- Linux-stable-mirror - lists.linaro.org

[PATCH net v7 0/4] net: netpoll: fix memory leak and add comprehensive selftests

by Breno Leitao

Fix a memory leak in netpoll and introduce netconsole selftests that expose the issue when running with kmemleak detection enabled. This patchset includes a selftest for netpoll with multiple concurrent users (netconsole + bonding), which simulates the scenario from test[1] that originally demonstrated the issue allegedly fixed by commit efa95b01da18 ("netpoll: fix use after free") - a commit that is now being reverted. Sending this to "net" branch because this is a fix, and the selftest might help with the backports validation. Link: https://lore.kernel.org/lkml/96b940137a50e5c387687bb4f57de8b0435a653f.14048… [1] Signed-off-by: Breno Leitao <leitao(a)debian.org> --- Changes in v7: - Rebased on top of `net` - Link to v6: https://lore.kernel.org/r/20251002-netconsole_torture-v6-0-543bf52f6b46@deb… Changes in v6: - Expand the tests even more and some small fixups - Moved the test to bonding selftests - Link to v5: https://lore.kernel.org/r/20250918-netconsole_torture-v5-0-77e25e0a4eb6@deb… Changes in v5: - Set CONFIG_BONDING=m in selftests/drivers/net/config. - Link to v4: https://lore.kernel.org/r/20250917-netconsole_torture-v4-0-0a5b3b8f81ce@deb… Changes in v4: - Added an additional selftest to test multiple netpoll users in parallel - Link to v3: https://lore.kernel.org/r/20250905-netconsole_torture-v3-0-875c7febd316@deb… Changes in v3: - This patchset is a merge of the fix and the selftest together as recommended by Jakub. Changes in v2: - Reuse the netconsole creation from lib_netcons.sh. Thus, refactoring the create_dynamic_target() (Jakub) - Move the "wait" to after all the messages has been sent. - Link to v1: https://lore.kernel.org/r/20250902-netconsole_torture-v1-1-03c6066598e9@deb… --- Breno Leitao (4): net: netpoll: fix incorrect refcount handling causing incorrect cleanup selftest: netcons: refactor target creation selftest: netcons: create a torture test selftest: netcons: add test for netconsole over bonded interfaces net/core/netpoll.c | 7 +- tools/testing/selftests/drivers/net/Makefile | 1 + .../testing/selftests/drivers/net/bonding/Makefile | 2 + tools/testing/selftests/drivers/net/bonding/config | 4 + .../drivers/net/bonding/netcons_over_bonding.sh | 221 +++++++++++++++++++++ .../selftests/drivers/net/lib/sh/lib_netcons.sh | 188 ++++++++++++++++-- .../selftests/drivers/net/netcons_torture.sh | 127 ++++++++++++ 7 files changed, 530 insertions(+), 20 deletions(-) --- base-commit: 7ae421cf78bd795513ec3a7d7ef7ac9437693e23 change-id: 20250902-netconsole_torture-8fc23f0aca99 Best regards, -- Breno Leitao <leitao(a)debian.org>

4 weeks

1
1
0 0

ATTENTION :Password key expired !!!

by lists.linaro.org

Hello, I want a quote and I would like to know your availability so that i can send you the necessary documents as well as drawings and specification. Best regards Tony

4 weeks

1
0
0 0

[PATCH net v6 0/4] net: netpoll: fix memory leak and add comprehensive selftests

by Breno Leitao

Fix a memory leak in netpoll and introduce netconsole selftests that expose the issue when running with kmemleak detection enabled. This patchset includes a selftest for netpoll with multiple concurrent users (netconsole + bonding), which simulates the scenario from test[1] that originally demonstrated the issue allegedly fixed by commit efa95b01da18 ("netpoll: fix use after free") - a commit that is now being reverted. Sending this to "net" branch because this is a fix, and the selftest might help with the backports validation. Link: https://lore.kernel.org/lkml/96b940137a50e5c387687bb4f57de8b0435a653f.14048… [1] Signed-off-by: Breno Leitao <leitao(a)debian.org> --- Changes in v6: - Expand the tests even more and some small fixups - Moved the test to bonding selftests - Link to v5: https://lore.kernel.org/r/20250918-netconsole_torture-v5-0-77e25e0a4eb6@deb… Changes in v5: - Set CONFIG_BONDING=m in selftests/drivers/net/config. - Link to v4: https://lore.kernel.org/r/20250917-netconsole_torture-v4-0-0a5b3b8f81ce@deb… Changes in v4: - Added an additional selftest to test multiple netpoll users in parallel - Link to v3: https://lore.kernel.org/r/20250905-netconsole_torture-v3-0-875c7febd316@deb… Changes in v3: - This patchset is a merge of the fix and the selftest together as recommended by Jakub. Changes in v2: - Reuse the netconsole creation from lib_netcons.sh. Thus, refactoring the create_dynamic_target() (Jakub) - Move the "wait" to after all the messages has been sent. - Link to v1: https://lore.kernel.org/r/20250902-netconsole_torture-v1-1-03c6066598e9@deb… --- Breno Leitao (4): net: netpoll: fix incorrect refcount handling causing incorrect cleanup selftest: netcons: refactor target creation selftest: netcons: create a torture test selftest: netcons: add test for netconsole over bonded interfaces net/core/netpoll.c | 7 +++++-- tools/testing/selftests/drivers/net/Makefile | 1 + tools/testing/selftests/drivers/net/bonding/Makefile | 2 ++ tools/testing/selftests/drivers/net/bonding/config | 4 ++++ tools/testing/selftests/drivers/net/bonding/netcons_over_bonding.sh | 221 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ tools/testing/selftests/drivers/net/lib/sh/lib_netcons.sh | 189 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++------------------ tools/testing/selftests/drivers/net/netcons_torture.sh | 127 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 7 files changed, 531 insertions(+), 20 deletions(-) --- base-commit: f1455695d2d99894b65db233877acac9a0e120b9 change-id: 20250902-netconsole_torture-8fc23f0aca99 Best regards, -- Breno Leitao <leitao(a)debian.org>

4 weeks

1
2
0 0

Undelivered Mail Returned to Sender

by MAILER-DAEMON＠zihnyunrui.com

This is the mail system at host zihnyunrui.com. I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below. For further assistance, please send mail to postmaster. If you do so, please include this problem report. You can delete your own text from the attached returned message. The mail system <linux-stable-mirror(a)lists.linaro.org>: host lists.linaro.org[3.208.193.21] said: 554 5.7.1 Spam message rejected (in reply to end of DATA command)

4 weeks

1
0
0 0

[PATCH 6.1 00/73] 6.1.155-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.1.155 release. There are 73 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu, 02 Oct 2025 14:37:59 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.1.155-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.1.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.1.155-rc1 Linus Torvalds <torvalds(a)linux-foundation.org> minmax: simplify and clarify min_t()/max_t() implementation Linus Torvalds <torvalds(a)linux-foundation.org> minmax: add a few more MIN_T/MAX_T users Linus Torvalds <torvalds(a)linux-foundation.org> minmax: make generic MIN() and MAX() macros available everywhere Eric Biggers <ebiggers(a)kernel.org> kmsan: fix out-of-bounds access to shadow memory Lukasz Czapnik <lukasz.czapnik(a)intel.com> i40e: add validation for ring_len param Justin Bronder <jsbronder(a)cold-front.org> i40e: increase max descriptors for XL710 Lukasz Czapnik <lukasz.czapnik(a)intel.com> i40e: fix idx validation in config queues msg Lukasz Czapnik <lukasz.czapnik(a)intel.com> i40e: fix validation of VF state in get resources Nirmoy Das <nirmoyd(a)nvidia.com> drm/ast: Use msleep instead of mdelay for edid read Linus Torvalds <torvalds(a)linux-foundation.org> minmax: avoid overly complicated constant expressions in VM code David Laight <David.Laight(a)ACULAB.COM> minmax: fix indentation of __cmp_once() and __clamp_once() Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> minmax: deduplicate __unconst_integer_typeof() Herve Codina <herve.codina(a)bootlin.com> minmax: Introduce {min,max}_array() Matthew Wilcox (Oracle) <willy(a)infradead.org> minmax: add in_range() macro David Hildenbrand <david(a)redhat.com> mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize() Kefeng Wang <wangkefeng.wang(a)huawei.com> mm: migrate_device: use more folio in migrate_device_finalize() Nathan Chancellor <nathan(a)kernel.org> s390/cpum_cf: Fix uninitialized warning after backport of ce971233242b Thomas Zimmermann <tzimmermann(a)suse.de> fbcon: Fix OOB access in font allocation Samasth Norway Ananda <samasth.norway.ananda(a)oracle.com> fbcon: fix integer overflow in fbcon_do_set_font Jinjiang Tu <tujinjiang(a)huawei.com> mm/hugetlb: fix folio is still mapped when deleted Zhen Ni <zhen.ni(a)easystack.cn> afs: Fix potential null pointer dereference in afs_put_server Masami Hiramatsu (Google) <mhiramat(a)kernel.org> tracing: dynevent: Add a missing lockdown check on dynevent Eric Biggers <ebiggers(a)kernel.org> crypto: af_alg - Fix incorrect boolean values in af_alg_ctx Lukasz Czapnik <lukasz.czapnik(a)intel.com> i40e: improve VF MAC filters accounting Lukasz Czapnik <lukasz.czapnik(a)intel.com> i40e: add mask to apply valid bits for itr_idx Lukasz Czapnik <lukasz.czapnik(a)intel.com> i40e: add max boundary check for VF filters Lukasz Czapnik <lukasz.czapnik(a)intel.com> i40e: fix input validation logic for action_meta Lukasz Czapnik <lukasz.czapnik(a)intel.com> i40e: fix idx validation in i40e_validate_queue_map Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> futex: Prevent use-after-free during requeue-PI Zabelin Nikita <n.zabelin(a)mt-integration.ru> drm/gma500: Fix null dereference in hdmi teardown Dan Carpenter <dan.carpenter(a)linaro.org> octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() Vladimir Oltean <vladimir.oltean(a)nxp.com> net: dsa: lantiq_gswip: suppress -EINVAL errors for bridge FDB entries added to the CPU port Vladimir Oltean <vladimir.oltean(a)nxp.com> net: dsa: lantiq_gswip: move gswip_add_single_port_br() call to port_setup() Martin Schiller <ms(a)dev.tdt.de> net: dsa: lantiq_gswip: do also enable or disable cpu port Ido Schimmel <idosch(a)nvidia.com> selftests: fib_nexthops: Fix creation of non-FDB nexthops Ido Schimmel <idosch(a)nvidia.com> nexthop: Forbid FDB status change while nexthop is in a group Alok Tiwari <alok.a.tiwari(a)oracle.com> bnxt_en: correct offset handling for IPv6 destination address Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: hci_sync: Fix hci_resume_advertising_sync Petr Malat <oss(a)malat.biz> ethernet: rvu-af: Remove slash from the driver name Stéphane Grosjean <stephane.grosjean(a)hms-networks.com> can: peak_usb: fix shift-out-of-bounds issue Vincent Mailhol <mailhol(a)kernel.org> can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow Vincent Mailhol <mailhol(a)kernel.org> can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow Vincent Mailhol <mailhol(a)kernel.org> can: hi311x: populate ndo_change_mtu() to prevent buffer overflow Vincent Mailhol <mailhol(a)kernel.org> can: etas_es58x: populate ndo_change_mtu() to prevent buffer overflow Vincent Mailhol <mailhol.vincent(a)wanadoo.fr> can: etas_es58x: sort the includes by alphabetic order Leon Hwang <leon.hwang(a)linux.dev> bpf: Reject bpf_timer for PREEMPT_RT Geert Uytterhoeven <geert+renesas(a)glider.be> can: rcar_can: rcar_can_resume(): fix s2ram with PSCI Stefan Metzmacher <metze(a)samba.org> smb: server: don't use delayed_work for post_recv_credits_work Christian Loehle <christian.loehle(a)arm.com> cpufreq: Initialize cpufreq-based invariance before subsys Peng Fan <peng.fan(a)nxp.com> arm64: dts: imx8mp: Correct thermal sensor index Hugh Dickins <hughd(a)google.com> mm: folio_may_be_lru_cached() unless folio_test_large() Hugh Dickins <hughd(a)google.com> mm/gup: local lru_add_drain() to avoid lru_add_drain_all() Hugh Dickins <hughd(a)google.com> mm/gup: check ref_count instead of lru before migration Shivank Garg <shivankg(a)amd.com> mm: add folio_expected_ref_count() for reference count calculation David Hildenbrand <david(a)redhat.com> mm/gup: revert "mm: gup: fix infinite loop within __get_longterm_locked" Or Har-Toov <ohartoov(a)nvidia.com> IB/mlx5: Fix obj_type mismatch for SRQ event subscriptions qaqland <anguoli(a)uniontech.com> ALSA: usb-audio: Add mute TLV for playback volumes on more devices Cryolitia PukNgae <cryolitia(a)uniontech.com> ALSA: usb-audio: move mixer_quirks' min_mute into common quirk noble.yang <noble.yang(a)comtrue-inc.com> ALSA: usb-audio: Add DSD support for Comtrue USB Audio device Jiayi Li <lijiayi(a)kylinos.cn> usb: core: Add 0x prefix to quirks debug output Takashi Iwai <tiwai(a)suse.de> ALSA: usb-audio: Fix build with CONFIG_INPUT=n Chen Ni <nichen(a)iscas.ac.cn> ALSA: usb-audio: Convert comma to semicolon Kerem Karabay <kekrby(a)gmail.com> HID: multitouch: specify that Apple Touch Bar is direct Kerem Karabay <kekrby(a)gmail.com> HID: multitouch: take cls->maxcontacts into account for Apple Touch Bar even without a HID_DG_CONTACTMAX field Kerem Karabay <kekrby(a)gmail.com> HID: multitouch: support getting the tip state from HID_DG_TOUCH fields in Apple Touch Bar Kerem Karabay <kekrby(a)gmail.com> HID: multitouch: Get the contact ID from HID_DG_TRANSDUCER_INDEX fields in case of Apple Touch Bar Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ALSA: usb-audio: Add mixer quirk for Sony DualSense PS5 Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ALSA: usb-audio: Remove unneeded wmb() in mixer_quirks Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ALSA: usb-audio: Simplify NULL comparison in mixer_quirks Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ALSA: usb-audio: Avoid multiple assignments in mixer_quirks Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ALSA: usb-audio: Drop unnecessary parentheses in mixer_quirks Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ALSA: usb-audio: Fix block comments in mixer_quirks ------------- Diffstat: Makefile | 4 +- arch/arm/mm/pageattr.c | 6 +- arch/arm64/boot/dts/freescale/imx8mp.dtsi | 4 +- arch/s390/kernel/perf_cpum_cf.c | 4 +- arch/um/drivers/mconsole_user.c | 2 + arch/x86/mm/pgtable.c | 2 +- drivers/cpufreq/cpufreq.c | 20 +- drivers/edac/sb_edac.c | 4 +- drivers/edac/skx_common.h | 1 - drivers/gpu/drm/amd/amdgpu/amdgpu.h | 2 + .../gpu/drm/amd/display/modules/hdcp/hdcp_ddc.c | 2 + drivers/gpu/drm/amd/pm/powerplay/hwmgr/ppevvmath.h | 14 +- .../drm/amd/pm/swsmu/smu11/sienna_cichlid_ppt.c | 2 + .../gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_0_ppt.c | 3 + .../gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_7_ppt.c | 3 + drivers/gpu/drm/arm/display/include/malidp_utils.h | 2 +- .../drm/arm/display/komeda/komeda_pipeline_state.c | 24 +- drivers/gpu/drm/ast/ast_dp.c | 2 +- drivers/gpu/drm/drm_color_mgmt.c | 2 +- drivers/gpu/drm/gma500/oaktrail_hdmi.c | 2 +- drivers/gpu/drm/msm/adreno/a6xx_gmu.c | 6 - drivers/gpu/drm/radeon/evergreen_cs.c | 2 + drivers/hid/hid-multitouch.c | 45 +++- drivers/hwmon/adt7475.c | 24 +- drivers/infiniband/hw/mlx5/devx.c | 1 + drivers/md/dm-integrity.c | 2 +- drivers/media/dvb-frontends/stv0367_priv.h | 3 + drivers/net/can/rcar/rcar_can.c | 8 +- drivers/net/can/spi/hi311x.c | 1 + drivers/net/can/sun4i_can.c | 1 + drivers/net/can/usb/etas_es58x/es581_4.c | 4 +- drivers/net/can/usb/etas_es58x/es58x_core.c | 7 +- drivers/net/can/usb/etas_es58x/es58x_core.h | 8 +- drivers/net/can/usb/etas_es58x/es58x_fd.c | 4 +- drivers/net/can/usb/mcba_usb.c | 1 + drivers/net/can/usb/peak_usb/pcan_usb_core.c | 2 +- drivers/net/dsa/lantiq_gswip.c | 41 +-- drivers/net/ethernet/broadcom/bnxt/bnxt_tc.c | 2 +- drivers/net/ethernet/chelsio/cxgb3/cxgb3_main.c | 18 +- drivers/net/ethernet/intel/i40e/i40e.h | 4 +- drivers/net/ethernet/intel/i40e/i40e_ethtool.c | 25 +- drivers/net/ethernet/intel/i40e/i40e_main.c | 26 +- drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 110 ++++---- drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.h | 3 +- drivers/net/ethernet/marvell/octeontx2/af/cgx.c | 3 +- .../net/ethernet/marvell/octeontx2/nic/otx2_tc.c | 2 +- drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 2 +- drivers/net/fjes/fjes_main.c | 4 +- drivers/nfc/pn544/i2c.c | 2 - drivers/platform/x86/sony-laptop.c | 1 - drivers/scsi/isci/init.c | 6 +- .../pci/hive_isp_css_include/math_support.h | 5 - drivers/usb/core/quirks.c | 2 +- drivers/video/fbdev/core/fbcon.c | 13 +- drivers/virt/acrn/ioreq.c | 4 +- fs/afs/server.c | 3 +- fs/btrfs/misc.h | 2 - fs/ext2/balloc.c | 2 - fs/ext4/ext4.h | 2 - fs/hugetlbfs/inode.c | 10 +- fs/smb/server/transport_rdma.c | 18 +- fs/ufs/util.h | 6 - include/crypto/if_alg.h | 2 +- include/linux/minmax.h | 122 +++++++-- include/linux/mm.h | 54 ++++ include/linux/pageblock-flags.h | 2 +- include/linux/swap.h | 10 + include/net/bluetooth/hci_core.h | 21 ++ kernel/bpf/verifier.c | 4 + kernel/futex/requeue.c | 6 +- kernel/trace/preemptirq_delay_test.c | 2 - kernel/trace/trace_dynevent.c | 4 + lib/btree.c | 1 - lib/decompress_unlzma.c | 2 + lib/logic_pio.c | 3 - mm/gup.c | 28 +- mm/kmsan/core.c | 10 +- mm/kmsan/kmsan_test.c | 16 ++ mm/migrate_device.c | 42 ++- mm/mlock.c | 2 +- mm/swap.c | 4 +- mm/zsmalloc.c | 1 - net/bluetooth/hci_event.c | 26 +- net/bluetooth/hci_sync.c | 7 + net/ipv4/nexthop.c | 7 + net/ipv4/proc.c | 2 +- net/ipv6/proc.c | 2 +- net/netfilter/nf_nat_core.c | 6 +- net/tipc/core.h | 2 +- net/tipc/link.c | 10 +- sound/usb/mixer_quirks.c | 295 +++++++++++++++++++-- sound/usb/quirks.c | 24 +- sound/usb/usbaudio.h | 4 + .../selftests/bpf/progs/get_branch_snapshot.c | 4 +- tools/testing/selftests/net/fib_nexthops.sh | 12 +- tools/testing/selftests/seccomp/seccomp_bpf.c | 2 + tools/testing/selftests/vm/mremap_test.c | 2 + 97 files changed, 950 insertions(+), 331 deletions(-)

4 weeks

12
85
0 0

[PATCH 6.12 00/89] 6.12.50-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.12.50 release. There are 89 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu, 02 Oct 2025 14:37:59 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.12.50-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.12.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.12.50-rc1 Niklas Neronin <niklas.neronin(a)linux.intel.com> Revert "usb: xhci: remove option to change a default ring's TRB cycle bit" Jason Gunthorpe <jgg(a)ziepe.ca> iommufd: Fix race during abort for file descriptors Thomas Zimmermann <tzimmermann(a)suse.de> fbcon: Fix OOB access in font allocation Samasth Norway Ananda <samasth.norway.ananda(a)oracle.com> fbcon: fix integer overflow in fbcon_do_set_font Jinjiang Tu <tujinjiang(a)huawei.com> mm/hugetlb: fix folio is still mapped when deleted Eric Biggers <ebiggers(a)kernel.org> kmsan: fix out-of-bounds access to shadow memory Hans de Goede <hansg(a)kernel.org> gpiolib: Extend software-node support to support secondary software-nodes Jakub Acs <acsjakub(a)amazon.de> fs/proc/task_mmu: check p->vec_buf for NULL Zhen Ni <zhen.ni(a)easystack.cn> afs: Fix potential null pointer dereference in afs_put_server Nirmoy Das <nirmoyd(a)nvidia.com> drm/ast: Use msleep instead of mdelay for edid read Josua Mayer <josua(a)solid-run.com> arm64: dts: marvell: cn9132-clearfog: fix multi-lane pci x2 and x4 ports Josua Mayer <josua(a)solid-run.com> arm64: dts: marvell: cn9132-clearfog: disable eMMC high-speed modes Nobuhiro Iwamatsu <iwamatsu(a)nigauri.org> ARM: dts: socfpga: sodia: Fix mdio bus probe and PHY address Masami Hiramatsu (Google) <mhiramat(a)kernel.org> tracing: dynevent: Add a missing lockdown check on dynevent Eric Biggers <ebiggers(a)kernel.org> crypto: af_alg - Fix incorrect boolean values in af_alg_ctx Lukasz Czapnik <lukasz.czapnik(a)intel.com> i40e: improve VF MAC filters accounting Lukasz Czapnik <lukasz.czapnik(a)intel.com> i40e: add mask to apply valid bits for itr_idx Lukasz Czapnik <lukasz.czapnik(a)intel.com> i40e: add max boundary check for VF filters Lukasz Czapnik <lukasz.czapnik(a)intel.com> i40e: fix validation of VF state in get resources Lukasz Czapnik <lukasz.czapnik(a)intel.com> i40e: fix input validation logic for action_meta Lukasz Czapnik <lukasz.czapnik(a)intel.com> i40e: fix idx validation in config queues msg Lukasz Czapnik <lukasz.czapnik(a)intel.com> i40e: fix idx validation in i40e_validate_queue_map Lukasz Czapnik <lukasz.czapnik(a)intel.com> i40e: add validation for ring_len param Amit Chaudhari <amitchaudhari(a)mac.com> HID: asus: add support for missing PX series fn keys Sang-Heon Jeon <ekffu200098(a)gmail.com> smb: client: fix wrong index reference in smb2_compound_op() Daniel Lee <dany97(a)live.ca> platform/x86: lg-laptop: Fix WMAB call in fan_mode_store() Adrián Larumbe <adrian.larumbe(a)collabora.com> drm/panthor: Defer scheduler entitiy destruction to queue release Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> futex: Prevent use-after-free during requeue-PI Zabelin Nikita <n.zabelin(a)mt-integration.ru> drm/gma500: Fix null dereference in hdmi teardown Hugh Dickins <hughd(a)google.com> mm: folio_may_be_lru_cached() unless folio_test_large() Hugh Dickins <hughd(a)google.com> mm: revert "mm/gup: clear the LRU flag of a page before adding to LRU batch" Hugh Dickins <hughd(a)google.com> mm/gup: local lru_add_drain() to avoid lru_add_drain_all() Dan Carpenter <dan.carpenter(a)linaro.org> octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() Vladimir Oltean <vladimir.oltean(a)nxp.com> net: dsa: lantiq_gswip: suppress -EINVAL errors for bridge FDB entries added to the CPU port Vladimir Oltean <vladimir.oltean(a)nxp.com> net: dsa: lantiq_gswip: move gswip_add_single_port_br() call to port_setup() Ido Schimmel <idosch(a)nvidia.com> selftests: fib_nexthops: Fix creation of non-FDB nexthops Ido Schimmel <idosch(a)nvidia.com> nexthop: Forbid FDB status change while nexthop is in a group Jason Baron <jbaron(a)akamai.com> net: allow alloc_skb_with_frags() to use MAX_SKB_FRAGS Alok Tiwari <alok.a.tiwari(a)oracle.com> bnxt_en: correct offset handling for IPv6 destination address Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> vhost: Take a reference on the task in struct vhost_task. Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: hci_sync: Fix hci_resume_advertising_sync Petr Malat <oss(a)malat.biz> ethernet: rvu-af: Remove slash from the driver name Sidraya Jayagond <sidraya(a)linux.ibm.com> net/smc: fix warning in smc_rx_splice() when calling get_page() Wang Liang <wangliang74(a)huawei.com> net: tun: Update napi->skb after XDP process Stéphane Grosjean <stephane.grosjean(a)hms-networks.com> can: peak_usb: fix shift-out-of-bounds issue Vincent Mailhol <mailhol(a)kernel.org> can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow Vincent Mailhol <mailhol(a)kernel.org> can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow Vincent Mailhol <mailhol(a)kernel.org> can: hi311x: populate ndo_change_mtu() to prevent buffer overflow Vincent Mailhol <mailhol(a)kernel.org> can: etas_es58x: populate ndo_change_mtu() to prevent buffer overflow Sabrina Dubroca <sd(a)queasysnail.net> xfrm: xfrm_alloc_spi shouldn't use 0 as SPI Leon Hwang <leon.hwang(a)linux.dev> bpf: Reject bpf_timer for PREEMPT_RT Geert Uytterhoeven <geert+renesas(a)glider.be> can: rcar_can: rcar_can_resume(): fix s2ram with PSCI James Guan <guan_yufei(a)163.com> wifi: virt_wifi: Fix page fault on connect Mark Harmstone <mark(a)harmstone.com> btrfs: don't allow adding block device of less than 1 MB Jiri Olsa <olsajiri(a)gmail.com> bpf: Check the helper function is valid in get_helper_proto Stefan Metzmacher <metze(a)samba.org> smb: server: use disable_work_sync in transport_rdma.c Stefan Metzmacher <metze(a)samba.org> smb: server: don't use delayed_work for post_recv_credits_work Christian Loehle <christian.loehle(a)arm.com> cpufreq: Initialize cpufreq-based invariance before subsys Jihed Chaibi <jihed.chaibi.dev(a)gmail.com> ARM: dts: kirkwood: Fix sound DAI cells for OpenRD clients Peng Fan <peng.fan(a)nxp.com> arm64: dts: imx8mp: Correct thermal sensor index Peng Fan <peng.fan(a)nxp.com> firmware: imx: Add stub functions for SCMI MISC API Basavaraj Natikar <Basavaraj.Natikar(a)amd.com> HID: amd_sfh: Add sync across amd sfh work functions Or Har-Toov <ohartoov(a)nvidia.com> IB/mlx5: Fix obj_type mismatch for SRQ event subscriptions Aleksander Jan Bajkowski <olek2(a)wp.pl> net: sfp: add quirk for FLYPRO copper SFP+ module qaqland <anguoli(a)uniontech.com> ALSA: usb-audio: Add mute TLV for playback volumes on more devices Cryolitia PukNgae <cryolitia(a)uniontech.com> ALSA: usb-audio: move mixer_quirks' min_mute into common quirk noble.yang <noble.yang(a)comtrue-inc.com> ALSA: usb-audio: Add DSD support for Comtrue USB Audio device Heikki Krogerus <heikki.krogerus(a)linux.intel.com> i2c: designware: Add quirk for Intel Xe Benoît Monin <benoit.monin(a)bootlin.com> mmc: sdhci-cadence: add Mobileye eyeQ support Chris Morgan <macromorgan(a)hotmail.com> net: sfp: add quirk for Potron SFP+ XGSPON ONU Stick Marc Kleine-Budde <mkl(a)pengutronix.de> net: fec: rename struct fec_devinfo fec_imx6x_info -> fec_imx6sx_info Jiayi Li <lijiayi(a)kylinos.cn> usb: core: Add 0x prefix to quirks debug output Takashi Iwai <tiwai(a)suse.de> ALSA: usb-audio: Fix build with CONFIG_INPUT=n Stefan Binding <sbinding(a)opensource.cirrus.com> ALSA: hda/realtek: Add support for ASUS NUC using CS35L41 HDA Chen Ni <nichen(a)iscas.ac.cn> ALSA: usb-audio: Convert comma to semicolon Kerem Karabay <kekrby(a)gmail.com> HID: multitouch: specify that Apple Touch Bar is direct Kerem Karabay <kekrby(a)gmail.com> HID: multitouch: take cls->maxcontacts into account for Apple Touch Bar even without a HID_DG_CONTACTMAX field Kerem Karabay <kekrby(a)gmail.com> HID: multitouch: support getting the tip state from HID_DG_TOUCH fields in Apple Touch Bar Kerem Karabay <kekrby(a)gmail.com> HID: multitouch: Get the contact ID from HID_DG_TRANSDUCER_INDEX fields in case of Apple Touch Bar Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ALSA: usb-audio: Add mixer quirk for Sony DualSense PS5 Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ALSA: usb-audio: Remove unneeded wmb() in mixer_quirks Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ALSA: usb-audio: Simplify NULL comparison in mixer_quirks Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ALSA: usb-audio: Avoid multiple assignments in mixer_quirks Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ALSA: usb-audio: Drop unnecessary parentheses in mixer_quirks Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ALSA: usb-audio: Fix block comments in mixer_quirks Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ALSA: usb-audio: Fix code alignment in mixer_quirks Takashi Sakamoto <o-takashi(a)sakamocchi.jp> firewire: core: fix overlooked update of subsystem ABI version Alok Tiwari <alok.a.tiwari(a)oracle.com> scsi: ufs: mcq: Fix memory allocation checks for SQE and CQE ------------- Diffstat: Documentation/admin-guide/laptops/lg-laptop.rst | 4 +- Makefile | 4 +- .../dts/intel/socfpga/socfpga_cyclone5_sodia.dts | 6 +- .../boot/dts/marvell/kirkwood-openrd-client.dts | 2 +- arch/arm64/boot/dts/freescale/imx8mp.dtsi | 4 +- arch/arm64/boot/dts/marvell/cn9132-clearfog.dts | 16 +- arch/arm64/boot/dts/marvell/cn9132-sr-cex7.dtsi | 8 + drivers/cpufreq/cpufreq.c | 20 +- drivers/firewire/core-cdev.c | 2 +- drivers/gpio/gpiolib.c | 21 +- drivers/gpu/drm/ast/ast_dp.c | 2 +- drivers/gpu/drm/gma500/oaktrail_hdmi.c | 2 +- drivers/gpu/drm/panthor/panthor_sched.c | 8 +- drivers/hid/amd-sfh-hid/amd_sfh_client.c | 12 +- drivers/hid/amd-sfh-hid/amd_sfh_common.h | 3 + drivers/hid/amd-sfh-hid/amd_sfh_pcie.c | 4 + drivers/hid/hid-asus.c | 3 + drivers/hid/hid-multitouch.c | 45 +- drivers/i2c/busses/i2c-designware-platdrv.c | 7 +- drivers/infiniband/hw/mlx5/devx.c | 1 + drivers/iommu/iommufd/fault.c | 4 +- drivers/iommu/iommufd/main.c | 34 +- drivers/mmc/host/sdhci-cadence.c | 11 + drivers/net/can/rcar/rcar_can.c | 8 +- drivers/net/can/spi/hi311x.c | 1 + drivers/net/can/sun4i_can.c | 1 + drivers/net/can/usb/etas_es58x/es58x_core.c | 3 +- drivers/net/can/usb/mcba_usb.c | 1 + drivers/net/can/usb/peak_usb/pcan_usb_core.c | 2 +- drivers/net/dsa/lantiq_gswip.c | 21 +- drivers/net/ethernet/broadcom/bnxt/bnxt_tc.c | 2 +- drivers/net/ethernet/freescale/fec_main.c | 4 +- drivers/net/ethernet/intel/i40e/i40e.h | 3 +- drivers/net/ethernet/intel/i40e/i40e_main.c | 26 +- drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 110 +++-- drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.h | 3 +- drivers/net/ethernet/marvell/octeontx2/af/cgx.c | 3 +- .../net/ethernet/marvell/octeontx2/nic/otx2_tc.c | 2 +- drivers/net/phy/sfp.c | 24 +- drivers/net/tun.c | 3 + drivers/net/wireless/virtual/virt_wifi.c | 4 +- drivers/platform/x86/lg-laptop.c | 34 +- drivers/ufs/core/ufs-mcq.c | 4 +- drivers/usb/core/quirks.c | 2 +- drivers/usb/host/xhci-dbgcap.c | 2 +- drivers/usb/host/xhci-mem.c | 50 +- drivers/usb/host/xhci.c | 2 +- drivers/usb/host/xhci.h | 6 +- drivers/video/fbdev/core/fbcon.c | 13 +- fs/afs/server.c | 3 +- fs/btrfs/volumes.c | 5 + fs/hugetlbfs/inode.c | 10 +- fs/proc/task_mmu.c | 3 + fs/smb/client/smb2inode.c | 2 +- fs/smb/server/transport_rdma.c | 22 +- include/crypto/if_alg.h | 2 +- include/linux/firmware/imx/sm.h | 12 + include/linux/swap.h | 10 + include/net/bluetooth/hci_core.h | 21 + kernel/bpf/core.c | 5 +- kernel/bpf/verifier.c | 6 +- kernel/futex/requeue.c | 6 +- kernel/trace/trace_dynevent.c | 4 + kernel/vhost_task.c | 3 +- mm/gup.c | 15 +- mm/kmsan/core.c | 10 +- mm/kmsan/kmsan_test.c | 16 + mm/mlock.c | 6 +- mm/swap.c | 51 +- net/bluetooth/hci_event.c | 26 +- net/bluetooth/hci_sync.c | 7 + net/core/skbuff.c | 2 +- net/ipv4/nexthop.c | 7 + net/smc/smc_loopback.c | 14 +- net/xfrm/xfrm_state.c | 3 + sound/pci/hda/patch_realtek.c | 11 + sound/usb/mixer_quirks.c | 545 +++++++++++++++------ sound/usb/quirks.c | 24 +- sound/usb/usbaudio.h | 4 + tools/testing/selftests/net/fib_nexthops.sh | 12 +- 80 files changed, 1037 insertions(+), 387 deletions(-)

4 weeks

15
104
0 0

Re: [PATCH v1] ALSA: hda/tas2781: Fix a potential race condition that causes a NULL pointer in case no efi.get_variable exsits

by Gergo Koteles

Cc: <stable(a)vger.kernel.org> On Thu, 2025-09-11 at 15:11 +0800, Shenghao Ding wrote: > A a potential race condition reported by one of my customers that leads to > a NULL pointer dereference, where the call to efi.get_variable should be > guarded with efi_rt_services_supported() to ensure that function exists. > > Fixes: 4fe238513407 ("ALSA: hda/tas2781: Move and unified the calibrated-data getting function for SPI and I2C into the tas2781_hda lib") > Signed-off-by: Shenghao Ding <shenghao-ding(a)ti.com> > --- > sound/hda/codecs/side-codecs/tas2781_hda.c | 5 +++++ > sound/hda/codecs/side-codecs/tas2781_hda_i2c.c | 5 +++++ > 2 files changed, 10 insertions(+) > > diff --git a/sound/hda/codecs/side-codecs/tas2781_hda.c b/sound/hda/codecs/side-codecs/tas2781_hda.c > index 536940c78f00..96e6d82dc69e 100644 > --- a/sound/hda/codecs/side-codecs/tas2781_hda.c > +++ b/sound/hda/codecs/side-codecs/tas2781_hda.c > @@ -193,6 +193,11 @@ int tas2781_save_calibration(struct tas2781_hda *hda) > efi_status_t status; > int i; > > + if (!efi_rt_services_supported(EFI_RT_SUPPORTED_GET_VARIABLE)) { > + dev_err(p->dev, "%s: NO EFI FOUND!\n", __func__); > + return -EINVAL; > + } > + > if (hda->catlog_id < LENOVO) > efi_guid = tasdev_fct_efi_guid[hda->catlog_id]; > > diff --git a/sound/hda/codecs/side-codecs/tas2781_hda_i2c.c b/sound/hda/codecs/side-codecs/tas2781_hda_i2c.c > index 008dbe1490a7..4dea442d8c30 100644 > --- a/sound/hda/codecs/side-codecs/tas2781_hda_i2c.c > +++ b/sound/hda/codecs/side-codecs/tas2781_hda_i2c.c > @@ -317,6 +317,11 @@ static int tas2563_save_calibration(struct tas2781_hda *h) > unsigned int attr; > int ret, i, j, k; > > + if (!efi_rt_services_supported(EFI_RT_SUPPORTED_GET_VARIABLE)) { > + dev_err(p->dev, "%s: NO EFI FOUND!\n", __func__); > + return -EINVAL; > + } > + > cd->cali_dat_sz_per_dev = TAS2563_CAL_DATA_SIZE * TASDEV_CALIB_N; > > /* extra byte for each device is the device number */

4 weeks

2
1
0 0

Re: [PATCH v4] ALSA: hda/tas2781: Fix the order of TAS2781 calibrated-data

by Gergo Koteles

Cc: <stable(a)vger.kernel.org> On Mon, 2025-09-08 at 06:27 +0800, Shenghao Ding wrote: > A bug reported by one of my customers that the order of TAS2781 > calibrated-data is incorrect, the correct way is to move R0_Low > and insert it between R0 and InvR0. > > Fixes: 4fe238513407 ("ALSA: hda/tas2781: Move and unified the calibrated-data getting function for SPI and I2C into the tas2781_hda lib") > Signed-off-by: Shenghao Ding <shenghao-ding(a)ti.com> > > --- > v4: > - Add missing base into cali_cnv(). > v3: > - Take Tiwai's advice on cali_cnv() to make it more simpler. > v2: > - Submit to the sound branch maintained by Tiwai instead of linux-next > branch > - Drop other fix > --- > sound/hda/codecs/side-codecs/tas2781_hda.c | 25 +++++++++++++++++----- > 1 file changed, 20 insertions(+), 5 deletions(-) > > diff --git a/sound/hda/codecs/side-codecs/tas2781_hda.c b/sound/hda/codecs/side-codecs/tas2781_hda.c > index f46d2e06c64f..536940c78f00 100644 > --- a/sound/hda/codecs/side-codecs/tas2781_hda.c > +++ b/sound/hda/codecs/side-codecs/tas2781_hda.c > @@ -33,6 +33,23 @@ const efi_guid_t tasdev_fct_efi_guid[] = { > }; > EXPORT_SYMBOL_NS_GPL(tasdev_fct_efi_guid, "SND_HDA_SCODEC_TAS2781"); > > +/* > + * The order of calibrated-data writing function is a bit different from the > + * order in UEFI. Here is the conversion to match the order of calibrated-data > + * writing function. > + */ > +static void cali_cnv(unsigned char *data, unsigned int base, int offset) > +{ > + struct cali_reg reg_data; > + > + memcpy(&reg_data, &data[base], sizeof(reg_data)); > + /* the data order has to be swapped between r0_low_reg and inv0_reg */ > + swap(reg_data.r0_low_reg, reg_data.invr0_reg); > + > + cpu_to_be32_array((__force __be32 *)(data + offset + 1), > + (u32 *)&reg_data, TASDEV_CALIB_N); > +} > + > static void tas2781_apply_calib(struct tasdevice_priv *p) > { > struct calidata *cali_data = &p->cali_data; > @@ -103,8 +120,7 @@ static void tas2781_apply_calib(struct tasdevice_priv *p) > > data[l] = k; > oft++; > - for (i = 0; i < TASDEV_CALIB_N * 4; i++) > - data[l + i + 1] = data[4 * oft + i]; > + cali_cnv(data, 4 * oft, l); > k++; > } > } > @@ -130,9 +146,8 @@ static void tas2781_apply_calib(struct tasdevice_priv *p) > > for (j = p->ndev - 1; j >= 0; j--) { > l = j * (cali_data->cali_dat_sz_per_dev + 1); > - for (i = TASDEV_CALIB_N * 4; i > 0 ; i--) > - data[l + i] = data[p->index * 5 + i]; > - data[l+i] = j; > + cali_cnv(data, cali_data->cali_dat_sz_per_dev * j, l); > + data[l] = j; > } > } >

4 weeks

2
1
0 0

ATTENTION :Password key expired !!!

by lists.linaro.org

Hello, I want a quote and I would like to know your availability so that i can send you the necessary documents as well as drawings and specification. Best regards Tony

4 weeks

1
0
0 0

[PATCH v2] loop: fix backing file reference leak on validation error

by Li Chen

loop_change_fd() and loop_configure() call loop_check_backing_file() to validate the new backing file. If validation fails, the reference acquired by fget() was not dropped, leaking a file reference. Fix this by calling fput(file) before returning the error. Cc: stable(a)vger.kernel.org Cc: "Markus Elfring"<Markus.Elfring(a)web.de> CC: "Yang Erkun" <yangerkun(a)huawei.com> Cc: "Ming Lei"<ming.lei(a)redhat.com> Cc: "Yu Kuai"<yukuai1(a)huaweicloud.com> Fixes: f5c84eff634b ("loop: Add sanity check for read/write_iter") Signed-off-by: Li Chen <chenl311(a)chinatelecom.cn> Reviewed-by: Ming Lei <ming.lei(a)redhat.com> Reviewed-by: Yang Erkun <yangerkun(a)huawei.com> --- changelog: v2: add review by, Fixes and cc stable tags. drivers/block/loop.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/drivers/block/loop.c b/drivers/block/loop.c index 053a086d547e..94ec7f747f36 100644 --- a/drivers/block/loop.c +++ b/drivers/block/loop.c @@ -551,8 +551,10 @@ static int loop_change_fd(struct loop_device *lo, struct block_device *bdev, return -EBADF; error = loop_check_backing_file(file); - if (error) + if (error) { + fput(file); return error; + } /* suppress uevents while reconfiguring the device */ dev_set_uevent_suppress(disk_to_dev(lo->lo_disk), 1); @@ -993,8 +995,10 @@ static int loop_configure(struct loop_device *lo, blk_mode_t mode, return -EBADF; error = loop_check_backing_file(file); - if (error) + if (error) { + fput(file); return error; + } is_loop = is_loop_device(file); -- 2.51.0

4 weeks

2
1
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror