- Linux-stable-mirror - lists.linaro.org

by Greg Kroah-Hartman

I'm announcing the release of the 5.4.301 kernel. All users of the 5.4 kernel series must upgrade. The updated 5.4.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.4.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/admin-guide/kernel-parameters.txt | 3 Documentation/arm64/silicon-errata.rst | 2 Makefile | 2 arch/arm64/Kconfig | 1 arch/arm64/boot/dts/qcom/msm8916.dtsi | 2 arch/arm64/include/asm/cputype.h | 2 arch/arm64/include/asm/pgtable.h | 3 arch/arm64/kernel/cpu_errata.c | 1 arch/m68k/include/asm/bitops.h | 25 + arch/mips/mti-malta/malta-setup.c | 2 arch/parisc/include/uapi/asm/ioctls.h | 8 arch/sparc/kernel/of_device_32.c | 1 arch/sparc/kernel/of_device_64.c | 1 arch/sparc/lib/M7memcpy.S | 20 - arch/sparc/lib/Memcpy_utils.S | 9 arch/sparc/lib/NG4memcpy.S | 2 arch/sparc/lib/NGmemcpy.S | 29 +- arch/sparc/lib/U1memcpy.S | 19 - arch/sparc/lib/U3memcpy.S | 2 arch/sparc/mm/hugetlbpage.c | 20 + arch/x86/include/asm/kvm_emulate.h | 2 arch/x86/include/asm/segment.h | 8 arch/x86/kernel/umip.c | 15 + arch/x86/kvm/emulate.c | 10 arch/x86/kvm/x86.c | 9 block/blk-mq-sysfs.c | 6 block/blk-settings.c | 3 crypto/essiv.c | 14 - drivers/acpi/acpi_dbg.c | 26 +- drivers/acpi/acpi_tad.c | 3 drivers/acpi/processor_idle.c | 3 drivers/android/binder.c | 11 drivers/base/node.c | 4 drivers/base/regmap/regmap.c | 2 drivers/char/tpm/tpm_tis_core.c | 24 + drivers/clk/nxp/clk-lpc18xx-cgu.c | 20 - drivers/clocksource/clps711x-timer.c | 23 + drivers/cpufreq/intel_pstate.c | 8 drivers/cpuidle/governors/menu.c | 21 - drivers/crypto/atmel-tdes.c | 2 drivers/firmware/meson/meson_sm.c | 7 drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c | 5 drivers/gpu/drm/amd/amdgpu/gmc_v7_0.c | 7 drivers/gpu/drm/amd/amdgpu/gmc_v8_0.c | 7 drivers/gpu/drm/exynos/exynos7_drm_decon.c | 36 -- drivers/gpu/drm/nouveau/nouveau_bo.c | 2 drivers/gpu/drm/radeon/r600_cs.c | 4 drivers/gpu/drm/vmwgfx/vmwgfx_validation.c | 4 drivers/i2c/busses/i2c-designware-platdrv.c | 1 drivers/i2c/busses/i2c-mt65xx.c | 17 - drivers/iio/dac/ad5360.c | 2 drivers/iio/dac/ad5421.c | 2 drivers/iio/frequency/adf4350.c | 20 + drivers/iio/inkern.c | 2 drivers/infiniband/core/addr.c | 10 drivers/infiniband/core/sa_query.c | 6 drivers/infiniband/sw/siw/siw_verbs.c | 25 + drivers/input/misc/uinput.c | 1 drivers/mailbox/zynqmp-ipi-mailbox.c | 7 drivers/md/dm-integrity.c | 2 drivers/md/dm.c | 7 drivers/media/i2c/mt9v111.c | 2 drivers/media/i2c/rj54n1cb0c.c | 9 drivers/media/i2c/tc358743.c | 4 drivers/media/mc/mc-devnode.c | 6 drivers/media/pci/b2c2/flexcop-pci.c | 2 drivers/media/pci/cx18/cx18-queue.c | 12 drivers/media/pci/ivtv/ivtv-driver.c | 2 drivers/media/pci/ivtv/ivtv-irq.c | 2 drivers/media/pci/ivtv/ivtv-queue.c | 18 - drivers/media/pci/ivtv/ivtv-streams.c | 22 - drivers/media/pci/ivtv/ivtv-udma.c | 19 - drivers/media/pci/ivtv/ivtv-yuv.c | 18 + drivers/media/platform/s5p-mfc/s5p_mfc_cmd_v6.c | 35 +- drivers/media/rc/imon.c | 189 +++++++++------ drivers/media/rc/lirc_dev.c | 15 - drivers/media/rc/rc-main.c | 6 drivers/media/tuners/xc5000.c | 41 +-- drivers/memory/samsung/exynos-srom.c | 32 +- drivers/mfd/intel_soc_pmic_chtdc_ti.c | 5 drivers/mfd/vexpress-sysreg.c | 6 drivers/misc/genwqe/card_ddcb.c | 2 drivers/mmc/core/sdio.c | 6 drivers/mtd/nand/raw/fsmc_nand.c | 6 drivers/mtd/spi-nor/cadence-quadspi.c | 5 drivers/net/bonding/bond_main.c | 40 +-- drivers/net/ethernet/amazon/ena/ena_ethtool.c | 5 drivers/net/ethernet/amd/xgbe/xgbe-drv.c | 1 drivers/net/ethernet/amd/xgbe/xgbe-mdio.c | 1 drivers/net/ethernet/broadcom/tg3.c | 5 drivers/net/ethernet/dlink/dl2k.c | 99 ++++--- drivers/net/ethernet/freescale/enetc/enetc.h | 2 drivers/net/ethernet/freescale/fsl_pq_mdio.c | 2 drivers/net/ethernet/mellanox/mlx4/en_netdev.c | 2 drivers/net/ethernet/mellanox/mlx5/core/en/port_buffer.h | 12 drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 17 - drivers/net/ethernet/netronome/nfp/nfp_net_ethtool.c | 2 drivers/net/ethernet/renesas/ravb_main.c | 8 drivers/net/usb/rtl8150.c | 13 - drivers/net/wireless/marvell/mwifiex/cfg80211.c | 7 drivers/net/wireless/mediatek/mt76/mt7603/soc.c | 2 drivers/net/wireless/realtek/rtlwifi/rtl8192cu/sw.c | 1 drivers/pci/controller/dwc/pci-keystone.c | 4 drivers/pci/controller/pci-tegra.c | 2 drivers/pci/iov.c | 5 drivers/pci/pci-driver.c | 1 drivers/perf/arm_spe_pmu.c | 3 drivers/pinctrl/meson/pinctrl-meson-gxl.c | 10 drivers/pinctrl/pinmux.c | 2 drivers/pps/kapi.c | 5 drivers/pps/pps.c | 5 drivers/pwm/pwm-berlin.c | 4 drivers/pwm/pwm-tiehrpwm.c | 4 drivers/remoteproc/qcom_q6v5.c | 3 drivers/rtc/interface.c | 27 ++ drivers/rtc/rtc-x1205.c | 2 drivers/scsi/hpsa.c | 21 - drivers/scsi/mpt3sas/mpt3sas_transport.c | 8 drivers/scsi/mvsas/mv_defs.h | 1 drivers/scsi/mvsas/mv_init.c | 13 - drivers/scsi/mvsas/mv_sas.c | 42 +-- drivers/scsi/mvsas/mv_sas.h | 8 drivers/scsi/myrs.c | 8 drivers/scsi/pm8001/pm8001_sas.c | 9 drivers/soc/qcom/rpmh-rsc.c | 7 drivers/staging/axis-fifo/axis-fifo.c | 32 +- drivers/staging/comedi/comedi_buf.c | 2 drivers/target/target_core_configfs.c | 2 drivers/tty/serial/max310x.c | 2 drivers/uio/uio_hv_generic.c | 7 drivers/usb/core/quirks.c | 2 drivers/usb/gadget/configfs.c | 2 drivers/usb/host/max3421-hcd.c | 2 drivers/usb/host/xhci-dbgcap.c | 9 drivers/usb/phy/phy-twl6030-usb.c | 3 drivers/usb/serial/option.c | 16 + drivers/usb/usbip/vhci_hcd.c | 22 + drivers/watchdog/mpc8xxx_wdt.c | 2 drivers/xen/events/events_base.c | 25 + drivers/xen/manage.c | 3 fs/btrfs/export.c | 8 fs/cramfs/inode.c | 11 fs/dcache.c | 2 fs/dlm/lockspace.c | 2 fs/exec.c | 2 fs/ext4/fsmap.c | 14 - fs/ext4/inode.c | 18 + fs/ext4/super.c | 10 fs/ext4/xattr.c | 15 - fs/hfs/bfind.c | 8 fs/hfs/brec.c | 27 +- fs/hfs/mdb.c | 2 fs/hfsplus/bfind.c | 8 fs/hfsplus/bnode.c | 41 --- fs/hfsplus/btree.c | 6 fs/hfsplus/hfsplus_fs.h | 42 +++ fs/hfsplus/super.c | 25 + fs/hfsplus/unicode.c | 24 + fs/jbd2/transaction.c | 13 - fs/minix/inode.c | 8 fs/namespace.c | 11 fs/nfs/nfs4proc.c | 2 fs/nfsd/blocklayout.c | 5 fs/nfsd/flexfilelayout.c | 8 fs/nfsd/lockd.c | 15 + fs/nfsd/nfs4proc.c | 34 +- fs/ocfs2/move_extents.c | 5 fs/ocfs2/stack_user.c | 1 fs/squashfs/inode.c | 31 ++ fs/squashfs/squashfs_fs_i.h | 2 fs/udf/inode.c | 3 include/linux/device.h | 3 include/linux/iio/frequency/adf4350.h | 2 include/linux/netdevice.h | 9 include/net/ip_tunnels.h | 15 + include/net/rtnetlink.h | 16 + include/scsi/libsas.h | 18 + include/uapi/linux/netlink.h | 1 kernel/padata.c | 6 kernel/pid.c | 2 kernel/sched/fair.c | 38 +-- kernel/sched/sched.h | 4 kernel/trace/trace_kprobe.c | 11 kernel/trace/trace_probe.h | 9 kernel/trace/trace_uprobe.c | 12 lib/genalloc.c | 5 mm/hugetlb.c | 2 net/9p/trans_fd.c | 8 net/core/filter.c | 16 - net/core/rtnetlink.c | 89 ++++--- net/ipv4/ip_tunnel.c | 14 - net/ipv4/tcp.c | 9 net/ipv4/tcp_input.c | 1 net/ipv4/tcp_output.c | 19 + net/ipv4/udp.c | 16 - net/ipv6/ip6_tunnel.c | 3 net/netfilter/ipset/ip_set_hash_gen.h | 8 net/netfilter/ipvs/ip_vs_ftp.c | 4 net/sctp/inqueue.c | 13 - net/sctp/sm_make_chunk.c | 3 net/sctp/sm_statefuns.c | 6 net/tls/tls_main.c | 7 net/tls/tls_sw.c | 13 + security/keys/trusted.c | 7 sound/firewire/amdtp-stream.h | 2 sound/pci/lx6464es/lx_core.c | 4 sound/soc/intel/boards/bytcht_es8316.c | 20 + sound/soc/intel/boards/bytcr_rt5640.c | 7 sound/soc/intel/boards/bytcr_rt5651.c | 26 +- tools/build/feature/Makefile | 4 tools/lib/subcmd/help.c | 3 tools/perf/util/lzma.c | 2 tools/perf/util/session.c | 2 tools/perf/util/zlib.c | 2 tools/testing/selftests/rseq/rseq.c | 8 tools/testing/selftests/watchdog/watchdog-test.c | 6 216 files changed, 1509 insertions(+), 919 deletions(-) Abdun Nihaal (1): wifi: mt76: fix potential memory leak in mt76_wmac_probe() Ahmet Eray Karadag (1): ext4: guard against EA inode refcount underflow in xattr update Akhilesh Patil (1): selftests: watchdog: skip ping loop if WDIOF_KEEPALIVEPING not supported Alexander Aring (1): dlm: check for defined force value in dlm_lockspace_release Alexandr Sapozhnikov (1): net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() Alexey Simakov (2): tg3: prevent use of uninitialized remote_adv and local_adv variables sctp: avoid NULL dereference when chunk data buffer is missing Alice Ryhl (1): binder: remove "invalid inc weak" check Alok Tiwari (2): PCI: tegra: Fix devm_kcalloc() argument order for port->phys allocation clk: nxp: Fix pll0 rate check condition in LPC18xx CGU driver Amir Mohammad Jahangirzad (1): ACPI: debug: fix signedness issues in read/write helpers Anderson Nascimento (1): btrfs: avoid potential out-of-bounds in btrfs_encode_fh() Andy Shevchenko (1): mfd: intel_soc_pmic_chtdc_ti: Drop unneeded assignment for cache_type Anthony Iliopoulos (1): NFSv4.1: fix backchannel max_resp_sz verification check Anthony Yznaga (1): sparc64: fix hugetlb for sun4u Arnd Bergmann (1): media: s5p-mfc: remove an unused/uninitialized variable Barry Song (1): sched/fair: Trivial correction of the newidle_balance() comment Bartosz Golaszewski (2): pinctrl: check the return value of pinmux_ops::get_function_name() mfd: vexpress-sysreg: Check the return value of devm_gpiochip_add_data() Bernard Metzler (1): RDMA/siw: Always report immediate post SQ errors Bitterblue Smith (1): wifi: rtlwifi: rtl8192cu: Don't claim USB ID 07b8:8188 Brahmajit Das (1): drm/radeon/r600_cs: clean up of dead code in r600_cs Brian Masney (1): clk: nxp: lpc18xx-cgu: convert from round_rate() to determine_rate() Chen Yu (1): sched: Make newidle_balance() static again Christophe JAILLET (2): media: pci/ivtv: switch from 'pci_' to 'dma_' API net: dl2k: switch from 'pci_' to 'dma_' API Christophe Leroy (1): watchdog: mpc8xxx_wdt: Reload the watchdog timer when enabling the watchdog Chuck Lever (1): NFSD: Define a proc_layoutcommit for the FlexFiles layout type Colin Ian King (2): misc: genwqe: Fix incorrect cmd field being reported in error net: rtnetlink: remove redundant assignment to variable err Cristian Ciocaltea (1): usb: vhci-hcd: Prevent suspending virtually attached devices Da Xue (1): pinctrl: meson-gxl: add missing i2c_d pinmux Dan Carpenter (4): usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup serial: max310x: Add error checking in probe() ocfs2: fix double free in user_cluster_connect() net/mlx4: prevent potential use after free in mlx4_en_do_uc_filter() Daniel Tang (1): ACPI: TAD: Add missing sysfs_remove_group() for ACPI_TAD_RT Deepanshu Kartikey (3): ocfs2: clear extent cache after moving/defragmenting extents comedi: fix divide-by-zero in comedi_buf_munge() ext4: detect invalid INLINE_DATA + EXTENTS flag combination Dmitry Safonov (1): net/ip6_tunnel: Prevent perpetual tunnel growth Donet Tom (2): drivers/base/node: handle error properly in register_one_node() drivers/base/node: fix double free in register_one_node() Duoming Zhou (4): media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove media: tuner: xc5000: Fix use-after-free in xc5000_release media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe scsi: mvsas: Fix use-after-free bugs in mvs_work_queue Edward Adam Davis (1): media: mc: Clear minor number before put device Eric Biggers (2): sctp: Fix MAC comparison to be constant-time KEYS: trusted_tpm1: Compare HMAC values in constant time Eric Dumazet (2): tcp: fix __tcp_close() to only send RST when required tcp: fix tcp_tso_should_defer() vs large RTT Erick Karanja (1): net: fsl_pq_mdio: Fix device node reference leak in fsl_pq_mdio_probe Esben Haabendal (2): rtc: interface: Ensure alarm irq is enabled when UIE is enabled rtc: interface: Fix long-standing race when setting alarm Flavius Georgescu (1): media: rc: Add support for another iMON 0xffdc device Geert Uytterhoeven (2): regmap: Remove superfluous check for !config in __regmap_init() m68k: bitops: Fix find_*_bit() signatures Greg Kroah-Hartman (1): Linux 5.4.301 Gui-Dong Han (1): drm/amdgpu: use atomic functions with memory barriers for vm fault info Gunnar Kudrjavets (1): tpm_tis: Fix incorrect arguments in tpm_tis_probe_irq_single Hans de Goede (3): iio: consumers: Fix offset handling in iio_convert_raw_to_processed() mfd: intel_soc_pmic_chtdc_ti: Fix invalid regmap-config max_register value mfd: intel_soc_pmic_chtdc_ti: Set use_single_read regmap_config flag Harini T (2): mailbox: zynqmp-ipi: Remove redundant mbox_controller_unregister() call mailbox: zynqmp-ipi: Remove dev.parent check in zynqmp_ipi_free_mboxes Herbert Xu (1): crypto: essiv - Check ssize for decryption and in-place encryption Huang Ying (1): arm64, mm: avoid always making PTE dirty in pte_mkwrite() Huisong Li (1): ACPI: processor: idle: Fix memory leak when register cpuidle device failed I Viswanath (1): net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast Ian Forbes (1): drm/vmwgfx: Fix Use-after-free in validation Ingo Molnar (1): sched/balancing: Rename newidle_balance() => sched_balance_newidle() Jakub Kicinski (1): Revert "net/mlx5e: Update and set Xon/Xoff upon MTU set" Jan Kara (1): vfs: Don't leak disconnected dentries on umount Jason Andryuk (2): xen/events: Cleanup find_virq() return codes xen/events: Update virq_to_irq on migration Jisheng Zhang (1): pwm: berlin: Fix wrong register in suspend/resume Johan Hovold (2): firmware: meson_sm: fix device leak at probe lib/genalloc: fix device leak in of_gen_pool_get() Johannes Wiesböck (1): rtnetlink: Allow deleting FDB entries in user namespace John Garry (3): scsi: libsas: Add sas_task_find_rq() scsi: mvsas: Delete mvs_tag_init() scsi: mvsas: Use sas_task_find_rq() for tagging Kaustabh Chakraborty (1): drm/exynos: exynos7_drm_decon: remove ctx->suspended Kohei Enju (2): nfp: fix RSS hash key size when RSS is not supported net: ena: return 0 in ena_get_rxfh_key_size() when RSS hash key is not configurable Krzysztof Kozlowski (1): memory: samsung: exynos-srom: Correct alignment Kunihiko Hayashi (1): i2c: designware: Add disabling clocks when probe fails Kuniyuki Iwashima (2): udp: Fix memory accounting leak. tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request(). LI Qingwu (1): USB: serial: option: add Telit FN920C04 ECM compositions Lad Prabhakar (1): net: ravb: Ensure memory write completes before ringing TX doorbell Larshin Sergey (2): media: rc: fix races with imon_disconnect() fs: udf: fix OOB read in lengthAllocDescs handling Leilk.Liu (1): i2c: mediatek: fix potential incorrect use of I2C_MASTER_WRRD Leo Yan (3): perf: arm_spe: Prevent overflow in PERF_IDX2OFF() perf session: Fix handling when buffer exceeds 2 GiB tools build: Align warning options with perf Li Nan (1): blk-mq: check kobject state_in_sysfs before deleting in blk_mq_unregister_hctx Lichen Liu (1): fs: Add 'initramfs_options' to set initramfs mount options Lino Sanfilippo (1): tpm, tpm_tis: Claim locality before writing interrupt registers Linus Walleij (1): mtd: rawnand: fsmc: Default to autodetect buswidth Lukas Wunner (1): xen/manage: Fix suspend error path Ma Ke (2): sparc: fix error handling in scan_one_device() media: lirc: Fix error handling in lirc_register() Maciej W. Rozycki (1): MIPS: Malta: Fix keyboard resource preventing i8042 driver from registering Mark Rutland (2): arm64: cputype: Add Neoverse-V3AE definitions arm64: errata: Apply workarounds for Neoverse-V3AE Mathias Nyman (1): xhci: dbc: enable back DbC in resume if it was enabled before suspend Michael Hennerich (2): iio: frequency: adf4350: Fix ADF4350_REG3_12BIT_CLKDIV_MODE iio: frequency: adf4350: Fix prescaler usage. Michael Karcher (5): sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC III sparc: fix accurate exception reporting in copy_{from_to}_user for Niagara sparc: fix accurate exception reporting in copy_to_user for Niagara 4 sparc: fix accurate exception reporting in copy_{from,to}_user for M7 Michal Pecio (1): net: usb: rtl8150: Fix frame padding Mikulas Patocka (1): dm-integrity: limit MAX_TAG_SIZE to 255 Nalivayko Sergey (1): net/9p: fix double req put in p9_fd_cancelled Naman Jain (1): uio_hv_generic: Let userspace take care of interrupt mask Niklas Cassel (1): scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod Niklas Schnelle (2): PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV PCI/AER: Fix missing uevent on recovery when a reset is requested Nikolay Aleksandrov (7): net: rtnetlink: add msg kind names net: rtnetlink: add helper to extract msg type's kind net: rtnetlink: use BIT for flag values net: netlink: add NLM_F_BULK delete request modifier net: rtnetlink: add bulk delete support flag net: add ndo_fdb_del_bulk net: rtnetlink: add NLM_F_BULK support to rtnl_fdb_del Ojaswin Mujoo (1): ext4: correctly handle queries for metadata mappings Olga Kornievskaia (1): nfsd: nfserr_jukebox in nlm_fopen should lead to a retry Ovidiu Panait (2): staging: axis-fifo: fix maximum TX packet length check staging: axis-fifo: flush RX FIFO on read errors Parav Pandit (1): RDMA/core: Resolve MAC of next-hop device without ARP support Paul Chaignon (1): bpf: Explicitly check accesses to bpf_sock_addr Phillip Lougher (3): Squashfs: fix uninit-value in squashfs_get_parent Squashfs: add additional inode sanity checking Squashfs: reject negative file sizes in squashfs_read_inode() Pratyush Yadav (2): spi: cadence-quadspi: Flush posted register writes before INDAC access spi: cadence-quadspi: Flush posted register writes before DAC access Qianfeng Rong (5): block: use int to store blk_stack_limits() return value ALSA: lx_core: use int type to store negative error codes media: i2c: mt9v111: fix incorrect type for ret iio: dac: ad5360: use int type to store negative error codes iio: dac: ad5421: use int type to store negative error codes Rafael J. Wysocki (3): driver core/PM: Set power.no_callbacks along with power.no_pm cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request() Revert "cpuidle: menu: Avoid discarding useful information" Raju Rangoju (1): amd-xgbe: Avoid spurious link down messages during interface toggle Randy Dunlap (1): ALSA: firewire: amdtp-stream: fix enum kernel-doc warnings Ranjan Kumar (1): scsi: mpt3sas: Fix crash in transport port remove by using ioc_info() Reinhard Speyerer (1): USB: serial: option: add Quectel RG255C Renjun Wang (1): USB: serial: option: add UNISOC UIS7720 Rex Chen (1): mmc: core: SPI mode remove cmd7 Ricardo Ribalda (1): media: tunner: xc5000: Refactor firmware load Rob Herring (Arm) (1): rtc: x1205: Fix Xicor X1205 vendor prefix Sabrina Dubroca (2): tls: always set record_type in tls_process_cmsg tls: don't rely on tx_work during send() Sam James (1): parisc: don't reference obsolete termio struct for TC* constants Sean Christopherson (4): rseq/selftests: Use weak symbol reference, not definition, to link with glibc x86/umip: Check that the instruction opcode is at least two bytes x86/umip: Fix decoding of register forms of 0F 01 (SGDT and SIDT aliases) KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O Sergey Bashirov (2): NFSD: Minor cleanup in layoutcommit processing NFSD: Fix last write offset handling in layoutcommit Shuhao Fu (1): drm/nouveau: fix bad ret code in nouveau_bo_move_prep Siddharth Vadapalli (1): PCI: keystone: Use devm_request_irq() to free "ks-pcie-error-irq" on exit Slavin Liu (1): ipvs: Defer ip_vs_ftp unregister during netns cleanup Sneh Mankad (1): soc: qcom: rpmh-rsc: Unconditionally clear _TRIGGER bit for TCS Stefan Kerkmann (1): wifi: mwifiex: send world regulatory domain to driver Stephan Gerhold (2): remoteproc: qcom: q6v5: Avoid disabling handover IRQ twice arm64: dts: qcom: msm8916: Add missing MDSS reset Takashi Iwai (3): ASoC: Intel: bytcht_es8316: Fix invalid quirk input mapping ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping Tetsuo Handa (4): media: imon: reorganize serialization media: imon: grab lock earlier in imon_ir_change_protocol() minixfs: Verify inode mode when loading from disk cramfs: Verify inode mode when loading from disk Theodore Ts'o (1): ext4: avoid potential buffer over-read in parse_apply_sb_mount_options() Thomas Fourier (4): scsi: myrs: Fix dma_alloc_coherent() error check crypto: atmel - Fix dma_unmap_sg() direction media: cx18: Add missing check after DMA map media: pci: ivtv: Add missing check after DMA map Thorsten Blum (1): scsi: hpsa: Fix potential memory leak in hpsa_big_passthru_ioctl() Tim Guttzeit (1): usb/core/quirks: Add Huawei ME906S to wakeup quirk Tonghao Zhang (1): net: bonding: fix possible peer notify event loss or dup issue Uros Bizjak (1): x86/vdso: Fix output operand size of RDPID Uwe Kleine-König (1): pwm: tiehrpwm: Fix corner case in clock divisor calculation Viacheslav Dubeyko (6): hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() hfs: clear offset and space out of valid records in b-tree node hfs: make proper initalization of struct hfs_find_data hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent() hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits() Vincent Guittot (1): sched/fair: Fix pelt lost idle time detection Vlad Dumitrescu (1): IB/sa: Fix sa_local_svc_timeout_ms read race Wang Haoran (1): scsi: target: target_core_configfs: Add length check to avoid buffer overflow Wang Liang (1): pps: fix warning in pps_register_cdev when register device fail Wei Fang (1): net: enetc: correct the value of ENETC_RXB_TRUESIZE William Wu (1): usb: gadget: configfs: Correctly set use_os_string at bind Xiao Liang (1): padata: Reset next CPU when reorder sequence wraps around Xiaowei Li (1): USB: serial: option: add SIMCom 8230C compositions Xichao Zhao (2): usb: phy: twl6030: Fix incorrect type for ret exec: Fix incorrect type for ret Yang Chenzhi (1): hfs: validate record offset in hfsplus_bmap_alloc Yang Shi (1): mm: hugetlb: avoid soft lockup when mprotect to large memory area Yangtao Li (1): hfsplus: return EIO when type of hidden directory mismatch in hfsplus_fill_super() Yeounsu Moon (1): net: dlink: handle dma_map_single() failure properly Yongjian Sun (1): ext4: increase i_disksize to offset + len in ext4_update_disksize_before_punch() Yuan Chen (1): tracing: Fix race condition in kprobe initialization causing NULL pointer dereference Yunseong Kim (1): perf util: Fix compression checks returning -1 as bool Zhang Shurong (1): media: rj54n1cb0c: Fix memleak in rj54n1_probe() Zhang Yi (1): jbd2: ensure that all ongoing I/O complete before freeing blocks Zhen Ni (4): netfilter: ipset: Remove unused htable_bits in macro ahash_region Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak clocksource/drivers/clps711x: Fix resource leaks in error paths memory: samsung: exynos-srom: Fix of_iomap leak in exynos_srom_probe Zheng Qixing (1): dm: fix NULL pointer dereference in __dm_suspend() Zhengchao Shao (1): net: rtnetlink: fix module reference count leak issue in rtnetlink_rcv_msg gaoxiang17 (1): pid: Add a judgment for ns null in pid_nr_ns hupu (1): perf subcmd: avoid crash in exclude_cmds when excludes is empty keliu (1): media: rc: Directly use ida_free()

1 week, 2 days

1
1
0 0

[PATCH] x86/mm: Fix check/use ordering in switch_mm_irqs_off()

by Stephen Dolan

[ Upstream commit 83b0177a6c48 ] [ Patch for 6.1.y, 6.6.y, 6.12.y trees ] To avoid racing with should_flush_tlb, setting loaded_mm to LOADED_MM_SWITCHING must happen before reading tlb_gen. This patch differs from the upstream fix since the ordering issue in stable trees is different: here, the relevant code blocks are in the wrong order due to a bad rebase earlier, so the fix is to reorder them. Signed-off-by: Stephen Dolan <sdolan(a)janestreet.com> Acked-by: Dave Hansen <dave.hansen(a)intel.com> Link: https://lore.kernel.org/lkml/CAHDw0oGd0B4=uuv8NGqbUQ_ZVmSheU2bN70e4QhFXWvuA… --- arch/x86/mm/tlb.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/arch/x86/mm/tlb.c b/arch/x86/mm/tlb.c index 8629d90fdcd9..ed182831063c 100644 --- a/arch/x86/mm/tlb.c +++ b/arch/x86/mm/tlb.c @@ -606,6 +606,14 @@ void switch_mm_irqs_off(struct mm_struct *unused, struct mm_struct *next, */ cond_mitigation(tsk); + /* + * Indicate that CR3 is about to change. nmi_uaccess_okay() + * and others are sensitive to the window where mm_cpumask(), + * CR3 and cpu_tlbstate.loaded_mm are not all in sync. + */ + this_cpu_write(cpu_tlbstate.loaded_mm, LOADED_MM_SWITCHING); + barrier(); + /* * Stop remote flushes for the previous mm. * Skip kernel threads; we never send init_mm TLB flushing IPIs, @@ -623,14 +631,6 @@ void switch_mm_irqs_off(struct mm_struct *unused, struct mm_struct *next, next_tlb_gen = atomic64_read(&next->context.tlb_gen); choose_new_asid(next, next_tlb_gen, &new_asid, &need_flush); - - /* - * Indicate that CR3 is about to change. nmi_uaccess_okay() - * and others are sensitive to the window where mm_cpumask(), - * CR3 and cpu_tlbstate.loaded_mm are not all in sync. - */ - this_cpu_write(cpu_tlbstate.loaded_mm, LOADED_MM_SWITCHING); - barrier(); } new_lam = mm_lam_cr3_mask(next); -- 2.43.7

1 week, 2 days

1
0
0 0

[PATCH 5.10] comedi: pcl726: Prevent invalid irq number

by Andrey Troshin

From: Edward Adam Davis <eadavis(a)qq.com> commit 96cb948408b3adb69df7e451ba7da9d21f814d00 upstream. The reproducer passed in an irq number(0x80008000) that was too large, which triggered the oob. Added an interrupt number check to prevent users from passing in an irq number that was too large. If `it->options[1]` is 31, then `1 << it->options[1]` is still invalid because it shifts a 1-bit into the sign bit (which is UB in C). Possible solutions include reducing the upper bound on the `it->options[1]` value to 30 or lower, or using `1U << it->options[1]`. The old code would just not attempt to request the IRQ if the `options[1]` value were invalid. And it would still configure the device without interrupts even if the call to `request_irq` returned an error. So it would be better to combine this test with the test below. Fixes: fff46207245c ("staging: comedi: pcl726: enable the interrupt support code") Cc: stable <stable(a)kernel.org> # 5.13+ Reported-by: syzbot+5cd373521edd68bebcb3(a)syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=5cd373521edd68bebcb3 Tested-by: syzbot+5cd373521edd68bebcb3(a)syzkaller.appspotmail.com Signed-off-by: Edward Adam Davis <eadavis(a)qq.com> Reviewed-by: Ian Abbott <abbotti(a)mev.co.uk> Link: https://lore.kernel.org/r/tencent_3C66983CC1369E962436264A50759176BF09@qq.c… Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> [Andrey Troshin: backport fix from drivers/comedi/drivers/pcl726.c to drivers/staging/comedi/drivers/pcl726.c] Signed-off-by: Andrey Troshin <drtrosh(a)yandex-team.ru> --- Backport fix for CVE-2025-39685 Link: https://nvd.nist.gov/vuln/detail/CVE-2025-39685 --- drivers/staging/comedi/drivers/pcl726.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/staging/comedi/drivers/pcl726.c b/drivers/staging/comedi/drivers/pcl726.c index 64eb649c9813..f26d7f07d749 100644 --- a/drivers/staging/comedi/drivers/pcl726.c +++ b/drivers/staging/comedi/drivers/pcl726.c @@ -327,7 +327,8 @@ static int pcl726_attach(struct comedi_device *dev, * Hook up the external trigger source interrupt only if the * user config option is valid and the board supports interrupts. */ - if (it->options[1] && (board->irq_mask & (1 << it->options[1]))) { + if (it->options[1] > 0 && it->options[1] < 16 && + (board->irq_mask & (1U << it->options[1]))) { ret = request_irq(it->options[1], pcl726_interrupt, 0, dev->board_name, dev); if (ret == 0) { -- 2.34.1

1 week, 2 days

1
0
0 0

[PATCH 6.17 000/184] 6.17.6-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.17.6 release. There are 184 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 29 Oct 2025 18:34:15 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.17.6-rc1… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.17.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.17.6-rc1 William Breathitt Gray <wbg(a)kernel.org> gpio: idio-16: Define fixed direction of the GPIO lines Ioana Ciornei <ioana.ciornei(a)nxp.com> gpio: regmap: add the .fixed_direction_output configuration parameter Mathieu Dubois-Briand <mathieu.dubois-briand(a)bootlin.com> gpio: regmap: Allow to allocate regmap-irq device Darrick J. Wong <djwong(a)kernel.org> xfs: always warn about deprecated mount options David Hildenbrand <david(a)redhat.com> vmw_balloon: indicate success when effectively deflating during migration David Hildenbrand <david(a)redhat.com> treewide: remove MIGRATEPAGE_SUCCESS David Hildenbrand <david(a)redhat.com> mm/migrate: remove MIGRATEPAGE_UNMAP Dave Penkler <dpenkler(a)gmail.com> staging: gpib: Fix sending clear and trigger events Dave Penkler <dpenkler(a)gmail.com> staging: gpib: Return -EINTR on device clear Dave Penkler <dpenkler(a)gmail.com> staging: gpib: Fix no EOI on 1 and 2 byte writes Ma Ke <make24(a)iscas.ac.cn> staging: gpib: Fix device reference leak in fmh_gpib driver Hugo Villeneuve <hvilleneuve(a)dimonoff.com> serial: sc16is7xx: remove useless enable of enhanced features Daniel Golle <daniel(a)makrotopia.org> serial: 8250_mtk: Enable baud clock and manage in runtime PM Florian Eckert <fe(a)dev.tdt.de> serial: 8250_exar: add support for Advantech 2 port card with Device ID 0x0018 Artem Shimko <a.shimko.dev(a)gmail.com> serial: 8250_dw: handle reset control deassert error Krishna Kurapati <krishna.kurapati(a)oss.qualcomm.com> dt-bindings: usb: qcom,snps-dwc3: Fix bindings for X1E80100 Xu Yang <xu.yang_2(a)nxp.com> dt-bindings: usb: dwc3-imx8mp: dma-range is required only for imx8mp Geert Uytterhoeven <geert+renesas(a)glider.be> dt-bindings: serial: sh-sci: Fix r8a78000 interrupts Cosmin Tanislav <cosmin-gabriel.tanislav.xa(a)renesas.com> tty: serial: sh-sci: fix RSCI FIFO overrun handling Michael Grzeschik <m.grzeschik(a)pengutronix.de> tcpm: switch check for role_sw device with fw_node Victoria Votokina <Victoria.Votokina(a)kaspersky.com> most: usb: hdm_probe: Fix calling put_device() before device initialization Victoria Votokina <Victoria.Votokina(a)kaspersky.com> most: usb: Fix use-after-free in hdm_disconnect Junhao Xie <bigfoot(a)radxa.com> misc: fastrpc: Fix dma_buf object leak in fastrpc_map_lookup Cosmin Tanislav <cosmin-gabriel.tanislav.xa(a)renesas.com> nvmem: rcar-efuse: add missing MODULE_DEVICE_TABLE Miguel Ojeda <ojeda(a)kernel.org> objtool/rust: add one more `noreturn` Rust function Alexander Usyskin <alexander.usyskin(a)intel.com> mei: me: add wildcat lake P DID Deepanshu Kartikey <kartikey406(a)gmail.com> comedi: fix divide-by-zero in comedi_buf_munge() Alice Ryhl <aliceryhl(a)google.com> binder: remove "invalid inc weak" check Andrew Cooper <andrew.cooper3(a)citrix.com> x86/microcode: Fix Entrysign revision check for Zen1/Naples Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: dbc: fix bogus 1024 byte prefix if ttyDBC read races with stall event Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: dbc: enable back DbC in resume if it was enabled before suspend Andrey Konovalov <andreyknvl(a)gmail.com> usb: raw-gadget: do not limit transfer length Tim Guttzeit <t.guttzeit(a)tuxedocomputers.com> usb/core/quirks: Add Huawei ME906S to wakeup quirk LI Qingwu <Qing-wu.Li(a)leica-geosystems.com.cn> USB: serial: option: add Telit FN920C04 ECM compositions Reinhard Speyerer <rspmn(a)arcor.de> USB: serial: option: add Quectel RG255C Renjun Wang <renjunw0(a)foxmail.com> USB: serial: option: add UNISOC UIS7720 Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> sched: Remove never used code in mm_cid_get() Alok Tiwari <alok.a.tiwari(a)oracle.com> io_uring: correct __must_hold annotation in io_install_fixed_file Haotian Zhang <vulab(a)iscas.ac.cn> gpio: ljca: Fix duplicated IRQ mapping Christoph Hellwig <hch(a)lst.de> block: require LBA dma_alignment when using PI Lorenzo Pieralisi <lpieralisi(a)kernel.org> of/irq: Add msi-parent check to of_msi_xlate() Lorenzo Pieralisi <lpieralisi(a)kernel.org> of/irq: Convert of_msi_map_id() callers to of_msi_xlate() Jocelyn Falempe <jfalempe(a)redhat.com> drm/panic: Fix 24bit pixel crossing page boundaries Jocelyn Falempe <jfalempe(a)redhat.com> drm/panic: Fix qr_code, ensure vmargin is positive Jocelyn Falempe <jfalempe(a)redhat.com> drm/panic: Fix drawing the logo on a small narrow screen Ondrej Mosnacek <omosnace(a)redhat.com> nbd: override creds to kernel when calling sock_{send,recv}msg() Alok Tiwari <alok.a.tiwari(a)oracle.com> io_uring: fix incorrect unlikely() usage in io_waitid_prep() Guenter Roeck <linux(a)roeck-us.net> hwmon: (sht3x) Fix error handling Li Qiang <liqiang01(a)kylinos.cn> hwmon: (cgbc-hwmon) Add missing NULL check after devm_kzalloc() Erick Karanja <karanja99erick(a)gmail.com> hwmon: (pmbus/isl68137) Fix child node reference leak on early return Paul Walmsley <pjw(a)kernel.org> riscv: hwprobe: avoid uninitialized variable use in hwprobe_arch_id() Anup Patel <apatel(a)ventanamicro.com> RISC-V: Don't print details of CPUs disabled in DT Anup Patel <apatel(a)ventanamicro.com> RISC-V: Define pgprot_dmacoherent() for non-coherent devices Akash Goel <akash.goel(a)arm.com> drm/panthor: Fix kernel panic on partial unmap of a GPU VA region Fernando Fernandez Mancera <fmancera(a)suse.de> sysfs: check visibility before changing group attribute ownership Mikhail Kshevetskiy <mikhail.kshevetskiy(a)iopsys.eu> spi: airoha: fix reading/writing of flashes with more than one plane per lun Mikhail Kshevetskiy <mikhail.kshevetskiy(a)iopsys.eu> spi: airoha: switch back to non-dma mode in the case of error Mikhail Kshevetskiy <mikhail.kshevetskiy(a)iopsys.eu> spi: airoha: add support of dual/quad wires spi modes to exec_op() handler Mikhail Kshevetskiy <mikhail.kshevetskiy(a)iopsys.eu> spi: airoha: return an error for continuous mode dirmap creation cases Artem Shimko <a.shimko.dev(a)gmail.com> firmware: arm_scmi: Fix premature SCMI_XFER_FLAG_IS_RAW clearing in raw mode Cristian Marussi <cristian.marussi(a)arm.com> include: trace: Fix inflight count helper on failed initialization Cristian Marussi <cristian.marussi(a)arm.com> firmware: arm_scmi: Account for failed debug initialization Peter Robinson <pbrobinson(a)gmail.com> arm64: dts: broadcom: bcm2712: Define VGIC interrupt Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: broadcom: bcm2712: Add default GIC address cells Mattijs Korpershoek <mkorpershoek(a)kernel.org> spi: cadence-quadspi: Fix pm_runtime unbalance on dma EPROBE_DEFER Haibo Chen <haibo.chen(a)nxp.com> spi: spi-nxp-fspi: limit the clock rate for different sample clock source selection Han Xu <han.xu(a)nxp.com> spi: spi-nxp-fspi: add extra delay after dll locked Haibo Chen <haibo.chen(a)nxp.com> spi: spi-nxp-fspi: re-config the clock rate when operation require new clock rate Haibo Chen <haibo.chen(a)nxp.com> spi: spi-nxp-fspi: add the support for sample data from DQS pad Sudeep Holla <sudeep.holla(a)arm.com> firmware: arm_ffa: Add support for IMPDEF value in the memory access descriptor Marek Szyprowski <m.szyprowski(a)samsung.com> spi: rockchip-sfc: Fix DMA-API usage SeongJae Park <sj(a)kernel.org> mm/damon/sysfs: dealloc commit test ctx always SeongJae Park <sj(a)kernel.org> mm/damon/sysfs: catch commit test ctx alloc failure Enze Li <lienze(a)kylinos.cn> mm/damon/core: fix potential memory leak by cleaning ops_filter in damon_destroy_scheme SeongJae Park <sj(a)kernel.org> mm/damon/core: fix list_add_tail() call on damon_call() SeongJae Park <sj(a)kernel.org> mm/damon/core: use damos_commit_quota_goal() for new goal commit Charlene Liu <Charlene.Liu(a)amd.com> drm/amd/display: increase max link count and fix link->enc NULL pointer access Matthew Brost <matthew.brost(a)intel.com> drm/xe: Check return value of GGTT workqueue allocation Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> mm/mremap: correctly account old mapping after MREMAP_DONTUNMAP remap Qiuxu Zhuo <qiuxu.zhuo(a)intel.com> mm: prevent poison consumption when splitting THP Matthieu Baerts (NGI0) <matttbe(a)kernel.org> selftests: mptcp: join: mark 'delete re-add signal' as skipped if not supported Matthieu Baerts (NGI0) <matttbe(a)kernel.org> selftests: mptcp: join: mark implicit tests as skipped if not supported Matthieu Baerts (NGI0) <matttbe(a)kernel.org> selftests: mptcp: join: mark 'flush re-add' as skipped if not supported Matthieu Baerts (NGI0) <matttbe(a)kernel.org> mptcp: pm: in-kernel: C-flag: handle late ADD_ADDR Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> net: ravb: Ensure memory write completes before ringing TX doorbell Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> net: ravb: Enforce descriptor type ordering Michal Pecio <michal.pecio(a)gmail.com> net: usb: rtl8150: Fix frame padding Sebastian Reichel <sebastian.reichel(a)collabora.com> net: stmmac: dwmac-rk: Fix disabling set_clock_selection Tonghao Zhang <tonghao(a)bamaicloud.com> net: bonding: update the slave array for broadcast mode Stefano Garzarella <sgarzare(a)redhat.com> vsock: fix lock inversion in vsock_assign_transport() Nam Cao <namcao(a)linutronix.de> rv: Make rtapp/pagefault monitor depends on CONFIG_MMU Nam Cao <namcao(a)linutronix.de> rv: Fully convert enabled_monitors to use list_head as iterator Deepanshu Kartikey <kartikey406(a)gmail.com> ocfs2: clear extent cache after moving/defragmenting extents Maciej W. Rozycki <macro(a)orcam.me.uk> MIPS: Malta: Fix keyboard resource preventing i8042 driver from registering Alexis Czezar Torreno <alexisczezar.torreno(a)analog.com> hwmon: (pmbus/max34440) Update adpm12160 coeff due to latest FW Maarten Lankhorst <dev(a)lankhorst.se> devcoredump: Fix circular locking dependency with devcd->mutex. David Howells <dhowells(a)redhat.com> cifs: Fix TCP_Server_Info::credits to be signed Marc Kleine-Budde <mkl(a)pengutronix.de> can: netlink: can_changelink(): allow disabling of automatic restart Catalin Marinas <catalin.marinas(a)arm.com> arm64: mte: Do not warn if the page is already tagged in copy_highpage() Xi Ruoyao <xry111(a)xry111.site> ACPICA: Work around bogus -Wstringop-overread warning since GCC 11 Paulo Alcantara <pc(a)manguebit.org> smb: client: get rid of d_drop() in cifs_do_rename() Hao Ge <gehao(a)kylinos.cn> slab: Fix obj_ext mistakenly considered NULL due to race condition Hao Ge <gehao(a)kylinos.cn> slab: Avoid race on slab->obj_exts in alloc_slab_obj_exts Danilo Krummrich <dakr(a)kernel.org> rust: device: fix device context of Device::parent() Paul Walmsley <pjw(a)kernel.org> riscv: cpufeature: avoid uninitialized variable in has_thead_homogeneous_vlenb() Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> Revert "cpuidle: menu: Avoid discarding useful information" Kurt Borja <kuurtb(a)gmail.com> platform/x86: alienware-wmi-wmax: Fix NULL pointer dereference in sleep handlers tr1x_em <admin(a)trix.is-a.dev> platform/x86: alienware-wmi-wmax: Add AWCC support to Dell G15 5530 Darrick J. Wong <djwong(a)kernel.org> xfs: fix locking in xchk_nlinks_collect_dir William Breathitt Gray <wbg(a)kernel.org> gpio: 104-idio-16: Define maximum valid register address offset William Breathitt Gray <wbg(a)kernel.org> gpio: pci-idio-16: Define maximum valid register address offset Amit Dhingra <mechanicalamit(a)gmail.com> btrfs: ref-verify: fix IS_ERR() vs NULL check in btrfs_build_ref_tree() Ting-Chang Hou <tchou(a)synology.com> btrfs: send: fix duplicated rmdir operations when using extrefs Dewei Meng <mengdewei(a)cqsoftware.com.cn> btrfs: directly free partially initialized fs_info in btrfs_check_leaked_roots() Jens Axboe <axboe(a)kernel.dk> io_uring/sqpoll: be smarter on when to update the stime usage Jens Axboe <axboe(a)kernel.dk> io_uring/sqpoll: switch away from getrusage() for CPU accounting Jingwei Wang <wangjingwei(a)iscas.ac.cn> riscv: hwprobe: Fix stale vDSO data for late-initialized keys at boot Kaushlendra Kumar <kaushlendra.kumar(a)intel.com> arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() Jason Wang <jasowang(a)redhat.com> virtio-net: zero unused hash fields Marek Szyprowski <m.szyprowski(a)samsung.com> dma-debug: don't report false positives with DMA_BOUNCE_UNALIGNED_KMALLOC Alexei Starovoitov <ast(a)kernel.org> mm: don't spin in add_stack_record when gfp flags don't allow Lance Yang <lance.yang(a)linux.dev> hung_task: fix warnings caused by unaligned lock pointers Tonghao Zhang <tonghao(a)bamaicloud.com> net: bonding: fix possible peer notify event loss or dup issue Jakub Acs <acsjakub(a)amazon.de> fs/notify: call exportfs_encode_fid with s_umount Patrisious Haddad <phaddad(a)nvidia.com> net/mlx5: Fix IPsec cleanup over MPV device Robert Marko <robert.marko(a)sartura.hr> net: phy: micrel: always set shared->phydev for LAN8814 Ralf Lici <ralf(a)mandelbit.com> ovpn: use datagram_poll_queue for socket readiness in TCP Ralf Lici <ralf(a)mandelbit.com> net: datagram: introduce datagram_poll_queue for custom receive queues Ralf Lici <ralf(a)mandelbit.com> espintcp: use datagram_poll_queue for socket readiness Fernando Fernandez Mancera <fmancera(a)suse.de> net: hsr: prevent creation of HSR device with slaves from another netns Alexey Simakov <bigalex934(a)gmail.com> sctp: avoid NULL dereference when chunk data buffer is missing Jiasheng Jiang <jiashengjiangcool(a)gmail.com> ptp: ocp: Fix typo using index 1 instead of i in SMA initialization loop Heiner Kallweit <hkallweit1(a)gmail.com> net: hibmcge: select FIXED_PHY Gao Xiang <xiang(a)kernel.org> erofs: avoid infinite loops due to corrupted subpage compact indexes Huang Ying <ying.huang(a)linux.alibaba.com> arm64, mm: avoid always making PTE dirty in pte_mkwrite() Aksh Garg <a-garg7(a)ti.com> net: ethernet: ti: am65-cpts: fix timestamp loss due to race conditions Wang Liang <wangliang74(a)huawei.com> net/smc: fix general protection fault in __smc_diag_dump Amery Hung <ameryhung(a)gmail.com> net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for striding RQ Amery Hung <ameryhung(a)gmail.com> net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for legacy RQ Xin Long <lucien.xin(a)gmail.com> selftests: net: fix server bind failure in sctp_vrf.sh Marc Kleine-Budde <mkl(a)pengutronix.de> can: rockchip-canfd: rkcanfd_start_xmit(): use can_dev_dropped_skb() instead of can_dropped_invalid_skb() Marc Kleine-Budde <mkl(a)pengutronix.de> can: esd: acc_start_xmit(): use can_dev_dropped_skb() instead of can_dropped_invalid_skb() Marc Kleine-Budde <mkl(a)pengutronix.de> can: bxcan: bxcan_start_xmit(): use can_dev_dropped_skb() instead of can_dropped_invalid_skb() Aleksander Jan Bajkowski <olek2(a)wp.pl> net: phy: realtek: fix rtl8221b-vm-cg name Ioana Ciornei <ioana.ciornei(a)nxp.com> dpaa2-eth: fix the pointer passed to PTR_ALIGN on Tx path Wei Fang <wei.fang(a)nxp.com> net: enetc: correct the value of ENETC_RXB_TRUESIZE Jianpeng Chang <jianpeng.chang.cn(a)windriver.com> net: enetc: fix the deadlock of enetc_mdio_lock Gao Xiang <xiang(a)kernel.org> erofs: fix crafted invalid cases for encoded extents Johannes Wiesböck <johannes.wiesboeck(a)aisec.fraunhofer.de> rtnetlink: Allow deleting FDB entries in user namespace Nathan Chancellor <nathan(a)kernel.org> net/mlx5e: Return 1 instead of 0 in invalid case in mlx5e_mpwrq_umr_entry_size() Mario Limonciello (AMD) <superm1(a)kernel.org> cpufreq/amd-pstate: Fix a regression leading to EPP 0 after hibernate David Thompson <davthompson(a)nvidia.com> platform/mellanox: mlxbf-pmc: add sysfs_attr_init() to count_clock init Linus Torvalds <torvalds(a)linux-foundation.org> Unbreak 'make tools/*' for user-space targets Stefan Metzmacher <metze(a)samba.org> smb: server: let smb_direct_flush_send_list() invalidate a remote key first Stefan Metzmacher <metze(a)samba.org> smb: client: make use of ib_wc_status_msg() and skip IB_WC_WR_FLUSH_ERR logging Stefan Metzmacher <metze(a)samba.org> smb: client: limit the range of info->receive_credit_target Stefan Metzmacher <metze(a)samba.org> smb: client: queue post_recv_credits_work also if the peer raises the credit target Heiko Carstens <hca(a)linux.ibm.com> s390/mm: Use __GFP_ACCOUNT for user page table allocations Yicong Yang <yangyicong(a)hisilicon.com> drivers/perf: hisi: Relax the event ID check in the framework Clément Léger <cleger(a)rivosinc.com> riscv: cpufeature: add validation for zfa, zfh and zfhmin Junhui Liu <junhui.liu(a)pigmoral.tech> riscv: mm: Use mmu-type from FDT to limit SATP mode Junhui Liu <junhui.liu(a)pigmoral.tech> riscv: mm: Return intended SATP mode for noXlvl options Christophe Leroy <christophe.leroy(a)csgroup.eu> powerpc/32: Remove PAGE_KERNEL_TEXT to fix startup failure Geert Uytterhoeven <geert(a)linux-m68k.org> m68k: bitops: Fix find_*_bit() signatures Andreas Gruenbacher <agruenba(a)redhat.com> gfs2: Fix unlikely race in gdlm_put_lock Fuad Tabba <tabba(a)google.com> arm64: sysreg: Correct sign definitions for EIESB and DoubleLock Junjie Cao <junjie.cao(a)intel.com> lkdtm: fortify: Fix potential NULL dereference on kmalloc failure Kees Cook <kees(a)kernel.org> PCI: Test for bit underflow in pcie_set_readrq() Yangtao Li <frank.li(a)vivo.com> hfsplus: return EIO when type of hidden directory mismatch in hfsplus_fill_super() Viacheslav Dubeyko <slava(a)dubeyko.com> hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits() Alexander Aring <aahringo(a)redhat.com> dlm: check for defined force value in dlm_lockspace_release Viacheslav Dubeyko <slava(a)dubeyko.com> hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() Yang Chenzhi <yang.chenzhi(a)vivo.com> hfs: validate record offset in hfsplus_bmap_alloc Viacheslav Dubeyko <slava(a)dubeyko.com> hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent() Viacheslav Dubeyko <slava(a)dubeyko.com> hfs: make proper initalization of struct hfs_find_data Viacheslav Dubeyko <slava(a)dubeyko.com> hfs: clear offset and space out of valid records in b-tree node Harald Freudenberger <freude(a)linux.ibm.com> s390/pkey: Forward keygenflags to ep11_unwrapkey Simon Schuster <schuster.simon(a)siemens-energy.com> nios2: ensure that memblock.current_limit is set when setting pfn limits Xichao Zhao <zhao.xichao(a)vivo.com> exec: Fix incorrect type for ret Alexander Aring <aahringo(a)redhat.com> dlm: move to rinfo for all middle conversion cases Randy Dunlap <rdunlap(a)infradead.org> cgroup/misc: fix misc_res_type kernel-doc warning Jan Kara <jack(a)suse.cz> expfs: Fix exportfs_can_encode_fh() for EXPORT_FH_FID Nipun Gupta <nipun.gupta(a)amd.com> vfio/cdx: update driver to build without CONFIG_GENERIC_MSI_IRQ K Prateek Nayak <kprateek.nayak(a)amd.com> sched/fair: Block delayed tasks on throttled hierarchy during dequeue ------------- Diffstat: .../devicetree/bindings/serial/renesas,scif.yaml | 1 + .../devicetree/bindings/usb/fsl,imx8mp-dwc3.yaml | 10 +- .../devicetree/bindings/usb/qcom,snps-dwc3.yaml | 3 + Makefile | 8 +- arch/arm64/boot/dts/broadcom/bcm2712.dtsi | 3 + arch/arm64/include/asm/pgtable.h | 3 +- arch/arm64/mm/copypage.c | 11 +- arch/arm64/tools/sysreg | 4 +- arch/m68k/include/asm/bitops.h | 25 ++-- arch/mips/mti-malta/malta-setup.c | 2 +- arch/nios2/kernel/setup.c | 15 +++ arch/powerpc/include/asm/pgtable.h | 12 -- arch/powerpc/mm/book3s32/mmu.c | 4 +- arch/powerpc/mm/pgtable_32.c | 2 +- arch/powerpc/platforms/pseries/cmm.c | 2 +- arch/riscv/include/asm/hwprobe.h | 7 ++ arch/riscv/include/asm/pgtable.h | 2 + arch/riscv/include/asm/vdso/arch_data.h | 6 + arch/riscv/kernel/cpu.c | 4 +- arch/riscv/kernel/cpufeature.c | 10 +- arch/riscv/kernel/pi/cmdline_early.c | 4 +- arch/riscv/kernel/pi/fdt_early.c | 40 ++++++ arch/riscv/kernel/pi/pi.h | 1 + arch/riscv/kernel/sys_hwprobe.c | 94 ++++++++++---- arch/riscv/kernel/unaligned_access_speed.c | 9 +- arch/riscv/kernel/vdso/hwprobe.c | 2 +- arch/riscv/mm/init.c | 11 +- arch/s390/mm/pgalloc.c | 13 +- arch/x86/kernel/cpu/microcode/amd.c | 2 +- block/blk-settings.c | 10 ++ drivers/acpi/acpica/tbprint.c | 6 + drivers/android/binder.c | 11 +- drivers/base/arch_topology.c | 2 +- drivers/base/devcoredump.c | 136 +++++++++++++-------- drivers/block/nbd.c | 15 +++ drivers/comedi/comedi_buf.c | 2 +- drivers/cpufreq/amd-pstate.c | 6 +- drivers/cpuidle/governors/menu.c | 21 ++-- drivers/firmware/arm_ffa/driver.c | 37 ++++-- drivers/firmware/arm_scmi/common.h | 32 ++++- drivers/firmware/arm_scmi/driver.c | 54 +++----- drivers/gpio/gpio-104-idio-16.c | 1 + drivers/gpio/gpio-idio-16.c | 5 + drivers/gpio/gpio-ljca.c | 14 +-- drivers/gpio/gpio-pci-idio-16.c | 1 + drivers/gpio/gpio-regmap.c | 53 +++++++- .../drm/amd/display/dc/hwss/dcn401/dcn401_hwseq.c | 3 + drivers/gpu/drm/amd/display/dc/inc/hw/hw_shared.h | 8 +- drivers/gpu/drm/drm_panic.c | 54 +++++++- drivers/gpu/drm/panthor/panthor_mmu.c | 10 +- drivers/gpu/drm/xe/xe_ggtt.c | 3 + drivers/hwmon/cgbc-hwmon.c | 3 + drivers/hwmon/pmbus/isl68137.c | 3 +- drivers/hwmon/pmbus/max34440.c | 12 +- drivers/hwmon/sht3x.c | 27 ++-- drivers/irqchip/irq-gic-v3-its-fsl-mc-msi.c | 2 +- drivers/misc/fastrpc.c | 2 + drivers/misc/lkdtm/fortify.c | 6 + drivers/misc/mei/hw-me-regs.h | 2 + drivers/misc/mei/pci-me.c | 2 + drivers/misc/vmw_balloon.c | 8 +- drivers/most/most_usb.c | 13 +- drivers/net/bonding/bond_main.c | 47 ++++--- drivers/net/can/bxcan.c | 2 +- drivers/net/can/dev/netlink.c | 6 +- drivers/net/can/esd/esdacc.c | 2 +- drivers/net/can/rockchip/rockchip_canfd-tx.c | 2 +- drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.c | 3 +- drivers/net/ethernet/freescale/enetc/enetc.c | 25 +++- drivers/net/ethernet/freescale/enetc/enetc.h | 2 +- drivers/net/ethernet/hisilicon/Kconfig | 1 + .../net/ethernet/mellanox/mlx5/core/en/params.c | 2 +- .../ethernet/mellanox/mlx5/core/en_accel/ipsec.h | 5 + .../mellanox/mlx5/core/en_accel/ipsec_fs.c | 25 +++- drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 2 + drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 51 ++++++-- drivers/net/ethernet/renesas/ravb_main.c | 24 +++- drivers/net/ethernet/stmicro/stmmac/dwmac-rk.c | 9 +- drivers/net/ethernet/ti/am65-cpts.c | 63 +++++++--- drivers/net/ovpn/tcp.c | 26 +++- drivers/net/phy/micrel.c | 4 +- drivers/net/phy/realtek/realtek_main.c | 16 +-- drivers/net/usb/rtl8150.c | 11 +- drivers/nvmem/rcar-efuse.c | 1 + drivers/of/irq.c | 62 ++++++---- drivers/pci/msi/irqdomain.c | 2 +- drivers/pci/pci.c | 6 +- drivers/perf/hisilicon/hisi_uncore_pmu.c | 2 +- drivers/perf/hisilicon/hisi_uncore_pmu.h | 3 +- drivers/platform/mellanox/mlxbf-pmc.c | 1 + drivers/platform/x86/dell/alienware-wmi-wmax.c | 12 +- drivers/ptp/ptp_ocp.c | 2 +- drivers/s390/crypto/zcrypt_ep11misc.c | 4 +- drivers/spi/spi-airoha-snfi.c | 128 ++++++++++++++----- drivers/spi/spi-cadence-quadspi.c | 5 +- drivers/spi/spi-nxp-fspi.c | 80 +++++++++++- drivers/spi/spi-rockchip-sfc.c | 12 +- .../staging/gpib/agilent_82350b/agilent_82350b.c | 12 +- drivers/staging/gpib/fmh_gpib/fmh_gpib.c | 5 + drivers/staging/gpib/ni_usb/ni_usb_gpib.c | 13 +- drivers/tty/serial/8250/8250_dw.c | 4 +- drivers/tty/serial/8250/8250_exar.c | 11 ++ drivers/tty/serial/8250/8250_mtk.c | 6 +- drivers/tty/serial/sc16is7xx.c | 7 -- drivers/tty/serial/sh-sci.c | 14 ++- drivers/usb/core/quirks.c | 2 + drivers/usb/gadget/legacy/raw_gadget.c | 2 - drivers/usb/host/xhci-dbgcap.c | 15 ++- drivers/usb/serial/option.c | 10 ++ drivers/usb/typec/tcpm/tcpm.c | 4 +- drivers/vfio/cdx/Makefile | 6 +- drivers/vfio/cdx/private.h | 14 +++ drivers/virtio/virtio_balloon.c | 2 +- fs/aio.c | 2 +- fs/btrfs/inode.c | 4 +- fs/btrfs/ref-verify.c | 2 +- fs/btrfs/send.c | 56 +++++++-- fs/btrfs/super.c | 8 +- fs/dlm/lock.c | 2 +- fs/dlm/lockspace.c | 2 +- fs/dlm/recover.c | 2 +- fs/erofs/zmap.c | 39 +++--- fs/exec.c | 2 +- fs/gfs2/lock_dlm.c | 11 +- fs/hfs/bfind.c | 8 +- fs/hfs/brec.c | 27 +++- fs/hfs/mdb.c | 2 +- fs/hfsplus/bfind.c | 8 +- fs/hfsplus/bnode.c | 41 ------- fs/hfsplus/btree.c | 6 + fs/hfsplus/hfsplus_fs.h | 42 +++++++ fs/hfsplus/super.c | 25 +++- fs/hugetlbfs/inode.c | 4 +- fs/jfs/jfs_metapage.c | 8 +- fs/notify/fdinfo.c | 6 + fs/ocfs2/move_extents.c | 5 + fs/smb/client/cifsglob.h | 2 +- fs/smb/client/inode.c | 5 +- fs/smb/client/smbdirect.c | 30 +++-- fs/smb/client/smbdirect.h | 2 +- fs/smb/server/transport_rdma.c | 11 +- fs/sysfs/group.c | 26 +++- fs/xfs/scrub/nlinks.c | 34 +++++- fs/xfs/xfs_super.c | 33 +++-- include/linux/arm_ffa.h | 21 +++- include/linux/exportfs.h | 7 +- include/linux/gpio/regmap.h | 16 +++ include/linux/hung_task.h | 8 +- include/linux/migrate.h | 11 +- include/linux/misc_cgroup.h | 2 +- include/linux/of_irq.h | 6 - include/linux/skbuff.h | 3 + include/linux/virtio_net.h | 4 + io_uring/fdinfo.c | 8 +- io_uring/filetable.c | 2 +- io_uring/sqpoll.c | 65 +++++++--- io_uring/sqpoll.h | 1 + io_uring/waitid.c | 2 +- kernel/dma/debug.c | 5 +- kernel/sched/fair.c | 9 +- kernel/sched/sched.h | 2 - kernel/trace/rv/monitors/pagefault/Kconfig | 1 + kernel/trace/rv/rv.c | 12 +- mm/damon/core.c | 7 +- mm/damon/sysfs.c | 7 +- mm/huge_memory.c | 3 + mm/migrate.c | 88 +++++++------ mm/migrate_device.c | 2 +- mm/mremap.c | 15 +-- mm/page_owner.c | 3 + mm/slub.c | 23 ++-- mm/zsmalloc.c | 4 +- net/core/datagram.c | 44 +++++-- net/core/rtnetlink.c | 3 - net/hsr/hsr_netlink.c | 8 +- net/mptcp/pm_kernel.c | 6 + net/sctp/inqueue.c | 13 +- net/smc/smc_inet.c | 13 -- net/vmw_vsock/af_vsock.c | 38 +++--- net/xfrm/espintcp.c | 6 +- rust/kernel/auxiliary.rs | 8 +- rust/kernel/device.rs | 4 +- tools/objtool/check.c | 1 + tools/testing/selftests/net/mptcp/mptcp_join.sh | 8 +- tools/testing/selftests/net/sctp_hello.c | 17 +-- tools/testing/selftests/net/sctp_vrf.sh | 73 ++++++----- 186 files changed, 1849 insertions(+), 834 deletions(-)

1 week, 2 days

14
197
0 0

[PATCH 6.6 00/84] 6.6.115-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.6.115 release. There are 84 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 29 Oct 2025 18:34:15 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.6.115-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.6.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.6.115-rc1 Haoyu Li <lihaoyu499(a)gmail.com> gpio: ljca: Initialize num before accessing item in ljca_gpio_config Darrick J. Wong <djwong(a)kernel.org> fuse: fix livelock in synchronous file put from fuseblk workers Amir Goldstein <amir73il(a)gmail.com> fuse: allocate ff->release_args only if release is needed Vineeth Vijayan <vneethv(a)linux.ibm.com> s390/cio: Update purge function to unregister the unused subchannels Babu Moger <babu.moger(a)amd.com> x86/resctrl: Fix miscount of bandwidth event when reactivating previously unavailable RMID Jakub Acs <acsjakub(a)amazon.de> fs/notify: call exportfs_encode_fid with s_umount Darrick J. Wong <djwong(a)kernel.org> xfs: always warn about deprecated mount options Maarten Lankhorst <dev(a)lankhorst.se> devcoredump: Fix circular locking dependency with devcd->mutex. Daniel Golle <daniel(a)makrotopia.org> serial: 8250_mtk: Enable baud clock and manage in runtime PM Florian Eckert <fe(a)dev.tdt.de> serial: 8250_exar: add support for Advantech 2 port card with Device ID 0x0018 Artem Shimko <a.shimko.dev(a)gmail.com> serial: 8250_dw: handle reset control deassert error Xu Yang <xu.yang_2(a)nxp.com> dt-bindings: usb: dwc3-imx8mp: dma-range is required only for imx8mp Michael Grzeschik <m.grzeschik(a)pengutronix.de> tcpm: switch check for role_sw device with fw_node Victoria Votokina <Victoria.Votokina(a)kaspersky.com> most: usb: hdm_probe: Fix calling put_device() before device initialization Victoria Votokina <Victoria.Votokina(a)kaspersky.com> most: usb: Fix use-after-free in hdm_disconnect Junhao Xie <bigfoot(a)radxa.com> misc: fastrpc: Fix dma_buf object leak in fastrpc_map_lookup Alexander Usyskin <alexander.usyskin(a)intel.com> mei: me: add wildcat lake P DID Deepanshu Kartikey <kartikey406(a)gmail.com> comedi: fix divide-by-zero in comedi_buf_munge() Alice Ryhl <aliceryhl(a)google.com> binder: remove "invalid inc weak" check Andrew Cooper <andrew.cooper3(a)citrix.com> x86/microcode: Fix Entrysign revision check for Zen1/Naples Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: dbc: enable back DbC in resume if it was enabled before suspend Andrey Konovalov <andreyknvl(a)gmail.com> usb: raw-gadget: do not limit transfer length Tim Guttzeit <t.guttzeit(a)tuxedocomputers.com> usb/core/quirks: Add Huawei ME906S to wakeup quirk LI Qingwu <Qing-wu.Li(a)leica-geosystems.com.cn> USB: serial: option: add Telit FN920C04 ECM compositions Reinhard Speyerer <rspmn(a)arcor.de> USB: serial: option: add Quectel RG255C Renjun Wang <renjunw0(a)foxmail.com> USB: serial: option: add UNISOC UIS7720 Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> sched: Remove never used code in mm_cid_get() Alok Tiwari <alok.a.tiwari(a)oracle.com> io_uring: correct __must_hold annotation in io_install_fixed_file Haotian Zhang <vulab(a)iscas.ac.cn> gpio: ljca: Fix duplicated IRQ mapping Wentong Wu <wentong.wu(a)intel.com> gpio: update Intel LJCA USB GPIO driver Guenter Roeck <linux(a)roeck-us.net> hwmon: (sht3x) Fix error handling Anup Patel <apatel(a)ventanamicro.com> RISC-V: Don't print details of CPUs disabled in DT Anup Patel <apatel(a)ventanamicro.com> RISC-V: Define pgprot_dmacoherent() for non-coherent devices Artem Shimko <a.shimko.dev(a)gmail.com> firmware: arm_scmi: Fix premature SCMI_XFER_FLAG_IS_RAW clearing in raw mode Cristian Marussi <cristian.marussi(a)arm.com> firmware: arm_scmi: Account for failed debug initialization Han Xu <han.xu(a)nxp.com> spi: spi-nxp-fspi: add extra delay after dll locked Matthieu Baerts (NGI0) <matttbe(a)kernel.org> selftests: mptcp: join: mark implicit tests as skipped if not supported Matthieu Baerts (NGI0) <matttbe(a)kernel.org> selftests: mptcp: join: mark 'flush re-add' as skipped if not supported Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> net: ravb: Ensure memory write completes before ringing TX doorbell Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> net: ravb: Enforce descriptor type ordering Michal Pecio <michal.pecio(a)gmail.com> net: usb: rtl8150: Fix frame padding Sebastian Reichel <sebastian.reichel(a)collabora.com> net: stmmac: dwmac-rk: Fix disabling set_clock_selection Stefano Garzarella <sgarzare(a)redhat.com> vsock: fix lock inversion in vsock_assign_transport() Deepanshu Kartikey <kartikey406(a)gmail.com> ocfs2: clear extent cache after moving/defragmenting extents Maciej W. Rozycki <macro(a)orcam.me.uk> MIPS: Malta: Fix keyboard resource preventing i8042 driver from registering David Howells <dhowells(a)redhat.com> cifs: Fix TCP_Server_Info::credits to be signed Marc Kleine-Budde <mkl(a)pengutronix.de> can: netlink: can_changelink(): allow disabling of automatic restart Xi Ruoyao <xry111(a)xry111.site> ACPICA: Work around bogus -Wstringop-overread warning since GCC 11 Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> Revert "cpuidle: menu: Avoid discarding useful information" William Breathitt Gray <wbg(a)kernel.org> gpio: 104-idio-16: Define maximum valid register address offset William Breathitt Gray <wbg(a)kernel.org> gpio: pci-idio-16: Define maximum valid register address offset Kaushlendra Kumar <kaushlendra.kumar(a)intel.com> arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() Marek Szyprowski <m.szyprowski(a)samsung.com> dma-debug: don't report false positives with DMA_BOUNCE_UNALIGNED_KMALLOC Tonghao Zhang <tonghao(a)bamaicloud.com> net: bonding: fix possible peer notify event loss or dup issue Alexey Simakov <bigalex934(a)gmail.com> sctp: avoid NULL dereference when chunk data buffer is missing Huang Ying <ying.huang(a)linux.alibaba.com> arm64, mm: avoid always making PTE dirty in pte_mkwrite() Amery Hung <ameryhung(a)gmail.com> net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for striding RQ Amery Hung <ameryhung(a)gmail.com> net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for legacy RQ Carolina Jubran <cjubran(a)nvidia.com> net/mlx5e: Reuse per-RQ XDP buffer to avoid stack zeroing overhead Xin Long <lucien.xin(a)gmail.com> selftests: net: fix server bind failure in sctp_vrf.sh Hangbin Liu <liuhangbin(a)gmail.com> selftests/net: convert sctp_vrf.sh to run it in unique namespace Marc Kleine-Budde <mkl(a)pengutronix.de> can: bxcan: bxcan_start_xmit(): use can_dev_dropped_skb() instead of can_dropped_invalid_skb() Ioana Ciornei <ioana.ciornei(a)nxp.com> dpaa2-eth: fix the pointer passed to PTR_ALIGN on Tx path Wei Fang <wei.fang(a)nxp.com> net: enetc: correct the value of ENETC_RXB_TRUESIZE Jianpeng Chang <jianpeng.chang.cn(a)windriver.com> net: enetc: fix the deadlock of enetc_mdio_lock Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> net: Tree wide: Replace xdp_do_flush_map() with xdp_do_flush(). Johannes Wiesböck <johannes.wiesboeck(a)aisec.fraunhofer.de> rtnetlink: Allow deleting FDB entries in user namespace Nathan Chancellor <nathan(a)kernel.org> net/mlx5e: Return 1 instead of 0 in invalid case in mlx5e_mpwrq_umr_entry_size() Linus Torvalds <torvalds(a)linux-foundation.org> Unbreak 'make tools/*' for user-space targets Stefan Metzmacher <metze(a)samba.org> smb: server: let smb_direct_flush_send_list() invalidate a remote key first Yicong Yang <yangyicong(a)hisilicon.com> drivers/perf: hisi: Relax the event ID check in the framework Christophe Leroy <christophe.leroy(a)csgroup.eu> powerpc/32: Remove PAGE_KERNEL_TEXT to fix startup failure Geert Uytterhoeven <geert(a)linux-m68k.org> m68k: bitops: Fix find_*_bit() signatures Junjie Cao <junjie.cao(a)intel.com> lkdtm: fortify: Fix potential NULL dereference on kmalloc failure Yangtao Li <frank.li(a)vivo.com> hfsplus: return EIO when type of hidden directory mismatch in hfsplus_fill_super() Viacheslav Dubeyko <slava(a)dubeyko.com> hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits() Alexander Aring <aahringo(a)redhat.com> dlm: check for defined force value in dlm_lockspace_release Viacheslav Dubeyko <slava(a)dubeyko.com> hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() Yang Chenzhi <yang.chenzhi(a)vivo.com> hfs: validate record offset in hfsplus_bmap_alloc Viacheslav Dubeyko <slava(a)dubeyko.com> hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent() Viacheslav Dubeyko <slava(a)dubeyko.com> hfs: make proper initalization of struct hfs_find_data Viacheslav Dubeyko <slava(a)dubeyko.com> hfs: clear offset and space out of valid records in b-tree node Simon Schuster <schuster.simon(a)siemens-energy.com> nios2: ensure that memblock.current_limit is set when setting pfn limits Xichao Zhao <zhao.xichao(a)vivo.com> exec: Fix incorrect type for ret ------------- Diffstat: .../devicetree/bindings/usb/fsl,imx8mp-dwc3.yaml | 10 +- Makefile | 8 +- arch/arm64/include/asm/pgtable.h | 3 +- arch/m68k/include/asm/bitops.h | 25 ++- arch/mips/mti-malta/malta-setup.c | 2 +- arch/nios2/kernel/setup.c | 15 ++ arch/powerpc/include/asm/pgtable.h | 12 - arch/powerpc/mm/book3s32/mmu.c | 4 +- arch/powerpc/mm/pgtable_32.c | 2 +- arch/riscv/include/asm/pgtable.h | 2 + arch/riscv/kernel/cpu.c | 4 +- arch/x86/kernel/cpu/microcode/amd.c | 2 +- arch/x86/kernel/cpu/resctrl/monitor.c | 12 +- drivers/acpi/acpica/tbprint.c | 6 + drivers/android/binder.c | 11 +- drivers/base/arch_topology.c | 2 +- drivers/base/devcoredump.c | 138 +++++++----- drivers/comedi/comedi_buf.c | 2 +- drivers/cpuidle/governors/menu.c | 21 +- drivers/firmware/arm_scmi/common.h | 24 +- drivers/firmware/arm_scmi/driver.c | 47 ++-- drivers/gpio/Kconfig | 4 +- drivers/gpio/gpio-104-idio-16.c | 1 + drivers/gpio/gpio-ljca.c | 248 ++++++++++++--------- drivers/gpio/gpio-pci-idio-16.c | 1 + drivers/hwmon/sht3x.c | 27 ++- drivers/misc/fastrpc.c | 2 + drivers/misc/lkdtm/fortify.c | 6 + drivers/misc/mei/hw-me-regs.h | 2 + drivers/misc/mei/pci-me.c | 2 + drivers/most/most_usb.c | 13 +- drivers/net/bonding/bond_main.c | 40 ++-- drivers/net/can/bxcan.c | 2 +- drivers/net/can/dev/netlink.c | 6 +- drivers/net/ethernet/amazon/ena/ena_netdev.c | 2 +- drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.c | 3 +- drivers/net/ethernet/freescale/enetc/enetc.c | 27 ++- drivers/net/ethernet/freescale/enetc/enetc.h | 2 +- drivers/net/ethernet/freescale/fec_main.c | 2 +- drivers/net/ethernet/intel/i40e/i40e_txrx.c | 2 +- drivers/net/ethernet/intel/ice/ice_txrx_lib.c | 2 +- drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 2 +- drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 2 +- drivers/net/ethernet/marvell/mvneta.c | 2 +- drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c | 2 +- drivers/net/ethernet/mediatek/mtk_eth_soc.c | 2 +- drivers/net/ethernet/mellanox/mlx5/core/en.h | 7 + .../net/ethernet/mellanox/mlx5/core/en/params.c | 2 +- drivers/net/ethernet/mellanox/mlx5/core/en/xdp.c | 2 +- drivers/net/ethernet/mellanox/mlx5/core/en/xdp.h | 6 - drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 128 +++++++---- drivers/net/ethernet/netronome/nfp/nfd3/xsk.c | 2 +- drivers/net/ethernet/renesas/ravb_main.c | 24 +- drivers/net/ethernet/sfc/efx_channels.c | 2 +- drivers/net/ethernet/sfc/siena/efx_channels.c | 2 +- drivers/net/ethernet/socionext/netsec.c | 2 +- drivers/net/ethernet/stmicro/stmmac/dwmac-rk.c | 9 +- drivers/net/ethernet/ti/cpsw_priv.c | 2 +- drivers/net/usb/rtl8150.c | 11 +- drivers/perf/hisilicon/hisi_uncore_pmu.c | 2 +- drivers/perf/hisilicon/hisi_uncore_pmu.h | 3 +- drivers/s390/cio/device.c | 37 +-- drivers/spi/spi-nxp-fspi.c | 6 + drivers/tty/serial/8250/8250_dw.c | 4 +- drivers/tty/serial/8250/8250_exar.c | 11 + drivers/tty/serial/8250/8250_mtk.c | 6 +- drivers/usb/core/quirks.c | 2 + drivers/usb/gadget/legacy/raw_gadget.c | 2 - drivers/usb/host/xhci-dbgcap.c | 9 +- drivers/usb/serial/option.c | 10 + drivers/usb/typec/tcpm/tcpm.c | 4 +- fs/dlm/lockspace.c | 2 +- fs/exec.c | 2 +- fs/fuse/dir.c | 2 +- fs/fuse/file.c | 75 ++++--- fs/fuse/fuse_i.h | 2 +- fs/hfs/bfind.c | 8 +- fs/hfs/brec.c | 27 ++- fs/hfs/mdb.c | 2 +- fs/hfsplus/bfind.c | 8 +- fs/hfsplus/bnode.c | 41 ---- fs/hfsplus/btree.c | 6 + fs/hfsplus/hfsplus_fs.h | 42 ++++ fs/hfsplus/super.c | 25 ++- fs/notify/fdinfo.c | 6 + fs/ocfs2/move_extents.c | 5 + fs/smb/client/cifsglob.h | 2 +- fs/smb/server/transport_rdma.c | 11 +- fs/xfs/xfs_super.c | 33 ++- io_uring/filetable.c | 2 +- kernel/dma/debug.c | 5 +- kernel/sched/sched.h | 2 - net/core/rtnetlink.c | 3 - net/sctp/inqueue.c | 13 +- net/vmw_vsock/af_vsock.c | 38 ++-- tools/testing/selftests/net/mptcp/mptcp_join.sh | 6 +- tools/testing/selftests/net/sctp_hello.c | 17 +- tools/testing/selftests/net/sctp_vrf.sh | 85 ++++--- 98 files changed, 917 insertions(+), 604 deletions(-)

1 week, 2 days

11
94
0 0

[PATCH v2 2/4] ASoC: cs4271: Disable regulators in component_probe() error path

by Herve Codina

The commit 9a397f473657 ("ASoC: cs4271: add regulator consumer support") has introduced regulators in the driver. Regulators are enabled at the beginning of component_probe() but they are not disabled on errors. This can lead to unbalanced enable/disable. Fix the error path to disable regulators on errors. Fixes: 9a397f473657 ("ASoC: cs4271: add regulator consumer support") Cc: stable(a)vger.kernel.org Signed-off-by: Herve Codina <herve.codina(a)bootlin.com> --- sound/soc/codecs/cs4271.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/sound/soc/codecs/cs4271.c b/sound/soc/codecs/cs4271.c index ff9c6628224c..a9d333e6c723 100644 --- a/sound/soc/codecs/cs4271.c +++ b/sound/soc/codecs/cs4271.c @@ -572,17 +572,17 @@ static int cs4271_component_probe(struct snd_soc_component *component) ret = regcache_sync(cs4271->regmap); if (ret < 0) - return ret; + goto err_disable_regulators; ret = regmap_update_bits(cs4271->regmap, CS4271_MODE2, CS4271_MODE2_PDN | CS4271_MODE2_CPEN, CS4271_MODE2_PDN | CS4271_MODE2_CPEN); if (ret < 0) - return ret; + goto err_disable_regulators; ret = regmap_update_bits(cs4271->regmap, CS4271_MODE2, CS4271_MODE2_PDN, 0); if (ret < 0) - return ret; + goto err_disable_regulators; /* Power-up sequence requires 85 uS */ udelay(85); @@ -592,6 +592,10 @@ static int cs4271_component_probe(struct snd_soc_component *component) CS4271_MODE2_MUTECAEQUB); return 0; + +err_disable_regulators: + regulator_bulk_disable(ARRAY_SIZE(cs4271->supplies), cs4271->supplies); + return ret; } static void cs4271_component_remove(struct snd_soc_component *component) -- 2.51.0

1 week, 2 days

2
1
0 0

[PATCH 5.15 000/117] 5.15.196-rc2 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.15.196 release. There are 117 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu, 30 Oct 2025 09:28:07 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.15.196-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.15.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.15.196-rc2 Marek Vasut <marek.vasut+renesas(a)mailbox.org> PCI: rcar: Demote WARN() to dev_warn_ratelimited() in rcar_pcie_wakeup() Zhengchao Shao <shaozhengchao(a)huawei.com> net: rtnetlink: fix module reference count leak issue in rtnetlink_rcv_msg Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: f_acm: Refactor bind path to use __free() Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: f_ncm: Refactor bind path to use __free() Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: Introduce free_usb_request helper Kuen-Han Tsai <khtsai(a)google.com> usb: gadget: Store endpoint pointer in usb_request Kaushlendra Kumar <kaushlendra.kumar(a)intel.com> arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() Darrick J. Wong <djwong(a)kernel.org> xfs: always warn about deprecated mount options Maarten Lankhorst <dev(a)lankhorst.se> devcoredump: Fix circular locking dependency with devcd->mutex. Niklas Cassel <cassel(a)kernel.org> PCI: tegra194: Reset BARs when running in PCIe endpoint mode Marek Vasut <marek.vasut+renesas(a)mailbox.org> PCI: rcar-host: Drop PMSR spinlock Marek Vasut <marek.vasut+renesas(a)gmail.com> PCI: rcar: Finish transition to L1 state in rcar_pcie_config_access() Vidya Sagar <vidyas(a)nvidia.com> PCI: tegra194: Handle errors in BPMP response Jaegeuk Kim <jaegeuk(a)kernel.org> f2fs: fix wrong block mapping for multi-devices Chuck Lever <chuck.lever(a)oracle.com> NFSD: Define a proc_layoutcommit for the FlexFiles layout type Jan Kara <jack(a)suse.cz> vfs: Don't leak disconnected dentries on umount Gui-Dong Han <hanguidong02(a)gmail.com> drm/amdgpu: use atomic functions with memory barriers for vm fault info Marek Vasut <marek.vasut+renesas(a)mailbox.org> PCI: rcar-host: Convert struct rcar_msi mask_lock into raw spinlock Muhammad Usama Anjum <usama.anjum(a)collabora.com> wifi: ath11k: HAL SRNG: don't deinitialize and re-initialize again Siddharth Vadapalli <s-vadapalli(a)ti.com> PCI: j721e: Fix programming sequence of "strap" settings Siddharth Vadapalli <s-vadapalli(a)ti.com> PCI: j721e: Enable ACSPCIE Refclk if "ti,syscon-acspcie-proxy-ctrl" exists Darrick J. Wong <djwong(a)kernel.org> fuse: fix livelock in synchronous file put from fuseblk workers Amir Goldstein <amir73il(a)gmail.com> fuse: allocate ff->release_args only if release is needed Xiao Liang <shaw.leon(a)gmail.com> padata: Reset next CPU when reorder sequence wraps around Sean Nyekjaer <sean(a)geanix.com> iio: imu: inv_icm42600: Simplify pm_runtime setup Bence Csókás <csokas.bence(a)prolan.hu> PM: runtime: Add new devm functions Sean Nyekjaer <sean(a)geanix.com> iio: imu: inv_icm42600: Avoid configuring if already pm_runtime suspended David Lechner <dlechner(a)baylibre.com> iio: imu: inv_icm42600: use = { } instead of memset() Sergey Bashirov <sergeybashirov(a)gmail.com> NFSD: Fix last write offset handling in layoutcommit Sergey Bashirov <sergeybashirov(a)gmail.com> NFSD: Minor cleanup in layoutcommit processing Sergey Bashirov <sergeybashirov(a)gmail.com> NFSD: Rework encoding and decoding of nfsd4_deviceid Christoph Hellwig <hch(a)lst.de> xfs: fix log CRC mismatches between i386 and other architectures Christoph Hellwig <hch(a)lst.de> xfs: rename the old_crc variable in xlog_recover_process Vineeth Vijayan <vneethv(a)linux.ibm.com> s390/cio: Update purge function to unregister the unused subchannels Mark Rutland <mark.rutland(a)arm.com> arm64: errata: Apply workarounds for Neoverse-V3AE Mark Rutland <mark.rutland(a)arm.com> arm64: cputype: Add Neoverse-V3AE definitions Florian Eckert <fe(a)dev.tdt.de> serial: 8250_exar: add support for Advantech 2 port card with Device ID 0x0018 Victoria Votokina <Victoria.Votokina(a)kaspersky.com> most: usb: hdm_probe: Fix calling put_device() before device initialization Victoria Votokina <Victoria.Votokina(a)kaspersky.com> most: usb: Fix use-after-free in hdm_disconnect Alexander Usyskin <alexander.usyskin(a)intel.com> mei: me: add wildcat lake P DID Deepanshu Kartikey <kartikey406(a)gmail.com> comedi: fix divide-by-zero in comedi_buf_munge() Alice Ryhl <aliceryhl(a)google.com> binder: remove "invalid inc weak" check Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: dbc: enable back DbC in resume if it was enabled before suspend Andrey Konovalov <andreyknvl(a)gmail.com> usb: raw-gadget: do not limit transfer length Tim Guttzeit <t.guttzeit(a)tuxedocomputers.com> usb/core/quirks: Add Huawei ME906S to wakeup quirk LI Qingwu <Qing-wu.Li(a)leica-geosystems.com.cn> USB: serial: option: add Telit FN920C04 ECM compositions Reinhard Speyerer <rspmn(a)arcor.de> USB: serial: option: add Quectel RG255C Renjun Wang <renjunw0(a)foxmail.com> USB: serial: option: add UNISOC UIS7720 Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> net: ravb: Ensure memory write completes before ringing TX doorbell Michal Pecio <michal.pecio(a)gmail.com> net: usb: rtl8150: Fix frame padding Stefano Garzarella <sgarzare(a)redhat.com> vsock: fix lock inversion in vsock_assign_transport() Deepanshu Kartikey <kartikey406(a)gmail.com> ocfs2: clear extent cache after moving/defragmenting extents Maciej W. Rozycki <macro(a)orcam.me.uk> MIPS: Malta: Fix keyboard resource preventing i8042 driver from registering Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> Revert "cpuidle: menu: Avoid discarding useful information" Tonghao Zhang <tonghao(a)bamaicloud.com> net: bonding: fix possible peer notify event loss or dup issue Alexey Simakov <bigalex934(a)gmail.com> sctp: avoid NULL dereference when chunk data buffer is missing Huang Ying <ying.huang(a)linux.alibaba.com> arm64, mm: avoid always making PTE dirty in pte_mkwrite() Ioana Ciornei <ioana.ciornei(a)nxp.com> dpaa2-eth: fix the pointer passed to PTR_ALIGN on Tx path Wei Fang <wei.fang(a)nxp.com> net: enetc: correct the value of ENETC_RXB_TRUESIZE Johannes Wiesböck <johannes.wiesboeck(a)aisec.fraunhofer.de> rtnetlink: Allow deleting FDB entries in user namespace Nikolay Aleksandrov <razor(a)blackwall.org> net: rtnetlink: add NLM_F_BULK support to rtnl_fdb_del Nikolay Aleksandrov <razor(a)blackwall.org> net: add ndo_fdb_del_bulk Nikolay Aleksandrov <razor(a)blackwall.org> net: rtnetlink: add bulk delete support flag Nikolay Aleksandrov <razor(a)blackwall.org> net: netlink: add NLM_F_BULK delete request modifier Nikolay Aleksandrov <razor(a)blackwall.org> net: rtnetlink: use BIT for flag values Nikolay Aleksandrov <razor(a)blackwall.org> net: rtnetlink: add helper to extract msg type's kind Geert Uytterhoeven <geert(a)linux-m68k.org> m68k: bitops: Fix find_*_bit() signatures Yangtao Li <frank.li(a)vivo.com> hfsplus: return EIO when type of hidden directory mismatch in hfsplus_fill_super() Viacheslav Dubeyko <slava(a)dubeyko.com> hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits() Alexander Aring <aahringo(a)redhat.com> dlm: check for defined force value in dlm_lockspace_release Viacheslav Dubeyko <slava(a)dubeyko.com> hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() Yang Chenzhi <yang.chenzhi(a)vivo.com> hfs: validate record offset in hfsplus_bmap_alloc Viacheslav Dubeyko <slava(a)dubeyko.com> hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent() Viacheslav Dubeyko <slava(a)dubeyko.com> hfs: make proper initalization of struct hfs_find_data Viacheslav Dubeyko <slava(a)dubeyko.com> hfs: clear offset and space out of valid records in b-tree node Simon Schuster <schuster.simon(a)siemens-energy.com> nios2: ensure that memblock.current_limit is set when setting pfn limits Xichao Zhao <zhao.xichao(a)vivo.com> exec: Fix incorrect type for ret Niko Mauno <niko.mauno(a)vaisala.com> Revert "perf test: Don't leak workload gopipe in PERF_RECORD_*" Brian Norris <briannorris(a)google.com> PCI/sysfs: Ensure devices are powered for config reads (part 2) Viacheslav Dubeyko <slava(a)dubeyko.com> hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() Jiaming Zhang <r772577952(a)gmail.com> ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card Randy Dunlap <rdunlap(a)infradead.org> ALSA: firewire: amdtp-stream: fix enum kernel-doc warnings Vincent Guittot <vincent.guittot(a)linaro.org> sched/fair: Fix pelt lost idle time detection Ingo Molnar <mingo(a)kernel.org> sched/balancing: Rename newidle_balance() => sched_balance_newidle() Timur Kristóf <timur.kristof(a)gmail.com> drm/amd/powerplay: Fix CIK shutdown temperature Fabian Vogt <fvogt(a)suse.de> riscv: kprobes: Fix probe address validation I Viswanath <viswanathiyyappan(a)gmail.com> net: usb: lan78xx: fix use of improperly initialized dev->chipid in lan78xx_reset Oleksij Rempel <linux(a)rempel-privat.de> net: usb: lan78xx: Add error handling to lan78xx_init_mac_address Jakub Kicinski <kuba(a)kernel.org> net: usb: use eth_hw_addr_set() instead of ether_addr_copy() Sabrina Dubroca <sd(a)queasysnail.net> tls: don't rely on tx_work during send() Sabrina Dubroca <sd(a)queasysnail.net> tls: always set record_type in tls_process_cmsg Sabrina Dubroca <sd(a)queasysnail.net> tls: wait for async encrypt in case of error during latter iterations of sendmsg Sascha Hauer <s.hauer(a)pengutronix.de> net: tls: wait for async completion on last message David Howells <dhowells(a)redhat.com> splice, net: Add a splice_eof op to file-ops and socket-ops Alexey Simakov <bigalex934(a)gmail.com> tg3: prevent use of uninitialized remote_adv and local_adv variables Eric Dumazet <edumazet(a)google.com> tcp: fix tcp_tso_should_defer() vs large RTT Raju Rangoju <Raju.Rangoju(a)amd.com> amd-xgbe: Avoid spurious link down messages during interface toggle Dmitry Safonov <0x7f454c46(a)gmail.com> net/ip6_tunnel: Prevent perpetual tunnel growth Linmao Li <lilinmao(a)kylinos.cn> r8169: fix packet truncation after S4 resume on RTL8168H/RTL8111H Nicolas Dichtel <nicolas.dichtel(a)6wind.com> doc: fix seg6_flowlabel path Yeounsu Moon <yyyynoom(a)gmail.com> net: dlink: handle dma_map_single() failure properly Marc Kleine-Budde <mkl(a)pengutronix.de> can: m_can: m_can_plat_remove(): add missing pm_runtime_disable() Yuezhang Mo <Yuezhang.Mo(a)sony.com> dax: skip read lock assertion for read-only filesystems Benjamin Tissoires <bentiss(a)kernel.org> HID: multitouch: fix sticky fingers Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> cpufreq: CPPC: Avoid using CPUFREQ_ETERNAL as transition delay Thomas Fourier <fourier.thomas(a)gmail.com> crypto: rockchip - Fix dma_unmap_sg() nents value Kaustabh Chakraborty <kauschluss(a)disroot.org> drm/exynos: exynos7_drm_decon: remove ctx->suspended Kaustabh Chakraborty <kauschluss(a)disroot.org> drm/exynos: exynos7_drm_decon: properly clear channels during bind Kaustabh Chakraborty <kauschluss(a)disroot.org> drm/exynos: exynos7_drm_decon: fix uninitialized crtc reference in functions Yu Kuai <yukuai3(a)huawei.com> blk-crypto: fix missing blktrace bio split events Ma Ke <make24(a)iscas.ac.cn> media: lirc: Fix error handling in lirc_register() keliu <liuke94(a)huawei.com> media: rc: Directly use ida_free() Arnd Bergmann <arnd(a)arndb.de> media: s5p-mfc: remove an unused/uninitialized variable Filipe Manana <fdmanana(a)suse.com> btrfs: fix clearing of BTRFS_FS_RELOC_RUNNING if relocation already running Deepanshu Kartikey <kartikey406(a)gmail.com> ext4: detect invalid INLINE_DATA + EXTENTS flag combination Zhang Yi <yi.zhang(a)huawei.com> jbd2: ensure that all ongoing I/O complete before freeing blocks Yi Cong <yicong(a)kylinos.cn> r8152: add error handling in rtl8152_driver_init ------------- Diffstat: Documentation/arm64/silicon-errata.rst | 2 + Documentation/networking/seg6-sysctl.rst | 3 + Makefile | 4 +- arch/arm64/Kconfig | 1 + arch/arm64/include/asm/cputype.h | 2 + arch/arm64/include/asm/pgtable.h | 3 +- arch/arm64/kernel/cpu_errata.c | 1 + arch/m68k/include/asm/bitops.h | 25 ++-- arch/mips/mti-malta/malta-setup.c | 2 +- arch/nios2/kernel/setup.c | 15 +++ arch/riscv/kernel/probes/kprobes.c | 13 +- block/blk-crypto-fallback.c | 3 + drivers/android/binder.c | 11 +- drivers/base/arch_topology.c | 2 +- drivers/base/devcoredump.c | 138 +++++++++++++-------- drivers/base/power/runtime.c | 44 +++++++ drivers/comedi/comedi_buf.c | 2 +- drivers/cpufreq/cppc_cpufreq.c | 14 ++- drivers/cpuidle/governors/menu.c | 21 ++-- drivers/crypto/rockchip/rk3288_crypto_ahash.c | 3 +- drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c | 5 +- drivers/gpu/drm/amd/amdgpu/gmc_v7_0.c | 7 +- drivers/gpu/drm/amd/amdgpu/gmc_v8_0.c | 7 +- .../gpu/drm/amd/pm/powerplay/hwmgr/smu7_hwmgr.c | 3 +- drivers/gpu/drm/exynos/exynos7_drm_decon.c | 98 +++++---------- drivers/hid/hid-multitouch.c | 27 ++-- drivers/iio/imu/inv_icm42600/inv_icm42600_accel.c | 5 +- drivers/iio/imu/inv_icm42600/inv_icm42600_core.c | 35 ++---- drivers/iio/imu/inv_icm42600/inv_icm42600_gyro.c | 5 +- drivers/media/platform/s5p-mfc/s5p_mfc_cmd_v6.c | 35 ++---- drivers/media/rc/lirc_dev.c | 15 +-- drivers/media/rc/rc-main.c | 6 +- drivers/misc/mei/hw-me-regs.h | 2 + drivers/misc/mei/pci-me.c | 2 + drivers/most/most_usb.c | 13 +- drivers/net/bonding/bond_main.c | 40 +++--- drivers/net/can/m_can/m_can_platform.c | 2 +- drivers/net/ethernet/amd/xgbe/xgbe-drv.c | 1 - drivers/net/ethernet/amd/xgbe/xgbe-mdio.c | 1 + drivers/net/ethernet/broadcom/tg3.c | 5 +- drivers/net/ethernet/dlink/dl2k.c | 23 ++-- drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.c | 3 +- drivers/net/ethernet/freescale/enetc/enetc.h | 2 +- drivers/net/ethernet/realtek/r8169_main.c | 5 +- drivers/net/ethernet/renesas/ravb_main.c | 8 ++ drivers/net/usb/aqc111.c | 2 +- drivers/net/usb/lan78xx.c | 42 +++++-- drivers/net/usb/r8152.c | 9 +- drivers/net/usb/rndis_host.c | 2 +- drivers/net/usb/rtl8150.c | 13 +- drivers/net/wireless/ath/ath11k/core.c | 6 +- drivers/net/wireless/ath/ath11k/hal.c | 16 +++ drivers/net/wireless/ath/ath11k/hal.h | 1 + drivers/pci/controller/cadence/pci-j721e.c | 64 +++++++++- drivers/pci/controller/dwc/pcie-designware-ep.c | 1 + drivers/pci/controller/dwc/pcie-tegra194.c | 28 ++++- drivers/pci/controller/pcie-rcar-host.c | 83 +++++++------ drivers/pci/pci-sysfs.c | 10 +- drivers/s390/cio/device.c | 37 ++++-- drivers/tty/serial/8250/8250_exar.c | 11 ++ drivers/usb/core/quirks.c | 2 + drivers/usb/gadget/function/f_acm.c | 42 +++---- drivers/usb/gadget/function/f_ncm.c | 78 +++++------- drivers/usb/gadget/legacy/raw_gadget.c | 2 - drivers/usb/gadget/udc/core.c | 3 + drivers/usb/host/xhci-dbgcap.c | 9 +- drivers/usb/serial/option.c | 10 ++ fs/btrfs/relocation.c | 13 +- fs/dax.c | 2 +- fs/dcache.c | 2 + fs/dlm/lockspace.c | 2 +- fs/exec.c | 2 +- fs/ext4/inode.c | 8 ++ fs/f2fs/data.c | 2 +- fs/fuse/dir.c | 2 +- fs/fuse/file.c | 75 ++++++----- fs/fuse/fuse_i.h | 2 +- fs/hfs/bfind.c | 8 +- fs/hfs/brec.c | 27 +++- fs/hfs/mdb.c | 2 +- fs/hfsplus/bfind.c | 8 +- fs/hfsplus/bnode.c | 41 ------ fs/hfsplus/btree.c | 6 + fs/hfsplus/hfsplus_fs.h | 42 +++++++ fs/hfsplus/super.c | 25 +++- fs/hfsplus/unicode.c | 24 ++++ fs/jbd2/transaction.c | 13 +- fs/nfsd/blocklayout.c | 5 +- fs/nfsd/blocklayoutxdr.c | 7 +- fs/nfsd/flexfilelayout.c | 8 ++ fs/nfsd/flexfilelayoutxdr.c | 3 +- fs/nfsd/nfs4layouts.c | 1 - fs/nfsd/nfs4proc.c | 34 +++-- fs/nfsd/nfs4xdr.c | 14 +-- fs/nfsd/xdr4.h | 36 +++++- fs/ocfs2/move_extents.c | 5 + fs/splice.c | 31 ++++- fs/xfs/libxfs/xfs_log_format.h | 30 ++++- fs/xfs/xfs_log.c | 8 +- fs/xfs/xfs_log_priv.h | 4 +- fs/xfs/xfs_log_recover.c | 34 +++-- fs/xfs/xfs_ondisk.h | 2 + fs/xfs/xfs_super.c | 33 +++-- include/linux/cpufreq.h | 3 + include/linux/fs.h | 1 + include/linux/net.h | 1 + include/linux/netdevice.h | 9 ++ include/linux/pm_runtime.h | 4 + include/linux/splice.h | 1 + include/linux/usb/gadget.h | 25 ++++ include/net/ip_tunnels.h | 15 +++ include/net/rtnetlink.h | 9 +- include/net/sock.h | 1 + include/uapi/linux/netlink.h | 1 + kernel/padata.c | 6 +- kernel/sched/fair.c | 38 +++--- net/core/rtnetlink.c | 81 ++++++++---- net/ipv4/ip_tunnel.c | 14 --- net/ipv4/tcp_output.c | 19 ++- net/ipv6/ip6_tunnel.c | 3 +- net/sctp/inqueue.c | 13 +- net/socket.c | 10 ++ net/tls/tls_main.c | 7 +- net/tls/tls_sw.c | 22 +++- net/vmw_vsock/af_vsock.c | 38 +++--- sound/firewire/amdtp-stream.h | 2 +- sound/usb/card.c | 10 +- tools/perf/tests/perf-record.c | 4 - 128 files changed, 1305 insertions(+), 728 deletions(-)

1 week, 2 days

9
8
0 0

[Patch v2] perf/x86/intel: Fix KASAN global-out-of-bounds warning

by Dapeng Mi

When running "perf mem record" command on CWF, the below KASAN global-out-of-bounds warning is seen. 196.273657] ================================================================== [ 196.273662] BUG: KASAN: global-out-of-bounds in cmt_latency_data+0x176/0x1b0 [ 196.273669] Read of size 4 at addr ffffffffb721d000 by task dtlb/9850 [ 196.273676] CPU: 126 UID: 0 PID: 9850 Comm: dtlb Kdump: loaded Not tainted 6.17.0-rc3-2025-08-29-intel-next-34160-g316938187eb0 #1 PREEMPT(none) [ 196.273680] Hardware name: Intel Corporation AvenueCity/AvenueCity, BIOS BHSDCRB1.IPC.3544.P83.2507110208 07/11/2025 [ 196.273682] Call Trace: [ 196.273683] <NMI> [ 196.273684] dump_stack_lvl+0x55/0x70 [ 196.273689] print_address_description.constprop.0+0x2c/0x3d0 [ 196.273694] ? cmt_latency_data+0x176/0x1b0 [ 196.273696] print_report+0xb4/0x270 [ 196.273699] ? kasan_addr_to_slab+0xd/0xa0 [ 196.273702] kasan_report+0xb8/0xf0 [ 196.273705] ? cmt_latency_data+0x176/0x1b0 [ 196.273707] cmt_latency_data+0x176/0x1b0 [ 196.273710] setup_arch_pebs_sample_data+0xf49/0x2560 [ 196.273713] intel_pmu_drain_arch_pebs+0x577/0xb00 [ 196.273716] ? __pfx_intel_pmu_drain_arch_pebs+0x10/0x10 [ 196.273719] ? perf_output_begin+0x3e4/0xa10 [ 196.273724] ? intel_pmu_drain_bts_buffer+0xc2/0x6a0 [ 196.273727] ? __pfx_intel_pmu_drain_bts_buffer+0x10/0x10 [ 196.273730] handle_pmi_common+0x6c4/0xc80 [ 196.273734] ? __pfx_handle_pmi_common+0x10/0x10 [ 196.273738] ? intel_bts_interrupt+0xd3/0x4d0 [ 196.273740] ? __pfx_intel_bts_interrupt+0x10/0x10 [ 196.273742] ? intel_pmu_lbr_enable_all+0x25/0x150 [ 196.273745] intel_pmu_handle_irq+0x388/0x700 [ 196.273748] perf_event_nmi_handler+0xff/0x150 [ 196.273751] nmi_handle.part.0+0xa8/0x2d0 [ 196.273755] ? perf_output_begin+0x3e9/0xa10 [ 196.273757] default_do_nmi+0x79/0x1a0 [ 196.273760] fred_exc_nmi+0x40/0x90 [ 196.273762] asm_fred_entrypoint_kernel+0x45/0x60 [ 196.273765] RIP: 0010:perf_output_begin+0x3e9/0xa10 [ 196.273768] Code: 54 24 1c 85 d2 0f 85 19 03 00 00 48 8b 44 24 18 48 c1 e8 03 42 0f b6 04 28 84 c0 74 08 3c 03 0f 8e 25 05 00 00 41 8b 44 24 18 <c1> e0 0c 48 98 48 83 e8 01 80 7c 24 2a 00 0f 85 f9 02 00 00 4c 29 [ 196.273770] RSP: 0018:ffffc9001cf575e8 EFLAGS: 00000246 [ 196.273774] RAX: 0000000000000080 RBX: ffff88c1a0f95028 RCX: 0000000000000004 [ 196.273775] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88c08c8f9408 [ 196.273777] RBP: 0000000000000028 R08: 0000000000000000 R09: ffffed18341f2a05 [ 196.273778] R10: ffff88c1a0f9502f R11: ffff88c1a0dbe1b8 R12: ffff88c1a0f95000 [ 196.273779] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffc9001cf577e0 [ 196.273782] </NMI> The issue is caused by below code in __grt_latency_data(). The code tries to access x86_hybrid_pmu structure which doesn't exist on non-hybrid platform like CWF. WARN_ON_ONCE(hybrid_pmu(event->pmu)->pmu_type == hybrid_big) So add is_hybrid() check before calling this WARN_ON_ONCE to fix the global-out-of-bounds access issue. Reported-by: Xudong Hao <xudong.hao(a)intel.com> Cc: stable(a)vger.kernel.org Fixes: 090262439f66 ("perf/x86/intel: Rename model-specific pebs_latency_data functions") Signed-off-by: Dapeng Mi <dapeng1.mi(a)linux.intel.com> Reviewed-by: Zide Chen <zide.chen(a)intel.com> --- Changes: v2: Wrap the line that exceeds 80 characters (Zide) arch/x86/events/intel/ds.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/x86/events/intel/ds.c b/arch/x86/events/intel/ds.c index c0b7ac1c7594..01bc59e9286c 100644 --- a/arch/x86/events/intel/ds.c +++ b/arch/x86/events/intel/ds.c @@ -317,7 +317,8 @@ static u64 __grt_latency_data(struct perf_event *event, u64 status, { u64 val; - WARN_ON_ONCE(hybrid_pmu(event->pmu)->pmu_type == hybrid_big); + WARN_ON_ONCE(is_hybrid() && + hybrid_pmu(event->pmu)->pmu_type == hybrid_big); dse &= PERF_PEBS_DATA_SOURCE_GRT_MASK; val = hybrid_var(event->pmu, pebs_data_source)[dse]; base-commit: 45e1dccc0653c50e377dae57ef086a8d0f71061d -- 2.34.1

1 week, 2 days

2
1
0 0

[PATCH] most: usb: fix double free on late probe failure

by Johan Hovold

The MOST subsystem has a non-standard registration function which frees the interface on registration failures and on deregistration. This unsurprisingly leads to bugs in the MOST drivers, and a couple of recent changes turned a reference underflow and use-after-free in the USB driver into several double free and a use-after-free on late probe failures. Fixes: 723de0f9171e ("staging: most: remove device from interface structure") Fixes: 4b1270902609 ("most: usb: Fix use-after-free in hdm_disconnect") Fixes: a8cc9e5fcb0e ("most: usb: hdm_probe: Fix calling put_device() before device initialization") Cc: stable(a)vger.kernel.org Cc: Christian Gromm <christian.gromm(a)microchip.com> Cc: Victoria Votokina <Victoria.Votokina(a)kaspersky.com> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/most/most_usb.c | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/drivers/most/most_usb.c b/drivers/most/most_usb.c index 10064d7b7249..41ee169f80c5 100644 --- a/drivers/most/most_usb.c +++ b/drivers/most/most_usb.c @@ -1058,7 +1058,7 @@ hdm_probe(struct usb_interface *interface, const struct usb_device_id *id) ret = most_register_interface(&mdev->iface); if (ret) - goto err_free_busy_urbs; + return ret; mutex_lock(&mdev->io_mutex); if (le16_to_cpu(usb_dev->descriptor.idProduct) == USB_DEV_ID_OS81118 || @@ -1068,8 +1068,7 @@ hdm_probe(struct usb_interface *interface, const struct usb_device_id *id) if (!mdev->dci) { mutex_unlock(&mdev->io_mutex); most_deregister_interface(&mdev->iface); - ret = -ENOMEM; - goto err_free_busy_urbs; + return -ENOMEM; } mdev->dci->dev.init_name = "dci"; @@ -1078,18 +1077,15 @@ hdm_probe(struct usb_interface *interface, const struct usb_device_id *id) mdev->dci->dev.release = release_dci; if (device_register(&mdev->dci->dev)) { mutex_unlock(&mdev->io_mutex); + put_device(&mdev->dci->dev); most_deregister_interface(&mdev->iface); - ret = -ENOMEM; - goto err_free_dci; + return -ENOMEM; } mdev->dci->usb_device = mdev->usb_device; } mutex_unlock(&mdev->io_mutex); return 0; -err_free_dci: - put_device(&mdev->dci->dev); -err_free_busy_urbs: - kfree(mdev->busy_urbs); + err_free_ep_address: kfree(mdev->ep_address); err_free_cap: -- 2.51.0

1 week, 2 days

1
0
0 0

[PATCH v5 1/2] dma-mapping: benchmark: Restore padding to ensure uABI remained consistent

by Qinxin Xia

The padding field in the structure was previously reserved to maintain a stable interface for potential new fields, ensuring compatibility with user-space shared data structures. However,it was accidentally removed by tiantao in a prior commit, which may lead to incompatibility between user space and the kernel. This patch reinstates the padding to restore the original structure layout and preserve compatibility. Fixes: 8ddde07a3d28 ("dma-mapping: benchmark: extract a common header file for map_benchmark definition") Cc: stable(a)vger.kernel.org Acked-by: Barry Song <baohua(a)kernel.org> Signed-off-by: Qinxin Xia <xiaqinxin(a)huawei.com> --- include/linux/map_benchmark.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/linux/map_benchmark.h b/include/linux/map_benchmark.h index 62674c83bde4..48e2ff95332f 100644 --- a/include/linux/map_benchmark.h +++ b/include/linux/map_benchmark.h @@ -27,5 +27,6 @@ struct map_benchmark { __u32 dma_dir; /* DMA data direction */ __u32 dma_trans_ns; /* time for DMA transmission in ns */ __u32 granule; /* how many PAGE_SIZE will do map/unmap once a time */ + __u8 expansion[76]; /* For future use */ }; #endif /* _KERNEL_DMA_BENCHMARK_H */ -- 2.33.0

1 week, 2 days

3
2
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror