
wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key()
Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()"
Rohit Visavalia (1):
clk: xilinx: vcu: unregister pll_post only if registered correctly
Rong Zhang (1):
platform/x86: ideapad-laptop: Fix kbd backlight not remembered among boots
RubenKelevra (1):
fs_context: fix parameter name in infofc() macro
Ryan Lee (1):
apparmor: ensure WB_HISTORY_SIZE value is a power of 2
Ryusuke Konishi (1):
nilfs2: reject invalid file types when reading inodes
Salomon Dushimirimana (1):
scsi: sd: Make sd shutdown issue START STOP UNIT appropriately
Sergey Senozhatsky (1):
wifi: ath11k: clear initialized flag for deinit-ed srng lists
Seunghui Lee (1):
scsi: ufs: core: Use link recovery when h8 exit fails during runtime resume
Seungjin Bae (1):
usb: host: xhci-plat: fix incorrect type for of_match variable in xhci_plat_probe()
Shixiong Ou (1):
fbcon: Fix outdated registered_fb reference in comment
Sivan Zohar-Kotzer (1):
powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw()
Slark Xiao (1):
USB: serial: option: add Foxconn T99W709
Stanislav Fomichev (1):
vrf: Drop existing dst reference in vrf_ip6_input_dst
Stav Aviram (1):
net/mlx5: Check device memory pointer before usage
Stefan Metzmacher (5):
smb: server: remove separate empty_recvmsg_queue
smb: server: make sure we call ib_dma_unmap_single() only if we called ib_dma_map_single already
smb: server: let recv_done() consistently call put_recvmsg/smb_direct_disconnect_rdma_connection
smb: server: let recv_done() avoid touching data_transfer after cleanup/move
smb: client: let recv_done() cleanup before notifying the callers.
Stefan Wahren (1):
staging: vchiq_arm: Make vchiq_shutdown never fail
Stephane Grosjean (1):
can: peak_usb: fix USB FD devices potential malfunction
Steven Rostedt (1):
selftests/tracing: Fix false failure of subsystem event test
Sumit Gupta (1):
soc/tegra: cbb: Clear ERR_FORCE register with ERR_STATUS
Takashi Iwai (1):
ALSA: hda/ca0132: Fix missing error handling in ca0132_alt_select_out()
Tao Xue (1):
usb: gadget : fix use-after-free in composite_dev_cleanup()
Thomas Fourier (12):
mwl8k: Add missing check after DMA map
crypto: inside-secure - Fix `dma_unmap_sg()` nents value
scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value
scsi: elx: efct: Fix dma_unmap_sg() nents value
scsi: mvsas: Fix dma_unmap_sg() nents value
scsi: isci: Fix dma_unmap_sg() nents value
crypto: keembay - Fix dma_unmap_sg() nents value
crypto: img-hash - Fix dma_unmap_sg() nents value
dmaengine: mv_xor: Fix missing check after DMA map and missing unmap
dmaengine: nbpfaxi: Add missing check after DMA map
mtd: rawnand: atmel: Fix dma_mapping_error() address
mtd: rawnand: rockchip: Add missing check after DMA map
Thomas Gleixner (3):
perf/core: Don't leak AUX buffer refcount on allocation failure
perf/core: Exit early on perf_mmap() fail
perf/core: Prevent VMA split of buffer mappings
Thomas Weißschuh (1):
bpf/preload: Don't select USERMODE_DRIVER
Thorsten Blum (2):
smb: server: Fix extension string in ksmbd_extract_shortname()
ALSA: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe()
Tigran Mkrtchyan (1):
pNFS/flexfiles: don't attempt pnfs on fatal DS errors
Timothy Pearson (5):
PCI: pnv_php: Clean up allocated IRQs on unplug
PCI: pnv_php: Work around switches with broken presence detection
powerpc/eeh: Export eeh_unfreeze_pe()
powerpc/eeh: Make EEH driver device hotplug safe
PCI: pnv_php: Fix surprise plug detection and recovery
Tiwei Bie (1):
um: rtc: Avoid shadowing err in uml_rtc_start()
Tom Lendacky (1):
x86/sev: Evict cache lines during SNP memory validation
Tomas Henzl (1):
scsi: mpt3sas: Fix a fw_event memory leak
Trond Myklebust (2):
NFS: Fix wakeup of __nfs_lookup_revalidate() in unblock_revalidate()
NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()
Umang Jain (3):
staging: vc04_services: Drop VCHIQ_SUCCESS usage
staging: vc04_services: Drop VCHIQ_ERROR usage
staging: vc04_services: Drop VCHIQ_RETRY usage
Uros Bizjak (1):
ucount: fix atomic_long_inc_below() argument type
Ville Syrjälä (1):
drm/i915/dp: Fix 2.7 Gbps DP_LINK_BW value on g4x
Viresh Kumar (1):
i2c: virtio: Avoid hang by using interruptible completion wait
Wang Liang (1):
net: drop UFO packets in udp_rcv_segment()
William Liu (1):
net/sched: Restrict conditions for adding duplicating netems to qdisc tree
Xiang Mei (1):
net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class
Xilin Wu (1):
interconnect: qcom: sc7280: Add missing num_links to xm_pcie3_1 node
Xiu Jianfeng (1):
wifi: iwlwifi: Fix memory leak in iwl_mvm_init()
Xiumei Mu (1):
selftests: rtnetlink.sh: remove esp4_offload after test
Xu Yang (2):
usb: chipidea: add USB PHY event
usb: phy: mxs: disconnect line when USB charger is attached
Yajun Deng (1):
i40e: Add rx_missed_errors for buffer exhaustion
Yang Xiwen (1):
i2c: qup: jump out of the loop in case of timeout
Yangtao Li (1):
hfsplus: remove mutex_lock check in hfsplus_free_extents
Yonglong Liu (1):
net: hns3: disable interrupt when ptp init failed
Yuan Chen (2):
bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure
pinctrl: sunxi: Fix memory leak on krealloc failure
Zheng Yu (1):
jfs: fix metapage reference count leak in dbAllocCtl
wangzijie (1):
proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al
xin.guo (1):
tcp: fix tcp_ofo_queue() to avoid including too much DUP SACK range
1 month
- 1
- 1
[REGRESSION] 5.15.181 -> 5.15.189: kernel oops in drr_qlen_notify
by Thomas Jarosch
Hi,
I'm seeing a reproducible kernel oops on my home router updating from 5.15.181 to 5.15.189:
kernel BUG at lib/list_debug.c:50!
invalid opcode: 0000 [#1] SMP NOPTI
..
Call Trace:
<TASK>
drr_qlen_notify+0x11/0x50 [sch_drr]
qdisc_tree_reduce_backlog+0x93/0xf0
drr_graft_class+0x109/0x220 [sch_drr]
qdisc_graft+0xdd/0x510
? qdisc_create+0x335/0x510
tc_modify_qdisc+0x53f/0x9d0
rtnetlink_rcv_msg+0x134/0x370
? __getblk_gfp+0x22/0x230
? rtnl_calcit.isra.38+0x130/0x130
netlink_rcv_skb+0x4f/0x100
rtnetlink_rcv+0x10/0x20
netlink_unicast+0x1d2/0x2a0
netlink_sendmsg+0x22a/0x480
? netlink_broadcast+0x20/0x20
____sys_sendmsg+0x25f/0x280
? copy_msghdr_from_user+0x5b/0x90
___sys_sendmsg+0x77/0xc0
? __sys_recvmsg+0x5a/0xb0
? do_filp_open+0xc3/0x120
__sys_sendmsg+0x5d/0xb0
__x64_sys_sendmsg+0x1a/0x20
x64_sys_call+0x17f1/0x1c80
do_syscall_64+0x53/0x80
? exit_to_user_mode_prepare+0x2c/0x140
? irqentry_exit_to_user_mode+0xe/0x20
? irqentry_exit+0x1d/0x30
? exc_page_fault+0x1e7/0x610
? do_syscall_64+0x5f/0x80
entry_SYSCALL_64_after_hwframe+0x6c/0xd6
..
RIP: 0010:__list_del_entry_valid.cold.1+0xf/0x69
syzbot reported a similar looking thing here:
[v5.15] BUG: unable to handle kernel paging request in drr_qlen_notify
https://groups.google.com/g/syzkaller-lts-bugs/c/_QJHiMHwfRw/m/2j1nSU1hBgAJ
and here:
"[syzbot] [net?] general protection fault in drr_qlen_notify"
https://www.spinics.net/lists/netdev/msg1105420.html
syzboot bisected it to:
****************************************
commit e269f29e9395527bc00c213c6b15da04ebb35070
Refs: v5.15.186-114-ge269f29e9395
Author: Lion Ackermann <nnamrec(a)gmail.com>
AuthorDate: Mon Jun 30 15:27:30 2025 +0200
Commit: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
CommitDate: Thu Jul 10 15:57:46 2025 +0200
net/sched: Always pass notifications when child class becomes empty
[ Upstream commit 103406b38c600fec1fe375a77b27d87e314aea09 ]
****************************************
The last line of the commit message mentions:
"This is not a problem after the recent patch series
that made all the classful qdiscs qlen_notify() handlers idempotent."
It looks like the "idempotent" patches are missing from the 5.15 stable series.
Like this one:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/n…
I've tried Ubuntu's backport for 5.15:
https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/jammy/co…
It seems to be identical to:
https://lore.kernel.org/stable/bcf9c70e9cf750363782816c21c69792f6c81cd9.175…
While the kernel didn't oops anymore with the patch applied, the network traffic behaves erratic:
TCP traffic works, ICMP seems "stuck". tcpdump showed no icmp traffic on the ppp device.
Tomorrow I will try if I can reproduce the issue on a test VM.
Anything else I should try?
Thanks in advance,
Thomas
1 month
- 1
- 1
[PATCH V4] init: Handle bootloader identifier in kernel parameters
by Huacai Chen
BootLoader (Grub, LILO, etc) may pass an identifier such as "BOOT_IMAGE=
/boot/vmlinuz-x.y.z" to kernel parameters. But these identifiers are not
recognized by the kernel itself so will be passed to user space. However
user space init program also doesn't recognized it.
KEXEC/KDUMP (kexec-tools) may also pass an identifier such as "kexec" on
some architectures.
We cannot change BootLoader's behavior, because this behavior exists for
many years, and there are already user space programs search BOOT_IMAGE=
in /proc/cmdline to obtain the kernel image locations:
https://github.com/linuxdeepin/deepin-ab-recovery/blob/master/util.go
(search getBootOptions)
https://github.com/linuxdeepin/deepin-ab-recovery/blob/master/main.go
(search getKernelReleaseWithBootOption)
So the the best way is handle (ignore) it by the kernel itself, which
can avoid such boot warnings (if we use something like init=/bin/bash,
bootloader identifier can even cause a crash):
Kernel command line: BOOT_IMAGE=(hd0,1)/vmlinuz-6.x root=/dev/sda3 ro console=tty
Unknown kernel command line parameters "BOOT_IMAGE=(hd0,1)/vmlinuz-6.x", will be passed to user space.
Cc: stable(a)vger.kernel.org
Signed-off-by: Huacai Chen <chenhuacai(a)loongson.cn>
---
V2: Update comments and commit messages.
V3: Document bootloader identifiers.
V4: Use strstarts() instead of strncmp().
init/main.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/init/main.c b/init/main.c
index 0ee0ee7b7c2c..9b5150166bcf 100644
--- a/init/main.c
+++ b/init/main.c
@@ -544,6 +544,12 @@ static int __init unknown_bootoption(char *param, char *val,
const char *unused, void *arg)
{
size_t len = strlen(param);
+ /*
+ * Well-known bootloader identifiers:
+ * 1. LILO/Grub pass "BOOT_IMAGE=...";
+ * 2. kexec/kdump (kexec-tools) pass "kexec".
+ */
+ const char *bootloader[] = { "BOOT_IMAGE=", "kexec", NULL };
/* Handle params aliased to sysctls */
if (sysctl_is_alias(param))
@@ -551,6 +557,12 @@ static int __init unknown_bootoption(char *param, char *val,
repair_env_string(param, val);
+ /* Handle bootloader identifier */
+ for (int i = 0; bootloader[i]; i++) {
+ if (strstarts(param, bootloader[i]))
+ return 0;
+ }
+
/* Handle obsolete-style parameters */
if (obsolete_checksetup(param))
return 0;
--
2.47.3
1 month
- 1
- 0
[PATCH V3] init: Handle bootloader identifier in kernel parameters
by Huacai Chen
BootLoader (Grub, LILO, etc) may pass an identifier such as "BOOT_IMAGE=
/boot/vmlinuz-x.y.z" to kernel parameters. But these identifiers are not
recognized by the kernel itself so will be passed to user space. However
user space init program also doesn't recognized it.
KEXEC/KDUMP (kexec-tools) may also pass an identifier such as "kexec" on
some architectures.
We cannot change BootLoader's behavior, because this behavior exists for
many years, and there are already user space programs search BOOT_IMAGE=
in /proc/cmdline to obtain the kernel image locations:
https://github.com/linuxdeepin/deepin-ab-recovery/blob/master/util.go
(search getBootOptions)
https://github.com/linuxdeepin/deepin-ab-recovery/blob/master/main.go
(search getKernelReleaseWithBootOption)
So the the best way is handle (ignore) it by the kernel itself, which
can avoid such boot warnings (if we use something like init=/bin/bash,
bootloader identifier can even cause a crash):
Kernel command line: BOOT_IMAGE=(hd0,1)/vmlinuz-6.x root=/dev/sda3 ro console=tty
Unknown kernel command line parameters "BOOT_IMAGE=(hd0,1)/vmlinuz-6.x", will be passed to user space.
Cc: stable(a)vger.kernel.org
Signed-off-by: Huacai Chen <chenhuacai(a)loongson.cn>
---
V2: Update comments and commit messages.
V3: Document bootloader identifiers.
init/main.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/init/main.c b/init/main.c
index 225a58279acd..b25e7da5347a 100644
--- a/init/main.c
+++ b/init/main.c
@@ -545,6 +545,12 @@ static int __init unknown_bootoption(char *param, char *val,
const char *unused, void *arg)
{
size_t len = strlen(param);
+ /*
+ * Well-known bootloader identifiers:
+ * 1. LILO/Grub pass "BOOT_IMAGE=...";
+ * 2. kexec/kdump (kexec-tools) pass "kexec".
+ */
+ const char *bootloader[] = { "BOOT_IMAGE=", "kexec", NULL };
/* Handle params aliased to sysctls */
if (sysctl_is_alias(param))
@@ -552,6 +558,12 @@ static int __init unknown_bootoption(char *param, char *val,
repair_env_string(param, val);
+ /* Handle bootloader identifier */
+ for (int i = 0; bootloader[i]; i++) {
+ if (!strncmp(param, bootloader[i], strlen(bootloader[i])))
+ return 0;
+ }
+
/* Handle obsolete-style parameters */
if (obsolete_checksetup(param))
return 0;
--
2.47.3
1 month
- 3
- 3
[PATCH 6.12 000/369] 6.12.42-rc1 review
by Greg Kroah-Hartman
This is the start of the stable review cycle for the 6.12.42 release.
There are 369 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Thu, 14 Aug 2025 17:27:11 +0000.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.12.42-rc…
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.12.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Linux 6.12.42-rc1
Tao Xue <xuetao09(a)huawei.com>
usb: gadget : fix use-after-free in composite_dev_cleanup()
Yuhao Jiang <danisjiang(a)gmail.com>
USB: gadget: f_hid: Fix memory leak in hidg_bind error path
Qasim Ijaz <qasdev00(a)gmail.com>
HID: apple: validate feature-report field count to prevent NULL pointer dereference
Julien Massot <julien.massot(a)collabora.com>
media: ti: j721e-csi2rx: fix list_del corruption
Robin Murphy <robin.murphy(a)arm.com>
perf/arm-ni: Set initial IRQ affinity
Kemeng Shi <shikemeng(a)huaweicloud.com>
mm: swap: fix potential buffer overflow in setup_clusters()
Kemeng Shi <shikemeng(a)huaweicloud.com>
mm: swap: correctly use maxpages in swapon syscall to avoid potential deadloop
Andy Shevchenko <andriy.shevchenko(a)linux.intel.com>
mm/hmm: move pmd_to_hmm_pfn_flags() to the respective #ifdeffery
Jiaxun Yang <jiaxun.yang(a)flygoat.com>
MIPS: mm: tlb-r4k: Uniquify TLB entries on init
Gerald Schaefer <gerald.schaefer(a)linux.ibm.com>
s390/mm: Remove possible false-positive warning in pte_free_defer()
Dave Hansen <dave.hansen(a)linux.intel.com>
x86/fpu: Delay instruction pointer fixup until after warning
Michael J. Ruhl <michael.j.ruhl(a)intel.com>
platform/x86/intel/pmt: fix a crashlog NULL pointer access
Edip Hazuri <edip(a)medip.dev>
ALSA: hda/realtek - Fix mute LED for HP Victus 16-d1xxx (MB 8A26)
Edip Hazuri <edip(a)medip.dev>
ALSA: hda/realtek - Fix mute LED for HP Victus 16-s0xxx
Edip Hazuri <edip(a)medip.dev>
ALSA: hda/realtek - Fix mute LED for HP Victus 16-r1xxx
Geoffrey D. Bennett <g(a)b4.vu>
ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx()
Thorsten Blum <thorsten.blum(a)linux.dev>
ALSA: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe()
Tom Lendacky <thomas.lendacky(a)amd.com>
x86/sev: Evict cache lines during SNP memory validation
Ammar Faizi <ammarfaizi2(a)gnuweeb.org>
net: usbnet: Fix the wrong netif_carrier_on() call
John Ernberg <john.ernberg(a)actia.se>
net: usbnet: Avoid potential RCU stall on LINK_CHANGE event
Zenm Chen <zenmchen(a)gmail.com>
Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano
Ilpo Järvinen <ilpo.jarvinen(a)linux.intel.com>
PCI/ASPM: Fix L1SS saving
Jian-Hong Pan <jhp(a)endlessos.org>
PCI/ASPM: Save parent L1SS config in pci_save_aspm_l1ss_state()
Slark Xiao <slark_xiao(a)163.com>
USB: serial: option: add Foxconn T99W709
Thorsten Blum <thorsten.blum(a)linux.dev>
smb: server: Fix extension string in ksmbd_extract_shortname()
Namjae Jeon <linkinjeon(a)kernel.org>
ksmbd: limit repeated connections from clients with the same IP
Namjae Jeon <linkinjeon(a)kernel.org>
ksmbd: fix corrupted mtime and ctime in smb2_open
Namjae Jeon <linkinjeon(a)kernel.org>
ksmbd: fix Preauh_HashValue race condition
Namjae Jeon <linkinjeon(a)kernel.org>
ksmbd: fix null pointer dereference error in generate_encryptionkey
Jani Nikula <jani.nikula(a)intel.com>
drm/i915/ddi: only call shutdown hooks for valid encoders
Jani Nikula <jani.nikula(a)intel.com>
drm/i915/display: add intel_encoder_is_hdmi()
Jani Nikula <jani.nikula(a)intel.com>
drm/i915/ddi: gracefully handle errors from intel_ddi_init_hdmi_connector()
Jani Nikula <jani.nikula(a)intel.com>
drm/i915/hdmi: add error handling in g4x_hdmi_init()
Jani Nikula <jani.nikula(a)intel.com>
drm/i915/hdmi: propagate errors from intel_hdmi_init_connector()
Jani Nikula <jani.nikula(a)intel.com>
drm/i915/ddi: change intel_ddi_init_{dp, hdmi}_connector() return type
Alexei Starovoitov <ast(a)kernel.org>
selftests/bpf: Fix build error with llvm 19
Alexei Starovoitov <ast(a)kernel.org>
selftests/bpf: Add a test for arena range tree algorithm
Anton Nadezhdin <anton.nadezhdin(a)intel.com>
ice/ptp: fix crosstimestamp reporting
Kuan-Wei Chiu <visitorckw(a)gmail.com>
Revert "bcache: remove heap-related macros and switch to generic min_heap"
Andrzej Kacprowski <Andrzej.Kacprowski(a)intel.com>
accel/ivpu: Fix reset_engine debugfs file logic
Budimir Markovic <markovicbudimir(a)gmail.com>
vsock: Do not allow binding to VMADDR_PORT_ANY
Quang Le <quanglex97(a)gmail.com>
net/packet: fix a race in packet_set_ring() and packet_notifier()
Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com>
selftests/perf_events: Add a mmap() correctness test
Thomas Gleixner <tglx(a)linutronix.de>
perf/core: Prevent VMA split of buffer mappings
Thomas Gleixner <tglx(a)linutronix.de>
perf/core: Exit early on perf_mmap() fail
Thomas Gleixner <tglx(a)linutronix.de>
perf/core: Don't leak AUX buffer refcount on allocation failure
Olga Kornievskaia <okorniev(a)redhat.com>
sunrpc: fix handling of server side tls alerts
Stefan Metzmacher <metze(a)samba.org>
smb: client: return an error if rdma_connect does not return within 5 seconds
Eric Dumazet <edumazet(a)google.com>
pptp: fix pptp_xmit() error path
Mohamed Khalfella <mkhalfella(a)purestorage.com>
nvmet: exit debugfs after discovery subsystem exits
Stefan Metzmacher <metze(a)samba.org>
smb: client: let recv_done() avoid touching data_transfer after cleanup/move
Stefan Metzmacher <metze(a)samba.org>
smb: client: let recv_done() cleanup before notifying the callers.
Stefan Metzmacher <metze(a)samba.org>
smb: client: make sure we call ib_dma_unmap_single() only if we called ib_dma_map_single already
Stefan Metzmacher <metze(a)samba.org>
smb: client: remove separate empty_packet_queue
Stefan Metzmacher <metze(a)samba.org>
smb: client: let send_done() cleanup before calling smbd_disconnect_rdma_connection()
Stefan Metzmacher <metze(a)samba.org>
smb: server: let recv_done() avoid touching data_transfer after cleanup/move
Stefan Metzmacher <metze(a)samba.org>
smb: server: let recv_done() consistently call put_recvmsg/smb_direct_disconnect_rdma_connection
Stefan Metzmacher <metze(a)samba.org>
smb: server: make sure we call ib_dma_unmap_single() only if we called ib_dma_map_single already
Stefan Metzmacher <metze(a)samba.org>
smb: server: remove separate empty_recvmsg_queue
Takashi Iwai <tiwai(a)suse.de>
ALSA: hda/ca0132: Fix missing error handling in ca0132_alt_select_out()
Arnd Bergmann <arnd(a)arndb.de>
irqchip: Build IMX_MU_MSI only on ARM
Jakub Kicinski <kuba(a)kernel.org>
eth: fbnic: remove the debugging trick of super high page bias
Sumanth Korikkar <sumanthk(a)linux.ibm.com>
s390/mm: Allocate page table with PAGE_SIZE granularity
Maher Azzouzi <maherazz04(a)gmail.com>
net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing
Michal Schmidt <mschmidt(a)redhat.com>
benet: fix BUG when creating VFs
Thomas Gleixner <tglx(a)linutronix.de>
x86/irq: Plug vector setup race
Olga Kornievskaia <okorniev(a)redhat.com>
sunrpc: fix client side handling of tls alerts
Takamitsu Iwai <takamitz(a)amazon.co.jp>
net/sched: taprio: enforce minimum value for picos_per_byte
Wang Liang <wangliang74(a)huawei.com>
net: drop UFO packets in udp_rcv_segment()
Florian Fainelli <florian.fainelli(a)broadcom.com>
net: mdio: mdio-bcm-unimac: Correct rate fallback logic
Eric Dumazet <edumazet(a)google.com>
ipv6: reject malicious packets in ipv6_gso_segment()
Christoph Paasch <cpaasch(a)openai.com>
net/mlx5: Correctly set gso_segs when LRO is used
Simon Trimmer <simont(a)opensource.cirrus.com>
spi: cs42l43: Property entry should be a null-terminated array
Baojun Xu <baojun.xu(a)ti.com>
ASoC: tas2781: Fix the wrong step for TLV on tas2781
Christoph Hellwig <hch(a)lst.de>
block: ensure discard_granularity is zero when discard is not supported
Guenter Roeck <linux(a)roeck-us.net>
block: Fix default IO priority if there is no IO context
Jakub Kicinski <kuba(a)kernel.org>
netlink: specs: ethtool: fix module EEPROM input/output arguments
Harald Freudenberger <freude(a)linux.ibm.com>
s390/ap: Unmask SLCF bit in card and queue ap functions sysfs
Mohamed Khalfella <mkhalfella(a)purestorage.com>
nvmet: initialize discovery subsys after debugfs is initialized
Eric Dumazet <edumazet(a)google.com>
pptp: ensure minimal skb length in pptp_xmit()
Luca Weiss <luca.weiss(a)fairphone.com>
net: ipa: add IPA v5.1 and v5.5 to ipa_version_string()
Horatiu Vultur <horatiu.vultur(a)microchip.com>
phy: mscc: Fix parsing of unicast frames
Jakub Kicinski <kuba(a)kernel.org>
netpoll: prevent hanging NAPI when netcons gets enabled
Heming Zhao <heming.zhao(a)suse.com>
md/md-cluster: handle REMOVE message earlier
Benjamin Coddington <bcodding(a)redhat.com>
NFS: Fixup allocation flags for nfsiod's __GFP_NORETRY
Olga Kornievskaia <okorniev(a)redhat.com>
NFSv4.2: another fix for listxattr
Trond Myklebust <trond.myklebust(a)hammerspace.com>
NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()
Trond Myklebust <trond.myklebust(a)hammerspace.com>
NFS: Fix wakeup of __nfs_lookup_revalidate() in unblock_revalidate()
NeilBrown <neilb(a)suse.de>
sched: Add test_and_clear_wake_up_bit() and atomic_dec_and_wake_up()
Tigran Mkrtchyan <tigran.mkrtchyan(a)desy.de>
pNFS/flexfiles: don't attempt pnfs on fatal DS errors
Timothy Pearson <tpearson(a)raptorengineering.com>
PCI: pnv_php: Fix surprise plug detection and recovery
Timothy Pearson <tpearson(a)raptorengineering.com>
powerpc/eeh: Make EEH driver device hotplug safe
Timothy Pearson <tpearson(a)raptorengineering.com>
powerpc/eeh: Export eeh_unfreeze_pe()
Timothy Pearson <tpearson(a)raptorengineering.com>
PCI: pnv_php: Work around switches with broken presence detection
Timothy Pearson <tpearson(a)raptorengineering.com>
PCI: pnv_php: Clean up allocated IRQs on unplug
Peter Zijlstra <peterz(a)infradead.org>
sched/psi: Fix psi_seq initialization
Masahiro Yamada <masahiroy(a)kernel.org>
kconfig: qconf: fix ConfigList::updateListAllforAll()
Salomon Dushimirimana <salomondush(a)google.com>
scsi: sd: Make sd shutdown issue START STOP UNIT appropriately
Seunghui Lee <sh043.lee(a)samsung.com>
scsi: ufs: core: Use link recovery when h8 exit fails during runtime resume
Li Lingfeng <lilingfeng3(a)huawei.com>
scsi: Revert "scsi: iscsi: Fix HW conn removal use after free"
Tomas Henzl <thenzl(a)redhat.com>
scsi: mpt3sas: Fix a fw_event memory leak
Alex Williamson <alex.williamson(a)redhat.com>
vfio/pci: Separate SR-IOV VF dev_set
Brett Creeley <brett.creeley(a)amd.com>
vfio/pds: Fix missing detach_ioas op
Jacob Pan <jacob.pan(a)linux.microsoft.com>
vfio: Prevent open_count decrement to negative
Jacob Pan <jacob.pan(a)linux.microsoft.com>
vfio: Fix unbalanced vfio_df_close call in no-iommu mode
Christophe JAILLET <christophe.jaillet(a)wanadoo.fr>
i2c: muxes: mule: Fix an error handling path in mule_i2c_mux_probe()
Zhengxu Zhang <zhengxu.zhang(a)unisoc.com>
exfat: fdatasync flag should be same like generic_write_sync()
Chao Yu <chao(a)kernel.org>
f2fs: fix to trigger foreground gc during f2fs_map_blocks() in lfs mode
Chao Yu <chao(a)kernel.org>
f2fs: fix to calculate dirty data during has_not_enough_free_secs()
Chao Yu <chao(a)kernel.org>
f2fs: fix to update upper_p in __get_secs_required() correctly
Jan Prusakowski <jprusakowski(a)google.com>
f2fs: vm_unmap_ram() may be called from an invalid context
Chao Yu <chao(a)kernel.org>
f2fs: fix to avoid out-of-boundary access in devs.path
Chao Yu <chao(a)kernel.org>
f2fs: fix to avoid panic in f2fs_evict_inode
Chao Yu <chao(a)kernel.org>
f2fs: fix to avoid UAF in f2fs_sync_inode_meta()
Chao Yu <chao(a)kernel.org>
f2fs: doc: fix wrong quota mount option description
Chao Yu <chao(a)kernel.org>
f2fs: fix to check upper boundary for gc_no_zoned_gc_percent
Chao Yu <chao(a)kernel.org>
f2fs: fix to check upper boundary for gc_valid_thresh_ratio
yohan.joung <yohan.joung(a)sk.com>
f2fs: fix to check upper boundary for value of gc_boost_zoned_gc_percent
Abinash Singh <abinashlalotra(a)gmail.com>
f2fs: fix KMSAN uninit-value in extent_info usage
Sheng Yong <shengyong1(a)xiaomi.com>
f2fs: fix bio memleak when committing super block
Daeho Jeong <daehojeong(a)google.com>
f2fs: turn off one_time when forcibly set to foreground GC
Brian Masney <bmasney(a)redhat.com>
rtc: rv3028: fix incorrect maximum clock rate handling
Brian Masney <bmasney(a)redhat.com>
rtc: pcf8563: fix incorrect maximum clock rate handling
Brian Masney <bmasney(a)redhat.com>
rtc: pcf85063: fix incorrect maximum clock rate handling
Brian Masney <bmasney(a)redhat.com>
rtc: nct3018y: fix incorrect maximum clock rate handling
Brian Masney <bmasney(a)redhat.com>
rtc: hym8563: fix incorrect maximum clock rate handling
Brian Masney <bmasney(a)redhat.com>
rtc: ds1307: fix incorrect maximum clock rate handling
Uros Bizjak <ubizjak(a)gmail.com>
ucount: fix atomic_long_inc_below() argument type
Petr Pavlu <petr.pavlu(a)suse.com>
module: Restore the moduleparam prefix length check
Helge Deller <deller(a)gmx.de>
apparmor: Fix unaligned memory accesses in KUnit test
Ryan Lee <ryan.lee(a)canonical.com>
apparmor: fix loop detection used in conflicting attachment resolution
Ryan Lee <ryan.lee(a)canonical.com>
apparmor: ensure WB_HISTORY_SIZE value is a power of 2
Paul Chaignon <paul.chaignon(a)gmail.com>
bpf: Check netfilter ctx accesses are aligned
Paul Chaignon <paul.chaignon(a)gmail.com>
bpf: Check flow_dissector ctx accesses are aligned
Cindy Lu <lulu(a)redhat.com>
vhost: Reintroduce kthread API and add mode selection
Anders Roxell <anders.roxell(a)linaro.org>
vdpa: Fix IDR memory leak in VDUSE module exit
Dragos Tatulea <dtatulea(a)nvidia.com>
vdpa/mlx5: Fix release of uninitialized resources on error path
Mike Christie <michael.christie(a)oracle.com>
vhost-scsi: Fix log flooding with target does not exist errors
Dragos Tatulea <dtatulea(a)nvidia.com>
vdpa/mlx5: Fix needs_teardown flag calculation
Namhyung Kim <namhyung(a)kernel.org>
perf record: Cache build-ID of hit DSOs only
WangYuli <wangyuli(a)uniontech.com>
selftests: ALSA: fix memory leak in utimer test
Lukasz Laguna <lukasz.laguna(a)intel.com>
drm/xe/vf: Disable CSC support on VF
Balamanikandan Gunasundar <balamanikandan.gunasundar(a)microchip.com>
mtd: rawnand: atmel: set pmecc data setup time
Thomas Fourier <fourier.thomas(a)gmail.com>
mtd: rawnand: rockchip: Add missing check after DMA map
Thomas Fourier <fourier.thomas(a)gmail.com>
mtd: rawnand: atmel: Fix dma_mapping_error() address
Zheng Yu <zheng.yu(a)northwestern.edu>
jfs: fix metapage reference count leak in dbAllocCtl
Chenyuan Yang <chenyuan0y(a)gmail.com>
fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref
Giovanni Cabiddu <giovanni.cabiddu(a)intel.com>
crypto: qat - fix seq_file position update in adf_ring_next()
Giovanni Cabiddu <giovanni.cabiddu(a)intel.com>
crypto: qat - fix DMA direction for compression on GEN2 devices
Chen Pei <cp0613(a)linux.alibaba.com>
perf tools: Remove libtraceevent in .gitignore
Ben Hutchings <benh(a)debian.org>
sh: Do not use hyphen in exported variable name
Shengjiu Wang <shengjiu.wang(a)nxp.com>
ASoC: fsl_xcvr: get channel status data when PHY is not exists
Thomas Fourier <fourier.thomas(a)gmail.com>
dmaengine: nbpfaxi: Add missing check after DMA map
Thomas Fourier <fourier.thomas(a)gmail.com>
dmaengine: mv_xor: Fix missing check after DMA map and missing unmap
Dan Carpenter <dan.carpenter(a)linaro.org>
fs/orangefs: Allow 2 more characters in do_c_string()
Tanmay Shah <tanmay.shah(a)amd.com>
remoteproc: xlnx: Disable unsupported features
Laurentiu Palcu <laurentiu.palcu(a)oss.nxp.com>
clk: imx95-blk-ctl: Fix synchronous abort
Manivannan Sadhasivam <mani(a)kernel.org>
PCI: endpoint: pci-epf-vntb: Fix the incorrect usage of __iomem attribute
Bard Liao <yung-chuan.liao(a)linux.intel.com>
soundwire: stream: restore params when prepare ports fail
Bairavi Alagappan <bairavix.alagappan(a)intel.com>
crypto: qat - disable ZUC-256 capability for QAT GEN5
Thomas Fourier <fourier.thomas(a)gmail.com>
crypto: img-hash - Fix dma_unmap_sg() nents value
Thomas Fourier <fourier.thomas(a)gmail.com>
crypto: keembay - Fix dma_unmap_sg() nents value
Ovidiu Panait <ovidiu.panait.oss(a)gmail.com>
hwrng: mtk - handle devm_pm_runtime_enable errors
Varshini Rajendran <varshini.rajendran(a)microchip.com>
clk: at91: sam9x7: update pll clk ranges
Jan Kara <jack(a)suse.cz>
ext4: Make sure BH_New bit is cleared in ->write_end handler
Dan Carpenter <dan.carpenter(a)linaro.org>
watchdog: ziirave_wdt: check record length in ziirave_firm_verify()
Thomas Fourier <fourier.thomas(a)gmail.com>
scsi: isci: Fix dma_unmap_sg() nents value
Thomas Fourier <fourier.thomas(a)gmail.com>
scsi: mvsas: Fix dma_unmap_sg() nents value
Thomas Fourier <fourier.thomas(a)gmail.com>
scsi: elx: efct: Fix dma_unmap_sg() nents value
Thomas Fourier <fourier.thomas(a)gmail.com>
scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value
Paul Kocialkowski <paulk(a)sys-base.io>
clk: sunxi-ng: v3s: Fix de clock definition
Yao Zi <ziyao(a)disroot.org>
clk: thead: th1520-ap: Correctly refer the parent of osc_12m
Shiraz Saleem <shirazsaleem(a)microsoft.com>
RDMA/mana_ib: Fix DSCP value in modify QP
Leo Yan <leo.yan(a)arm.com>
perf tests bp_account: Fix leaked file descriptor
Mukesh Ojha <mukesh.ojha(a)oss.qualcomm.com>
pinmux: fix race causing mux_owner NULL with active mux_usecount
wangzijie <wangzijie1(a)honor.com>
proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al
Arnd Bergmann <arnd(a)arndb.de>
kernel: trace: preemptirq_delay_test: use offstack cpu mask
Junxian Huang <huangjunxian6(a)hisilicon.com>
RDMA/hns: Fix -Wframe-larger-than issue
Junxian Huang <huangjunxian6(a)hisilicon.com>
RDMA/hns: Drop GFP_NOWARN
Junxian Huang <huangjunxian6(a)hisilicon.com>
RDMA/hns: Fix accessing uninitialized resources
Junxian Huang <huangjunxian6(a)hisilicon.com>
RDMA/hns: Get message length of ack_req from FW
Mengbiao Xiong <xisme1998(a)gmail.com>
crypto: ccp - Fix crash when rebind ccp device for ccp.ko
Thomas Fourier <fourier.thomas(a)gmail.com>
crypto: inside-secure - Fix `dma_unmap_sg()` nents value
Alexey Kardashevskiy <aik(a)amd.com>
crypto: ccp - Fix locking on alloc failure handling
wenglianfa <wenglianfa(a)huawei.com>
RDMA/hns: Fix HW configurations not cleared in error flow
wenglianfa <wenglianfa(a)huawei.com>
RDMA/hns: Fix double destruction of rsv_qp
Namhyung Kim <namhyung(a)kernel.org>
perf sched: Fix memory leaks in 'perf sched latency'
Namhyung Kim <namhyung(a)kernel.org>
perf sched: Use RC_CHK_EQUAL() to compare pointers
Namhyung Kim <namhyung(a)kernel.org>
perf sched: Fix memory leaks for evsel->priv in timehist
Namhyung Kim <namhyung(a)kernel.org>
perf sched: Fix memory leaks in 'perf sched map'
Namhyung Kim <namhyung(a)kernel.org>
perf sched: Free thread->priv using priv_destructor
Namhyung Kim <namhyung(a)kernel.org>
perf sched: Make sure it frees the usage string
Takahiro Kuwano <Takahiro.Kuwano(a)infineon.com>
mtd: spi-nor: spansion: Fixup params->set_4byte_addr_mode for SEMPER
Ian Rogers <irogers(a)google.com>
perf dso: Add missed dso__put to dso__load_kcore
Namhyung Kim <namhyung(a)kernel.org>
perf tools: Fix use-after-free in help_unknown_cmd()
Thomas Fourier <fourier.thomas(a)gmail.com>
Fix dma_unmap_sg() nents value
Nuno Sá <nuno.sa(a)analog.com>
clk: clk-axi-clkgen: fix fpfd_max frequency for zynq
Amir Goldstein <amir73il(a)gmail.com>
fanotify: sanitize handle_type values when reporting fid
Luca Weiss <luca.weiss(a)fairphone.com>
phy: qualcomm: phy-qcom-eusb2-repeater: Don't zero-out registers
Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org>
dmaengine: mmp: Fix again Wvoid-pointer-to-enum-cast warning
Yuan Chen <chenyuan(a)kylinos.cn>
pinctrl: berlin: fix memory leak in berlin_pinctrl_build_state()
Yuan Chen <chenyuan(a)kylinos.cn>
pinctrl: sunxi: Fix memory leak on krealloc failure
Jerome Brunet <jbrunet(a)baylibre.com>
PCI: endpoint: pci-epf-vntb: Return -ENOENT if pci_epc_get_next_free_bar() fails
Arnd Bergmann <arnd(a)arndb.de>
crypto: arm/aes-neonbs - work around gcc-15 warning
Charles Han <hanchunchao(a)inspur.com>
power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set
Charles Han <hanchunchao(a)inspur.com>
power: supply: cpcap-charger: Fix null check for power_supply_get_by_name
Rohit Visavalia <rohit.visavalia(a)amd.com>
clk: xilinx: vcu: unregister pll_post only if registered correctly
James Cowgill <james.cowgill(a)blaize.com>
media: v4l2-ctrls: Fix H264 SEPARATE_COLOUR_PLANE check
Henry Martin <bsdhenrymartin(a)gmail.com>
clk: davinci: Add NULL check in davinci_lpsc_clk_register()
Ivan Stepchenko <sid(a)itb.spb.ru>
mtd: fix possible integer overflow in erase_xfer()
Svyatoslav Pankratov <svyatoslav.pankratov(a)intel.com>
crypto: qat - fix state restore for banks with exceptions
Ahsan Atta <ahsan.atta(a)intel.com>
crypto: qat - allow enabling VFs in the absence of IOMMU
Herbert Xu <herbert(a)gondor.apana.org.au>
crypto: marvell/cesa - Fix engine load inaccuracy
Suman Kumar Chakraborty <suman.kumar.chakraborty(a)intel.com>
crypto: qat - use unmanaged allocation for dc_data
Ovidiu Panait <ovidiu.panait.oss(a)gmail.com>
crypto: sun8i-ce - fix nents passed to dma_unmap_sg()
Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com>
clk: renesas: rzv2h: Fix missing CLK_SET_RATE_PARENT flag for ddiv clocks
Hans Zhang <18255117159(a)163.com>
PCI: rockchip-host: Fix "Unexpected Completion" log message
Kees Cook <kees(a)kernel.org>
fortify: Fix incorrect reporting of read buffer size
Kees Cook <kees(a)kernel.org>
staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int()
Puranjay Mohan <puranjay(a)kernel.org>
bpf, arm64: Fix fp initialization for exception boundary
Thomas Weißschuh <thomas.weissschuh(a)linutronix.de>
bpf/preload: Don't select USERMODE_DRIVER
Eric Dumazet <edumazet(a)google.com>
ipv6: annotate data-races around rt->fib6_nsiblings
Eric Dumazet <edumazet(a)google.com>
ipv6: fix possible infinite loop in fib6_info_uses_dev()
Eric Dumazet <edumazet(a)google.com>
ipv6: prevent infinite loop in rt6_nlmsg_size()
Stanislav Fomichev <sdf(a)fomichev.me>
vrf: Drop existing dst reference in vrf_ip6_input_dst
Xiumei Mu <xmu(a)redhat.com>
selftests: rtnetlink.sh: remove esp4_offload after test
Jason Xing <kernelxing(a)tencent.com>
stmmac: xsk: fix negative overflow of budget in zerocopy mode
Tristram Ha <tristram.ha(a)microchip.com>
net: dsa: microchip: Fix wrong rx drop MIB counter for KSZ8863
Jianbo Liu <jianbol(a)nvidia.com>
net/mlx5e: Remove skb secpath if xfrm state is not found
Alexei Lazar <alazar(a)nvidia.com>
net/mlx5e: Clear Read-Only port buffer size in PBMC before update
Florian Westphal <fw(a)strlen.de>
netfilter: xt_nfacct: don't assume acct name is null-terminated
Jimmy Assarsson <extja(a)kvaser.com>
can: kvaser_usb: Assign netdev.dev_port based on device channel index
Jimmy Assarsson <extja(a)kvaser.com>
can: kvaser_pciefd: Store device channel index
Stephane Grosjean <stephane.grosjean(a)hms-networks.com>
can: peak_usb: fix USB FD devices potential malfunction
Gal Pressman <gal(a)nvidia.com>
selftests: drv-net: Fix remote command checking in require_cmd()
Gabriele Monaco <gmonaco(a)redhat.com>
tools/rv: Do not skip idle in trace
Kuniyuki Iwashima <kuniyu(a)google.com>
bpf: Disable migration in nf_hook_run_bpf().
Chris Down <chris(a)chrisdown.name>
Bluetooth: hci_event: Mask data status from LE ext adv reports
Arseniy Krasnov <avkrasnov(a)salutedevices.com>
Bluetooth: hci_sync: fix double free in 'hci_discovery_filter_clear()'
Matthew Wilcox (Oracle) <willy(a)infradead.org>
memcg_slabinfo: Fix use of PG_slab
Marco Elver <elver(a)google.com>
kcsan: test: Initialize dummy variable
Steven Rostedt <rostedt(a)goodmis.org>
ring-buffer: Remove ring_buffer_read_prepare_sync()
Kees Cook <kees(a)kernel.org>
wifi: nl80211: Set num_sub_specs before looping through sub_specs
Kees Cook <kees(a)kernel.org>
wifi: mac80211: Write cnt before copying in ieee80211_copy_rnr_beacon()
Gokul Sivakumar <gokulkumar.sivakumar(a)infineon.com>
wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE
Tamizh Chelvam Raja <tamizh.raja(a)oss.qualcomm.com>
wifi: ath12k: fix endianness handling while accessing wmi service bit
Remi Pommarel <repk(a)triplefau.lt>
Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()"
Remi Pommarel <repk(a)triplefau.lt>
wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key()
Alexander Wetzel <Alexander(a)wetzel-home.de>
wifi: mac80211: Don't call fq_flow_idx() for management frames
Alexander Wetzel <Alexander(a)wetzel-home.de>
wifi: mac80211: Do not schedule stopped TXQs
Murad Masimov <m.masimov(a)mt-integration.ru>
wifi: plfxlc: Fix error handling in usb driver probe
Moon Hee Lee <moonhee.lee.ca(a)gmail.com>
wifi: mac80211: reject TDLS operations when station is not associated
Tze-nan Wu <Tze-nan.Wu(a)mediatek.com>
rcu: Fix delayed execution of hurry callbacks
Jason Gunthorpe <jgg(a)ziepe.ca>
iommu/amd: Fix geometry.aperture_end for V2 tables
Alex Deucher <alexander.deucher(a)amd.com>
drm/amdgpu/gfx10: fix kiq locking in KCQ reset
Alex Deucher <alexander.deucher(a)amd.com>
drm/amdgpu/gfx9.4.3: fix kiq locking in KCQ reset
Alex Deucher <alexander.deucher(a)amd.com>
drm/amdgpu/gfx9: fix kiq locking in KCQ reset
Baochen Qiang <quic_bqiang(a)quicinc.com>
wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask()
Thomas Fourier <fourier.thomas(a)gmail.com>
mwl8k: Add missing check after DMA map
Bitterblue Smith <rtl8821cerfe2(a)gmail.com>
wifi: rtw88: Fix macid assigned to TDLS station
Martin Kaistra <martin.kaistra(a)linutronix.de>
wifi: rtl8xxxu: Fix RX skb size for aggregation disabled
Eric Dumazet <edumazet(a)google.com>
tcp: call tcp_measure_rcv_mss() for ooo packets
Juergen Gross <jgross(a)suse.com>
xen/gntdev: remove struct gntdev_copy_batch from stack
Al Viro <viro(a)zeniv.linux.org.uk>
xen: fix UAF in dmabuf_exp_from_pages()
Edward Srouji <edwards(a)nvidia.com>
RDMA/mlx5: Fix UMR modifying of mkey page size
Eric Dumazet <edumazet(a)google.com>
net_sched: act_ctinfo: use atomic64_t for three counters
William Liu <will(a)willsroot.io>
net/sched: Restrict conditions for adding duplicating netems to qdisc tree
Easwar Hariharan <eahariha(a)linux.microsoft.com>
iommu/amd: Enable PASID and ATS capabilities in the correct order
Tiwei Bie <tiwei.btw(a)antgroup.com>
um: rtc: Avoid shadowing err in uml_rtc_start()
Johan Korsnes <johan.korsnes(a)gmail.com>
arch: powerpc: defconfig: Drop obsolete CONFIG_NET_CLS_TCINDEX
Fedor Pchelkin <pchelkin(a)ispras.ru>
netfilter: nf_tables: adjust lockdep assertions handling
Phil Sutter <phil(a)nwl.cc>
netfilter: nf_tables: Drop dead code from fill_*_info routines
Shixiong Ou <oushixiong(a)kylinos.cn>
fbcon: Fix outdated registered_fb reference in comment
Peter Zijlstra <peterz(a)infradead.org>
sched/psi: Optimize psi_group_change() cpu_clock() usage
Fedor Pchelkin <pchelkin(a)ispras.ru>
drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value
Artem Sadovnikov <a.sadovnikov(a)ispras.ru>
refscale: Check that nreaders and loops multiplication doesn't overflow
Finn Thain <fthain(a)linux-m68k.org>
m68k: Don't unregister boot console needlessly
Konrad Dybcio <konrad.dybcio(a)oss.qualcomm.com>
drm/msm/dpu: Fill in min_prefill_lines for SC8180X
Kumar Kartikeya Dwivedi <memxor(a)gmail.com>
bpf: Ensure RCU lock is held around bpf_prog_ksym_find
Mark Brown <broonie(a)kernel.org>
kselftest/arm64: Fix check for setting new VLs in sve-ptrace
Eric Dumazet <edumazet(a)google.com>
net: dst: annotate data-races around dst->output
Eric Dumazet <edumazet(a)google.com>
net: dst: annotate data-races around dst->input
Stav Aviram <saviram(a)nvidia.com>
net/mlx5: Check device memory pointer before usage
xin.guo <guoxin0309(a)gmail.com>
tcp: fix tcp_ofo_queue() to avoid including too much DUP SACK range
Sergey Senozhatsky <senozhatsky(a)chromium.org>
wifi: ath11k: clear initialized flag for deinit-ed srng lists
Jiasheng Jiang <jiasheng(a)iscas.ac.cn>
iwlwifi: Add missing check for alloc_ordered_workqueue
Xiu Jianfeng <xiujianfeng(a)huawei.com>
wifi: iwlwifi: Fix memory leak in iwl_mvm_init()
Daniil Dulov <d.dulov(a)aladdin.ru>
wifi: rtl818x: Kill URBs before clearing tx status queue
Zong-Zhe Yang <kevin_yang(a)realtek.com>
wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band
Arnd Bergmann <arnd(a)arndb.de>
caif: reduce stack size, again
Haren Myneni <haren(a)linux.ibm.com>
powerpc/pseries/dlpar: Search DRC index from ibm,drc-indexes for IO add
Yuan Chen <chenyuan(a)kylinos.cn>
bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure
Lijo Lazar <lijo.lazar(a)amd.com>
drm/amdgpu: Remove nbiov7.9 replay count reporting
Ian Forbes <ian.forbes(a)broadcom.com>
drm/vmwgfx: Fix Host-Backed userspace on Guest-Backed kernel
Petr Machata <petrm(a)nvidia.com>
net: ipv6: ip6mr: Fix in/out netdev to pass to the FORWARD chain
Mykyta Yatsenko <yatsenko(a)meta.com>
selftests/bpf: Fix unintentional switch case fall through
Fushuai Wang <wangfushuai(a)baidu.com>
selftests/bpf: fix signedness bug in redir_partial()
Jiayuan Chen <jiayuan.chen(a)linux.dev>
bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls
Jiayuan Chen <jiayuan.chen(a)linux.dev>
bpf, sockmap: Fix psock incorrectly pointing to sk
Boris Brezillon <boris.brezillon(a)collabora.com>
drm/panthor: Add missing explicit padding in drm_panthor_gpu_info
Adrián Larumbe <adrian.larumbe(a)collabora.com>
drm/panfrost: Fix panfrost device variable name in devfreq
Andy Yan <andy.yan(a)rock-chips.com>
drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed
Steven Rostedt <rostedt(a)goodmis.org>
selftests/tracing: Fix false failure of subsystem event test
Alok Tiwari <alok.a.tiwari(a)oracle.com>
staging: nvec: Fix incorrect null termination of battery manufacturer
Slark Xiao <slark_xiao(a)163.com>
bus: mhi: host: pci_generic: Fix the modem name of Foxconn T99W640
Dmitry Baryshkov <dmitry.baryshkov(a)oss.qualcomm.com>
interconnect: qcom: sc8180x: specify num_nodes
Dmitry Baryshkov <dmitry.baryshkov(a)oss.qualcomm.com>
interconnect: qcom: sc8280xp: specify num_links for qnm_a1noc_cfg
Johan Hovold <johan(a)kernel.org>
soc: qcom: pmic_glink: fix OF node leak
Brahmajit Das <listout(a)listout.xyz>
samples: mei: Fix building on musl libc
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
staging: greybus: gbphy: fix up const issue with the match callback
Lifeng Zheng <zhenglifeng1(a)huawei.com>
cpufreq: Init policy->rwsem before it may be possibly used
Lifeng Zheng <zhenglifeng1(a)huawei.com>
cpufreq: Initialize cpufreq-based frequency-invariance later
Rafael J. Wysocki <rafael.j.wysocki(a)intel.com>
cpufreq: intel_pstate: Always use HWP_DESIRED_PERF in passive mode
Chanwoo Choi <cw00.choi(a)samsung.com>
PM / devfreq: Fix a index typo in trans_stat
Lifeng Zheng <zhenglifeng1(a)huawei.com>
PM / devfreq: Check governor before using governor->name
Adam Ford <aford173(a)gmail.com>
arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed
Adam Ford <aford173(a)gmail.com>
arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed
Annette Kobou <annette.kobou(a)kontron.de>
ARM: dts: imx6ul-kontron-bl-common: Fix RTS polarity for RS485 interface
Moon Hee Lee <moonhee.lee.ca(a)gmail.com>
selftests: breakpoints: use suspend_stats to reliably check suspend success
Patrick Delaunay <patrick.delaunay(a)foss.st.com>
arm64: dts: st: fix timer used for ticks
Sumit Gupta <sumitg(a)nvidia.com>
soc/tegra: cbb: Clear ERR_FORCE register with ERR_STATUS
Albin Törnqvist <albin.tornqvist(a)codiax.se>
arm: dts: ti: omap: Fixup pinheader typo
Lucas De Marchi <lucas.demarchi(a)intel.com>
usb: early: xhci-dbc: Fix early_ioremap leak
Sivan Zohar-Kotzer <sivany32(a)gmail.com>
powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw()
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Revert "vmci: Prevent the dispatching of uninitialized payloads"
Thomas Weißschuh <thomas.weissschuh(a)linutronix.de>
selftests: vDSO: chacha: Correctly skip test if necessary
Denis OSTERLAND-HEIM <denis.osterland(a)diehl.com>
pps: fix poll support
Lizhi Xu <lizhi.xu(a)windriver.com>
vmci: Prevent the dispatching of uninitialized payloads
Abdun Nihaal <abdun.nihaal(a)gmail.com>
staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc()
Clément Le Goffic <clement.legoffic(a)foss.st.com>
spi: stm32: Check for cfg availability in stm32_spi_probe
Hans de Goede <hansg(a)kernel.org>
mei: vsc: Unset the event callback on remove and probe errors
Hans de Goede <hansg(a)kernel.org>
mei: vsc: Event notifier fixes
Hans de Goede <hansg(a)kernel.org>
mei: vsc: Destroy mutex after freeing the IRQ
Dmitry Baryshkov <dmitry.baryshkov(a)oss.qualcomm.com>
usb: typec: ucsi: yoga-c630: fix error and remove paths
Sibi Sankar <quic_sibis(a)quicinc.com>
firmware: arm_scmi: Fix up turbo frequencies selection
Arnd Bergmann <arnd(a)arndb.de>
cpufreq: armada-8k: make both cpu masks static
Michael Walle <mwalle(a)kernel.org>
arm64: dts: ti: k3-am62p-j722s: fix pinctrl-single size
Wadim Egorov <w.egorov(a)phytec.de>
arm64: dts: ti: k3-am642-phyboard-electra: Fix PRU-ICSSG Ethernet ports
Charalampos Mitrodimas <charmitro(a)posteo.net>
usb: misc: apple-mfi-fastcharge: Make power supply names unique
Seungjin Bae <eeodqql09(a)gmail.com>
usb: host: xhci-plat: fix incorrect type for of_match variable in xhci_plat_probe()
Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org>
ARM: dts: vfxxx: Correctly use two tuples for timer address
André Apitzsch <git(a)apitzsch.eu>
arm64: dts: qcom: msm8976: Make blsp_dma controlled-remotely
Lijuan Gao <lijuan.gao(a)oss.qualcomm.com>
arm64: dts: qcom: sa8775p: Correct the interrupt for remoteproc
Will Deacon <willdeacon(a)google.com>
arm64: dts: exynos: gs101: Add 'local-timer-stop' to cpuidle nodes
Konrad Dybcio <konrad.dybcio(a)oss.qualcomm.com>
arm64: dts: qcom: sc7180: Expand IMEM region
Konrad Dybcio <konrad.dybcio(a)oss.qualcomm.com>
arm64: dts: qcom: sdm845: Expand IMEM region
Alexander Wilhelm <alexander.wilhelm(a)westermo.com>
soc: qcom: QMI encoding/decoding for big endian
Dmitry Vyukov <dvyukov(a)google.com>
selftests: Fix errno checking in syscall_user_dispatch test
Alexander Stein <alexander.stein(a)ew.tq-group.com>
arm64: dts: freescale: imx93-tqma9352: Limit BUCK2 to 600mV
Chen-Yu Tsai <wenst(a)chromium.org>
ASoC: mediatek: use reserved memory or enable buffer pre-allocation
Arnd Bergmann <arnd(a)arndb.de>
ASoC: ops: dynamically allocate struct snd_ctl_elem_value
Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com>
ASoC: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask()
Randy Dunlap <rdunlap(a)infradead.org>
io_uring: fix breakage in EXPERT menu
Andreas Gruenbacher <agruenba(a)redhat.com>
gfs2: No more self recovery
Konstantin Komarov <almaz.alexandrovich(a)paragon-software.com>
Revert "fs/ntfs3: Replace inode_trylock with inode_lock"
Yangtao Li <frank.li(a)vivo.com>
hfsplus: remove mutex_lock check in hfsplus_free_extents
Yangtao Li <frank.li(a)vivo.com>
hfs: make splice write available again
Yangtao Li <frank.li(a)vivo.com>
hfsplus: make splice write available again
Caleb Sander Mateos <csander(a)purestorage.com>
ublk: use vmalloc for ublk_device's __queues
Edward Adam Davis <eadavis(a)qq.com>
fs/ntfs3: cancle set bad inode after removing name fails
RubenKelevra <rubenkelevra(a)gmail.com>
fs_context: fix parameter name in infofc() macro
Al Viro <viro(a)zeniv.linux.org.uk>
parse_longname(): strrchr() expects NUL-terminated string
Richard Guy Briggs <rgb(a)redhat.com>
audit,module: restore audit logging in load failure case
Alexandru Andries <alex.andries.aa(a)gmail.com>
ASoC: amd: yc: add DMI quirk for ASUS M6501RM
Arnd Bergmann <arnd(a)arndb.de>
ASoC: Intel: fix SND_SOC_SOF dependencies
Richard Fitzgerald <rf(a)opensource.cirrus.com>
ALSA: hda/cs35l56: Workaround bad dev-index on Lenovo Yoga Book 9i GenX
Adam Queler <queler(a)gmail.com>
ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx
Arnd Bergmann <arnd(a)arndb.de>
ethernet: intel: fix building with large NR_CPUS
Lane Odenbach <laodenbach(a)gmail.com>
ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx
-------------
Diffstat:
Documentation/filesystems/f2fs.rst | 6 +-
Documentation/netlink/specs/ethtool.yaml | 6 +-
Makefile | 4 +-
.../boot/dts/nxp/imx/imx6ul-kontron-bl-common.dtsi | 1 -
arch/arm/boot/dts/nxp/vf/vfxxx.dtsi | 2 +-
arch/arm/boot/dts/ti/omap/am335x-boneblack.dts | 2 +-
arch/arm/crypto/aes-neonbs-glue.c | 2 +-
arch/arm64/boot/dts/exynos/google/gs101.dtsi | 3 +
.../boot/dts/freescale/imx8mm-beacon-som.dtsi | 2 +
.../boot/dts/freescale/imx8mn-beacon-som.dtsi | 2 +
arch/arm64/boot/dts/freescale/imx93-tqma9352.dtsi | 6 +-
arch/arm64/boot/dts/qcom/msm8976.dtsi | 2 +
arch/arm64/boot/dts/qcom/sa8775p.dtsi | 10 +-
arch/arm64/boot/dts/qcom/sc7180.dtsi | 10 +-
arch/arm64/boot/dts/qcom/sdm845.dtsi | 10 +-
arch/arm64/boot/dts/st/stm32mp251.dtsi | 2 +-
.../boot/dts/ti/k3-am62p-j722s-common-main.dtsi | 2 +-
.../boot/dts/ti/k3-am642-phyboard-electra-rdk.dts | 2 +
arch/arm64/net/bpf_jit_comp.c | 1 +
arch/m68k/Kconfig.debug | 2 +-
arch/m68k/kernel/early_printk.c | 42 +--
arch/m68k/kernel/head.S | 8 +-
arch/mips/mm/tlb-r4k.c | 56 +++-
arch/powerpc/configs/ppc6xx_defconfig | 1 -
arch/powerpc/kernel/eeh.c | 1 +
arch/powerpc/kernel/eeh_driver.c | 48 ++--
arch/powerpc/kernel/eeh_pe.c | 10 +-
arch/powerpc/kernel/pci-hotplug.c | 3 +
arch/powerpc/platforms/pseries/dlpar.c | 52 +++-
arch/s390/include/asm/ap.h | 2 +-
arch/s390/mm/pgalloc.c | 5 -
arch/s390/mm/vmem.c | 5 +-
arch/sh/Makefile | 10 +-
arch/sh/boot/compressed/Makefile | 4 +-
arch/sh/boot/romimage/Makefile | 4 +-
arch/um/drivers/rtc_user.c | 2 +-
arch/x86/boot/cpuflags.c | 13 +
arch/x86/coco/sev/shared.c | 46 ++++
arch/x86/include/asm/cpufeatures.h | 1 +
arch/x86/include/asm/hw_irq.h | 12 +-
arch/x86/kernel/cpu/scattered.c | 1 +
arch/x86/kernel/irq.c | 63 +++--
arch/x86/mm/extable.c | 5 +-
block/blk-settings.c | 13 +-
drivers/accel/ivpu/ivpu_debugfs.c | 42 +--
drivers/block/ublk_drv.c | 4 +-
drivers/bluetooth/btusb.c | 4 +
drivers/bus/mhi/host/pci_generic.c | 8 +-
drivers/char/hw_random/mtk-rng.c | 4 +-
drivers/clk/at91/sam9x7.c | 20 +-
drivers/clk/clk-axi-clkgen.c | 2 +-
drivers/clk/davinci/psc.c | 5 +
drivers/clk/imx/clk-imx95-blk-ctl.c | 13 +-
drivers/clk/renesas/rzv2h-cpg.c | 1 +
drivers/clk/sunxi-ng/ccu-sun8i-v3s.c | 3 +-
drivers/clk/thead/clk-th1520-ap.c | 9 +-
drivers/clk/xilinx/xlnx_vcu.c | 4 +-
drivers/cpufreq/armada-8k-cpufreq.c | 3 +-
drivers/cpufreq/cpufreq.c | 21 +-
drivers/cpufreq/intel_pstate.c | 4 +-
.../crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c | 4 +-
drivers/crypto/ccp/ccp-debugfs.c | 3 +
drivers/crypto/ccp/sev-dev.c | 8 +-
drivers/crypto/img-hash.c | 2 +-
drivers/crypto/inside-secure/safexcel_hash.c | 8 +-
.../crypto/intel/keembay/keembay-ocs-hcu-core.c | 8 +-
.../crypto/intel/qat/qat_420xx/adf_420xx_hw_data.c | 9 +-
.../crypto/intel/qat/qat_common/adf_gen4_hw_data.c | 29 +-
drivers/crypto/intel/qat/qat_common/adf_sriov.c | 1 -
.../intel/qat/qat_common/adf_transport_debug.c | 4 +-
drivers/crypto/intel/qat/qat_common/qat_bl.c | 6 +-
.../crypto/intel/qat/qat_common/qat_compression.c | 8 +-
drivers/crypto/marvell/cesa/cipher.c | 4 +-
drivers/crypto/marvell/cesa/hash.c | 5 +-
drivers/devfreq/devfreq.c | 12 +-
drivers/dma/mmp_tdma.c | 2 +-
drivers/dma/mv_xor.c | 21 +-
drivers/dma/nbpfaxi.c | 13 +
drivers/firmware/arm_scmi/perf.c | 2 +-
drivers/gpu/drm/amd/amdgpu/gfx_v10_0.c | 6 +-
drivers/gpu/drm/amd/amdgpu/gfx_v9_0.c | 2 +-
drivers/gpu/drm/amd/amdgpu/gfx_v9_4_3.c | 3 +-
drivers/gpu/drm/amd/amdgpu/nbio_v7_9.c | 20 --
.../gpu/drm/amd/pm/powerplay/hwmgr/smu_helper.c | 2 +-
drivers/gpu/drm/i915/display/g4x_hdmi.c | 35 ++-
drivers/gpu/drm/i915/display/g4x_hdmi.h | 5 +-
drivers/gpu/drm/i915/display/intel_ddi.c | 37 ++-
drivers/gpu/drm/i915/display/intel_display_types.h | 13 +
drivers/gpu/drm/i915/display/intel_hdmi.c | 10 +-
drivers/gpu/drm/i915/display/intel_hdmi.h | 2 +-
.../drm/msm/disp/dpu1/catalog/dpu_5_1_sc8180x.h | 1 +
drivers/gpu/drm/panfrost/panfrost_devfreq.c | 4 +-
drivers/gpu/drm/rockchip/rockchip_drm_fb.c | 9 +-
drivers/gpu/drm/vmwgfx/vmwgfx_shader.c | 2 +-
drivers/gpu/drm/xe/xe_device.c | 1 +
drivers/hid/hid-apple.c | 3 +-
drivers/i2c/muxes/i2c-mux-mule.c | 3 +-
drivers/infiniband/hw/erdma/erdma_verbs.c | 3 +-
drivers/infiniband/hw/hns/hns_roce_device.h | 1 +
drivers/infiniband/hw/hns/hns_roce_hem.c | 18 +-
drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 87 ++++--
drivers/infiniband/hw/hns/hns_roce_hw_v2.h | 8 +-
drivers/infiniband/hw/hns/hns_roce_main.c | 22 +-
drivers/infiniband/hw/mana/qp.c | 2 +-
drivers/infiniband/hw/mlx5/dm.c | 2 +-
drivers/infiniband/hw/mlx5/umr.c | 6 +-
drivers/interconnect/qcom/sc8180x.c | 6 +
drivers/interconnect/qcom/sc8280xp.c | 1 +
drivers/iommu/amd/iommu.c | 19 +-
drivers/irqchip/Kconfig | 1 +
drivers/md/bcache/alloc.c | 64 ++---
drivers/md/bcache/bcache.h | 2 +-
drivers/md/bcache/bset.c | 124 ++++-----
drivers/md/bcache/bset.h | 40 +--
drivers/md/bcache/btree.c | 69 ++---
drivers/md/bcache/extents.c | 51 ++--
drivers/md/bcache/movinggc.c | 41 +--
drivers/md/bcache/super.c | 3 +-
drivers/md/bcache/sysfs.c | 4 +-
drivers/md/bcache/util.h | 67 ++++-
drivers/md/bcache/writeback.c | 13 +-
drivers/md/md.c | 9 +-
.../media/platform/ti/j721e-csi2rx/j721e-csi2rx.c | 1 +
drivers/media/v4l2-core/v4l2-ctrls-core.c | 8 +-
drivers/misc/mei/platform-vsc.c | 5 +
drivers/misc/mei/vsc-tp.c | 20 +-
drivers/mtd/ftl.c | 2 +-
drivers/mtd/nand/raw/atmel/nand-controller.c | 2 +-
drivers/mtd/nand/raw/atmel/pmecc.c | 6 +
drivers/mtd/nand/raw/rockchip-nand-controller.c | 15 ++
drivers/mtd/spi-nor/spansion.c | 31 +++
drivers/net/can/kvaser_pciefd.c | 1 +
drivers/net/can/usb/kvaser_usb/kvaser_usb_core.c | 1 +
drivers/net/can/usb/peak_usb/pcan_usb_fd.c | 17 +-
drivers/net/dsa/microchip/ksz8.c | 3 +
drivers/net/dsa/microchip/ksz8_reg.h | 4 +-
drivers/net/ethernet/emulex/benet/be_cmds.c | 2 +-
drivers/net/ethernet/intel/fm10k/fm10k.h | 3 +-
drivers/net/ethernet/intel/i40e/i40e.h | 2 +-
drivers/net/ethernet/intel/ice/ice_ptp.c | 1 +
drivers/net/ethernet/intel/ixgbe/ixgbe.h | 3 +-
.../ethernet/mellanox/mlx5/core/en/port_buffer.c | 3 +
.../mellanox/mlx5/core/en_accel/ipsec_rxtx.c | 4 +
drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 1 +
drivers/net/ethernet/mellanox/mlx5/core/lib/dm.c | 4 +-
drivers/net/ethernet/mellanox/mlx5/core/main.c | 3 -
drivers/net/ethernet/meta/fbnic/fbnic_txrx.c | 4 +-
drivers/net/ethernet/meta/fbnic/fbnic_txrx.h | 6 +-
drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 2 +-
drivers/net/ipa/ipa_sysfs.c | 6 +-
drivers/net/mdio/mdio-bcm-unimac.c | 5 +-
drivers/net/phy/mscc/mscc_ptp.c | 1 +
drivers/net/phy/mscc/mscc_ptp.h | 1 +
drivers/net/ppp/pptp.c | 18 +-
drivers/net/usb/usbnet.c | 11 +-
drivers/net/vrf.c | 2 +
drivers/net/wireless/ath/ath11k/hal.c | 4 +
drivers/net/wireless/ath/ath11k/mac.c | 12 +-
drivers/net/wireless/ath/ath12k/wmi.c | 12 +-
.../broadcom/brcm80211/brcmfmac/cfg80211.c | 8 +-
drivers/net/wireless/intel/iwlwifi/dvm/main.c | 11 +-
drivers/net/wireless/intel/iwlwifi/mvm/ops.c | 4 +-
drivers/net/wireless/marvell/mwl8k.c | 4 +
drivers/net/wireless/purelifi/plfxlc/mac.c | 11 +-
drivers/net/wireless/purelifi/plfxlc/mac.h | 2 +-
drivers/net/wireless/purelifi/plfxlc/usb.c | 29 +-
drivers/net/wireless/realtek/rtl818x/rtl8187/dev.c | 3 +-
drivers/net/wireless/realtek/rtl8xxxu/core.c | 2 +-
drivers/net/wireless/realtek/rtw88/main.c | 4 +-
drivers/net/wireless/realtek/rtw89/core.c | 5 +
drivers/nvme/target/core.c | 18 +-
drivers/pci/controller/pcie-rockchip-host.c | 2 +-
drivers/pci/endpoint/functions/pci-epf-vntb.c | 4 +-
drivers/pci/hotplug/pnv_php.c | 235 ++++++++++++++--
drivers/pci/pcie/aspm.c | 32 ++-
drivers/perf/arm-ni.c | 2 +
drivers/phy/qualcomm/phy-qcom-eusb2-repeater.c | 83 +++---
drivers/pinctrl/berlin/berlin.c | 8 +-
drivers/pinctrl/pinmux.c | 20 +-
drivers/pinctrl/sunxi/pinctrl-sunxi.c | 11 +-
drivers/platform/x86/intel/pmt/class.c | 3 +-
drivers/platform/x86/intel/pmt/class.h | 1 +
drivers/power/supply/cpcap-charger.c | 5 +-
drivers/power/supply/max14577_charger.c | 4 +-
drivers/powercap/dtpm_cpu.c | 2 +
drivers/pps/pps.c | 11 +-
drivers/remoteproc/xlnx_r5_remoteproc.c | 2 +
drivers/rtc/rtc-ds1307.c | 2 +-
drivers/rtc/rtc-hym8563.c | 2 +-
drivers/rtc/rtc-nct3018y.c | 2 +-
drivers/rtc/rtc-pcf85063.c | 2 +-
drivers/rtc/rtc-pcf8563.c | 2 +-
drivers/rtc/rtc-rv3028.c | 2 +-
drivers/s390/crypto/ap_bus.h | 2 +-
drivers/scsi/elx/efct/efct_lio.c | 2 +-
drivers/scsi/ibmvscsi_tgt/libsrp.c | 6 +-
drivers/scsi/isci/request.c | 2 +-
drivers/scsi/mpt3sas/mpt3sas_scsih.c | 3 +-
drivers/scsi/mvsas/mv_sas.c | 4 +-
drivers/scsi/scsi_transport_iscsi.c | 2 +
drivers/scsi/sd.c | 4 +-
drivers/soc/qcom/pmic_glink.c | 9 +-
drivers/soc/qcom/qmi_encdec.c | 46 +++-
drivers/soc/tegra/cbb/tegra234-cbb.c | 2 +
drivers/soundwire/stream.c | 2 +-
drivers/spi/spi-cs42l43.c | 2 +-
drivers/spi/spi-stm32.c | 8 +-
drivers/staging/fbtft/fbtft-core.c | 1 +
drivers/staging/greybus/gbphy.c | 6 +-
.../media/atomisp/pci/atomisp_gmin_platform.c | 9 +-
drivers/staging/nvec/nvec_power.c | 2 +-
drivers/ufs/core/ufshcd.c | 10 +-
drivers/usb/early/xhci-dbc.c | 4 +
drivers/usb/gadget/composite.c | 5 +
drivers/usb/gadget/function/f_hid.c | 7 +-
drivers/usb/host/xhci-plat.c | 2 +-
drivers/usb/misc/apple-mfi-fastcharge.c | 24 +-
drivers/usb/serial/option.c | 2 +
drivers/usb/typec/ucsi/ucsi_yoga_c630.c | 19 +-
drivers/vdpa/mlx5/core/mr.c | 3 +
drivers/vdpa/mlx5/net/mlx5_vnet.c | 12 +-
drivers/vdpa/vdpa_user/vduse_dev.c | 1 +
drivers/vfio/group.c | 7 +-
drivers/vfio/iommufd.c | 4 +
drivers/vfio/pci/pds/vfio_dev.c | 1 +
drivers/vfio/pci/vfio_pci_core.c | 2 +-
drivers/vfio/vfio_main.c | 3 +-
drivers/vhost/Kconfig | 18 ++
drivers/vhost/scsi.c | 4 +-
drivers/vhost/vhost.c | 244 +++++++++++++++--
drivers/vhost/vhost.h | 22 ++
drivers/video/fbdev/core/fbcon.c | 4 +-
drivers/video/fbdev/imxfb.c | 9 +-
drivers/watchdog/ziirave_wdt.c | 3 +
drivers/xen/gntdev-common.h | 4 +
drivers/xen/gntdev-dmabuf.c | 28 +-
drivers/xen/gntdev.c | 71 +++--
fs/ceph/crypto.c | 31 +--
fs/exfat/file.c | 5 +-
fs/ext4/inline.c | 2 +
fs/ext4/inode.c | 3 +-
fs/f2fs/data.c | 7 +-
fs/f2fs/extent_cache.c | 2 +-
fs/f2fs/f2fs.h | 2 +-
fs/f2fs/gc.c | 1 +
fs/f2fs/inode.c | 21 +-
fs/f2fs/segment.h | 5 +-
fs/f2fs/super.c | 1 +
fs/f2fs/sysfs.c | 21 ++
fs/gfs2/util.c | 37 +--
fs/hfs/inode.c | 1 +
fs/hfsplus/extents.c | 3 -
fs/hfsplus/inode.c | 1 +
fs/jfs/jfs_dmap.c | 4 +-
fs/nfs/dir.c | 4 +-
fs/nfs/export.c | 11 +-
fs/nfs/flexfilelayout/flexfilelayout.c | 26 +-
fs/nfs/flexfilelayout/flexfilelayoutdev.c | 6 +-
fs/nfs/internal.h | 9 +-
fs/nfs/nfs4proc.c | 10 +-
fs/notify/fanotify/fanotify.c | 8 +-
fs/ntfs3/file.c | 5 +-
fs/ntfs3/frecord.c | 7 +-
fs/ntfs3/namei.c | 10 +-
fs/ntfs3/ntfs_fs.h | 3 +-
fs/orangefs/orangefs-debugfs.c | 6 +-
fs/proc/generic.c | 2 +
fs/proc/inode.c | 2 +-
fs/proc/internal.h | 5 +
fs/smb/client/cifs_debug.c | 6 +-
fs/smb/client/smbdirect.c | 130 +++------
fs/smb/client/smbdirect.h | 4 -
fs/smb/server/connection.h | 1 +
fs/smb/server/smb2pdu.c | 22 +-
fs/smb/server/smb_common.c | 2 +-
fs/smb/server/transport_rdma.c | 97 +++----
fs/smb/server/transport_tcp.c | 17 ++
fs/smb/server/vfs.c | 3 +-
include/linux/audit.h | 9 +-
include/linux/fortify-string.h | 2 +-
include/linux/fs_context.h | 2 +-
include/linux/ioprio.h | 3 +-
include/linux/mlx5/device.h | 1 +
include/linux/moduleparam.h | 5 +-
include/linux/pps_kernel.h | 1 +
include/linux/proc_fs.h | 1 +
include/linux/psi_types.h | 6 +-
include/linux/ring_buffer.h | 4 +-
include/linux/skbuff.h | 23 ++
include/linux/usb/usbnet.h | 1 +
include/linux/wait_bit.h | 60 +++++
include/net/bluetooth/hci.h | 1 +
include/net/bluetooth/hci_core.h | 6 +
include/net/dst.h | 4 +-
include/net/lwtunnel.h | 8 +-
include/net/tc_act/tc_ctinfo.h | 6 +-
include/net/udp.h | 24 +-
include/sound/tas2781-tlv.h | 2 +-
include/uapi/drm/panthor_drm.h | 3 +
include/uapi/linux/vhost.h | 29 ++
init/Kconfig | 2 +-
kernel/audit.h | 2 +-
kernel/auditsc.c | 2 +-
kernel/bpf/core.c | 5 +-
kernel/bpf/helpers.c | 11 +-
kernel/bpf/preload/Kconfig | 1 -
kernel/events/core.c | 20 +-
kernel/kcsan/kcsan_test.c | 2 +-
kernel/module/main.c | 6 +-
kernel/rcu/refscale.c | 10 +-
kernel/rcu/tree_nocb.h | 2 +-
kernel/sched/psi.c | 123 +++++----
kernel/trace/preemptirq_delay_test.c | 13 +-
kernel/trace/ring_buffer.c | 63 +----
kernel/trace/trace.c | 14 +-
kernel/trace/trace_kdb.c | 8 +-
kernel/ucount.c | 2 +-
mm/hmm.c | 2 +-
mm/swapfile.c | 63 ++---
net/bluetooth/hci_event.c | 8 +-
net/caif/cfctrl.c | 294 ++++++++++-----------
net/core/dst.c | 4 +-
net/core/filter.c | 3 +
net/core/netpoll.c | 7 +
net/core/skmsg.c | 7 +
net/ipv4/route.c | 4 +-
net/ipv4/tcp_input.c | 4 +-
net/ipv6/ip6_fib.c | 24 +-
net/ipv6/ip6_offload.c | 4 +-
net/ipv6/ip6mr.c | 3 +-
net/ipv6/route.c | 60 +++--
net/mac80211/cfg.c | 2 +-
net/mac80211/tdls.c | 2 +-
net/mac80211/tx.c | 14 +-
net/netfilter/nf_bpf_link.c | 5 +-
net/netfilter/nf_tables_api.c | 29 +-
net/netfilter/xt_nfacct.c | 4 +-
net/packet/af_packet.c | 12 +-
net/sched/act_ctinfo.c | 19 +-
net/sched/sch_mqprio.c | 2 +-
net/sched/sch_netem.c | 40 +++
net/sched/sch_taprio.c | 21 +-
net/sunrpc/svcsock.c | 43 ++-
net/sunrpc/xprtsock.c | 40 ++-
net/tls/tls_sw.c | 13 +
net/vmw_vsock/af_vsock.c | 3 +-
net/wireless/nl80211.c | 1 +
samples/mei/mei-amt-version.c | 2 +-
scripts/kconfig/qconf.cc | 2 +-
security/apparmor/include/match.h | 8 +-
security/apparmor/match.c | 23 +-
security/apparmor/policy_unpack_test.c | 6 +-
sound/pci/hda/cs35l56_hda.c | 114 +++++---
sound/pci/hda/patch_ca0132.c | 5 +-
sound/pci/hda/patch_realtek.c | 3 +
sound/soc/amd/yc/acp6x-mach.c | 21 ++
sound/soc/fsl/fsl_xcvr.c | 20 ++
sound/soc/intel/boards/Kconfig | 2 +-
.../soc/mediatek/common/mtk-afe-platform-driver.c | 4 +-
sound/soc/mediatek/common/mtk-base-afe.h | 1 +
sound/soc/mediatek/mt8173/mt8173-afe-pcm.c | 7 +
sound/soc/mediatek/mt8183/mt8183-afe-pcm.c | 7 +
sound/soc/mediatek/mt8186/mt8186-afe-pcm.c | 7 +
sound/soc/mediatek/mt8192/mt8192-afe-pcm.c | 7 +
sound/soc/soc-dai.c | 16 +-
sound/soc/soc-ops.c | 28 +-
sound/usb/mixer_scarlett2.c | 7 +
sound/x86/intel_hdmi_audio.c | 2 +-
tools/bpf/bpftool/net.c | 15 +-
tools/cgroup/memcg_slabinfo.py | 4 +-
tools/lib/subcmd/help.c | 12 +-
tools/perf/.gitignore | 2 -
tools/perf/builtin-sched.c | 99 +++++--
tools/perf/tests/bp_account.c | 1 +
tools/perf/util/build-id.c | 2 +-
tools/perf/util/evsel.c | 11 +
tools/perf/util/evsel.h | 2 +
tools/perf/util/symbol.c | 1 +
tools/testing/selftests/alsa/utimer-test.c | 1 +
tools/testing/selftests/arm64/fp/sve-ptrace.c | 2 +-
.../selftests/bpf/prog_tests/sockmap_listen.c | 2 +
.../selftests/bpf/progs/verifier_arena_large.c | 110 +++++++-
tools/testing/selftests/bpf/veristat.c | 1 +
.../breakpoints/step_after_suspend_test.c | 41 ++-
tools/testing/selftests/drivers/net/lib/py/env.py | 2 +-
.../ftrace/test.d/event/subsystem-enable.tc | 28 +-
tools/testing/selftests/net/rtnetlink.sh | 6 +
tools/testing/selftests/perf_events/.gitignore | 1 +
tools/testing/selftests/perf_events/Makefile | 2 +-
tools/testing/selftests/perf_events/mmap.c | 236 +++++++++++++++++
.../selftests/syscall_user_dispatch/sud_test.c | 50 ++--
tools/testing/selftests/vDSO/vdso_test_chacha.c | 3 +-
tools/verification/rv/src/in_kernel.c | 4 +-
393 files changed, 3781 insertions(+), 1906 deletions(-)
1 month, 1 week
- 15
- 384
[PATCH 0/2] Fixes for maxim tcpc contaminant detection logic
by Amit Sunil Dhamne via B4 Relay
Add fixes to the CC contaminant/connection detection logic to improve
reliability and stability of the maxim tcpc driver.
---
Amit Sunil Dhamne (2):
usb: typec: maxim_contaminant: disable low power mode when reading comparator values
usb: typec: maxim_contaminant: re-enable cc toggle if cc is open and port is clean
drivers/usb/typec/tcpm/maxim_contaminant.c | 58 ++++++++++++++++++++++++++++++
drivers/usb/typec/tcpm/tcpci_maxim.h | 1 +
2 files changed, 59 insertions(+)
---
base-commit: 89be9a83ccf1f88522317ce02f854f30d6115c41
change-id: 20250802-fix-upstream-contaminant-16910e2762ca
Best regards,
--
Amit Sunil Dhamne <amitsd(a)google.com>
1 month, 1 week
- 3
- 4
[PATCH v3] wifi: mwifiex: Initialize the chan_stats array to zero
by Qianfeng Rong
The adapter->chan_stats[] array is initialized in
mwifiex_init_channel_scan_gap() with vmalloc(), which doesn't zero out
memory. The array is filled in mwifiex_update_chan_statistics()
and then the user can query the data in mwifiex_cfg80211_dump_survey().
There are two potential issues here. What if the user calls
mwifiex_cfg80211_dump_survey() before the data has been filled in.
Also the mwifiex_update_chan_statistics() function doesn't necessarily
initialize the whole array. Since the array was not initialized at
the start that could result in an information leak.
Also this array is pretty small. It's a maximum of 900 bytes so it's
more appropriate to use kcalloc() instead vmalloc().
Cc: stable(a)vger.kernel.org
Fixes: bf35443314ac ("mwifiex: channel statistics support for mwifiex")
Suggested-by: Dan Carpenter <dan.carpenter(a)linaro.org>
Signed-off-by: Qianfeng Rong <rongqianfeng(a)vivo.com>
---
v2: Change vmalloc_array/vfree to kcalloc/kfree.
v3: Improved commit message.
---
drivers/net/wireless/marvell/mwifiex/cfg80211.c | 5 +++--
drivers/net/wireless/marvell/mwifiex/main.c | 4 ++--
2 files changed, 5 insertions(+), 4 deletions(-)
diff --git a/drivers/net/wireless/marvell/mwifiex/cfg80211.c b/drivers/net/wireless/marvell/mwifiex/cfg80211.c
index 3498743d5ec0..4c8c7a5fdf23 100644
--- a/drivers/net/wireless/marvell/mwifiex/cfg80211.c
+++ b/drivers/net/wireless/marvell/mwifiex/cfg80211.c
@@ -4673,8 +4673,9 @@ int mwifiex_init_channel_scan_gap(struct mwifiex_adapter *adapter)
* additional active scan request for hidden SSIDs on passive channels.
*/
adapter->num_in_chan_stats = 2 * (n_channels_bg + n_channels_a);
- adapter->chan_stats = vmalloc(array_size(sizeof(*adapter->chan_stats),
- adapter->num_in_chan_stats));
+ adapter->chan_stats = kcalloc(adapter->num_in_chan_stats,
+ sizeof(*adapter->chan_stats),
+ GFP_KERNEL);
if (!adapter->chan_stats)
return -ENOMEM;
diff --git a/drivers/net/wireless/marvell/mwifiex/main.c b/drivers/net/wireless/marvell/mwifiex/main.c
index 7b50a88a18e5..1ec069bc8ea1 100644
--- a/drivers/net/wireless/marvell/mwifiex/main.c
+++ b/drivers/net/wireless/marvell/mwifiex/main.c
@@ -642,7 +642,7 @@ static int _mwifiex_fw_dpc(const struct firmware *firmware, void *context)
goto done;
err_add_intf:
- vfree(adapter->chan_stats);
+ kfree(adapter->chan_stats);
err_init_chan_scan:
wiphy_unregister(adapter->wiphy);
wiphy_free(adapter->wiphy);
@@ -1485,7 +1485,7 @@ static void mwifiex_uninit_sw(struct mwifiex_adapter *adapter)
wiphy_free(adapter->wiphy);
adapter->wiphy = NULL;
- vfree(adapter->chan_stats);
+ kfree(adapter->chan_stats);
mwifiex_free_cmd_buffers(adapter);
}
--
2.34.1
1 month, 1 week
- 2
- 1
[PATCH] xen/events: Fix Global and Domain VIRQ tracking
by Jason Andryuk
VIRQs come in 3 flavors, per-VPU, per-domain, and global. The existing
tracking of VIRQs is handled by per-cpu variables virq_to_irq.
The issue is that bind_virq_to_irq() sets the per_cpu virq_to_irq at
registration time - typically CPU 0. Later, the interrupt can migrate,
and info->cpu is updated. When calling unbind_from_irq(), the per-cpu
virq_to_irq is cleared for a different cpu. If bind_virq_to_irq() is
called again with CPU 0, the stale irq is returned.
Change the virq_to_irq tracking to use CPU 0 for per-domain and global
VIRQs. As there can be at most one of each, there is no need for
per-vcpu tracking. Also, per-domain and global VIRQs need to be
registered on CPU 0 and can later move, so this matches the expectation.
Fixes: e46cdb66c8fc ("xen: event channels")
Cc: stable(a)vger.kernel.org
Signed-off-by: Jason Andryuk <jason.andryuk(a)amd.com>
---
Fixes is the introduction of the virq_to_irq per-cpu array.
This was found with the out-of-tree argo driver during suspend/resume.
On suspend, the per-domain VIRQ_ARGO is unbound. On resume, the driver
attempts to bind VIRQ_ARGO. The stale irq is returned, but the
WARN_ON(info == NULL || info->type != IRQT_VIRQ) in bind_virq_to_irq()
triggers for NULL info. The bind fails and execution continues with the
driver trying to clean up by unbinding. This eventually faults over the
NULL info.
---
drivers/xen/events/events_base.c | 17 ++++++++++++++++-
1 file changed, 16 insertions(+), 1 deletion(-)
diff --git a/drivers/xen/events/events_base.c b/drivers/xen/events/events_base.c
index 41309d38f78c..a27e4d7f061e 100644
--- a/drivers/xen/events/events_base.c
+++ b/drivers/xen/events/events_base.c
@@ -159,7 +159,19 @@ static DEFINE_MUTEX(irq_mapping_update_lock);
static LIST_HEAD(xen_irq_list_head);
-/* IRQ <-> VIRQ mapping. */
+static bool is_per_vcpu_virq(int virq) {
+ switch (virq) {
+ case VIRQ_TIMER:
+ case VIRQ_DEBUG:
+ case VIRQ_XENOPROF:
+ case VIRQ_XENPMU:
+ return true;
+ default:
+ return false;
+ }
+}
+
+/* IRQ <-> VIRQ mapping. Global/Domain virqs are tracked in cpu 0. */
static DEFINE_PER_CPU(int [NR_VIRQS], virq_to_irq) = {[0 ... NR_VIRQS-1] = -1};
/* IRQ <-> IPI mapping */
@@ -974,6 +986,9 @@ static void __unbind_from_irq(struct irq_info *info, unsigned int irq)
switch (info->type) {
case IRQT_VIRQ:
+ if (!is_per_vcpu_virq(virq_from_irq(info)))
+ cpu = 0;
+
per_cpu(virq_to_irq, cpu)[virq_from_irq(info)] = -1;
break;
case IRQT_IPI:
--
2.50.1
1 month, 1 week
- 3
- 6
[PATCH] net: 9p: fix double req put in p9_fd_cancelled
by Nalivayko Sergey
Syzkaller reports a KASAN issue as below:
general protection fault, probably for non-canonical address 0xfbd59c0000000021: 0000 [#1] PREEMPT SMP KASAN NOPTI
KASAN: maybe wild-memory-access in range [0xdead000000000108-0xdead00000000010f]
CPU: 0 PID: 5083 Comm: syz-executor.2 Not tainted 6.1.134-syzkaller-00037-g855bd1d7d838 #0
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:__list_del include/linux/list.h:114 [inline]
RIP: 0010:__list_del_entry include/linux/list.h:137 [inline]
RIP: 0010:list_del include/linux/list.h:148 [inline]
RIP: 0010:p9_fd_cancelled+0xe9/0x200 net/9p/trans_fd.c:734
Call Trace:
<TASK>
p9_client_flush+0x351/0x440 net/9p/client.c:614
p9_client_rpc+0xb6b/0xc70 net/9p/client.c:734
p9_client_version net/9p/client.c:920 [inline]
p9_client_create+0xb51/0x1240 net/9p/client.c:1027
v9fs_session_init+0x1f0/0x18f0 fs/9p/v9fs.c:408
v9fs_mount+0xba/0xcb0 fs/9p/vfs_super.c:126
legacy_get_tree+0x108/0x220 fs/fs_context.c:632
vfs_get_tree+0x8e/0x300 fs/super.c:1573
do_new_mount fs/namespace.c:3056 [inline]
path_mount+0x6a6/0x1e90 fs/namespace.c:3386
do_mount fs/namespace.c:3399 [inline]
__do_sys_mount fs/namespace.c:3607 [inline]
__se_sys_mount fs/namespace.c:3584 [inline]
__x64_sys_mount+0x283/0x300 fs/namespace.c:3584
do_syscall_x64 arch/x86/entry/common.c:51 [inline]
do_syscall_64+0x35/0x80 arch/x86/entry/common.c:81
entry_SYSCALL_64_after_hwframe+0x6e/0xd8
This happens because of a race condition between:
- The 9p client sending an invalid flush request and later cleaning it up;
- The 9p client in p9_read_work() canceled all pending requests.
Thread 1 Thread 2
...
p9_client_create()
...
p9_fd_create()
...
p9_conn_create()
...
// start Thread 2
INIT_WORK(&m->rq, p9_read_work);
p9_read_work()
...
p9_client_rpc()
...
...
p9_conn_cancel()
...
spin_lock(&m->req_lock);
...
p9_fd_cancelled()
...
...
spin_unlock(&m->req_lock);
// status rewrite
p9_client_cb(m->client, req, REQ_STATUS_ERROR)
// first remove
list_del(&req->req_list);
...
spin_lock(&m->req_lock)
...
// second remove
list_del(&req->req_list);
spin_unlock(&m->req_lock)
...
Commit 74d6a5d56629 ("9p/trans_fd: Fix concurrency del of req_list in
p9_fd_cancelled/p9_read_work") fixes a concurrency issue in the 9p filesystem
client where the req_list could be deleted simultaneously by both
p9_read_work and p9_fd_cancelled functions, but for the case where req->status
equals REQ_STATUS_RCVD.
Add an explicit check for REQ_STATUS_ERROR in p9_fd_cancelled before
processing the request. Skip processing if the request is already in the error
state, as it has been removed and its resources cleaned up.
Found by Linux Verification Center (linuxtesting.org) with Syzkaller.
Fixes: afd8d6541155 ("9P: Add cancelled() to the transport functions.")
Cc: stable(a)vger.kernel.org
Signed-off-by: Nalivayko Sergey <Sergey.Nalivayko(a)kaspersky.com>
---
net/9p/trans_fd.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/net/9p/trans_fd.c b/net/9p/trans_fd.c
index a69422366a23..a6054a392a90 100644
--- a/net/9p/trans_fd.c
+++ b/net/9p/trans_fd.c
@@ -721,9 +721,9 @@ static int p9_fd_cancelled(struct p9_client *client, struct p9_req_t *req)
spin_lock(&m->req_lock);
/* Ignore cancelled request if message has been received
- * before lock.
- */
- if (req->status == REQ_STATUS_RCVD) {
+ * or cancelled with error before lock.
+ */
+ if (req->status == REQ_STATUS_RCVD || req->status == REQ_STATUS_ERROR) {
spin_unlock(&m->req_lock);
return 0;
}
--
2.30.2
1 month, 1 week
- 2
- 2
[PATCH 2/5] HID: apple: validate feature-report field count to prevent NULL pointer dereference
by malepudileep.111@gmail.com
From: Qasim Ijaz <qasdev00(a)gmail.com>
commit 1bb3363da862e0464ec050eea2fb5472a36ad86b upstream.
A malicious HID device with quirk APPLE_MAGIC_BACKLIGHT can trigger a NULL
pointer dereference whilst the power feature-report is toggled and sent to
the device in apple_magic_backlight_report_set(). The power feature-report
is expected to have two data fields, but if the descriptor declares one
field then accessing field[1] and dereferencing it in
apple_magic_backlight_report_set() becomes invalid
since field[1] will be NULL.
An example of a minimal descriptor which can cause the crash is something
like the following where the report with ID 3 (power report) only
references a single 1-byte field. When hid core parses the descriptor it
will encounter the final feature tag, allocate a hid_report (all members
of field[] will be zeroed out), create field structure and populate it,
increasing the maxfield to 1. The subsequent field[1] access and
dereference causes the crash.
Usage Page (Vendor Defined 0xFF00)
Usage (0x0F)
Collection (Application)
Report ID (1)
Usage (0x01)
Logical Minimum (0)
Logical Maximum (255)
Report Size (8)
Report Count (1)
Feature (Data,Var,Abs)
Usage (0x02)
Logical Maximum (32767)
Report Size (16)
Report Count (1)
Feature (Data,Var,Abs)
Report ID (3)
Usage (0x03)
Logical Minimum (0)
Logical Maximum (1)
Report Size (8)
Report Count (1)
Feature (Data,Var,Abs)
End Collection
Here we see the KASAN splat when the kernel dereferences the
NULL pointer and crashes:
[ 15.164723] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000006: 0000 [#1] SMP KASAN NOPTI
[ 15.165691] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037]
[ 15.165691] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted 6.15.0 #31 PREEMPT(voluntary)
[ 15.165691] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 15.165691] RIP: 0010:apple_magic_backlight_report_set+0xbf/0x210
[ 15.165691] Call Trace:
[ 15.165691] <TASK>
[ 15.165691] apple_probe+0x571/0xa20
[ 15.165691] hid_device_probe+0x2e2/0x6f0
[ 15.165691] really_probe+0x1ca/0x5c0
[ 15.165691] __driver_probe_device+0x24f/0x310
[ 15.165691] driver_probe_device+0x4a/0xd0
[ 15.165691] __device_attach_driver+0x169/0x220
[ 15.165691] bus_for_each_drv+0x118/0x1b0
[ 15.165691] __device_attach+0x1d5/0x380
[ 15.165691] device_initial_probe+0x12/0x20
[ 15.165691] bus_probe_device+0x13d/0x180
[ 15.165691] device_add+0xd87/0x1510
[...]
To fix this issue we should validate the number of fields that the
backlight and power reports have and if they do not have the required
number of fields then bail.
Fixes: 394ba612f941 ("HID: apple: Add support for magic keyboard backlight on T2 Macs")
Cc: stable(a)vger.kernel.org
Signed-off-by: Qasim Ijaz <qasdev00(a)gmail.com>
Reviewed-by: Orlando Chamberlain <orlandoch.dev(a)gmail.com>
Tested-by: Aditya Garg <gargaditya08(a)live.com>
Link: https://patch.msgid.link/20250713233008.15131-1-qasdev00@gmail.com
Signed-off-by: Benjamin Tissoires <bentiss(a)kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
---
drivers/hid/hid-apple.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/hid/hid-apple.c b/drivers/hid/hid-apple.c
index d900dd05c335..c00ce5bfec4a 100644
--- a/drivers/hid/hid-apple.c
+++ b/drivers/hid/hid-apple.c
@@ -890,7 +890,8 @@ static int apple_magic_backlight_init(struct hid_device *hdev)
backlight->brightness = report_enum->report_id_hash[APPLE_MAGIC_REPORT_ID_BRIGHTNESS];
backlight->power = report_enum->report_id_hash[APPLE_MAGIC_REPORT_ID_POWER];
- if (!backlight->brightness || !backlight->power)
+ if (!backlight->brightness || backlight->brightness->maxfield < 2 ||
+ !backlight->power || backlight->power->maxfield < 2)
return -ENODEV;
backlight->cdev.name = ":white:" LED_FUNCTION_KBD_BACKLIGHT;
--
2.43.0
1 month, 1 week
- 1
- 0
[PATCH v3 1/4] LoongArch: KVM: Fix stack protector issue in send_ipi_data()
by Bibo Mao
Function kvm_io_bus_read() is called in function send_ipi_data(), buffer
size of parameter *val should be at least 8 bytes. Some emulation
functions like loongarch_ipi_readl() and kvm_eiointc_read() will
write buffer *val with 8 bytes signed extension regardless parameter
len.
Otherwise there will be buffer overflow issue when CONFIG_STACKPROTECTOR
is enabled. The bug report is shown as follows:
Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: send_ipi_data+0x194/0x1a0 [kvm]
CPU: 11 UID: 107 PID: 2692 Comm: CPU 0/KVM Not tainted 6.17.0-rc1+ #102 PREEMPT(full)
Stack : 9000000005901568 0000000000000000 9000000003af371c 900000013c68c000
900000013c68f850 900000013c68f858 0000000000000000 900000013c68f998
900000013c68f990 900000013c68f990 900000013c68f6c0 fffffffffffdb058
fffffffffffdb0e0 900000013c68f858 911e1d4d39cf0ec2 9000000105657a00
0000000000000001 fffffffffffffffe 0000000000000578 282049464555206e
6f73676e6f6f4c20 0000000000000001 00000000086b4000 0000000000000000
0000000000000000 0000000000000000 9000000005709968 90000000058f9000
900000013c68fa68 900000013c68fab4 90000000029279f0 900000010153f940
900000010001f360 0000000000000000 9000000003af3734 000000004390000c
00000000000000b0 0000000000000004 0000000000000000 0000000000071c1d
...
Call Trace:
[<9000000003af3734>] show_stack+0x5c/0x180
[<9000000003aed168>] dump_stack_lvl+0x6c/0x9c
[<9000000003ad0ab0>] vpanic+0x108/0x2c4
[<9000000003ad0ca8>] panic+0x3c/0x40
[<9000000004eb0a1c>] __stack_chk_fail+0x14/0x18
[<ffff8000023473f8>] send_ipi_data+0x190/0x1a0 [kvm]
[<ffff8000023313e4>] __kvm_io_bus_write+0xa4/0xe8 [kvm]
[<ffff80000233147c>] kvm_io_bus_write+0x54/0x90 [kvm]
[<ffff80000233f9f8>] kvm_emu_iocsr+0x180/0x310 [kvm]
[<ffff80000233fe08>] kvm_handle_gspr+0x280/0x478 [kvm]
[<ffff8000023443e8>] kvm_handle_exit+0xc0/0x130 [kvm]
Fixes: daee2f9cae551 ("LoongArch: KVM: Add IPI read and write function")
Cc: stable(a)vger.kernel.org
Signed-off-by: Bibo Mao <maobibo(a)loongson.cn>
---
arch/loongarch/kvm/intc/ipi.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/arch/loongarch/kvm/intc/ipi.c b/arch/loongarch/kvm/intc/ipi.c
index e658d5b37c04..7925651d2ccf 100644
--- a/arch/loongarch/kvm/intc/ipi.c
+++ b/arch/loongarch/kvm/intc/ipi.c
@@ -99,7 +99,7 @@ static void write_mailbox(struct kvm_vcpu *vcpu, int offset, uint64_t data, int
static int send_ipi_data(struct kvm_vcpu *vcpu, gpa_t addr, uint64_t data)
{
int i, idx, ret;
- uint32_t val = 0, mask = 0;
+ uint64_t val = 0, mask = 0;
/*
* Bit 27-30 is mask for byte writing.
@@ -108,7 +108,7 @@ static int send_ipi_data(struct kvm_vcpu *vcpu, gpa_t addr, uint64_t data)
if ((data >> 27) & 0xf) {
/* Read the old val */
idx = srcu_read_lock(&vcpu->kvm->srcu);
- ret = kvm_io_bus_read(vcpu, KVM_IOCSR_BUS, addr, sizeof(val), &val);
+ ret = kvm_io_bus_read(vcpu, KVM_IOCSR_BUS, addr, 4, &val);
srcu_read_unlock(&vcpu->kvm->srcu, idx);
if (unlikely(ret)) {
kvm_err("%s: : read data from addr %llx failed\n", __func__, addr);
@@ -124,7 +124,7 @@ static int send_ipi_data(struct kvm_vcpu *vcpu, gpa_t addr, uint64_t data)
}
val |= ((uint32_t)(data >> 32) & ~mask);
idx = srcu_read_lock(&vcpu->kvm->srcu);
- ret = kvm_io_bus_write(vcpu, KVM_IOCSR_BUS, addr, sizeof(val), &val);
+ ret = kvm_io_bus_write(vcpu, KVM_IOCSR_BUS, addr, 4, &val);
srcu_read_unlock(&vcpu->kvm->srcu, idx);
if (unlikely(ret))
kvm_err("%s: : write data to addr %llx failed\n", __func__, addr);
--
2.39.3
1 month, 1 week
- 1
- 0
[PATCH 6.15] wifi: ath12k: install pairwise key first
by Baochen Qiang
[ Upstream commit 66e865f9dc78d00e6d1c8c6624cb0c9004e5aafb ]
As station, WCN7850 firmware requires pairwise key to be installed before
group key. Currently host does not care about this, so it is up to kernel
or userspace to decide which one will be installed first. In case above
requirement is not met, WCN7850 firmware's EAPOL station machine is messed
up, and finally connection fails [1].
Reorder key install for station interface in that case: this is done by
caching group key first; Later when pairwise key arrives, both can be
installed in required order.
Tested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.0-03427-QCAHMTSWPL_V1.0_V2.0_SILICONZ-1.15378.4
Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00217-QCAHKSWPL_SILICONZ-1
Closes: https://bugzilla.kernel.org/show_bug.cgi?id=218733
Link: https://lore.kernel.org/all/AS8P190MB12051DDBD84CD88E71C40AD7873F2@AS8P190M… # [1]
Signed-off-by: Baochen Qiang <baochen.qiang(a)oss.qualcomm.com>
---
for stable kernel 6.15.y
---
drivers/net/wireless/ath/ath12k/core.h | 4 ++
drivers/net/wireless/ath/ath12k/mac.c | 76 ++++++++++++++++++++++++++++++----
drivers/net/wireless/ath/ath12k/wmi.h | 1 +
3 files changed, 74 insertions(+), 7 deletions(-)
diff --git a/drivers/net/wireless/ath/ath12k/core.h b/drivers/net/wireless/ath/ath12k/core.h
index f5f1ec796f7c55a8f06724380714d10ed28e9748..4cff5e42eb34d261cdc418e6a105f5f4c5ff79b9 100644
--- a/drivers/net/wireless/ath/ath12k/core.h
+++ b/drivers/net/wireless/ath/ath12k/core.h
@@ -303,6 +303,10 @@ struct ath12k_link_vif {
struct ath12k_rekey_data rekey_data;
u8 current_cntdown_counter;
+
+ bool group_key_valid;
+ struct wmi_vdev_install_key_arg group_key;
+ bool pairwise_key_done;
};
struct ath12k_vif {
diff --git a/drivers/net/wireless/ath/ath12k/mac.c b/drivers/net/wireless/ath/ath12k/mac.c
index d1d3c9f34372da18759c6b7801c5cd9d3f092d40..647543f5f360f2ede581274499668f272ff77042 100644
--- a/drivers/net/wireless/ath/ath12k/mac.c
+++ b/drivers/net/wireless/ath/ath12k/mac.c
@@ -4641,14 +4641,13 @@ static int ath12k_install_key(struct ath12k_link_vif *arvif,
.key_len = key->keylen,
.key_data = key->key,
.key_flags = flags,
+ .ieee80211_key_cipher = key->cipher,
.macaddr = macaddr,
};
struct ath12k_vif *ahvif = arvif->ahvif;
lockdep_assert_wiphy(ath12k_ar_to_hw(ar)->wiphy);
- reinit_completion(&ar->install_key_done);
-
if (test_bit(ATH12K_FLAG_HW_CRYPTO_DISABLED, &ar->ab->dev_flags))
return 0;
@@ -4657,7 +4656,7 @@ static int ath12k_install_key(struct ath12k_link_vif *arvif,
/* arg.key_cipher = WMI_CIPHER_NONE; */
arg.key_len = 0;
arg.key_data = NULL;
- goto install;
+ goto check_order;
}
switch (key->cipher) {
@@ -4685,19 +4684,82 @@ static int ath12k_install_key(struct ath12k_link_vif *arvif,
key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV |
IEEE80211_KEY_FLAG_RESERVE_TAILROOM;
+check_order:
+ if (ahvif->vdev_type == WMI_VDEV_TYPE_STA &&
+ arg.key_flags == WMI_KEY_GROUP) {
+ if (cmd == SET_KEY) {
+ if (arvif->pairwise_key_done) {
+ ath12k_dbg(ar->ab, ATH12K_DBG_MAC,
+ "vdev %u pairwise key done, go install group key\n",
+ arg.vdev_id);
+ goto install;
+ } else {
+ /* WCN7850 firmware requires pairwise key to be installed
+ * before group key. In case group key comes first, cache
+ * it and return. Will revisit it once pairwise key gets
+ * installed.
+ */
+ arvif->group_key = arg;
+ arvif->group_key_valid = true;
+ ath12k_dbg(ar->ab, ATH12K_DBG_MAC,
+ "vdev %u group key before pairwise key, cache and skip\n",
+ arg.vdev_id);
+
+ ret = 0;
+ goto out;
+ }
+ } else {
+ arvif->group_key_valid = false;
+ }
+ }
+
install:
- ret = ath12k_wmi_vdev_install_key(arvif->ar, &arg);
+ reinit_completion(&ar->install_key_done);
+ ret = ath12k_wmi_vdev_install_key(arvif->ar, &arg);
if (ret)
return ret;
if (!wait_for_completion_timeout(&ar->install_key_done, 1 * HZ))
return -ETIMEDOUT;
- if (ether_addr_equal(macaddr, arvif->bssid))
- ahvif->key_cipher = key->cipher;
+ if (ether_addr_equal(arg.macaddr, arvif->bssid))
+ ahvif->key_cipher = arg.ieee80211_key_cipher;
+
+ if (ar->install_key_status) {
+ ret = -EINVAL;
+ goto out;
+ }
+
+ if (ahvif->vdev_type == WMI_VDEV_TYPE_STA &&
+ arg.key_flags == WMI_KEY_PAIRWISE) {
+ if (cmd == SET_KEY) {
+ arvif->pairwise_key_done = true;
+ if (arvif->group_key_valid) {
+ /* Install cached GTK */
+ arvif->group_key_valid = false;
+ arg = arvif->group_key;
+ ath12k_dbg(ar->ab, ATH12K_DBG_MAC,
+ "vdev %u pairwise key done, group key ready, go install\n",
+ arg.vdev_id);
+ goto install;
+ }
+ } else {
+ arvif->pairwise_key_done = false;
+ }
+ }
+
+out:
+ if (ret) {
+ /* In case of failure userspace may not do DISABLE_KEY
+ * but triggers re-connection directly, so manually reset
+ * status here.
+ */
+ arvif->group_key_valid = false;
+ arvif->pairwise_key_done = false;
+ }
- return ar->install_key_status ? -EINVAL : 0;
+ return ret;
}
static int ath12k_clear_peer_keys(struct ath12k_link_vif *arvif,
diff --git a/drivers/net/wireless/ath/ath12k/wmi.h b/drivers/net/wireless/ath/ath12k/wmi.h
index bd7312f3cf24aa1352c807c5216dc010b7414058..d0cc697a418e10c70adc585d7e9e5759bd53d4ce 100644
--- a/drivers/net/wireless/ath/ath12k/wmi.h
+++ b/drivers/net/wireless/ath/ath12k/wmi.h
@@ -3725,6 +3725,7 @@ struct wmi_vdev_install_key_arg {
u32 key_idx;
u32 key_flags;
u32 key_cipher;
+ u32 ieee80211_key_cipher;
u32 key_len;
u32 key_txmic_len;
u32 key_rxmic_len;
---
base-commit: 097aa9a71fd56cdc62c11bdf45a84f07acaa3604
change-id: 20250813-backport-6-15-y-ath12k-pairwise-key-a4dda7a2e57a
Best regards,
--
Baochen Qiang <baochen.qiang(a)oss.qualcomm.com>
1 month, 1 week
- 1
- 0
[PATCH v3] usb: dwc3: Remove WARN_ON for device endpoint command timeouts
by Selvarasu Ganesan
This commit addresses a rarely observed endpoint command timeout
which causes kernel panic due to warn when 'panic_on_warn' is enabled
and unnecessary call trace prints when 'panic_on_warn' is disabled.
It is seen during fast software-controlled connect/disconnect testcases.
The following is one such endpoint command timeout that we observed:
1. Connect
=======
->dwc3_thread_interrupt
->dwc3_ep0_interrupt
->configfs_composite_setup
->composite_setup
->usb_ep_queue
->dwc3_gadget_ep0_queue
->__dwc3_gadget_ep0_queue
->__dwc3_ep0_do_control_data
->dwc3_send_gadget_ep_cmd
2. Disconnect
==========
->dwc3_thread_interrupt
->dwc3_gadget_disconnect_interrupt
->dwc3_ep0_reset_state
->dwc3_ep0_end_control_data
->dwc3_send_gadget_ep_cmd
In the issue scenario, in Exynos platforms, we observed that control
transfers for the previous connect have not yet been completed and end
transfer command sent as a part of the disconnect sequence and
processing of USB_ENDPOINT_HALT feature request from the host timeout.
This maybe an expected scenario since the controller is processing EP
commands sent as a part of the previous connect. It maybe better to
remove WARN_ON in all places where device endpoint commands are sent to
avoid unnecessary kernel panic due to warn.
Cc: stable(a)vger.kernel.org
Co-developed-by: Akash M <akash.m5(a)samsung.com>
Signed-off-by: Akash M <akash.m5(a)samsung.com>
Signed-off-by: Selvarasu Ganesan <selvarasu.g(a)samsung.com>
Acked-by: Thinh Nguyen <Thinh.Nguyen(a)synopsys.com>
---
Changes in v3:
- Added Co-developed-by tags to reflect the correct authorship.
- And Added Acked-by tag as well.
Link to v2: https://lore.kernel.org/all/20250807014639.1596-1-selvarasu.g@samsung.com/
Changes in v2:
- Removed the 'Fixes' tag from the commit message, as this patch does
not contain a fix.
- And Retained the 'stable' tag, as these changes are intended to be
applied across all stable kernels.
- Additionally, replaced 'dev_warn*' with 'dev_err*'."
Link to v1: https://lore.kernel.org/all/20250807005638.thhsgjn73aaov2af@synopsys.com/
---
drivers/usb/dwc3/ep0.c | 20 ++++++++++++++++----
drivers/usb/dwc3/gadget.c | 10 ++++++++--
2 files changed, 24 insertions(+), 6 deletions(-)
diff --git a/drivers/usb/dwc3/ep0.c b/drivers/usb/dwc3/ep0.c
index 666ac432f52d..b4229aa13f37 100644
--- a/drivers/usb/dwc3/ep0.c
+++ b/drivers/usb/dwc3/ep0.c
@@ -288,7 +288,9 @@ void dwc3_ep0_out_start(struct dwc3 *dwc)
dwc3_ep0_prepare_one_trb(dep, dwc->ep0_trb_addr, 8,
DWC3_TRBCTL_CONTROL_SETUP, false);
ret = dwc3_ep0_start_trans(dep);
- WARN_ON(ret < 0);
+ if (ret < 0)
+ dev_err(dwc->dev, "ep0 out start transfer failed: %d\n", ret);
+
for (i = 2; i < DWC3_ENDPOINTS_NUM; i++) {
struct dwc3_ep *dwc3_ep;
@@ -1061,7 +1063,9 @@ static void __dwc3_ep0_do_control_data(struct dwc3 *dwc,
ret = dwc3_ep0_start_trans(dep);
}
- WARN_ON(ret < 0);
+ if (ret < 0)
+ dev_err(dwc->dev,
+ "ep0 data phase start transfer failed: %d\n", ret);
}
static int dwc3_ep0_start_control_status(struct dwc3_ep *dep)
@@ -1078,7 +1082,12 @@ static int dwc3_ep0_start_control_status(struct dwc3_ep *dep)
static void __dwc3_ep0_do_control_status(struct dwc3 *dwc, struct dwc3_ep *dep)
{
- WARN_ON(dwc3_ep0_start_control_status(dep));
+ int ret;
+
+ ret = dwc3_ep0_start_control_status(dep);
+ if (ret)
+ dev_err(dwc->dev,
+ "ep0 status phase start transfer failed: %d\n", ret);
}
static void dwc3_ep0_do_control_status(struct dwc3 *dwc,
@@ -1121,7 +1130,10 @@ void dwc3_ep0_end_control_data(struct dwc3 *dwc, struct dwc3_ep *dep)
cmd |= DWC3_DEPCMD_PARAM(dep->resource_index);
memset(¶ms, 0, sizeof(params));
ret = dwc3_send_gadget_ep_cmd(dep, cmd, ¶ms);
- WARN_ON_ONCE(ret);
+ if (ret)
+ dev_err_ratelimited(dwc->dev,
+ "ep0 data phase end transfer failed: %d\n", ret);
+
dep->resource_index = 0;
}
diff --git a/drivers/usb/dwc3/gadget.c b/drivers/usb/dwc3/gadget.c
index 4a3e97e606d1..4a3d076c1015 100644
--- a/drivers/usb/dwc3/gadget.c
+++ b/drivers/usb/dwc3/gadget.c
@@ -1772,7 +1772,11 @@ static int __dwc3_stop_active_transfer(struct dwc3_ep *dep, bool force, bool int
dep->flags |= DWC3_EP_DELAY_STOP;
return 0;
}
- WARN_ON_ONCE(ret);
+
+ if (ret)
+ dev_err_ratelimited(dep->dwc->dev,
+ "end transfer failed: %d\n", ret);
+
dep->resource_index = 0;
if (!interrupt)
@@ -4039,7 +4043,9 @@ static void dwc3_clear_stall_all_ep(struct dwc3 *dwc)
dep->flags &= ~DWC3_EP_STALL;
ret = dwc3_send_clear_stall_ep_cmd(dep);
- WARN_ON_ONCE(ret);
+ if (ret)
+ dev_err_ratelimited(dwc->dev,
+ "failed to clear STALL on %s\n", dep->name);
}
}
--
2.17.1
1 month, 1 week
- 4
- 5
[PATCH 6.6.y 00/20] KVM: x86: Backports for 6.6.y
by Sean Christopherson
Same spiel as the 6.1.y collection...
This is a collection of backports for patches that were Cc'd to stable,
but failed to apply, along with their dependencies.
Note, Sasha already posted[1][2] these (and I acked them):
KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is supported
KVM: x86/pmu: Gate all "unimplemented MSR" prints on report_ignored_msrs
KVM: VMX: Extract checking of guest's DEBUGCTL into helper
KVM: nVMX: Check vmcs12->guest_ia32_debugctl on nested VM-Enter
KVM: VMX: Wrap all accesses to IA32_DEBUGCTL with getter/setter APIs
I'm including them here to hopefully make life easier for y'all, and because
the order they are presented here is the preferred ordering, i.e. should be
the same ordering as the original upstream patches.
But, if you end up grabbing Sasha's patches first, it's not a big deal as the
only true dependencies is that the DEBUGCTL.RTM_DEBUG patch needs to land
before "Check vmcs12->guest_ia32_debugctl on nested VM-Enter".
Many of the patches to get to the last patch (the DEBUGCTLMSR_FREEZE_IN_SMM
fix) are dependencies that arguably shouldn't be backported to LTS kernels.
I opted to do the backports because none of the patches are scary (if it was
1-3 dependency patches instead of 8 I wouldn't hesitate), and there's a decent
chance they'll be dependencies for future fixes.
[1] https://lore.kernel.org/all/20250813183728.2070321-1-sashal@kernel.org
[2] https://lore.kernel.org/all/20250814131146.2093579-1-sashal@kernel.org
Chao Gao (1):
KVM: nVMX: Defer SVI update to vmcs01 on EOI when L2 is active w/o VID
Manuel Andreas (1):
KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush
Maxim Levitsky (3):
KVM: nVMX: Check vmcs12->guest_ia32_debugctl on nested VM-Enter
KVM: VMX: Wrap all accesses to IA32_DEBUGCTL with getter/setter APIs
KVM: VMX: Preserve host's DEBUGCTLMSR_FREEZE_IN_SMM while running the
guest
Sean Christopherson (15):
KVM: SVM: Set RFLAGS.IF=1 in C code, to get VMRUN out of the STI
shadow
KVM: x86: Plumb in the vCPU to kvm_x86_ops.hwapic_isr_update()
KVM: x86: Take irqfds.lock when adding/deleting IRQ bypass producer
KVM: x86: Snapshot the host's DEBUGCTL in common x86
KVM: x86: Snapshot the host's DEBUGCTL after disabling IRQs
KVM: x86: Plumb "force_immediate_exit" into kvm_entry() tracepoint
KVM: VMX: Re-enter guest in fastpath for "spurious" preemption timer
exits
KVM: VMX: Handle forced exit due to preemption timer in fastpath
KVM: x86: Move handling of is_guest_mode() into fastpath exit handlers
KVM: VMX: Handle KVM-induced preemption timer exits in fastpath for L2
KVM: x86: Fully defer to vendor code to decide how to force immediate
exit
KVM: x86: Convert vcpu_run()'s immediate exit param into a generic
bitmap
KVM: x86: Drop kvm_x86_ops.set_dr6() in favor of a new KVM_RUN flag
KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is supported
KVM: VMX: Extract checking of guest's DEBUGCTL into helper
arch/x86/include/asm/kvm-x86-ops.h | 2 -
arch/x86/include/asm/kvm_host.h | 22 ++--
arch/x86/include/asm/msr-index.h | 1 +
arch/x86/kvm/hyperv.c | 3 +
arch/x86/kvm/lapic.c | 19 +++-
arch/x86/kvm/lapic.h | 1 +
arch/x86/kvm/svm/svm.c | 42 +++++---
arch/x86/kvm/svm/vmenter.S | 9 +-
arch/x86/kvm/trace.h | 9 +-
arch/x86/kvm/vmx/nested.c | 26 ++++-
arch/x86/kvm/vmx/pmu_intel.c | 8 +-
arch/x86/kvm/vmx/vmx.c | 164 +++++++++++++++++++----------
arch/x86/kvm/vmx/vmx.h | 31 +++++-
arch/x86/kvm/x86.c | 46 +++++---
14 files changed, 265 insertions(+), 118 deletions(-)
base-commit: 3a8ababb8b6a0ced2be230b60b6e3ddbd8d67014
--
2.51.0.rc1.163.g2494970778-goog
1 month, 1 week
- 1
- 20
[PATCH 6.1.y 00/21] KVM: x86: Backports for 6.1.y
by Sean Christopherson
This is a collection of backports for patches that were Cc'd to stable,
but failed to apply, along with their dependencies.
Note, Sasha already posted[1][2] these (and I acked them):
KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is supported
KVM: x86/pmu: Gate all "unimplemented MSR" prints on report_ignored_msrs
KVM: VMX: Extract checking of guest's DEBUGCTL into helper
KVM: nVMX: Check vmcs12->guest_ia32_debugctl on nested VM-Enter
KVM: VMX: Wrap all accesses to IA32_DEBUGCTL with getter/setter APIs
I'm including them here to hopefully make life easier for y'all, and because
the order they are presented here is the preferred ordering, i.e. should be
the same ordering as the original upstream patches.
But, if you end up grabbing Sasha's patches first, it's not a big deal as the
only true dependencies is that the DEBUGCTL.RTM_DEBUG patch needs to land
before "Check vmcs12->guest_ia32_debugctl on nested VM-Enter".
Many of the patches to get to the last patch (the DEBUGCTLMSR_FREEZE_IN_SMM
fix) are dependencies that arguably shouldn't be backported to LTS kernels.
I opted to do the backports because none of the patches are scary (if it was
1-3 dependency patches instead of 8 I wouldn't hesitate), and there's a decent
chance they'll be dependencies for future fixes.
[1] https://lore.kernel.org/all/20250813184918.2071296-1-sashal@kernel.org
[2] https://lore.kernel.org/all/20250814132434.2096873-1-sashal@kernel.org
Chao Gao (1):
KVM: nVMX: Defer SVI update to vmcs01 on EOI when L2 is active w/o VID
Maxim Levitsky (3):
KVM: nVMX: Check vmcs12->guest_ia32_debugctl on nested VM-Enter
KVM: VMX: Wrap all accesses to IA32_DEBUGCTL with getter/setter APIs
KVM: VMX: Preserve host's DEBUGCTLMSR_FREEZE_IN_SMM while running the
guest
Sean Christopherson (17):
KVM: SVM: Set RFLAGS.IF=1 in C code, to get VMRUN out of the STI
shadow
KVM: x86: Re-split x2APIC ICR into ICR+ICR2 for AMD (x2AVIC)
KVM: x86: Plumb in the vCPU to kvm_x86_ops.hwapic_isr_update()
KVM: x86: Take irqfds.lock when adding/deleting IRQ bypass producer
KVM: x86: Snapshot the host's DEBUGCTL in common x86
KVM: x86: Snapshot the host's DEBUGCTL after disabling IRQs
KVM: x86/pmu: Gate all "unimplemented MSR" prints on
report_ignored_msrs
KVM: x86: Plumb "force_immediate_exit" into kvm_entry() tracepoint
KVM: VMX: Re-enter guest in fastpath for "spurious" preemption timer
exits
KVM: VMX: Handle forced exit due to preemption timer in fastpath
KVM: x86: Move handling of is_guest_mode() into fastpath exit handlers
KVM: VMX: Handle KVM-induced preemption timer exits in fastpath for L2
KVM: x86: Fully defer to vendor code to decide how to force immediate
exit
KVM: x86: Convert vcpu_run()'s immediate exit param into a generic
bitmap
KVM: x86: Drop kvm_x86_ops.set_dr6() in favor of a new KVM_RUN flag
KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is supported
KVM: VMX: Extract checking of guest's DEBUGCTL into helper
arch/x86/include/asm/kvm-x86-ops.h | 2 -
arch/x86/include/asm/kvm_host.h | 24 +++--
arch/x86/include/asm/msr-index.h | 1 +
arch/x86/kvm/hyperv.c | 10 +-
arch/x86/kvm/lapic.c | 61 ++++++++---
arch/x86/kvm/lapic.h | 1 +
arch/x86/kvm/svm/svm.c | 49 ++++++---
arch/x86/kvm/svm/vmenter.S | 9 +-
arch/x86/kvm/trace.h | 9 +-
arch/x86/kvm/vmx/nested.c | 26 ++++-
arch/x86/kvm/vmx/pmu_intel.c | 8 +-
arch/x86/kvm/vmx/vmx.c | 168 ++++++++++++++++++-----------
arch/x86/kvm/vmx/vmx.h | 31 +++++-
arch/x86/kvm/x86.c | 65 ++++++-----
arch/x86/kvm/x86.h | 12 +++
15 files changed, 322 insertions(+), 154 deletions(-)
base-commit: 3594f306da129190de25938b823f353ef7f9e322
--
2.51.0.rc1.163.g2494970778-goog
1 month, 1 week
- 1
- 21
+ riscv-use-an-atomic-xchg-in-pudp_huge_get_and_clear.patch added to mm-new branch
by Andrew Morton
The patch titled
Subject: riscv: use an atomic xchg in pudp_huge_get_and_clear()
has been added to the -mm mm-new branch. Its filename is
riscv-use-an-atomic-xchg-in-pudp_huge_get_and_clear.patch
This patch will shortly appear at
https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche…
This patch will later appear in the mm-new branch at
git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
Note, mm-new is a provisional staging ground for work-in-progress
patches, and acceptance into mm-new is a notification for others take
notice and to finish up reviews. Please do not hesitate to respond to
review feedback and post updated versions to replace or incrementally
fixup patches in mm-new.
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next via the mm-everything
branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
and is updated there every 2-3 working days
------------------------------------------------------
From: Alexandre Ghiti <alexghiti(a)rivosinc.com>
Subject: riscv: use an atomic xchg in pudp_huge_get_and_clear()
Date: Thu, 14 Aug 2025 12:06:14 +0000
Make sure we return the right pud value and not a value that could have
been overwritten in between by a different core.
Link: https://lkml.kernel.org/r/20250814-dev-alex-thp_pud_xchg-v1-1-b4704dfae206@…
Fixes: c3cc2a4a3a23 ("riscv: Add support for PUD THP")
Signed-off-by: Alexandre Ghiti <alexghiti(a)rivosinc.com>
Cc: Andrew Donnellan <ajd(a)linux.ibm.com>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
arch/riscv/include/asm/pgtable.h | 11 +++++++++++
1 file changed, 11 insertions(+)
--- a/arch/riscv/include/asm/pgtable.h~riscv-use-an-atomic-xchg-in-pudp_huge_get_and_clear
+++ a/arch/riscv/include/asm/pgtable.h
@@ -942,6 +942,17 @@ static inline int pudp_test_and_clear_yo
return ptep_test_and_clear_young(vma, address, (pte_t *)pudp);
}
+#define __HAVE_ARCH_PUDP_HUGE_GET_AND_CLEAR
+static inline pud_t pudp_huge_get_and_clear(struct mm_struct *mm,
+ unsigned long address, pud_t *pudp)
+{
+ pud_t pud = __pud(atomic_long_xchg((atomic_long_t *)pudp, 0));
+
+ page_table_check_pud_clear(mm, pud);
+
+ return pud;
+}
+
static inline int pud_young(pud_t pud)
{
return pte_young(pud_pte(pud));
_
Patches currently in -mm which might be from alexghiti(a)rivosinc.com are
selftests-damon-fix-damon-selftests-by-installing-_commonsh.patch
riscv-use-an-atomic-xchg-in-pudp_huge_get_and_clear.patch
1 month, 1 week
- 1
- 0
FAILED: patch "[PATCH] KVM: arm64: Check for SYSREGS_ON_CPU before accessing the CPU" failed to apply to 6.15-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.15-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.15.y
git checkout FETCH_HEAD
git cherry-pick -x c6e35dff58d348c1a9489e9b3b62b3721e62631d
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081248-omission-talisman-0619@gregkh' --subject-prefix 'PATCH 6.15.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From c6e35dff58d348c1a9489e9b3b62b3721e62631d Mon Sep 17 00:00:00 2001
From: Marc Zyngier <maz(a)kernel.org>
Date: Sun, 20 Jul 2025 11:22:29 +0100
Subject: [PATCH] KVM: arm64: Check for SYSREGS_ON_CPU before accessing the CPU
state
Mark Brown reports that since we commit to making exceptions
visible without the vcpu being loaded, the external abort selftest
fails.
Upon investigation, it turns out that the code that makes registers
affected by an exception visible to the guest is completely broken
on VHE, as we don't check whether the system registers are loaded
on the CPU at this point. We managed to get away with this so far,
but that's obviously as bad as it gets,
Add the required checksm and document the absolute need to check
for the SYSREGS_ON_CPU flag before calling into any of the
__vcpu_write_sys_reg_to_cpu()__vcpu_read_sys_reg_from_cpu() helpers.
Reported-by: Mark Brown <broonie(a)kernel.org>
Signed-off-by: Marc Zyngier <maz(a)kernel.org>
Cc: stable(a)vger.kernel.org
Link: https://lore.kernel.org/r/18535df8-e647-4643-af9a-bb780af03a70@sirena.org.uk
Link: https://lore.kernel.org/r/20250720102229.179114-1-maz@kernel.org
Signed-off-by: Oliver Upton <oliver.upton(a)linux.dev>
diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h
index e54d29feb469..d373d555a69b 100644
--- a/arch/arm64/include/asm/kvm_host.h
+++ b/arch/arm64/include/asm/kvm_host.h
@@ -1169,6 +1169,8 @@ static inline bool __vcpu_read_sys_reg_from_cpu(int reg, u64 *val)
* System registers listed in the switch are not saved on every
* exit from the guest but are only saved on vcpu_put.
*
+ * SYSREGS_ON_CPU *MUST* be checked before using this helper.
+ *
* Note that MPIDR_EL1 for the guest is set by KVM via VMPIDR_EL2 but
* should never be listed below, because the guest cannot modify its
* own MPIDR_EL1 and MPIDR_EL1 is accessed for VCPU A from VCPU B's
@@ -1221,6 +1223,8 @@ static inline bool __vcpu_write_sys_reg_to_cpu(u64 val, int reg)
* System registers listed in the switch are not restored on every
* entry to the guest but are only restored on vcpu_load.
*
+ * SYSREGS_ON_CPU *MUST* be checked before using this helper.
+ *
* Note that MPIDR_EL1 for the guest is set by KVM via VMPIDR_EL2 but
* should never be listed below, because the MPIDR should only be set
* once, before running the VCPU, and never changed later.
diff --git a/arch/arm64/kvm/hyp/exception.c b/arch/arm64/kvm/hyp/exception.c
index 7dafd10e52e8..95d186e0bf54 100644
--- a/arch/arm64/kvm/hyp/exception.c
+++ b/arch/arm64/kvm/hyp/exception.c
@@ -26,7 +26,8 @@ static inline u64 __vcpu_read_sys_reg(const struct kvm_vcpu *vcpu, int reg)
if (unlikely(vcpu_has_nv(vcpu)))
return vcpu_read_sys_reg(vcpu, reg);
- else if (__vcpu_read_sys_reg_from_cpu(reg, &val))
+ else if (vcpu_get_flag(vcpu, SYSREGS_ON_CPU) &&
+ __vcpu_read_sys_reg_from_cpu(reg, &val))
return val;
return __vcpu_sys_reg(vcpu, reg);
@@ -36,7 +37,8 @@ static inline void __vcpu_write_sys_reg(struct kvm_vcpu *vcpu, u64 val, int reg)
{
if (unlikely(vcpu_has_nv(vcpu)))
vcpu_write_sys_reg(vcpu, val, reg);
- else if (!__vcpu_write_sys_reg_to_cpu(val, reg))
+ else if (!vcpu_get_flag(vcpu, SYSREGS_ON_CPU) ||
+ !__vcpu_write_sys_reg_to_cpu(val, reg))
__vcpu_assign_sys_reg(vcpu, reg, val);
}
1 month, 1 week
- 3
- 6
[PATCH] dt-bindings: serial: brcm,bcm7271-uart: Constrain clocks
by Krzysztof Kozlowski
Lists should have fixed constraints, because binding must be specific in
respect to hardware, thus add missing constraints to number of clocks.
Cc: <stable(a)vger.kernel.org>
Fixes: 88a499cd70d4 ("dt-bindings: Add support for the Broadcom UART driver")
Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org>
---
Greg, patch for serial tree.
---
Documentation/devicetree/bindings/serial/brcm,bcm7271-uart.yaml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Documentation/devicetree/bindings/serial/brcm,bcm7271-uart.yaml b/Documentation/devicetree/bindings/serial/brcm,bcm7271-uart.yaml
index 89c462653e2d..8cc848ae11cb 100644
--- a/Documentation/devicetree/bindings/serial/brcm,bcm7271-uart.yaml
+++ b/Documentation/devicetree/bindings/serial/brcm,bcm7271-uart.yaml
@@ -41,7 +41,7 @@ properties:
- const: dma_intr2
clocks:
- minItems: 1
+ maxItems: 1
clock-names:
const: sw_baud
--
2.48.1
1 month, 1 week
- 3
- 2
FAILED: patch "[PATCH] KVM: VMX: Flush shadow VMCS on emergency reboot" failed to apply to 5.15-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 5.15-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y
git checkout FETCH_HEAD
git cherry-pick -x a0ee1d5faff135e28810f29e0f06328c66f89852
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025062039-anger-volumes-9d75@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From a0ee1d5faff135e28810f29e0f06328c66f89852 Mon Sep 17 00:00:00 2001
From: Chao Gao <chao.gao(a)intel.com>
Date: Mon, 24 Mar 2025 22:08:48 +0800
Subject: [PATCH] KVM: VMX: Flush shadow VMCS on emergency reboot
Ensure the shadow VMCS cache is evicted during an emergency reboot to
prevent potential memory corruption if the cache is evicted after reboot.
This issue was identified through code inspection, as __loaded_vmcs_clear()
flushes both the normal VMCS and the shadow VMCS.
Avoid checking the "launched" state during an emergency reboot, unlike the
behavior in __loaded_vmcs_clear(). This is important because reboot NMIs
can interfere with operations like copy_shadow_to_vmcs12(), where shadow
VMCSes are loaded directly using VMPTRLD. In such cases, if NMIs occur
right after the VMCS load, the shadow VMCSes will be active but the
"launched" state may not be set.
Fixes: 16f5b9034b69 ("KVM: nVMX: Copy processor-specific shadow-vmcs to VMCS12")
Cc: stable(a)vger.kernel.org
Signed-off-by: Chao Gao <chao.gao(a)intel.com>
Reviewed-by: Kai Huang <kai.huang(a)intel.com>
Link: https://lore.kernel.org/r/20250324140849.2099723-1-chao.gao@intel.com
Signed-off-by: Sean Christopherson <seanjc(a)google.com>
diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
index ef2d7208dd20..848c4963bdb8 100644
--- a/arch/x86/kvm/vmx/vmx.c
+++ b/arch/x86/kvm/vmx/vmx.c
@@ -770,8 +770,11 @@ void vmx_emergency_disable_virtualization_cpu(void)
return;
list_for_each_entry(v, &per_cpu(loaded_vmcss_on_cpu, cpu),
- loaded_vmcss_on_cpu_link)
+ loaded_vmcss_on_cpu_link) {
vmcs_clear(v->vmcs);
+ if (v->shadow_vmcs)
+ vmcs_clear(v->shadow_vmcs);
+ }
kvm_cpu_vmxoff();
}
1 month, 1 week
- 3
- 2
FAILED: patch "[PATCH] KVM: VMX: Wrap all accesses to IA32_DEBUGCTL with" failed to apply to 6.1-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.1-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y
git checkout FETCH_HEAD
git cherry-pick -x 7d0cce6cbe71af6e9c1831bff101a2b9c249c4a2
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081215-variable-implicit-aa4c@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 7d0cce6cbe71af6e9c1831bff101a2b9c249c4a2 Mon Sep 17 00:00:00 2001
From: Maxim Levitsky <mlevitsk(a)redhat.com>
Date: Tue, 10 Jun 2025 16:20:09 -0700
Subject: [PATCH] KVM: VMX: Wrap all accesses to IA32_DEBUGCTL with
getter/setter APIs
Introduce vmx_guest_debugctl_{read,write}() to handle all accesses to
vmcs.GUEST_IA32_DEBUGCTL. This will allow stuffing FREEZE_IN_SMM into
GUEST_IA32_DEBUGCTL based on the host setting without bleeding the state
into the guest, and without needing to copy+paste the FREEZE_IN_SMM
logic into every patch that accesses GUEST_IA32_DEBUGCTL.
No functional change intended.
Cc: stable(a)vger.kernel.org
Signed-off-by: Maxim Levitsky <mlevitsk(a)redhat.com>
[sean: massage changelog, make inline, use in all prepare_vmcs02() cases]
Reviewed-by: Dapeng Mi <dapeng1.mi(a)linux.intel.com>
Link: https://lore.kernel.org/r/20250610232010.162191-8-seanjc@google.com
Signed-off-by: Sean Christopherson <seanjc(a)google.com>
diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c
index 1b8b0642fc2d..ef20184b8b11 100644
--- a/arch/x86/kvm/vmx/nested.c
+++ b/arch/x86/kvm/vmx/nested.c
@@ -2663,11 +2663,11 @@ static int prepare_vmcs02(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12,
if (vmx->nested.nested_run_pending &&
(vmcs12->vm_entry_controls & VM_ENTRY_LOAD_DEBUG_CONTROLS)) {
kvm_set_dr(vcpu, 7, vmcs12->guest_dr7);
- vmcs_write64(GUEST_IA32_DEBUGCTL, vmcs12->guest_ia32_debugctl &
- vmx_get_supported_debugctl(vcpu, false));
+ vmx_guest_debugctl_write(vcpu, vmcs12->guest_ia32_debugctl &
+ vmx_get_supported_debugctl(vcpu, false));
} else {
kvm_set_dr(vcpu, 7, vcpu->arch.dr7);
- vmcs_write64(GUEST_IA32_DEBUGCTL, vmx->nested.pre_vmenter_debugctl);
+ vmx_guest_debugctl_write(vcpu, vmx->nested.pre_vmenter_debugctl);
}
if (kvm_mpx_supported() && (!vmx->nested.nested_run_pending ||
!(vmcs12->vm_entry_controls & VM_ENTRY_LOAD_BNDCFGS)))
@@ -3532,7 +3532,7 @@ enum nvmx_vmentry_status nested_vmx_enter_non_root_mode(struct kvm_vcpu *vcpu,
if (!vmx->nested.nested_run_pending ||
!(vmcs12->vm_entry_controls & VM_ENTRY_LOAD_DEBUG_CONTROLS))
- vmx->nested.pre_vmenter_debugctl = vmcs_read64(GUEST_IA32_DEBUGCTL);
+ vmx->nested.pre_vmenter_debugctl = vmx_guest_debugctl_read();
if (kvm_mpx_supported() &&
(!vmx->nested.nested_run_pending ||
!(vmcs12->vm_entry_controls & VM_ENTRY_LOAD_BNDCFGS)))
@@ -4806,7 +4806,7 @@ static void load_vmcs12_host_state(struct kvm_vcpu *vcpu,
__vmx_set_segment(vcpu, &seg, VCPU_SREG_LDTR);
kvm_set_dr(vcpu, 7, 0x400);
- vmcs_write64(GUEST_IA32_DEBUGCTL, 0);
+ vmx_guest_debugctl_write(vcpu, 0);
if (nested_vmx_load_msr(vcpu, vmcs12->vm_exit_msr_load_addr,
vmcs12->vm_exit_msr_load_count))
diff --git a/arch/x86/kvm/vmx/pmu_intel.c b/arch/x86/kvm/vmx/pmu_intel.c
index bbf4509f32d0..0b173602821b 100644
--- a/arch/x86/kvm/vmx/pmu_intel.c
+++ b/arch/x86/kvm/vmx/pmu_intel.c
@@ -653,11 +653,11 @@ static void intel_pmu_reset(struct kvm_vcpu *vcpu)
*/
static void intel_pmu_legacy_freezing_lbrs_on_pmi(struct kvm_vcpu *vcpu)
{
- u64 data = vmcs_read64(GUEST_IA32_DEBUGCTL);
+ u64 data = vmx_guest_debugctl_read();
if (data & DEBUGCTLMSR_FREEZE_LBRS_ON_PMI) {
data &= ~DEBUGCTLMSR_LBR;
- vmcs_write64(GUEST_IA32_DEBUGCTL, data);
+ vmx_guest_debugctl_write(vcpu, data);
}
}
@@ -730,7 +730,7 @@ void vmx_passthrough_lbr_msrs(struct kvm_vcpu *vcpu)
if (!lbr_desc->event) {
vmx_disable_lbr_msrs_passthrough(vcpu);
- if (vmcs_read64(GUEST_IA32_DEBUGCTL) & DEBUGCTLMSR_LBR)
+ if (vmx_guest_debugctl_read() & DEBUGCTLMSR_LBR)
goto warn;
if (test_bit(INTEL_PMC_IDX_FIXED_VLBR, pmu->pmc_in_use))
goto warn;
@@ -752,7 +752,7 @@ void vmx_passthrough_lbr_msrs(struct kvm_vcpu *vcpu)
static void intel_pmu_cleanup(struct kvm_vcpu *vcpu)
{
- if (!(vmcs_read64(GUEST_IA32_DEBUGCTL) & DEBUGCTLMSR_LBR))
+ if (!(vmx_guest_debugctl_read() & DEBUGCTLMSR_LBR))
intel_pmu_release_guest_lbr_event(vcpu);
}
diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
index 6a8b78e954cd..a77d325fe78b 100644
--- a/arch/x86/kvm/vmx/vmx.c
+++ b/arch/x86/kvm/vmx/vmx.c
@@ -2149,7 +2149,7 @@ int vmx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
msr_info->data = vmx->pt_desc.guest.addr_a[index / 2];
break;
case MSR_IA32_DEBUGCTLMSR:
- msr_info->data = vmcs_read64(GUEST_IA32_DEBUGCTL);
+ msr_info->data = vmx_guest_debugctl_read();
break;
default:
find_uret_msr:
@@ -2283,7 +2283,8 @@ int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
VM_EXIT_SAVE_DEBUG_CONTROLS)
get_vmcs12(vcpu)->guest_ia32_debugctl = data;
- vmcs_write64(GUEST_IA32_DEBUGCTL, data);
+ vmx_guest_debugctl_write(vcpu, data);
+
if (intel_pmu_lbr_is_enabled(vcpu) && !to_vmx(vcpu)->lbr_desc.event &&
(data & DEBUGCTLMSR_LBR))
intel_pmu_create_guest_lbr_event(vcpu);
@@ -4798,7 +4799,8 @@ static void init_vmcs(struct vcpu_vmx *vmx)
vmcs_write32(GUEST_SYSENTER_CS, 0);
vmcs_writel(GUEST_SYSENTER_ESP, 0);
vmcs_writel(GUEST_SYSENTER_EIP, 0);
- vmcs_write64(GUEST_IA32_DEBUGCTL, 0);
+
+ vmx_guest_debugctl_write(&vmx->vcpu, 0);
if (cpu_has_vmx_tpr_shadow()) {
vmcs_write64(VIRTUAL_APIC_PAGE_ADDR, 0);
diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h
index 392e66c7e5fe..c20a4185d10a 100644
--- a/arch/x86/kvm/vmx/vmx.h
+++ b/arch/x86/kvm/vmx/vmx.h
@@ -417,6 +417,16 @@ void vmx_update_cpu_dirty_logging(struct kvm_vcpu *vcpu);
u64 vmx_get_supported_debugctl(struct kvm_vcpu *vcpu, bool host_initiated);
bool vmx_is_valid_debugctl(struct kvm_vcpu *vcpu, u64 data, bool host_initiated);
+static inline void vmx_guest_debugctl_write(struct kvm_vcpu *vcpu, u64 val)
+{
+ vmcs_write64(GUEST_IA32_DEBUGCTL, val);
+}
+
+static inline u64 vmx_guest_debugctl_read(void)
+{
+ return vmcs_read64(GUEST_IA32_DEBUGCTL);
+}
+
/*
* Note, early Intel manuals have the write-low and read-high bitmap offsets
* the wrong way round. The bitmaps control MSRs 0x00000000-0x00001fff and
1 month, 1 week
- 3
- 9
FAILED: patch "[PATCH] KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is" failed to apply to 6.1-stable tree
by gregkh@linuxfoundation.org
The patch below does not apply to the 6.1-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y
git checkout FETCH_HEAD
git cherry-pick -x 17ec2f965344ee3fd6620bef7ef68792f4ac3af0
# <resolve conflicts, build, test, etc.>
git commit -s
git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025081208-commerce-sports-ea01@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 17ec2f965344ee3fd6620bef7ef68792f4ac3af0 Mon Sep 17 00:00:00 2001
From: Sean Christopherson <seanjc(a)google.com>
Date: Tue, 10 Jun 2025 16:20:06 -0700
Subject: [PATCH] KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is
supported
Let the guest set DEBUGCTL.RTM_DEBUG if RTM is supported according to the
guest CPUID model, as debug support is supposed to be available if RTM is
supported, and there are no known downsides to letting the guest debug RTM
aborts.
Note, there are no known bug reports related to RTM_DEBUG, the primary
motivation is to reduce the probability of breaking existing guests when a
future change adds a missing consistency check on vmcs12.GUEST_DEBUGCTL
(KVM currently lets L2 run with whatever hardware supports; whoops).
Note #2, KVM already emulates DR6.RTM, and doesn't restrict access to
DR7.RTM.
Fixes: 83c529151ab0 ("KVM: x86: expose Intel cpu new features (HLE, RTM) to guest")
Cc: stable(a)vger.kernel.org
Link: https://lore.kernel.org/r/20250610232010.162191-5-seanjc@google.com
Signed-off-by: Sean Christopherson <seanjc(a)google.com>
diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-index.h
index b7dded3c8113..fa878b136eba 100644
--- a/arch/x86/include/asm/msr-index.h
+++ b/arch/x86/include/asm/msr-index.h
@@ -419,6 +419,7 @@
#define DEBUGCTLMSR_FREEZE_PERFMON_ON_PMI (1UL << 12)
#define DEBUGCTLMSR_FREEZE_IN_SMM_BIT 14
#define DEBUGCTLMSR_FREEZE_IN_SMM (1UL << DEBUGCTLMSR_FREEZE_IN_SMM_BIT)
+#define DEBUGCTLMSR_RTM_DEBUG BIT(15)
#define MSR_PEBS_FRONTEND 0x000003f7
diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
index 4ee6cc796855..311f6fa53b67 100644
--- a/arch/x86/kvm/vmx/vmx.c
+++ b/arch/x86/kvm/vmx/vmx.c
@@ -2186,6 +2186,10 @@ static u64 vmx_get_supported_debugctl(struct kvm_vcpu *vcpu, bool host_initiated
(host_initiated || intel_pmu_lbr_is_enabled(vcpu)))
debugctl |= DEBUGCTLMSR_LBR | DEBUGCTLMSR_FREEZE_LBRS_ON_PMI;
+ if (boot_cpu_has(X86_FEATURE_RTM) &&
+ (host_initiated || guest_cpu_cap_has(vcpu, X86_FEATURE_RTM)))
+ debugctl |= DEBUGCTLMSR_RTM_DEBUG;
+
return debugctl;
}
1 month, 1 week
- 3
- 2