- Linux-stable-mirror - lists.linaro.org

[PATCH 06/14] iommu/mediatek: fix device leaks on probe()

by Johan Hovold

Make sure to drop the references taken to the larb devices during probe on probe failure (e.g. probe deferral) and on driver unbind. Note that commit 26593928564c ("iommu/mediatek: Add error path for loop of mm_dts_parse") fixed the leaks in a couple of error paths, but the references are still leaking on success and late failures. Fixes: 0df4fabe208d ("iommu/mediatek: Add mt8173 IOMMU driver") Cc: stable(a)vger.kernel.org # 4.6 Cc: Yong Wu <yong.wu(a)mediatek.com> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/iommu/mtk_iommu.c | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/drivers/iommu/mtk_iommu.c b/drivers/iommu/mtk_iommu.c index 8d8e85186188..20a5ba80f983 100644 --- a/drivers/iommu/mtk_iommu.c +++ b/drivers/iommu/mtk_iommu.c @@ -1216,13 +1216,17 @@ static int mtk_iommu_mm_dts_parse(struct device *dev, struct component_match **m platform_device_put(plarbdev); } - if (!frst_avail_smicomm_node) - return -EINVAL; + if (!frst_avail_smicomm_node) { + ret = -EINVAL; + goto err_larbdev_put; + } pcommdev = of_find_device_by_node(frst_avail_smicomm_node); of_node_put(frst_avail_smicomm_node); - if (!pcommdev) - return -ENODEV; + if (!pcommdev) { + ret = -ENODEV; + goto err_larbdev_put; + } data->smicomm_dev = &pcommdev->dev; link = device_link_add(data->smicomm_dev, dev, @@ -1230,7 +1234,8 @@ static int mtk_iommu_mm_dts_parse(struct device *dev, struct component_match **m platform_device_put(pcommdev); if (!link) { dev_err(dev, "Unable to link %s.\n", dev_name(data->smicomm_dev)); - return -EINVAL; + ret = -EINVAL; + goto err_larbdev_put; } return 0; @@ -1402,8 +1407,12 @@ static int mtk_iommu_probe(struct platform_device *pdev) iommu_device_sysfs_remove(&data->iommu); out_list_del: list_del(&data->list); - if (MTK_IOMMU_IS_TYPE(data->plat_data, MTK_IOMMU_TYPE_MM)) + if (MTK_IOMMU_IS_TYPE(data->plat_data, MTK_IOMMU_TYPE_MM)) { device_link_remove(data->smicomm_dev, dev); + + for (i = 0; i < MTK_LARB_NR_MAX; i++) + put_device(data->larb_imu[i].dev); + } out_runtime_disable: pm_runtime_disable(dev); return ret; @@ -1423,6 +1432,9 @@ static void mtk_iommu_remove(struct platform_device *pdev) if (MTK_IOMMU_IS_TYPE(data->plat_data, MTK_IOMMU_TYPE_MM)) { device_link_remove(data->smicomm_dev, &pdev->dev); component_master_del(&pdev->dev, &mtk_iommu_com_ops); + + for (i = 0; i < MTK_LARB_NR_MAX; i++) + put_device(data->larb_imu[i].dev); } pm_runtime_disable(&pdev->dev); for (i = 0; i < data->plat_data->banks_num; i++) { -- 2.49.1

3 months

1
0
0 0

[PATCH 05/14] iommu/mediatek: fix device leak on of_xlate()

by Johan Hovold

Make sure to drop the reference taken to the iommu platform device when looking up its driver data during of_xlate(). Fixes: 0df4fabe208d ("iommu/mediatek: Add mt8173 IOMMU driver") Cc: stable(a)vger.kernel.org # 4.6 Cc: Yong Wu <yong.wu(a)mediatek.com> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/iommu/mtk_iommu.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/iommu/mtk_iommu.c b/drivers/iommu/mtk_iommu.c index 0e0285348d2b..8d8e85186188 100644 --- a/drivers/iommu/mtk_iommu.c +++ b/drivers/iommu/mtk_iommu.c @@ -974,6 +974,8 @@ static int mtk_iommu_of_xlate(struct device *dev, return -EINVAL; dev_iommu_priv_set(dev, platform_get_drvdata(m4updev)); + + put_device(&m4updev->dev); } return iommu_fwspec_add_ids(dev, args->args, 1); -- 2.49.1

3 months

1
0
0 0

[PATCH 04/14] iommu/ipmmu-vmsa: fix device leak on of_xlate()

by Johan Hovold

Make sure to drop the reference taken to the iommu platform device when looking up its driver data during of_xlate(). Fixes: 7b2d59611fef ("iommu/ipmmu-vmsa: Replace local utlb code with fwspec ids") Cc: stable(a)vger.kernel.org # 4.14 Cc: Magnus Damm <damm+renesas(a)opensource.se> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/iommu/ipmmu-vmsa.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/iommu/ipmmu-vmsa.c b/drivers/iommu/ipmmu-vmsa.c index ffa892f65714..02a2a55ffa0a 100644 --- a/drivers/iommu/ipmmu-vmsa.c +++ b/drivers/iommu/ipmmu-vmsa.c @@ -720,6 +720,8 @@ static int ipmmu_init_platform_device(struct device *dev, dev_iommu_priv_set(dev, platform_get_drvdata(ipmmu_pdev)); + put_device(&ipmmu_pdev->dev); + return 0; } -- 2.49.1

3 months

1
0
0 0

[PATCH 03/14] iommu/exynos: fix device leak on of_xlate()

by Johan Hovold

Make sure to drop the reference taken to the iommu platform device when looking up its driver data during of_xlate(). Fixes: aa759fd376fb ("iommu/exynos: Add callback for initializing devices from device tree") Cc: stable(a)vger.kernel.org # 4.2 Cc: Marek Szyprowski <m.szyprowski(a)samsung.com> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/iommu/exynos-iommu.c | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/drivers/iommu/exynos-iommu.c b/drivers/iommu/exynos-iommu.c index b6edd178fe25..ce9e935cb84c 100644 --- a/drivers/iommu/exynos-iommu.c +++ b/drivers/iommu/exynos-iommu.c @@ -1446,17 +1446,14 @@ static int exynos_iommu_of_xlate(struct device *dev, return -ENODEV; data = platform_get_drvdata(sysmmu); - if (!data) { - put_device(&sysmmu->dev); + put_device(&sysmmu->dev); + if (!data) return -ENODEV; - } if (!owner) { owner = kzalloc(sizeof(*owner), GFP_KERNEL); - if (!owner) { - put_device(&sysmmu->dev); + if (!owner) return -ENOMEM; - } INIT_LIST_HEAD(&owner->controllers); mutex_init(&owner->rpm_lock); -- 2.49.1

3 months

1
0
0 0

[PATCH 02/14] iommu/qcom: fix device leak on of_xlate()

by Johan Hovold

Make sure to drop the reference taken to the iommu platform device when looking up its driver data during of_xlate(). Note that commit e2eae09939a8 ("iommu/qcom: add missing put_device() call in qcom_iommu_of_xlate()") fixed the leak in a couple of error paths, but the reference is still leaking on success and late failures. Fixes: 0ae349a0f33f ("iommu/qcom: Add qcom_iommu") Cc: stable(a)vger.kernel.org # 4.14: e2eae09939a8 Cc: Rob Clark <robin.clark(a)oss.qualcomm.com> Cc: Yu Kuai <yukuai3(a)huawei.com> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/iommu/arm/arm-smmu/qcom_iommu.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/drivers/iommu/arm/arm-smmu/qcom_iommu.c b/drivers/iommu/arm/arm-smmu/qcom_iommu.c index c5be95e56031..9c1166a3af6c 100644 --- a/drivers/iommu/arm/arm-smmu/qcom_iommu.c +++ b/drivers/iommu/arm/arm-smmu/qcom_iommu.c @@ -565,14 +565,14 @@ static int qcom_iommu_of_xlate(struct device *dev, qcom_iommu = platform_get_drvdata(iommu_pdev); + put_device(&iommu_pdev->dev); + /* make sure the asid specified in dt is valid, so we don't have * to sanity check this elsewhere: */ if (WARN_ON(asid > qcom_iommu->max_asid) || - WARN_ON(qcom_iommu->ctxs[asid] == NULL)) { - put_device(&iommu_pdev->dev); + WARN_ON(qcom_iommu->ctxs[asid] == NULL)) return -EINVAL; - } if (!dev_iommu_priv_get(dev)) { dev_iommu_priv_set(dev, qcom_iommu); @@ -581,10 +581,8 @@ static int qcom_iommu_of_xlate(struct device *dev, * multiple different iommu devices. Multiple context * banks are ok, but multiple devices are not: */ - if (WARN_ON(qcom_iommu != dev_iommu_priv_get(dev))) { - put_device(&iommu_pdev->dev); + if (WARN_ON(qcom_iommu != dev_iommu_priv_get(dev))) return -EINVAL; - } } return iommu_fwspec_add_ids(dev, &asid, 1); -- 2.49.1

3 months

1
0
0 0

[PATCH 01/14] iommu/apple-dart: fix device leak on of_xlate()

by Johan Hovold

Make sure to drop the reference taken to the iommu platform device when looking up its driver data during of_xlate(). Fixes: 46d1fb072e76 ("iommu/dart: Add DART iommu driver") Cc: stable(a)vger.kernel.org # 5.15 Cc: Sven Peter <sven(a)kernel.org> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/iommu/apple-dart.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/iommu/apple-dart.c b/drivers/iommu/apple-dart.c index 190f28d76615..1aa7c10262a8 100644 --- a/drivers/iommu/apple-dart.c +++ b/drivers/iommu/apple-dart.c @@ -790,6 +790,8 @@ static int apple_dart_of_xlate(struct device *dev, struct apple_dart *cfg_dart; int i, sid; + put_device(&iommu_pdev->dev); + if (args->args_count != 1) return -EINVAL; sid = args->args[0]; -- 2.49.1

3 months

1
0
0 0

[PATCH v2] cpufreq: Handle CPUFREQ_ETERNAL with a default transition latency

by Shawn Guo

From: Shawn Guo <shawnguo(a)kernel.org> A regression is seen with 6.6 -> 6.12 kernel upgrade on platforms where cpufreq-dt driver sets cpuinfo.transition_latency as CPUFREQ_ETERNAL (-1), due to that platform's DT doesn't provide the optional property 'clock-latency-ns'. The dbs sampling_rate was 10000 us on 6.6 and suddently becomes 6442450 us (4294967295 / 1000 * 1.5) on 6.12 for these platforms, because the default transition delay was dropped by the commits below. commit 37c6dccd6837 ("cpufreq: Remove LATENCY_MULTIPLIER") commit a755d0e2d41b ("cpufreq: Honour transition_latency over transition_delay_us") commit e13aa799c2a6 ("cpufreq: Change default transition delay to 2ms") It slows down dbs governor's reacting to CPU loading change dramatically. Also, as transition_delay_us is used by schedutil governor as rate_limit_us, it shows a negative impact on device idle power consumption, because the device gets slightly less time in the lowest OPP. Fix the regressions by defining a default transition latency for handling the case of CPUFREQ_ETERNAL. Cc: stable(a)vger.kernel.org Fixes: 37c6dccd6837 ("cpufreq: Remove LATENCY_MULTIPLIER") Signed-off-by: Shawn Guo <shawnguo(a)kernel.org> --- Changes for v2: - Follow Rafael's suggestion to define a default transition latency for handling CPUFREQ_ETERNAL, and pave the way to get rid of CPUFREQ_ETERNAL completely later. v1: https://lkml.org/lkml/2025/9/10/294 drivers/cpufreq/cpufreq.c | 3 +++ include/linux/cpufreq.h | 2 ++ 2 files changed, 5 insertions(+) diff --git a/drivers/cpufreq/cpufreq.c b/drivers/cpufreq/cpufreq.c index fc7eace8b65b..c69d10f0e8ec 100644 --- a/drivers/cpufreq/cpufreq.c +++ b/drivers/cpufreq/cpufreq.c @@ -549,6 +549,9 @@ unsigned int cpufreq_policy_transition_delay_us(struct cpufreq_policy *policy) if (policy->transition_delay_us) return policy->transition_delay_us; + if (policy->cpuinfo.transition_latency == CPUFREQ_ETERNAL) + policy->cpuinfo.transition_latency = CPUFREQ_DEFAULT_TANSITION_LATENCY_NS; + latency = policy->cpuinfo.transition_latency / NSEC_PER_USEC; if (latency) /* Give a 50% breathing room between updates */ diff --git a/include/linux/cpufreq.h b/include/linux/cpufreq.h index 95f3807c8c55..935e9a660039 100644 --- a/include/linux/cpufreq.h +++ b/include/linux/cpufreq.h @@ -36,6 +36,8 @@ /* Print length for names. Extra 1 space for accommodating '\n' in prints */ #define CPUFREQ_NAME_PLEN (CPUFREQ_NAME_LEN + 1) +#define CPUFREQ_DEFAULT_TANSITION_LATENCY_NS NSEC_PER_MSEC + struct cpufreq_governor; enum cpufreq_table_sorting { -- 2.43.0

3 months

3
4
0 0

Linux 6.16.9

by Greg Kroah-Hartman

I'm announcing the release of the 6.16.9 kernel. All users of the 6.16 kernel series must upgrade. The updated 6.16.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.16.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/devicetree/bindings/serial/8250.yaml | 77 +++-- Documentation/netlink/specs/conntrack.yaml | 9 Documentation/netlink/specs/mptcp_pm.yaml | 4 Makefile | 2 arch/loongarch/Kconfig | 12 arch/loongarch/Makefile | 15 arch/loongarch/include/asm/acenv.h | 7 arch/loongarch/include/asm/kvm_mmu.h | 20 + arch/loongarch/kernel/env.c | 2 arch/loongarch/kernel/stacktrace.c | 3 arch/loongarch/kernel/vdso.c | 3 arch/loongarch/kvm/intc/eiointc.c | 87 +++-- arch/loongarch/kvm/intc/pch_pic.c | 21 - arch/loongarch/kvm/mmu.c | 8 arch/s390/include/asm/pci_insn.h | 10 arch/um/drivers/virtio_uml.c | 6 arch/um/os-Linux/file.c | 2 arch/x86/include/asm/sev.h | 38 +- arch/x86/kvm/svm/svm.c | 3 crypto/af_alg.c | 10 drivers/block/zram/zram_drv.c | 8 drivers/clk/sunxi-ng/ccu_mp.c | 2 drivers/crypto/ccp/sev-dev.c | 2 drivers/dpll/dpll_netlink.c | 4 drivers/gpio/gpiolib-acpi-core.c | 4 drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd.c | 16 - drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd.h | 12 drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 24 - drivers/gpu/drm/amd/amdkfd/kfd_device.c | 36 ++ drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 39 ++ drivers/gpu/drm/amd/pm/swsmu/amdgpu_smu.c | 2 drivers/gpu/drm/bridge/analogix/anx7625.c | 6 drivers/gpu/drm/bridge/cadence/cdns-mhdp8546-core.c | 6 drivers/gpu/drm/xe/abi/guc_actions_abi.h | 5 drivers/gpu/drm/xe/abi/guc_klvs_abi.h | 40 ++ drivers/gpu/drm/xe/xe_exec_queue.c | 22 - drivers/gpu/drm/xe/xe_exec_queue_types.h | 8 drivers/gpu/drm/xe/xe_execlist.c | 25 + drivers/gpu/drm/xe/xe_execlist_types.h | 2 drivers/gpu/drm/xe/xe_gt.c | 3 drivers/gpu/drm/xe/xe_gt_sriov_pf_config.c | 1 drivers/gpu/drm/xe/xe_guc.c | 62 +++- drivers/gpu/drm/xe/xe_guc.h | 1 drivers/gpu/drm/xe/xe_guc_exec_queue_types.h | 4 drivers/gpu/drm/xe/xe_guc_submit.c | 139 +++++++-- drivers/gpu/drm/xe/xe_guc_submit.h | 2 drivers/gpu/drm/xe/xe_tile_sysfs.c | 12 drivers/gpu/drm/xe/xe_uc.c | 4 drivers/gpu/drm/xe/xe_vm.c | 4 drivers/iommu/amd/amd_iommu_types.h | 1 drivers/iommu/amd/init.c | 9 drivers/iommu/amd/io_pgtable.c | 25 + drivers/iommu/intel/iommu.c | 7 drivers/iommu/s390-iommu.c | 29 + drivers/md/dm-raid.c | 6 drivers/md/dm-stripe.c | 10 drivers/mmc/host/mvsdio.c | 2 drivers/mmc/host/sdhci-pci-gli.c | 68 ++++ drivers/mmc/host/sdhci-uhs2.c | 3 drivers/mmc/host/sdhci.c | 34 +- drivers/net/bonding/bond_main.c | 2 drivers/net/ethernet/broadcom/cnic.c | 3 drivers/net/ethernet/cavium/liquidio/request_manager.c | 2 drivers/net/ethernet/freescale/dpaa2/dpaa2-switch.c | 2 drivers/net/ethernet/intel/i40e/i40e_txrx.c | 3 drivers/net/ethernet/intel/ice/ice_txrx.c | 80 ++--- drivers/net/ethernet/intel/ice/ice_txrx.h | 1 drivers/net/ethernet/intel/igc/igc.h | 1 drivers/net/ethernet/intel/igc/igc_main.c | 12 drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 22 - drivers/net/ethernet/marvell/octeon_ep/octep_main.c | 16 + drivers/net/ethernet/marvell/octeon_ep/octep_pfvf_mbox.c | 3 drivers/net/ethernet/marvell/octeontx2/nic/otx2_ptp.c | 2 drivers/net/ethernet/mellanox/mlx5/core/en/fs.h | 1 drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.h | 1 drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec_fs.c | 3 drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 2 drivers/net/ethernet/mellanox/mlx5/core/en_rep.c | 27 + drivers/net/ethernet/mellanox/mlx5/core/esw/qos.c | 1 drivers/net/ethernet/mellanox/mlx5/core/fs_core.c | 4 drivers/net/ethernet/mellanox/mlx5/core/lib/mlx5.h | 15 drivers/net/ethernet/mellanox/mlx5/core/port.c | 6 drivers/net/ethernet/natsemi/ns83820.c | 13 drivers/net/ethernet/qlogic/qed/qed_debug.c | 7 drivers/net/wireless/mediatek/mt76/mac80211.c | 2 drivers/net/wireless/microchip/wilc1000/wlan_cfg.c | 37 +- drivers/net/wireless/microchip/wilc1000/wlan_cfg.h | 5 drivers/nvme/host/core.c | 18 - drivers/pcmcia/omap_cf.c | 8 drivers/platform/x86/asus-nb-wmi.c | 25 + drivers/platform/x86/asus-wmi.h | 3 drivers/power/supply/bq27xxx_battery.c | 4 fs/btrfs/delayed-inode.c | 3 fs/btrfs/inode.c | 11 fs/btrfs/tree-checker.c | 4 fs/btrfs/tree-log.c | 2 fs/btrfs/zoned.c | 2 fs/nilfs2/sysfs.c | 4 fs/nilfs2/sysfs.h | 8 fs/smb/client/cifsproto.h | 4 fs/smb/client/inode.c | 23 + fs/smb/client/misc.c | 38 +- fs/smb/client/smbdirect.c | 132 +++++--- fs/smb/client/smbdirect.h | 23 - fs/smb/common/smbdirect/smbdirect_socket.h | 29 + fs/smb/server/transport_rdma.c | 183 ++++++++---- include/crypto/if_alg.h | 10 include/linux/io_uring_types.h | 3 include/linux/mlx5/driver.h | 1 include/linux/swap.h | 10 include/net/dst_metadata.h | 11 include/net/sock.h | 5 include/sound/sdca.h | 1 include/uapi/linux/mptcp.h | 2 include/uapi/linux/mptcp_pm.h | 4 io_uring/io-wq.c | 6 io_uring/io_uring.c | 10 io_uring/io_uring.h | 4 io_uring/msg_ring.c | 24 - io_uring/notif.c | 2 io_uring/poll.c | 2 io_uring/timeout.c | 2 io_uring/uring_cmd.c | 2 kernel/cgroup/cgroup.c | 43 ++ kernel/sched/ext.c | 6 mm/gup.c | 52 ++- mm/mlock.c | 6 mm/swap.c | 50 +-- mm/vmscan.c | 2 net/ipv4/tcp.c | 5 net/ipv4/tcp_ao.c | 4 net/mac80211/driver-ops.h | 2 net/mac80211/main.c | 7 net/mptcp/options.c | 6 net/mptcp/pm_netlink.c | 7 net/mptcp/protocol.c | 16 + net/mptcp/subflow.c | 4 net/rds/ib_frmr.c | 20 - net/rfkill/rfkill-gpio.c | 4 net/rxrpc/rxgk.c | 18 - net/rxrpc/rxgk_app.c | 29 + net/rxrpc/rxgk_common.h | 14 net/tls/tls.h | 1 net/tls/tls_strp.c | 14 net/tls/tls_sw.c | 3 samples/damon/mtier.c | 25 - samples/damon/prcl.c | 31 +- samples/damon/wsse.c | 22 - sound/firewire/motu/motu-hwdep.c | 2 sound/pci/hda/patch_realtek.c | 1 sound/soc/amd/acp/acp-i2s.c | 11 sound/soc/codecs/sma1307.c | 7 sound/soc/codecs/wm8940.c | 9 sound/soc/codecs/wm8974.c | 8 sound/soc/intel/catpt/pcm.c | 23 + sound/soc/qcom/qdsp6/audioreach.c | 1 sound/soc/qcom/qdsp6/q6apm-lpass-dais.c | 7 sound/soc/sdca/sdca_device.c | 20 + sound/soc/sdca/sdca_functions.c | 13 sound/soc/sdca/sdca_regmap.c | 2 sound/soc/sof/intel/hda-stream.c | 2 sound/usb/qcom/qc_audio_offload.c | 92 +++--- tools/arch/loongarch/include/asm/inst.h | 12 tools/objtool/arch/loongarch/decode.c | 33 +- tools/perf/util/maps.c | 9 tools/testing/selftests/net/mptcp/mptcp_connect.c | 11 tools/testing/selftests/net/mptcp/mptcp_sockopt.c | 16 - tools/testing/selftests/net/mptcp/pm_nl_ctl.c | 7 tools/testing/selftests/net/mptcp/userspace_pm.sh | 14 169 files changed, 1794 insertions(+), 821 deletions(-) Ajay.Kathat(a)microchip.com (1): wifi: wilc1000: avoid buffer overflow in WID string configuration Alex Deucher (2): drm/amdkfd: add proper handling for S0ix drm/amdgpu: suspend KFD and KGD user queues for S0ix Alex Elder (1): dt-bindings: serial: 8250: move a constraint Alexey Nepomnyashih (1): net: liquidio: fix overflow in octeon_init_instr_queue() Amadeusz Sławiński (1): ASoC: Intel: catpt: Expose correct bit depth to userspace Anderson Nascimento (1): net/tcp: Fix a NULL pointer dereference when using TCP-AO with TCP_REPAIR Andrea Righi (1): Revert "sched_ext: Skip per-CPU tasks in scx_bpf_reenqueue_local()" Antheas Kapenekakis (2): platform/x86: asus-wmi: Fix ROG button mapping, tablet mode on ASUS ROG Z13 platform/x86: asus-wmi: Re-add extra keys to ignore_key_wlan quirk Ben Chuang (3): mmc: sdhci: Move the code related to setting the clock from sdhci_set_ios_common() into sdhci_set_ios() mmc: sdhci-pci-gli: GL9767: Fix initializing the UHS-II interface during a power-on mmc: sdhci-uhs2: Fix calling incorrect sdhci_set_clock() function Bibo Mao (5): LoongArch: KVM: Avoid copy_*_user() with lock hold in kvm_eiointc_ctrl_access() LoongArch: KVM: Avoid copy_*_user() with lock hold in kvm_eiointc_regs_access() LoongArch: KVM: Avoid copy_*_user() with lock hold in kvm_eiointc_sw_status_access() LoongArch: KVM: Avoid copy_*_user() with lock hold in kvm_pch_pic_regs_access() LoongArch: KVM: Fix VM migration failure with PTW enabled Borislav Petkov (AMD) (1): crypto: ccp - Always pass in an error pointer to __sev_platform_shutdown_locked() Charles Keepax (4): ASoC: wm8940: Correct PLL rate rounding ASoC: wm8940: Correct typo in control name ASoC: wm8974: Correct PLL rate rounding ASoC: SDCA: Fix return value in sdca_regmap_mbq_size() Chen Ridong (1): cgroup: split cgroup_destroy_wq into 3 workqueues Chen-Yu Tsai (1): clk: sunxi-ng: mp: Fix dual-divider clock rate readback Christoph Hellwig (1): nvme: fix PI insert on write Colin Ian King (1): ASoC: SOF: Intel: hda-stream: Fix incorrect variable used in error message Dan Carpenter (2): ASoC: codec: sma1307: Fix memory corruption in sma1307_setting_loaded() drm/xe: Fix a NULL vs IS_ERR() in xe_vm_add_compute_exec_queue() Daniele Ceraolo Spurio (3): drm/xe: Fix error handling if PXP fails to start drm/xe/guc: Enable extended CAT error reporting drm/xe/guc: Set RCS/CCS yield policy David Howells (2): rxrpc: Fix unhandled errors in rxgk_verify_packet_integrity() rxrpc: Fix untrusted unsigned subtract Duoming Zhou (2): cnic: Fix use-after-free bugs in cnic_delete_task octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp() Eric Dumazet (1): net: clear sk->sk_ino in sk_set_socket(sk, NULL) Eugene Koira (1): iommu/vt-d: Fix __domain_mapping()'s usage of switch_to_super_page() Felix Fietkau (1): wifi: mt76: do not add non-sta wcid entries to the poll list Filipe Manana (1): btrfs: fix invalid extref key setup when replaying dentry Frank Li (1): dt-bindings: serial: 8250: allow clock 'uartclk' and 'reg' for nxp,lpc1850-uart Geert Uytterhoeven (1): pcmcia: omap_cf: Mark driver struct with __refdata to prevent section mismatch Geliang Tang (1): selftests: mptcp: sockopt: fix error messages Greg Kroah-Hartman (1): Linux 6.16.9 Guangshuo Li (1): LoongArch: vDSO: Check kcalloc() result in init_vdso() H. Nikolaus Schaller (2): power: supply: bq27xxx: fix error return in case of no bq27000 hdq battery power: supply: bq27xxx: restrict no-battery detection to bq27000 Hangbin Liu (2): bonding: set random address only when slaves already exist bonding: don't set oif to bond dev when getting NS target destination Hans de Goede (1): net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer Herbert Xu (2): crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg crypto: af_alg - Set merge to zero early in af_alg_sendmsg Honggyu Kim (1): samples/damon: change enable parameters to enabled Huacai Chen (1): LoongArch: Align ACPI structures if ARCH_STRICT_ALIGN enabled Hugh Dickins (5): mm/gup: check ref_count instead of lru before migration mm: revert "mm/gup: clear the LRU flag of a page before adding to LRU batch" mm/gup: local lru_add_drain() to avoid lru_add_drain_all() mm: revert "mm: vmscan.c: fix OOM on swap stress test" mm: folio_may_be_lru_cached() unless folio_test_large() Håkon Bugge (1): rds: ib: Increment i_fastreg_wrs before bailing out Ian Rogers (1): perf maps: Ensure kmap is set up for all inserts Ilya Maximets (1): net: dst_metadata: fix IP_DF bit not extracted from tunnel headers Ioana Ciornei (1): dpaa2-switch: fix buffer pool seeding for control traffic Ivan Lipski (1): drm/amd/display: Allow RX6xxx & RX7700 to invoke amdgpu_irq_get/put Ivan Vecera (1): dpll: fix clock quality level reporting Jacob Keller (1): ice: fix Rx page leak on multi-buffer frames Jakub Kicinski (1): tls: make sure to abort the stream if headers are bogus Jamie Bainbridge (1): qed: Don't collect too many protection override GRC elements Jedrzej Jagielski (2): ixgbe: initialize aci.lock before it's used ixgbe: destroy aci.lock later within ixgbe_remove path Jens Axboe (2): io_uring: include dying ring in task_work "should cancel" state io_uring/msg_ring: kill alloc_cache for io_kiocb allocations Jianbo Liu (1): net/mlx5e: Harden uplink netdev access against device unbind Johannes Thumshirn (1): btrfs: zoned: fix incorrect ASSERT in btrfs_zoned_reserve_data_reloc_bg() Kamal Heib (1): octeon_ep: Validate the VF ID Kohei Enju (1): igc: don't fail igc_probe() on LED setup error Krzysztof Kozlowski (1): ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed Kuniyuki Iwashima (1): tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect(). Lachlan Hodges (1): wifi: mac80211: increase scan_ies_len for S1G Lama Kayal (1): net/mlx5e: Add a miss level for ipsec crypto offload Li Tian (1): net/mlx5: Not returning mlx5_link_info table when speed is unknown Li Zhe (1): gup: optimize longterm pin_user_pages() for large folio Liao Yuanhong (1): wifi: mac80211: fix incorrect type for ret Loic Poulain (1): drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ Maciej Fijalkowski (1): i40e: remove redundant memory barrier when cleaning Tx descs Maciej S. Szmigiero (1): KVM: SVM: Sync TPR from LAPIC into VMCB::V_TPR even if AVIC is active Maciej Strozek (1): ASoC: SDCA: Add quirk for incorrect function types for 3 systems Mario Limonciello (1): drm/amd: Only restore cached manual clock settings in restore if OD enabled Matthew Rosato (1): iommu/s390: Fix memory corruption when using identity domain Matthieu Baerts (NGI0) (7): mptcp: set remote_deny_join_id0 on SYN recv selftests: mptcp: userspace pm: validate deny-join-id0 flag mptcp: tfo: record 'deny join id0' info mptcp: propagate shutdown to subflows when possible selftests: mptcp: connect: catch IO errors on listen side selftests: mptcp: avoid spurious errors on TCP disconnect mptcp: pm: nl: announce deny-join-id0 flag Max Kellermann (1): io_uring/io-wq: fix `max_workers` breakage and `nr_workers` underflow Miaoqian Lin (1): um: virtio_uml: Fix use-after-free after put_device in probe Michal Wajdeczko (1): drm/xe/pf: Drop rounddown_pow_of_two fair LMEM limitation Mikulas Patocka (2): dm-raid: don't set io_min and io_opt for raid1 dm-stripe: fix a possible integer overflow Mohammad Rafi Shaik (2): ASoC: qcom: audioreach: Fix lpaif_type configuration for the I2S interface ASoC: qcom: q6apm-lpass-dais: Fix missing set_fmt DAI op for I2S Namjae Jeon (1): ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer Nathan Chancellor (1): nilfs2: fix CFI failure when accessing /sys/fs/nilfs2/features/* Niklas Schnelle (1): iommu/s390: Make attach succeed when the device was surprise removed Paulo Alcantara (2): smb: client: fix filename matching of deferred files smb: client: fix file open check in __cifs_unlink() Praful Adiga (1): ALSA: hda/realtek: Fix mute led for HP Laptop 15-dw4xx Qi Xi (1): drm: bridge: cdns-mhdp8546: Fix missing mutex unlock on error path Qu Wenruo (1): btrfs: tree-checker: fix the incorrect inode ref size check Remy D. Farley (1): doc/netlink: Fix typos in operation attributes Sathesh B Edara (1): octeon_ep: fix VF MAC address lifecycle handling SeongJae Park (3): samples/damon/prcl: fix boot time enable crash samples/damon/mtier: avoid starting DAMON before initialization samples/damon/prcl: avoid starting DAMON before initialization Sergey Senozhatsky (1): zram: fix slot write race condition Shuicheng Lin (1): drm/xe/tile: Release kobject for the failure path Stefan Metzmacher (10): smb: server: let smb_direct_writev() respect SMB_DIRECT_MAX_SEND_SGES ksmbd: smbdirect: verify remaining_data_length respects max_fragmented_recv_size smb: smbdirect: introduce smbdirect_socket.recv_io.expected smb: client: make use of smbdirect_socket->recv_io.expected smb: smbdirect: introduce struct smbdirect_recv_io smb: client: make use of struct smbdirect_recv_io smb: client: let recv_done verify data_offset, data_length and remaining_data_length smb: client: use disable[_delayed]_work_sync in smbdirect.c smb: client: let smbd_destroy() call disable_work_sync(&info->post_send_credits_work) smb: client: fix smbdirect_recv_io leak in smbd_negotiate() error path Sébastien Szymanski (1): gpiolib: acpi: initialize acpi_gpio_info struct Takashi Iwai (1): ALSA: usb: qcom: Fix false-positive address space check Takashi Sakamoto (1): ALSA: firewire-motu: drop EPOLLOUT from poll return values as write is not supported Tao Cui (1): LoongArch: Check the return value when creating kobj Tariq Toukan (1): Revert "net/mlx5e: Update and set Xon/Xoff upon port speed set" Thomas Fourier (1): mmc: mvsdio: Fix dma_unmap_sg() nents value Tiezhu Yang (6): LoongArch: Update help info of ARCH_STRICT_ALIGN objtool/LoongArch: Mark types based on break immediate code objtool/LoongArch: Mark special atomic instruction as INSN_BUG type LoongArch: Fix unreliable stack for live patching LoongArch: Make LTO case independent in Makefile LoongArch: Handle jump tables options for RUST Tiwei Bie (1): um: Fix FD copy size in os_rcv_fd_msg() Tom Lendacky (1): x86/sev: Guard sev_evict_cache() with CONFIG_AMD_MEM_ENCRYPT Vasant Hegde (2): iommu/amd/pgtbl: Fix possible race while increase page table level iommu/amd: Fix alias device DTE setting Venkata Prasad Potturu (1): ASoC: amd: acp: Fix incorrect retrival of acp_chip_info Yang Xiuwei (1): io_uring: fix incorrect io_kiocb reference in io_link_skb Yeounsu Moon (1): net: natsemi: fix `rx_dropped` double accounting on `netif_rx()` failure Yixun Lan (1): dt-bindings: serial: 8250: spacemit: set clocks property as required Zhen Ni (1): iommu/amd: Fix ivrs_base memleak in early_amd_iommu_init() austinchang (1): btrfs: initialize inode::file_extent_tree after i_mode has been set

3 months

1
1
0 0

Linux 6.12.49

by Greg Kroah-Hartman

I'm announcing the release of the 6.12.49 kernel. All users of the 6.12 kernel series must upgrade. The updated 6.12.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.12.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/admin-guide/hw-vuln/srso.rst | 13 Documentation/netlink/specs/mptcp_pm.yaml | 4 Makefile | 2 arch/loongarch/Kconfig | 8 arch/loongarch/include/asm/acenv.h | 7 arch/loongarch/kernel/env.c | 2 arch/loongarch/kernel/stacktrace.c | 3 arch/loongarch/kernel/vdso.c | 3 arch/um/drivers/virtio_uml.c | 6 arch/um/os-Linux/file.c | 2 arch/x86/events/intel/core.c | 2 arch/x86/include/asm/cpufeatures.h | 5 arch/x86/include/asm/msr-index.h | 1 arch/x86/kernel/cpu/bugs.c | 28 +- arch/x86/kvm/svm/svm.c | 68 ++++ arch/x86/kvm/svm/svm.h | 2 arch/x86/lib/msr.c | 2 crypto/af_alg.c | 10 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 39 ++ drivers/gpu/drm/bridge/analogix/anx7625.c | 6 drivers/gpu/drm/bridge/cadence/cdns-mhdp8546-core.c | 6 drivers/gpu/drm/xe/xe_tile_sysfs.c | 12 drivers/gpu/drm/xe/xe_vm.c | 4 drivers/iommu/amd/amd_iommu_types.h | 1 drivers/iommu/amd/io_pgtable.c | 25 + drivers/iommu/intel/iommu.c | 7 drivers/md/dm-raid.c | 6 drivers/md/dm-stripe.c | 10 drivers/mmc/host/mvsdio.c | 2 drivers/net/bonding/bond_main.c | 2 drivers/net/ethernet/broadcom/cnic.c | 3 drivers/net/ethernet/cavium/liquidio/request_manager.c | 2 drivers/net/ethernet/freescale/dpaa2/dpaa2-switch.c | 2 drivers/net/ethernet/intel/i40e/i40e_txrx.c | 3 drivers/net/ethernet/intel/ice/ice.h | 3 drivers/net/ethernet/intel/ice/ice_base.c | 34 +- drivers/net/ethernet/intel/ice/ice_txrx.c | 80 ++--- drivers/net/ethernet/intel/ice/ice_txrx.h | 4 drivers/net/ethernet/intel/ice/ice_virtchnl.c | 7 drivers/net/ethernet/intel/igc/igc.h | 1 drivers/net/ethernet/intel/igc/igc_main.c | 12 drivers/net/ethernet/marvell/octeon_ep/octep_pfvf_mbox.c | 3 drivers/net/ethernet/marvell/octeontx2/nic/otx2_ptp.c | 2 drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 2 drivers/net/ethernet/mellanox/mlx5/core/en_rep.c | 27 + drivers/net/ethernet/mellanox/mlx5/core/esw/qos.c | 1 drivers/net/ethernet/mellanox/mlx5/core/lib/mlx5.h | 15 + drivers/net/ethernet/natsemi/ns83820.c | 13 drivers/net/ethernet/qlogic/qed/qed_debug.c | 7 drivers/net/vmxnet3/vmxnet3_drv.c | 10 drivers/net/wireless/microchip/wilc1000/wlan_cfg.c | 37 +- drivers/net/wireless/microchip/wilc1000/wlan_cfg.h | 5 drivers/nvme/host/core.c | 18 - drivers/pcmcia/omap_cf.c | 8 drivers/platform/x86/asus-nb-wmi.c | 25 + drivers/platform/x86/asus-wmi.h | 3 drivers/power/supply/bq27xxx_battery.c | 4 drivers/rtc/rtc-pcf2127.c | 10 drivers/usb/host/xhci-dbgcap.c | 94 ++++-- drivers/usb/host/xhci-debugfs.c | 5 drivers/usb/host/xhci-mem.c | 74 ++--- drivers/usb/host/xhci.c | 24 - drivers/usb/host/xhci.h | 9 fs/btrfs/tree-checker.c | 4 fs/btrfs/tree-log.c | 2 fs/nilfs2/sysfs.c | 4 fs/nilfs2/sysfs.h | 8 fs/smb/client/cifsproto.h | 4 fs/smb/client/inode.c | 6 fs/smb/client/misc.c | 38 +- fs/smb/client/smbdirect.c | 7 fs/smb/server/transport_rdma.c | 26 + include/crypto/if_alg.h | 10 include/linux/io_uring_types.h | 4 include/linux/minmax.h | 205 ++++++--------- include/linux/mlx5/driver.h | 1 include/linux/mm.h | 55 ++++ include/uapi/linux/mptcp.h | 2 include/uapi/linux/mptcp_pm.h | 4 io_uring/io_uring.c | 12 io_uring/io_uring.h | 13 io_uring/kbuf.h | 2 io_uring/msg_ring.c | 24 - io_uring/notif.c | 2 io_uring/poll.c | 3 io_uring/timeout.c | 2 io_uring/uring_cmd.c | 6 kernel/cgroup/cgroup.c | 43 ++- mm/gup.c | 41 ++- mm/migrate.c | 22 - mm/vmscan.c | 2 net/ipv4/tcp.c | 5 net/ipv4/tcp_ao.c | 4 net/mac80211/driver-ops.h | 2 net/mac80211/main.c | 7 net/mptcp/options.c | 6 net/mptcp/pm_netlink.c | 7 net/mptcp/protocol.c | 16 + net/mptcp/subflow.c | 4 net/rds/ib_frmr.c | 20 - net/rfkill/rfkill-gpio.c | 4 net/tls/tls.h | 1 net/tls/tls_strp.c | 14 - net/tls/tls_sw.c | 3 sound/firewire/motu/motu-hwdep.c | 2 sound/pci/hda/patch_realtek.c | 1 sound/soc/codecs/wm8940.c | 9 sound/soc/codecs/wm8974.c | 8 sound/soc/intel/catpt/pcm.c | 23 + sound/soc/qcom/qdsp6/audioreach.c | 1 sound/soc/qcom/qdsp6/q6apm-lpass-dais.c | 7 sound/soc/sof/intel/hda-stream.c | 2 tools/arch/loongarch/include/asm/inst.h | 12 tools/objtool/arch/loongarch/decode.c | 33 ++ tools/testing/selftests/net/mptcp/mptcp_connect.c | 11 tools/testing/selftests/net/mptcp/mptcp_sockopt.c | 16 - tools/testing/selftests/net/mptcp/pm_nl_ctl.c | 7 tools/testing/selftests/net/mptcp/userspace_pm.sh | 14 - 118 files changed, 1062 insertions(+), 564 deletions(-) Ajay.Kathat(a)microchip.com (1): wifi: wilc1000: avoid buffer overflow in WID string configuration Alexey Nepomnyashih (1): net: liquidio: fix overflow in octeon_init_instr_queue() Amadeusz Sławiński (1): ASoC: Intel: catpt: Expose correct bit depth to userspace Anderson Nascimento (1): net/tcp: Fix a NULL pointer dereference when using TCP-AO with TCP_REPAIR Antheas Kapenekakis (2): platform/x86: asus-wmi: Fix ROG button mapping, tablet mode on ASUS ROG Z13 platform/x86: asus-wmi: Re-add extra keys to ignore_key_wlan quirk Borislav Petkov (1): x86/bugs: KVM: Add support for SRSO_MSR_FIX Borislav Petkov (AMD) (1): x86/bugs: Add SRSO_USER_KERNEL_NO support Bruno Thomsen (1): rtc: pcf2127: fix SPI command byte for PCF2131 backport Charles Keepax (3): ASoC: wm8940: Correct PLL rate rounding ASoC: wm8940: Correct typo in control name ASoC: wm8974: Correct PLL rate rounding Chen Ridong (1): cgroup: split cgroup_destroy_wq into 3 workqueues Christoph Hellwig (1): nvme: fix PI insert on write Colin Ian King (1): ASoC: SOF: Intel: hda-stream: Fix incorrect variable used in error message Dan Carpenter (1): drm/xe: Fix a NULL vs IS_ERR() in xe_vm_add_compute_exec_queue() David Laight (7): minmax.h: add whitespace around operators and after commas minmax.h: update some comments minmax.h: reduce the #define expansion of min(), max() and clamp() minmax.h: use BUILD_BUG_ON_MSG() for the lo < hi test in clamp() minmax.h: move all the clamp() definitions after the min/max() ones minmax.h: simplify the variants of clamp() minmax.h: remove some #defines that are only expanded once Duoming Zhou (2): cnic: Fix use-after-free bugs in cnic_delete_task octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp() Eugene Koira (1): iommu/vt-d: Fix __domain_mapping()'s usage of switch_to_super_page() Filipe Manana (1): btrfs: fix invalid extref key setup when replaying dentry Geert Uytterhoeven (1): pcmcia: omap_cf: Mark driver struct with __refdata to prevent section mismatch Geliang Tang (1): selftests: mptcp: sockopt: fix error messages Greg Kroah-Hartman (1): Linux 6.12.49 Guangshuo Li (1): LoongArch: vDSO: Check kcalloc() result in init_vdso() H. Nikolaus Schaller (2): power: supply: bq27xxx: fix error return in case of no bq27000 hdq battery power: supply: bq27xxx: restrict no-battery detection to bq27000 Hangbin Liu (2): bonding: set random address only when slaves already exist bonding: don't set oif to bond dev when getting NS target destination Hans de Goede (1): net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer Herbert Xu (2): crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg crypto: af_alg - Set merge to zero early in af_alg_sendmsg Huacai Chen (1): LoongArch: Align ACPI structures if ARCH_STRICT_ALIGN enabled Hugh Dickins (2): mm: revert "mm: vmscan.c: fix OOM on swap stress test" mm/gup: check ref_count instead of lru before migration Håkon Bugge (1): rds: ib: Increment i_fastreg_wrs before bailing out Ioana Ciornei (1): dpaa2-switch: fix buffer pool seeding for control traffic Ivan Lipski (1): drm/amd/display: Allow RX6xxx & RX7700 to invoke amdgpu_irq_get/put Jacob Keller (2): ice: store max_frame and rx_buf_len only in ice_rx_ring ice: fix Rx page leak on multi-buffer frames Jakub Kicinski (1): tls: make sure to abort the stream if headers are bogus Jamie Bainbridge (1): qed: Don't collect too many protection override GRC elements Jens Axboe (4): io_uring: backport io_should_terminate_tw() io_uring: include dying ring in task_work "should cancel" state io_uring/msg_ring: kill alloc_cache for io_kiocb allocations io_uring/kbuf: drop WARN_ON_ONCE() from incremental length check Jianbo Liu (1): net/mlx5e: Harden uplink netdev access against device unbind Kan Liang (1): perf/x86/intel: Fix crash in icl_update_topdown_event() Kohei Enju (1): igc: don't fail igc_probe() on LED setup error Krzysztof Kozlowski (1): ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed Kuniyuki Iwashima (1): tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect(). Lachlan Hodges (1): wifi: mac80211: increase scan_ies_len for S1G Li Zhe (1): gup: optimize longterm pin_user_pages() for large folio Liao Yuanhong (1): wifi: mac80211: fix incorrect type for ret Loic Poulain (1): drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ Maciej Fijalkowski (1): i40e: remove redundant memory barrier when cleaning Tx descs Maciej S. Szmigiero (1): KVM: SVM: Sync TPR from LAPIC into VMCB::V_TPR even if AVIC is active Mathias Nyman (2): xhci: dbc: decouple endpoint allocation from initialization xhci: dbc: Fix full DbC transfer ring after several reconnects Matthieu Baerts (NGI0) (7): mptcp: set remote_deny_join_id0 on SYN recv selftests: mptcp: userspace pm: validate deny-join-id0 flag mptcp: tfo: record 'deny join id0' info mptcp: propagate shutdown to subflows when possible selftests: mptcp: connect: catch IO errors on listen side selftests: mptcp: avoid spurious errors on TCP disconnect mptcp: pm: nl: announce deny-join-id0 flag Miaoqian Lin (1): um: virtio_uml: Fix use-after-free after put_device in probe Mikulas Patocka (2): dm-raid: don't set io_min and io_opt for raid1 dm-stripe: fix a possible integer overflow Mohammad Rafi Shaik (2): ASoC: qcom: audioreach: Fix lpaif_type configuration for the I2S interface ASoC: qcom: q6apm-lpass-dais: Fix missing set_fmt DAI op for I2S Namjae Jeon (1): ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer Nathan Chancellor (1): nilfs2: fix CFI failure when accessing /sys/fs/nilfs2/features/* Niklas Neronin (2): usb: xhci: introduce macro for ring segment list iteration usb: xhci: remove option to change a default ring's TRB cycle bit Paulo Alcantara (1): smb: client: fix filename matching of deferred files Pavel Begunkov (1): io_uring/cmd: let cmds to know about dying task Praful Adiga (1): ALSA: hda/realtek: Fix mute led for HP Laptop 15-dw4xx Qi Xi (1): drm: bridge: cdns-mhdp8546: Fix missing mutex unlock on error path Qu Wenruo (1): btrfs: tree-checker: fix the incorrect inode ref size check Sankararaman Jayaraman (1): vmxnet3: unregister xdp rxq info in the reset path Sathesh B Edara (1): octeon_ep: fix VF MAC address lifecycle handling Sean Christopherson (1): KVM: SVM: Set/clear SRSO's BP_SPEC_REDUCE on 0 <=> 1 VM count transitions Shivank Garg (1): mm: add folio_expected_ref_count() for reference count calculation Shuicheng Lin (1): drm/xe/tile: Release kobject for the failure path Stefan Metzmacher (3): ksmbd: smbdirect: verify remaining_data_length respects max_fragmented_recv_size smb: client: let smbd_destroy() call disable_work_sync(&info->post_send_credits_work) smb: client: fix smbdirect_recv_io leak in smbd_negotiate() error path Takashi Sakamoto (1): ALSA: firewire-motu: drop EPOLLOUT from poll return values as write is not supported Tao Cui (1): LoongArch: Check the return value when creating kobj Tariq Toukan (1): Revert "net/mlx5e: Update and set Xon/Xoff upon port speed set" Thomas Fourier (1): mmc: mvsdio: Fix dma_unmap_sg() nents value Tiezhu Yang (4): LoongArch: Update help info of ARCH_STRICT_ALIGN objtool/LoongArch: Mark types based on break immediate code objtool/LoongArch: Mark special atomic instruction as INSN_BUG type LoongArch: Fix unreliable stack for live patching Tiwei Bie (1): um: Fix FD copy size in os_rcv_fd_msg() Vasant Hegde (1): iommu/amd/pgtbl: Fix possible race while increase page table level Yang Xiuwei (1): io_uring: fix incorrect io_kiocb reference in io_link_skb Yeounsu Moon (1): net: natsemi: fix `rx_dropped` double accounting on `netif_rx()` failure

3 months

1
1
0 0

Linux 6.6.108

by Greg Kroah-Hartman

I'm announcing the release of the 6.6.108 kernel. All users of the 6.6 kernel series must upgrade. The updated 6.6.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.6.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/loongarch/Kconfig | 8 + arch/loongarch/include/asm/acenv.h | 7 - arch/loongarch/kernel/env.c | 2 arch/um/drivers/virtio_uml.c | 6 - arch/x86/kvm/svm/svm.c | 3 arch/x86/mm/pgtable.c | 2 crypto/af_alg.c | 10 + drivers/block/loop.c | 38 +----- drivers/edac/sb_edac.c | 4 drivers/gpu/drm/bridge/analogix/anx7625.c | 6 - drivers/gpu/drm/bridge/cadence/cdns-mhdp8546-core.c | 6 - drivers/gpu/drm/drm_color_mgmt.c | 2 drivers/iommu/amd/amd_iommu_types.h | 1 drivers/iommu/amd/io_pgtable.c | 26 +++- drivers/iommu/intel/iommu.c | 7 + drivers/md/dm-integrity.c | 6 - drivers/mmc/host/mvsdio.c | 2 drivers/net/bonding/bond_main.c | 2 drivers/net/ethernet/broadcom/cnic.c | 3 drivers/net/ethernet/cavium/liquidio/request_manager.c | 2 drivers/net/ethernet/freescale/dpaa2/dpaa2-switch.c | 2 drivers/net/ethernet/intel/i40e/i40e_txrx.c | 3 drivers/net/ethernet/marvell/octeontx2/nic/otx2_ptp.c | 2 drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 2 drivers/net/ethernet/mellanox/mlx5/core/en_rep.c | 27 +++- drivers/net/ethernet/mellanox/mlx5/core/esw/qos.c | 85 +++++++++++++-- drivers/net/ethernet/mellanox/mlx5/core/lib/mlx5.h | 15 ++ drivers/net/ethernet/natsemi/ns83820.c | 13 +- drivers/net/ethernet/qlogic/qed/qed_debug.c | 7 - drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 2 drivers/net/vmxnet3/vmxnet3_drv.c | 10 - drivers/net/wireless/microchip/wilc1000/wlan_cfg.c | 37 ++++-- drivers/net/wireless/microchip/wilc1000/wlan_cfg.h | 5 drivers/pcmcia/omap_cf.c | 8 + drivers/phy/broadcom/phy-bcm-ns-usb3.c | 9 - drivers/phy/marvell/phy-berlin-usb.c | 7 - drivers/phy/ralink/phy-ralink-usb.c | 10 - drivers/phy/rockchip/phy-rockchip-pcie.c | 11 - drivers/phy/rockchip/phy-rockchip-usb.c | 10 - drivers/phy/ti/phy-omap-control.c | 9 - drivers/phy/ti/phy-omap-usb2.c | 24 +++- drivers/phy/ti/phy-ti-pipe3.c | 14 -- drivers/power/supply/bq27xxx_battery.c | 4 drivers/rtc/rtc-pcf2127.c | 10 - drivers/usb/host/xhci-dbgcap.c | 94 ++++++++++++----- fs/btrfs/tree-checker.c | 4 fs/btrfs/tree-log.c | 2 fs/nilfs2/sysfs.c | 4 fs/nilfs2/sysfs.h | 8 - fs/smb/client/smbdirect.c | 4 fs/smb/server/transport_rdma.c | 26 +++- include/crypto/if_alg.h | 10 + include/linux/minmax.h | 26 +++- include/linux/mlx5/driver.h | 1 include/linux/pageblock-flags.h | 2 include/uapi/linux/mptcp.h | 6 - io_uring/io_uring.c | 7 - io_uring/io_uring.h | 13 ++ io_uring/poll.c | 3 io_uring/timeout.c | 2 kernel/cgroup/cgroup.c | 43 ++++++- net/ipv4/proc.c | 2 net/ipv4/tcp.c | 5 net/ipv6/proc.c | 2 net/mac80211/driver-ops.h | 2 net/mac80211/main.c | 7 + net/mptcp/options.c | 6 - net/mptcp/pm_netlink.c | 7 + net/mptcp/protocol.c | 16 ++ net/mptcp/subflow.c | 4 net/rds/ib_frmr.c | 20 ++- net/rfkill/rfkill-gpio.c | 4 net/tls/tls.h | 1 net/tls/tls_strp.c | 14 +- net/tls/tls_sw.c | 3 sound/firewire/motu/motu-hwdep.c | 2 sound/pci/hda/patch_realtek.c | 1 sound/soc/codecs/wm8940.c | 9 + sound/soc/codecs/wm8974.c | 8 + sound/soc/qcom/qdsp6/audioreach.c | 1 sound/soc/qcom/qdsp6/q6apm-lpass-dais.c | 7 - sound/soc/sof/intel/hda-stream.c | 2 tools/testing/selftests/net/mptcp/mptcp_connect.c | 11 + tools/testing/selftests/net/mptcp/mptcp_sockopt.c | 16 +- tools/testing/selftests/net/mptcp/pm_nl_ctl.c | 7 + tools/testing/selftests/net/mptcp/userspace_pm.sh | 14 +- 87 files changed, 599 insertions(+), 298 deletions(-) Ajay.Kathat(a)microchip.com (1): wifi: wilc1000: avoid buffer overflow in WID string configuration Alexey Nepomnyashih (1): net: liquidio: fix overflow in octeon_init_instr_queue() Bruno Thomsen (1): rtc: pcf2127: fix SPI command byte for PCF2131 backport Charles Keepax (3): ASoC: wm8940: Correct PLL rate rounding ASoC: wm8940: Correct typo in control name ASoC: wm8974: Correct PLL rate rounding Chen Ridong (1): cgroup: split cgroup_destroy_wq into 3 workqueues Colin Ian King (1): ASoC: SOF: Intel: hda-stream: Fix incorrect variable used in error message Duoming Zhou (2): cnic: Fix use-after-free bugs in cnic_delete_task octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp() Eric Hagberg (1): Revert "loop: Avoid updating block size under exclusive owner" Eugene Koira (1): iommu/vt-d: Fix __domain_mapping()'s usage of switch_to_super_page() Filipe Manana (1): btrfs: fix invalid extref key setup when replaying dentry Geert Uytterhoeven (1): pcmcia: omap_cf: Mark driver struct with __refdata to prevent section mismatch Geliang Tang (1): selftests: mptcp: sockopt: fix error messages Greg Kroah-Hartman (1): Linux 6.6.108 H. Nikolaus Schaller (2): power: supply: bq27xxx: fix error return in case of no bq27000 hdq battery power: supply: bq27xxx: restrict no-battery detection to bq27000 Hangbin Liu (2): bonding: set random address only when slaves already exist bonding: don't set oif to bond dev when getting NS target destination Hans de Goede (1): net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer Herbert Xu (2): crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg crypto: af_alg - Set merge to zero early in af_alg_sendmsg Huacai Chen (1): LoongArch: Align ACPI structures if ARCH_STRICT_ALIGN enabled Håkon Bugge (1): rds: ib: Increment i_fastreg_wrs before bailing out Ioana Ciornei (1): dpaa2-switch: fix buffer pool seeding for control traffic Jakub Kicinski (1): tls: make sure to abort the stream if headers are bogus Jamie Bainbridge (1): qed: Don't collect too many protection override GRC elements Jens Axboe (2): io_uring: backport io_should_terminate_tw() io_uring: include dying ring in task_work "should cancel" state Jianbo Liu (2): net/mlx5e: Consider aggregated port speed during rate configuration net/mlx5e: Harden uplink netdev access against device unbind Johan Hovold (1): phy: ti: omap-usb2: fix device leak at unbind Krzysztof Kozlowski (1): ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed Kuniyuki Iwashima (1): tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect(). Lachlan Hodges (1): wifi: mac80211: increase scan_ies_len for S1G Liao Yuanhong (1): wifi: mac80211: fix incorrect type for ret Linus Torvalds (3): minmax: avoid overly complicated constant expressions in VM code minmax: simplify and clarify min_t()/max_t() implementation minmax: add a few more MIN_T/MAX_T users Loic Poulain (1): drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ Maciej Fijalkowski (1): i40e: remove redundant memory barrier when cleaning Tx descs Maciej S. Szmigiero (1): KVM: SVM: Sync TPR from LAPIC into VMCB::V_TPR even if AVIC is active Mathias Nyman (2): xhci: dbc: decouple endpoint allocation from initialization xhci: dbc: Fix full DbC transfer ring after several reconnects Matthieu Baerts (NGI0) (7): mptcp: set remote_deny_join_id0 on SYN recv mptcp: tfo: record 'deny join id0' info selftests: mptcp: connect: catch IO errors on listen side selftests: mptcp: avoid spurious errors on TCP disconnect mptcp: pm: nl: announce deny-join-id0 flag selftests: mptcp: userspace pm: validate deny-join-id0 flag mptcp: propagate shutdown to subflows when possible Miaoqian Lin (1): um: virtio_uml: Fix use-after-free after put_device in probe Mohammad Rafi Shaik (2): ASoC: qcom: audioreach: Fix lpaif_type configuration for the I2S interface ASoC: qcom: q6apm-lpass-dais: Fix missing set_fmt DAI op for I2S Namjae Jeon (1): ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer Nathan Chancellor (1): nilfs2: fix CFI failure when accessing /sys/fs/nilfs2/features/* Praful Adiga (1): ALSA: hda/realtek: Fix mute led for HP Laptop 15-dw4xx Qi Xi (1): drm: bridge: cdns-mhdp8546: Fix missing mutex unlock on error path Qu Wenruo (1): btrfs: tree-checker: fix the incorrect inode ref size check Rob Herring (1): phy: Use device_get_match_data() Sankararaman Jayaraman (1): vmxnet3: unregister xdp rxq info in the reset path Stefan Metzmacher (2): ksmbd: smbdirect: verify remaining_data_length respects max_fragmented_recv_size smb: client: fix smbdirect_recv_io leak in smbd_negotiate() error path Takashi Sakamoto (1): ALSA: firewire-motu: drop EPOLLOUT from poll return values as write is not supported Tao Cui (1): LoongArch: Check the return value when creating kobj Tariq Toukan (1): Revert "net/mlx5e: Update and set Xon/Xoff upon port speed set" Thomas Fourier (1): mmc: mvsdio: Fix dma_unmap_sg() nents value Tiezhu Yang (1): LoongArch: Update help info of ARCH_STRICT_ALIGN Vasant Hegde (1): iommu/amd/pgtbl: Fix possible race while increase page table level Yeounsu Moon (1): net: natsemi: fix `rx_dropped` double accounting on `netif_rx()` failure

3 months

1
1
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror