- Linux-stable-mirror - lists.linaro.org

[PATCH net 0/3] mptcp: misc fixes for v6.17-rc6

by Matthieu Baerts (NGI0)

Here are various unrelated fixes: - Patch 1: Fix a wrong attribute type in the MPTCP Netlink specs. A fix for v6.7. - Patch 2: Avoid mentioning a deprecated MPTCP sysctl knob in the doc. A fix for v6.15. - Patch 3: Handle new warnings from ShellCheck v0.11.0. This prevents some warnings reported by some CIs. If it is not a good material for 'net', please drop it and I can resend it later, targeting 'net-next'. Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> --- Matthieu Baerts (NGI0) (3): netlink: specs: mptcp: fix if-idx attribute type doc: mptcp: net.mptcp.pm_type is deprecated selftests: mptcp: shellcheck: support v0.11.0 Documentation/netlink/specs/mptcp_pm.yaml | 2 +- Documentation/networking/mptcp.rst | 8 ++++---- tools/testing/selftests/net/mptcp/diag.sh | 2 +- tools/testing/selftests/net/mptcp/mptcp_connect.sh | 2 +- tools/testing/selftests/net/mptcp/mptcp_join.sh | 2 +- tools/testing/selftests/net/mptcp/mptcp_sockopt.sh | 2 +- tools/testing/selftests/net/mptcp/pm_netlink.sh | 5 +++-- tools/testing/selftests/net/mptcp/simult_flows.sh | 2 +- tools/testing/selftests/net/mptcp/userspace_pm.sh | 2 +- 9 files changed, 14 insertions(+), 13 deletions(-) --- base-commit: e2a10daba84968f6b5777d150985fd7d6abc9c84 change-id: 20250908-net-mptcp-misc-fixes-6-17-rc5-7550f5f90b66 Best regards, -- Matthieu Baerts (NGI0) <matttbe(a)kernel.org>

2 months, 4 weeks

6
8
0 0

[PATCH] crypto: aspeed - Fix dma_unmap_sg() direction

by Thomas Fourier

It seems like everywhere in this file, when the request is not bidirectional, req->src is mapped with DMA_TO_DEVICE and req->src is mapped with DMA_FROM_DEVICE. Fixes: 62f58b1637b7 ("crypto: aspeed - add HACE crypto driver") Cc: <stable(a)vger.kernel.org> Signed-off-by: Thomas Fourier <fourier.thomas(a)gmail.com> --- drivers/crypto/aspeed/aspeed-hace-crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/crypto/aspeed/aspeed-hace-crypto.c b/drivers/crypto/aspeed/aspeed-hace-crypto.c index a72dfebc53ff..fa201dae1f81 100644 --- a/drivers/crypto/aspeed/aspeed-hace-crypto.c +++ b/drivers/crypto/aspeed/aspeed-hace-crypto.c @@ -346,7 +346,7 @@ static int aspeed_sk_start_sg(struct aspeed_hace_dev *hace_dev) } else { dma_unmap_sg(hace_dev->dev, req->dst, rctx->dst_nents, - DMA_TO_DEVICE); + DMA_FROM_DEVICE); dma_unmap_sg(hace_dev->dev, req->src, rctx->src_nents, DMA_TO_DEVICE); } -- 2.43.0

3 months

2
1
0 0

OFFER

by MAJOR TRADE

3 months

1
0
0 0

New September Order. 73342 Wednesday, September 10, 2025 at 07:26:21 AM

by Info - Albinayah 397

Hi Stable, Please provide a quote for your products: Include: 1.Pricing (per unit) 2.Delivery cost & timeline 3.Quote expiry date Deadline: September Thanks! Kamal Prasad Albinayah Trading

3 months

1
0
0 0

+ zram-fix-slot-write-race-condition.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: zram: fix slot write race condition has been added to the -mm mm-hotfixes-unstable branch. Its filename is zram-fix-slot-write-race-condition.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Sergey Senozhatsky <senozhatsky(a)chromium.org> Subject: zram: fix slot write race condition Date: Tue, 9 Sep 2025 13:48:35 +0900 Parallel concurrent writes to the same zram index result in leaked zsmalloc handles. Schematically we can have something like this: CPU0 CPU1 zram_slot_lock() zs_free(handle) zram_slot_lock() zram_slot_lock() zs_free(handle) zram_slot_lock() compress compress handle = zs_malloc() handle = zs_malloc() zram_slot_lock zram_set_handle(handle) zram_slot_lock zram_slot_lock zram_set_handle(handle) zram_slot_lock Either CPU0 or CPU1 zsmalloc handle will leak because zs_free() is done too early. In fact, we need to reset zram entry right before we set its new handle, all under the same slot lock scope. Link: https://lkml.kernel.org/r/20250909045150.635345-1-senozhatsky@chromium.org Fixes: 71268035f5d73 ("zram: free slot memory early during write") Signed-off-by: Sergey Senozhatsky <senozhatsky(a)chromium.org> Reported-by: Changhui Zhong <czhong(a)redhat.com> Closes: https://lore.kernel.org/all/CAGVVp+UtpGoW5WEdEU7uVTtsSCjPN=ksN6EcvyypAtFDOU… Cc: Jens Axboe <axboe(a)kernel.dk> Cc: Minchan Kim <minchan(a)kernel.org> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- drivers/block/zram/zram_drv.c | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) --- a/drivers/block/zram/zram_drv.c~zram-fix-slot-write-race-condition +++ a/drivers/block/zram/zram_drv.c @@ -1795,6 +1795,7 @@ static int write_same_filled_page(struct u32 index) { zram_slot_lock(zram, index); + zram_free_page(zram, index); zram_set_flag(zram, index, ZRAM_SAME); zram_set_handle(zram, index, fill); zram_slot_unlock(zram, index); @@ -1832,6 +1833,7 @@ static int write_incompressible_page(str kunmap_local(src); zram_slot_lock(zram, index); + zram_free_page(zram, index); zram_set_flag(zram, index, ZRAM_HUGE); zram_set_handle(zram, index, handle); zram_set_obj_size(zram, index, PAGE_SIZE); @@ -1855,11 +1857,6 @@ static int zram_write_page(struct zram * unsigned long element; bool same_filled; - /* First, free memory allocated to this slot (if any) */ - zram_slot_lock(zram, index); - zram_free_page(zram, index); - zram_slot_unlock(zram, index); - mem = kmap_local_page(page); same_filled = page_same_filled(mem, &element); kunmap_local(mem); @@ -1901,6 +1898,7 @@ static int zram_write_page(struct zram * zcomp_stream_put(zstrm); zram_slot_lock(zram, index); + zram_free_page(zram, index); zram_set_handle(zram, index, handle); zram_set_obj_size(zram, index, comp_len); zram_slot_unlock(zram, index); _ Patches currently in -mm which might be from senozhatsky(a)chromium.org are zram-fix-slot-write-race-condition.patch zram-protect-recomp_algorithm_show-with-init_lock.patch panic-remove-redundant-panic-cpu-backtrace.patch

3 months

1
0
0 0

[PATCHv2] zram: fix slot write race condition

by Sergey Senozhatsky

Parallel concurrent writes to the same zram index result in leaked zsmalloc handles. Schematically we can have something like this: CPU0 CPU1 zram_slot_lock() zs_free(handle) zram_slot_lock() zram_slot_lock() zs_free(handle) zram_slot_lock() compress compress handle = zs_malloc() handle = zs_malloc() zram_slot_lock zram_set_handle(handle) zram_slot_lock zram_slot_lock zram_set_handle(handle) zram_slot_lock Either CPU0 or CPU1 zsmalloc handle will leak because zs_free() is done too early. In fact, we need to reset zram entry right before we set its new handle, all under the same slot lock scope. Cc: stable(a)vger.kernel.org Reported-by: Changhui Zhong <czhong(a)redhat.com> Closes: https://lore.kernel.org/all/CAGVVp+UtpGoW5WEdEU7uVTtsSCjPN=ksN6EcvyypAtFDOU… Fixes: 71268035f5d73 ("zram: free slot memory early during write") Signed-off-by: Sergey Senozhatsky <senozhatsky(a)chromium.org> --- drivers/block/zram/zram_drv.c | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/drivers/block/zram/zram_drv.c b/drivers/block/zram/zram_drv.c index 9ac271b82780..78b56cd7698e 100644 --- a/drivers/block/zram/zram_drv.c +++ b/drivers/block/zram/zram_drv.c @@ -1788,6 +1788,7 @@ static int write_same_filled_page(struct zram *zram, unsigned long fill, u32 index) { zram_slot_lock(zram, index); + zram_free_page(zram, index); zram_set_flag(zram, index, ZRAM_SAME); zram_set_handle(zram, index, fill); zram_slot_unlock(zram, index); @@ -1825,6 +1826,7 @@ static int write_incompressible_page(struct zram *zram, struct page *page, kunmap_local(src); zram_slot_lock(zram, index); + zram_free_page(zram, index); zram_set_flag(zram, index, ZRAM_HUGE); zram_set_handle(zram, index, handle); zram_set_obj_size(zram, index, PAGE_SIZE); @@ -1848,11 +1850,6 @@ static int zram_write_page(struct zram *zram, struct page *page, u32 index) unsigned long element; bool same_filled; - /* First, free memory allocated to this slot (if any) */ - zram_slot_lock(zram, index); - zram_free_page(zram, index); - zram_slot_unlock(zram, index); - mem = kmap_local_page(page); same_filled = page_same_filled(mem, &element); kunmap_local(mem); @@ -1894,6 +1891,7 @@ static int zram_write_page(struct zram *zram, struct page *page, u32 index) zcomp_stream_put(zstrm); zram_slot_lock(zram, index); + zram_free_page(zram, index); zram_set_handle(zram, index, handle); zram_set_obj_size(zram, index, comp_len); zram_slot_unlock(zram, index); -- 2.51.0.384.g4c02a37b29-goog

3 months

2
1
0 0

+ mm-hugetlb-fix-copy_hugetlb_page_range-to-use-pt_share_count.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: mm/hugetlb: fix copy_hugetlb_page_range() to use ->pt_share_count has been added to the -mm mm-hotfixes-unstable branch. Its filename is mm-hugetlb-fix-copy_hugetlb_page_range-to-use-pt_share_count.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Jane Chu <jane.chu(a)oracle.com> Subject: mm/hugetlb: fix copy_hugetlb_page_range() to use ->pt_share_count Date: Tue, 9 Sep 2025 12:43:57 -0600 commit 59d9094df3d79 introduced ->pt_share_count dedicated to hugetlb PMD share count tracking, but omitted fixing copy_hugetlb_page_range(), leaving the function relying on page_count() for tracking that no longer works. When lazy page table copy for hugetlb is disabled (commit bcd51a3c679d), fork()'ing with hugetlb PMD sharing quickly locks up - [ 239.446559] watchdog: BUG: soft lockup - CPU#75 stuck for 27s! [ 239.446611] RIP: 0010:native_queued_spin_lock_slowpath+0x7e/0x2e0 [ 239.446631] Call Trace: [ 239.446633] <TASK> [ 239.446636] _raw_spin_lock+0x3f/0x60 [ 239.446639] copy_hugetlb_page_range+0x258/0xb50 [ 239.446645] copy_page_range+0x22b/0x2c0 [ 239.446651] dup_mmap+0x3e2/0x770 [ 239.446654] dup_mm.constprop.0+0x5e/0x230 [ 239.446657] copy_process+0xd17/0x1760 [ 239.446660] kernel_clone+0xc0/0x3e0 [ 239.446661] __do_sys_clone+0x65/0xa0 [ 239.446664] do_syscall_64+0x82/0x930 [ 239.446668] ? count_memcg_events+0xd2/0x190 [ 239.446671] ? syscall_trace_enter+0x14e/0x1f0 [ 239.446676] ? syscall_exit_work+0x118/0x150 [ 239.446677] ? arch_exit_to_user_mode_prepare.constprop.0+0x9/0xb0 [ 239.446681] ? clear_bhb_loop+0x30/0x80 [ 239.446684] ? clear_bhb_loop+0x30/0x80 [ 239.446686] entry_SYSCALL_64_after_hwframe+0x76/0x7e There are two options to resolve the potential latent issue: 1. remove the PMD sharing awareness from copy_hugetlb_page_range(), 2. fix it. This patch opts for the second option. Link: https://lkml.kernel.org/r/20250909184357.569259-1-jane.chu@oracle.com Fixes: 59d9094df3d79 ("mm: hugetlb: independent PMD page table shared count") Signed-off-by: Jane Chu <jane.chu(a)oracle.com> Cc: Cc: David Hildenbrand <david(a)redhat.com> Cc: Jane Chu <jane.chu(a)oracle.com> Cc: Liu Shixin <liushixin2(a)huawei.com> Cc: Muchun Song <muchun.song(a)linux.dev> Cc: Oscar Salvador <osalvador(a)suse.de> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/hugetlb.c | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) --- a/mm/hugetlb.c~mm-hugetlb-fix-copy_hugetlb_page_range-to-use-pt_share_count +++ a/mm/hugetlb.c @@ -5594,18 +5594,13 @@ int copy_hugetlb_page_range(struct mm_st break; } - /* - * If the pagetables are shared don't copy or take references. - * - * dst_pte == src_pte is the common case of src/dest sharing. - * However, src could have 'unshared' and dst shares with - * another vma. So page_count of ptep page is checked instead - * to reliably determine whether pte is shared. - */ - if (page_count(virt_to_page(dst_pte)) > 1) { +#ifdef CONFIG_HUGETLB_PMD_PAGE_TABLE_SHARING + /* If the pagetables are shared don't copy or take references. */ + if (ptdesc_pmd_pts_count(virt_to_ptdesc(dst_pte)) > 0) { addr |= last_addr_mask; continue; } +#endif dst_ptl = huge_pte_lock(h, dst, dst_pte); src_ptl = huge_pte_lockptr(h, src, src_pte); _ Patches currently in -mm which might be from jane.chu(a)oracle.com are mm-hugetlb-fix-copy_hugetlb_page_range-to-use-pt_share_count.patch

3 months

1
0
0 0

+ hung_task-fix-warnings-caused-by-unaligned-lock-pointers.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: hung_task: fix warnings caused by unaligned lock pointers has been added to the -mm mm-hotfixes-unstable branch. Its filename is hung_task-fix-warnings-caused-by-unaligned-lock-pointers.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Lance Yang <lance.yang(a)linux.dev> Subject: hung_task: fix warnings caused by unaligned lock pointers Date: Tue, 9 Sep 2025 22:52:43 +0800 The blocker tracking mechanism assumes that lock pointers are at least 4-byte aligned to use their lower bits for type encoding. However, as reported by Eero Tamminen, some architectures like m68k only guarantee 2-byte alignment of 32-bit values. This breaks the assumption and causes two related WARN_ON_ONCE checks to trigger. To fix this, the runtime checks are adjusted to silently ignore any lock that is not 4-byte aligned, effectively disabling the feature in such cases and avoiding the related warnings. Thanks to Geert Uytterhoeven for bisecting! Link: https://lkml.kernel.org/r/20250909145243.17119-1-lance.yang@linux.dev Fixes: e711faaafbe5 ("hung_task: replace blocker_mutex with encoded blocker") Signed-off-by: Lance Yang <lance.yang(a)linux.dev> Reported-by: Eero Tamminen <oak(a)helsinkinet.fi> Closes: https://lore.kernel.org/lkml/CAMuHMdW7Ab13DdGs2acMQcix5ObJK0O2dG_Fxzr8_g58R… Reviewed-by: Masami Hiramatsu (Google) <mhiramat(a)kernel.org> Cc: John Paul Adrian Glaubitz <glaubitz(a)physik.fu-berlin.de> Cc: Anna Schumaker <anna.schumaker(a)oracle.com> Cc: Boqun Feng <boqun.feng(a)gmail.com> Cc: Finn Thain <fthain(a)linux-m68k.org> Cc: Geert Uytterhoeven <geert(a)linux-m68k.org> Cc: Ingo Molnar <mingo(a)redhat.com> Cc: Joel Granados <joel.granados(a)kernel.org> Cc: John Stultz <jstultz(a)google.com> Cc: Kent Overstreet <kent.overstreet(a)linux.dev> Cc: Lance Yang <lance.yang(a)linux.dev> Cc: Mingzhe Yang <mingzhe.yang(a)ly.com> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Sergey Senozhatsky <senozhatsky(a)chromium.org> Cc: Steven Rostedt <rostedt(a)goodmis.org> Cc: Tomasz Figa <tfiga(a)chromium.org> Cc: Waiman Long <longman(a)redhat.com> Cc: Will Deacon <will(a)kernel.org> Cc: Yongliang Gao <leonylgao(a)tencent.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- include/linux/hung_task.h | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) --- a/include/linux/hung_task.h~hung_task-fix-warnings-caused-by-unaligned-lock-pointers +++ a/include/linux/hung_task.h @@ -20,6 +20,10 @@ * always zero. So we can use these bits to encode the specific blocking * type. * + * Note that on architectures where this is not guaranteed, or for any + * unaligned lock, this tracking mechanism is silently skipped for that + * lock. + * * Type encoding: * 00 - Blocked on mutex (BLOCKER_TYPE_MUTEX) * 01 - Blocked on semaphore (BLOCKER_TYPE_SEM) @@ -45,7 +49,7 @@ static inline void hung_task_set_blocker * If the lock pointer matches the BLOCKER_TYPE_MASK, return * without writing anything. */ - if (WARN_ON_ONCE(lock_ptr & BLOCKER_TYPE_MASK)) + if (lock_ptr & BLOCKER_TYPE_MASK) return; WRITE_ONCE(current->blocker, lock_ptr | type); @@ -53,8 +57,6 @@ static inline void hung_task_set_blocker static inline void hung_task_clear_blocker(void) { - WARN_ON_ONCE(!READ_ONCE(current->blocker)); - WRITE_ONCE(current->blocker, 0UL); } _ Patches currently in -mm which might be from lance.yang(a)linux.dev are maintainers-add-lance-yang-as-a-thp-reviewer.patch hung_task-fix-warnings-caused-by-unaligned-lock-pointers.patch mm-skip-mlocked-thps-that-are-underused-early-in-deferred_split_scan.patch

3 months

1
0
0 0

Re: [PATCH ath-current v2] wifi: ath10k: Fix connection after GTK rekeying

by Alexey Klimov

(add stable into c/c) On Tue Sep 2, 2025 at 3:32 PM BST, Loic Poulain wrote: > It appears that not all hardware/firmware implementations support > group key deletion correctly, which can lead to connection hangs > and deauthentication following GTK rekeying (delete and install). > > To avoid this issue, instead of attempting to delete the key using > the special WMI_CIPHER_NONE value, we now replace the key with an > invalid (random) value. > > This behavior has been observed with WCN39xx chipsets. > > Tested-on: WCN3990 hw1.0 WLAN.HL.3.3.7.c2-00931-QCAHLSWMTPLZ-1 > Reported-by: "Alexey Klimov" <alexey.klimov(a)linaro.org> > Closes: https://lore.kernel.org/all/DAWJQ2NIKY28.1XOG35E4A682G@linaro.org > Signed-off-by: Loic Poulain <loic.poulain(a)oss.qualcomm.com> The fix works great on RB1 board. Thank you. Tested-by: Alexey Klimov <alexey.klimov(a)linaro.org> # QRB2210 RB1 Difficult to say when this issue appeared initially. I'd say that around 6.6 it worked fine probably. But latest few kernel releases like 6.16, 6.15, 6.14 definetely had this issue. Maybe makes sense to add something like that: Cc: stable(a)vger.kernel.org # v6.14 > --- > v2: use random value instead of predictable zero value for key > Add Tested-on tag > > drivers/net/wireless/ath/ath10k/mac.c | 12 ++++++++++-- > 1 file changed, 10 insertions(+), 2 deletions(-) > > diff --git a/drivers/net/wireless/ath/ath10k/mac.c b/drivers/net/wireless/ath/ath10k/mac.c > index 24dd794e31ea..154ac7a70982 100644 > --- a/drivers/net/wireless/ath/ath10k/mac.c > +++ b/drivers/net/wireless/ath/ath10k/mac.c > @@ -16,6 +16,7 @@ > #include <linux/acpi.h> > #include <linux/of.h> > #include <linux/bitfield.h> > +#include <linux/random.h> > > #include "hif.h" > #include "core.h" > @@ -290,8 +291,15 @@ static int ath10k_send_key(struct ath10k_vif *arvif, > key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV; > > if (cmd == DISABLE_KEY) { > - arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_NONE]; > - arg.key_data = NULL; > + if (flags & WMI_KEY_GROUP) { > + /* Not all hardware handles group-key deletion operation > + * correctly. Replace the key with a junk value to invalidate it. > + */ > + get_random_bytes(key->key, key->keylen); > + } else { > + arg.key_cipher = ar->wmi_key_cipher[WMI_CIPHER_NONE]; > + arg.key_data = NULL; > + } > } > > return ath10k_wmi_vdev_install_key(arvif->ar, &arg); Best regards, Alexey

3 months

1
0
0 0

[PATCH 5.10 00/52] 5.10.243-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.10.243 release. There are 52 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Tue, 09 Sep 2025 19:55:53 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.10.243-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.10.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.10.243-rc1 Qiu-ji Chen <chenqiuji666(a)gmail.com> dmaengine: mediatek: Fix a flag reuse error in mtk_cqdma_tx_status() Roman Smirnov <r.smirnov(a)omp.ru> cifs: fix integer overflow in match_server() Taniya Das <quic_tdas(a)quicinc.com> clk: qcom: gdsc: Set retain_ff before moving to HW CTRL Larisa Grigore <larisa.grigore(a)nxp.com> spi: spi-fsl-lpspi: Reset FIFO and disable module on transfer abort Larisa Grigore <larisa.grigore(a)nxp.com> spi: spi-fsl-lpspi: Set correct chip-select polarity bit Larisa Grigore <larisa.grigore(a)nxp.com> spi: spi-fsl-lpspi: Fix transmissions when using CONT Wentao Liang <vulab(a)iscas.ac.cn> pcmcia: Add error handling for add_interval() in do_validate_mem() Takashi Iwai <tiwai(a)suse.de> ALSA: hda/hdmi: Add pin fix for another HP EliteDesk 800 G4 model Fiona Klute <fiona.klute(a)gmx.de> net: phy: microchip: force IRQ polling mode for lan88xx Ioana Ciornei <ioana.ciornei(a)nxp.com> net: phy: microchip: remove the use of .ack_interrupt() Ioana Ciornei <ioana.ciornei(a)nxp.com> net: phy: microchip: implement generic .handle_interrupt() callback Kees Cook <kees(a)kernel.org> randstruct: gcc-plugin: Fix attribute addition Kees Cook <kees(a)kernel.org> randstruct: gcc-plugin: Remove bogus void member Gabor Juhos <j4g8y7(a)gmail.com> arm64: dts: marvell: uDPU: define pinctrl state for alarm LEDs Ronak Doshi <ronak.doshi(a)broadcom.com> vmxnet3: update MTU after device quiesce Jakob Unterwurzacher <jakobunt(a)gmail.com> net: dsa: microchip: linearize skb for tail-tagging switches Pieter Van Trappen <pieter.van.trappen(a)cern.ch> net: dsa: microchip: update tag_ksz masks for KSZ9477 family Qiu-ji Chen <chenqiuji666(a)gmail.com> dmaengine: mediatek: Fix a possible deadlock error in mtk_cqdma_tx_status() Chris Chiu <chris.chiu(a)canonical.com> ALSA: hda/realtek - Add new HP ZBook laptop with micmute led fixup Emanuele Ghidoli <emanuele.ghidoli(a)toradex.com> gpio: pca953x: fix IRQ storm on system wake up Luca Ceresoli <luca.ceresoli(a)bootlin.com> iio: light: opt3001: fix deadlock due to concurrent flag access David Lechner <dlechner(a)baylibre.com> iio: chemical: pms7003: use aligned_s64 for timestamp Sean Christopherson <seanjc(a)google.com> KVM: x86: Take irqfds.lock when adding/deleting IRQ bypass producer Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> cpufreq/sched: Explicitly synchronize limits_changed flag handling Li Qiong <liqiong(a)nfschina.com> mm/slub: avoid accessing metadata when pointer is invalid in object_err() Jann Horn <jannh(a)google.com> mm/khugepaged: fix ->anon_vma race Vitaly Lifshits <vitaly.lifshits(a)intel.com> e1000e: fix heap overflow in e1000_set_eeprom Stanislav Fort <stanislav.fort(a)aisle.com> batman-adv: fix OOB read/write in network-coding decode John Evans <evans1210144(a)gmail.com> scsi: lpfc: Fix buffer free/clear order in deferred receive path Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: drop hw access in non-DC audio fini Qianfeng Rong <rongqianfeng(a)vivo.com> wifi: mwifiex: Initialize the chan_stats array to zero Ma Ke <make24(a)iscas.ac.cn> pcmcia: Fix a NULL pointer dereference in __iodyn_find_io_region() Cryolitia PukNgae <cryolitia(a)uniontech.com> ALSA: usb-audio: Add mute TLV for playback volumes on some devices Qingfang Deng <dqfext(a)gmail.com> ppp: fix memory leak in pad_compress_skb Wang Liang <wangliang74(a)huawei.com> net: atm: fix memory leak in atm_register_sysfs when device_register fail Eric Dumazet <edumazet(a)google.com> ax25: properly unshare skbs in ax25_kiss_rcv() Dan Carpenter <dan.carpenter(a)linaro.org> ipv4: Fix NULL vs error pointer check in inet_blackhole_dev_init() Rosen Penev <rosenp(a)gmail.com> net: thunder_bgx: decrement cleanup index before use Rosen Penev <rosenp(a)gmail.com> net: thunder_bgx: add a missing of_node_put Dan Carpenter <dan.carpenter(a)linaro.org> wifi: libertas: cap SSID len in lbs_associate() Dan Carpenter <dan.carpenter(a)linaro.org> wifi: cw1200: cap SSID length in cw1200_do_join() Felix Fietkau <nbd(a)nbd.name> net: ethernet: mtk_eth_soc: fix tx vlan tag for llc packets Zhen Ni <zhen.ni(a)easystack.cn> i40e: Fix potential invalid access when MAC list is empty Fabian Bläse <fabian(a)blaese.de> icmp: fix icmp_ndo_send address translation for reply direction Miaoqian Lin <linmq006(a)gmail.com> mISDN: Fix memory leak in dsp_hwec_enable() Alok Tiwari <alok.a.tiwari(a)oracle.com> xirc2ps_cs: fix register access when enabling FullDuplex Kuniyuki Iwashima <kuniyu(a)google.com> Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() Phil Sutter <phil(a)nwl.cc> netfilter: conntrack: helper: Replace -EEXIST by -EBUSY Dmitry Antipov <dmantipov(a)yandex.ru> wifi: cfg80211: fix use-after-free in cmp_bss() Peter Robinson <pbrobinson(a)gmail.com> arm64: dts: rockchip: Add vcc-supply to SPI flash on rk3399-pinebook-pro Pei Xiao <xiaopei01(a)kylinos.cn> tee: fix NULL pointer dereference in tee_shm_put Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/display: Don't warn when missing DCE encoder caps ------------- Diffstat: Makefile | 4 +-- arch/arm64/boot/dts/marvell/armada-3720-uDPU.dts | 9 +++-- .../boot/dts/rockchip/rk3399-pinebook-pro.dts | 1 + arch/x86/kvm/x86.c | 18 ++++++++-- drivers/clk/qcom/gdsc.c | 21 ++++++------ drivers/dma/mediatek/mtk-cqdma.c | 10 +++--- drivers/gpio/gpio-pca953x.c | 5 +++ drivers/gpu/drm/amd/amdgpu/dce_v10_0.c | 5 --- drivers/gpu/drm/amd/amdgpu/dce_v11_0.c | 5 --- drivers/gpu/drm/amd/amdgpu/dce_v6_0.c | 5 --- drivers/gpu/drm/amd/amdgpu/dce_v8_0.c | 5 --- .../gpu/drm/amd/display/dc/dce/dce_link_encoder.c | 8 ++--- drivers/iio/chemical/pms7003.c | 5 +-- drivers/iio/light/opt3001.c | 5 +-- drivers/isdn/mISDN/dsp_hwec.c | 6 ++-- drivers/net/ethernet/cavium/thunder/thunder_bgx.c | 20 ++++++----- drivers/net/ethernet/intel/e1000e/ethtool.c | 10 ++++-- drivers/net/ethernet/intel/i40e/i40e_client.c | 4 +-- drivers/net/ethernet/mediatek/mtk_eth_soc.c | 10 +++++- drivers/net/ethernet/xircom/xirc2ps_cs.c | 2 +- drivers/net/phy/microchip.c | 30 ++-------------- drivers/net/phy/microchip_t1.c | 28 +++++++++++---- drivers/net/ppp/ppp_generic.c | 6 ++-- drivers/net/vmxnet3/vmxnet3_drv.c | 5 +-- drivers/net/wireless/marvell/libertas/cfg.c | 9 +++-- drivers/net/wireless/marvell/mwifiex/cfg80211.c | 5 +-- drivers/net/wireless/marvell/mwifiex/main.c | 4 +-- drivers/net/wireless/st/cw1200/sta.c | 2 +- drivers/pcmcia/rsrc_iodyn.c | 3 ++ drivers/pcmcia/rsrc_nonstatic.c | 4 ++- drivers/scsi/lpfc/lpfc_nvmet.c | 10 +++--- drivers/spi/spi-fsl-lpspi.c | 15 ++++---- drivers/tee/tee_shm.c | 6 +++- fs/cifs/connect.c | 5 +++ kernel/sched/cpufreq_schedutil.c | 28 ++++++++++++--- mm/khugepaged.c | 15 +++++++- mm/slub.c | 7 +++- net/atm/resources.c | 6 ++-- net/ax25/ax25_in.c | 4 +++ net/batman-adv/network-coding.c | 7 +++- net/bluetooth/l2cap_sock.c | 3 ++ net/dsa/tag_ksz.c | 22 +++++++++--- net/ipv4/devinet.c | 7 ++-- net/ipv4/icmp.c | 6 ++-- net/ipv6/ip6_icmp.c | 6 ++-- net/netfilter/nf_conntrack_helper.c | 4 +-- net/wireless/scan.c | 3 +- scripts/gcc-plugins/gcc-common.h | 32 +++++++++++++++++ scripts/gcc-plugins/randomize_layout_plugin.c | 40 +++++++--------------- sound/pci/hda/patch_hdmi.c | 1 + sound/pci/hda/patch_realtek.c | 1 + sound/usb/mixer_quirks.c | 2 ++ 52 files changed, 302 insertions(+), 182 deletions(-)

3 months

7
59
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror