- Linux-stable-mirror - lists.linaro.org

by Greg Kroah-Hartman

I'm announcing the release of the 6.1.155 kernel. All users of the 6.1 kernel series must upgrade. The updated 6.1.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.1.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arm/mm/pageattr.c | 6 arch/arm64/boot/dts/freescale/imx8mp.dtsi | 4 arch/s390/kernel/perf_cpum_cf.c | 4 arch/um/drivers/mconsole_user.c | 2 arch/x86/mm/pgtable.c | 2 drivers/cpufreq/cpufreq.c | 20 drivers/edac/sb_edac.c | 4 drivers/edac/skx_common.h | 1 drivers/gpu/drm/amd/amdgpu/amdgpu.h | 2 drivers/gpu/drm/amd/display/modules/hdcp/hdcp_ddc.c | 2 drivers/gpu/drm/amd/pm/powerplay/hwmgr/ppevvmath.h | 14 drivers/gpu/drm/amd/pm/swsmu/smu11/sienna_cichlid_ppt.c | 2 drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_0_ppt.c | 3 drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_7_ppt.c | 3 drivers/gpu/drm/arm/display/include/malidp_utils.h | 2 drivers/gpu/drm/arm/display/komeda/komeda_pipeline_state.c | 24 drivers/gpu/drm/ast/ast_dp.c | 2 drivers/gpu/drm/drm_color_mgmt.c | 2 drivers/gpu/drm/gma500/oaktrail_hdmi.c | 2 drivers/gpu/drm/i915/display/intel_backlight.c | 5 drivers/gpu/drm/msm/adreno/a6xx_gmu.c | 6 drivers/gpu/drm/radeon/evergreen_cs.c | 2 drivers/hwmon/adt7475.c | 24 drivers/infiniband/hw/mlx5/devx.c | 1 drivers/md/dm-integrity.c | 2 drivers/media/dvb-frontends/stv0367_priv.h | 3 drivers/net/can/rcar/rcar_can.c | 8 drivers/net/can/spi/hi311x.c | 1 drivers/net/can/sun4i_can.c | 1 drivers/net/can/usb/etas_es58x/es581_4.c | 4 drivers/net/can/usb/etas_es58x/es58x_core.c | 7 drivers/net/can/usb/etas_es58x/es58x_core.h | 8 drivers/net/can/usb/etas_es58x/es58x_fd.c | 4 drivers/net/can/usb/mcba_usb.c | 1 drivers/net/can/usb/peak_usb/pcan_usb_core.c | 2 drivers/net/dsa/lantiq_gswip.c | 37 - drivers/net/ethernet/broadcom/bnxt/bnxt_tc.c | 2 drivers/net/ethernet/chelsio/cxgb3/cxgb3_main.c | 18 drivers/net/ethernet/intel/i40e/i40e.h | 4 drivers/net/ethernet/intel/i40e/i40e_ethtool.c | 25 drivers/net/ethernet/intel/i40e/i40e_main.c | 26 drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 110 ++- drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.h | 3 drivers/net/ethernet/marvell/octeontx2/af/cgx.c | 3 drivers/net/ethernet/marvell/octeontx2/nic/otx2_tc.c | 2 drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 2 drivers/net/fjes/fjes_main.c | 4 drivers/nfc/pn544/i2c.c | 2 drivers/platform/x86/sony-laptop.c | 1 drivers/scsi/isci/init.c | 6 drivers/staging/media/atomisp/pci/hive_isp_css_include/math_support.h | 5 drivers/usb/core/quirks.c | 2 drivers/video/fbdev/core/fbcon.c | 13 drivers/virt/acrn/ioreq.c | 4 fs/afs/server.c | 3 fs/btrfs/misc.h | 2 fs/ext2/balloc.c | 2 fs/ext4/ext4.h | 2 fs/hugetlbfs/inode.c | 10 fs/smb/server/transport_rdma.c | 18 fs/ufs/util.h | 6 include/crypto/if_alg.h | 2 include/linux/minmax.h | 122 +++- include/linux/mm.h | 54 + include/linux/pageblock-flags.h | 2 include/linux/swap.h | 10 include/net/bluetooth/hci_core.h | 21 kernel/bpf/verifier.c | 4 kernel/futex/requeue.c | 6 kernel/trace/preemptirq_delay_test.c | 2 kernel/trace/trace_dynevent.c | 4 lib/btree.c | 1 lib/decompress_unlzma.c | 2 lib/logic_pio.c | 3 mm/gup.c | 28 mm/kmsan/core.c | 10 mm/kmsan/kmsan_test.c | 16 mm/migrate_device.c | 42 - mm/mlock.c | 2 mm/swap.c | 4 mm/zsmalloc.c | 1 net/bluetooth/hci_event.c | 26 net/bluetooth/hci_sync.c | 7 net/ipv4/nexthop.c | 7 net/ipv4/proc.c | 2 net/ipv6/proc.c | 2 net/netfilter/nf_nat_core.c | 6 net/tipc/core.h | 2 net/tipc/link.c | 10 sound/usb/mixer_quirks.c | 295 +++++++++- sound/usb/quirks.c | 24 sound/usb/usbaudio.h | 4 tools/testing/selftests/bpf/progs/get_branch_snapshot.c | 4 tools/testing/selftests/net/fib_nexthops.sh | 12 tools/testing/selftests/seccomp/seccomp_bpf.c | 2 tools/testing/selftests/vm/mremap_test.c | 2 97 files changed, 910 insertions(+), 325 deletions(-) Alok Tiwari (1): bnxt_en: correct offset handling for IPv6 destination address Andy Shevchenko (1): minmax: deduplicate __unconst_integer_typeof() Chen Ni (1): ALSA: usb-audio: Convert comma to semicolon Christian Loehle (1): cpufreq: Initialize cpufreq-based invariance before subsys Cristian Ciocaltea (6): ALSA: usb-audio: Fix block comments in mixer_quirks ALSA: usb-audio: Drop unnecessary parentheses in mixer_quirks ALSA: usb-audio: Avoid multiple assignments in mixer_quirks ALSA: usb-audio: Simplify NULL comparison in mixer_quirks ALSA: usb-audio: Remove unneeded wmb() in mixer_quirks ALSA: usb-audio: Add mixer quirk for Sony DualSense PS5 Cryolitia PukNgae (1): ALSA: usb-audio: move mixer_quirks' min_mute into common quirk Dan Carpenter (1): octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() David Hildenbrand (2): mm/gup: revert "mm: gup: fix infinite loop within __get_longterm_locked" mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize() David Laight (1): minmax: fix indentation of __cmp_once() and __clamp_once() Eric Biggers (2): crypto: af_alg - Fix incorrect boolean values in af_alg_ctx kmsan: fix out-of-bounds access to shadow memory Geert Uytterhoeven (1): can: rcar_can: rcar_can_resume(): fix s2ram with PSCI Greg Kroah-Hartman (1): Linux 6.1.155 Guenter Roeck (1): drm/i915/backlight: Return immediately when scale() finds invalid parameters Herve Codina (1): minmax: Introduce {min,max}_array() Hugh Dickins (3): mm/gup: check ref_count instead of lru before migration mm/gup: local lru_add_drain() to avoid lru_add_drain_all() mm: folio_may_be_lru_cached() unless folio_test_large() Ido Schimmel (2): nexthop: Forbid FDB status change while nexthop is in a group selftests: fib_nexthops: Fix creation of non-FDB nexthops Jiayi Li (1): usb: core: Add 0x prefix to quirks debug output Jinjiang Tu (1): mm/hugetlb: fix folio is still mapped when deleted Justin Bronder (1): i40e: increase max descriptors for XL710 Kefeng Wang (1): mm: migrate_device: use more folio in migrate_device_finalize() Leon Hwang (1): bpf: Reject bpf_timer for PREEMPT_RT Linus Torvalds (4): minmax: avoid overly complicated constant expressions in VM code minmax: make generic MIN() and MAX() macros available everywhere minmax: add a few more MIN_T/MAX_T users minmax: simplify and clarify min_t()/max_t() implementation Luiz Augusto von Dentz (2): Bluetooth: hci_sync: Fix hci_resume_advertising_sync Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync Lukasz Czapnik (8): i40e: fix idx validation in i40e_validate_queue_map i40e: fix input validation logic for action_meta i40e: add max boundary check for VF filters i40e: add mask to apply valid bits for itr_idx i40e: improve VF MAC filters accounting i40e: fix validation of VF state in get resources i40e: fix idx validation in config queues msg i40e: add validation for ring_len param Martin Schiller (1): net: dsa: lantiq_gswip: do also enable or disable cpu port Masami Hiramatsu (Google) (1): tracing: dynevent: Add a missing lockdown check on dynevent Matthew Wilcox (Oracle) (1): minmax: add in_range() macro Nathan Chancellor (1): s390/cpum_cf: Fix uninitialized warning after backport of ce971233242b Nirmoy Das (1): drm/ast: Use msleep instead of mdelay for edid read Or Har-Toov (1): IB/mlx5: Fix obj_type mismatch for SRQ event subscriptions Peng Fan (1): arm64: dts: imx8mp: Correct thermal sensor index Petr Malat (1): ethernet: rvu-af: Remove slash from the driver name Samasth Norway Ananda (1): fbcon: fix integer overflow in fbcon_do_set_font Sebastian Andrzej Siewior (1): futex: Prevent use-after-free during requeue-PI Shivank Garg (1): mm: add folio_expected_ref_count() for reference count calculation Stefan Metzmacher (1): smb: server: don't use delayed_work for post_recv_credits_work Stéphane Grosjean (1): can: peak_usb: fix shift-out-of-bounds issue Takashi Iwai (1): ALSA: usb-audio: Fix build with CONFIG_INPUT=n Thomas Zimmermann (1): fbcon: Fix OOB access in font allocation Vincent Mailhol (5): can: etas_es58x: sort the includes by alphabetic order can: etas_es58x: populate ndo_change_mtu() to prevent buffer overflow can: hi311x: populate ndo_change_mtu() to prevent buffer overflow can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow Vladimir Oltean (2): net: dsa: lantiq_gswip: move gswip_add_single_port_br() call to port_setup() net: dsa: lantiq_gswip: suppress -EINVAL errors for bridge FDB entries added to the CPU port Zabelin Nikita (1): drm/gma500: Fix null dereference in hdmi teardown Zhen Ni (1): afs: Fix potential null pointer dereference in afs_put_server noble.yang (1): ALSA: usb-audio: Add DSD support for Comtrue USB Audio device qaqland (1): ALSA: usb-audio: Add mute TLV for playback volumes on more devices

1 week, 5 days

1
1
0 0

Linux 5.15.194

by Greg Kroah-Hartman

I'm announcing the release of the 5.15.194 kernel. All users of the 5.15 kernel series must upgrade. The updated 5.15.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.15.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/devicetree/bindings/serial/brcm,bcm7271-uart.yaml | 2 Makefile | 2 arch/arm64/boot/dts/freescale/imx8mp.dtsi | 4 arch/um/drivers/virtio_uml.c | 6 arch/x86/kvm/cpuid.c | 31 - arch/x86/kvm/svm/svm.c | 3 crypto/af_alg.c | 7 drivers/cpufreq/cpufreq.c | 20 drivers/dma/qcom/bam_dma.c | 8 drivers/dma/ti/edma.c | 4 drivers/edac/altera_edac.c | 1 drivers/gpu/drm/amd/amdgpu/amdgpu_ring.c | 2 drivers/gpu/drm/bridge/analogix/anx7625.c | 6 drivers/gpu/drm/bridge/cadence/cdns-mhdp8546-core.c | 6 drivers/gpu/drm/gma500/oaktrail_hdmi.c | 2 drivers/gpu/drm/i915/display/intel_backlight.c | 5 drivers/gpu/drm/i915/display/intel_display_power.c | 6 drivers/infiniband/hw/mlx5/devx.c | 1 drivers/input/serio/i8042-acpipnpio.h | 14 drivers/media/i2c/imx214.c | 27 drivers/media/platform/mtk-vcodec/venc/venc_h264_if.c | 6 drivers/mmc/host/mvsdio.c | 2 drivers/mtd/nand/raw/atmel/nand-controller.c | 18 drivers/mtd/nand/raw/stm32_fmc2_nand.c | 48 - drivers/net/can/dev/bittiming.c | 15 drivers/net/can/dev/dev.c | 50 + drivers/net/can/rcar/rcar_can.c | 8 drivers/net/can/spi/hi311x.c | 1 drivers/net/can/sun4i_can.c | 1 drivers/net/can/usb/etas_es58x/es581_4.c | 9 drivers/net/can/usb/etas_es58x/es58x_core.c | 16 drivers/net/can/usb/etas_es58x/es58x_core.h | 8 drivers/net/can/usb/etas_es58x/es58x_fd.c | 16 drivers/net/can/usb/mcba_usb.c | 1 drivers/net/can/usb/peak_usb/pcan_usb_core.c | 2 drivers/net/can/xilinx_can.c | 16 drivers/net/dsa/lantiq_gswip.c | 37 - drivers/net/ethernet/broadcom/bnxt/bnxt_tc.c | 2 drivers/net/ethernet/broadcom/cnic.c | 3 drivers/net/ethernet/cavium/liquidio/request_manager.c | 2 drivers/net/ethernet/freescale/dpaa2/dpaa2-switch.c | 2 drivers/net/ethernet/freescale/fec_main.c | 3 drivers/net/ethernet/intel/i40e/i40e.h | 1 drivers/net/ethernet/intel/i40e/i40e_ethtool.c | 25 drivers/net/ethernet/intel/i40e/i40e_main.c | 10 drivers/net/ethernet/intel/i40e/i40e_txrx.c | 3 drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 45 + drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.h | 3 drivers/net/ethernet/intel/igb/igb_ethtool.c | 5 drivers/net/ethernet/marvell/octeontx2/af/cgx.c | 3 drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 2 drivers/net/ethernet/natsemi/ns83820.c | 13 drivers/net/ethernet/qlogic/qed/qed_debug.c | 7 drivers/pcmcia/omap_cf.c | 8 drivers/phy/broadcom/phy-bcm-ns-usb3.c | 9 drivers/phy/marvell/phy-berlin-usb.c | 7 drivers/phy/ralink/phy-ralink-usb.c | 10 drivers/phy/rockchip/phy-rockchip-pcie.c | 11 drivers/phy/rockchip/phy-rockchip-usb.c | 10 drivers/phy/tegra/xusb-tegra210.c | 6 drivers/phy/ti/phy-omap-control.c | 9 drivers/phy/ti/phy-omap-usb2.c | 24 drivers/phy/ti/phy-ti-pipe3.c | 27 drivers/power/supply/bq27xxx_battery.c | 4 drivers/regulator/sy7636a-regulator.c | 7 drivers/soc/qcom/mdt_loader.c | 12 drivers/tty/hvc/hvc_console.c | 6 drivers/tty/serial/sc16is7xx.c | 14 drivers/usb/core/quirks.c | 2 drivers/usb/gadget/udc/dummy_hcd.c | 25 drivers/usb/host/xhci-dbgcap.c | 94 ++- drivers/usb/serial/option.c | 17 drivers/video/fbdev/core/fbcon.c | 13 drivers/video/fbdev/core/fbmem.c | 12 fs/btrfs/tree-checker.c | 4 fs/fuse/file.c | 5 fs/hugetlbfs/inode.c | 14 fs/ksmbd/transport_rdma.c | 17 fs/nfs/client.c | 2 fs/nfs/flexfilelayout/flexfilelayout.c | 21 fs/nfs/nfs4proc.c | 6 fs/nilfs2/sysfs.c | 4 fs/nilfs2/sysfs.h | 8 fs/ocfs2/extent_map.c | 10 fs/xfs/xfs_fsops.c | 4 include/crypto/if_alg.h | 10 include/linux/can/bittiming.h | 69 +- include/linux/can/dev.h | 8 include/linux/compiler-clang.h | 29 - include/linux/interrupt.h | 53 + include/linux/pgalloc.h | 29 + include/linux/pgtable.h | 13 include/net/sock.h | 40 + include/uapi/linux/can/netlink.h | 2 kernel/bpf/verifier.c | 4 kernel/cgroup/cgroup.c | 43 + kernel/irq/manage.c | 8 kernel/time/hrtimer.c | 50 - kernel/trace/trace.c | 4 kernel/trace/trace_dynevent.c | 4 kernel/trace/trace_events_synth.c | 2 lib/test_kasan.c | 1 mm/kasan/init.c | 12 mm/khugepaged.c | 2 mm/memory-failure.c | 7 mm/migrate.c | 12 mm/rmap.c | 2 mm/sparse-vmemmap.c | 6 net/can/j1939/bus.c | 5 net/can/j1939/socket.c | 3 net/ceph/messenger.c | 7 net/core/sock.c | 5 net/hsr/hsr_device.c | 163 +++++ net/hsr/hsr_main.c | 4 net/hsr/hsr_main.h | 4 net/hsr/hsr_slave.c | 18 net/ipv4/ip_tunnel_core.c | 6 net/ipv4/nexthop.c | 7 net/ipv4/tcp.c | 5 net/ipv4/tcp_bpf.c | 5 net/mac80211/driver-ops.h | 2 net/mptcp/protocol.c | 15 net/mptcp/sockopt.c | 11 net/mptcp/subflow.c | 3 net/rds/ib_frmr.c | 20 net/rfkill/rfkill-gpio.c | 22 net/unix/af_unix.c | 15 sound/firewire/motu/motu-hwdep.c | 2 sound/soc/codecs/wm8940.c | 2 sound/soc/codecs/wm8974.c | 8 sound/soc/sof/intel/hda-stream.c | 2 sound/usb/mixer_quirks.c | 285 +++++++++- tools/testing/selftests/net/fib_nexthops.sh | 12 133 files changed, 1468 insertions(+), 535 deletions(-) Alan Stern (1): USB: gadget: dummy-hcd: Fix locking bug in RT-enabled kernels Alex Deucher (1): drm/amdgpu: fix a memory leak in fence cleanup when unloading Alexander Dahl (1): mtd: nand: raw: atmel: Fix comment in timings preparation Alexander Sverdlin (1): mtd: nand: raw: atmel: Respect tAR, tCLR in read setup timing Alexey Nepomnyashih (1): net: liquidio: fix overflow in octeon_init_instr_queue() Alok Tiwari (1): bnxt_en: correct offset handling for IPv6 destination address Anders Roxell (1): dmaengine: ti: edma: Fix memory allocation size for queue_priority_map Andreas Kemnade (1): regulator: sy7636a: fix lifecycle of power good gpio André Apitzsch (1): media: i2c: imx214: Fix link frequency validation Anssi Hannula (1): can: xilinx_can: xcan_write_frame(): fix use-after-free of transmitted SKB Antoine Tenart (1): tunnels: reset the GSO metadata before reusing the skb Arnd Bergmann (1): media: mtk-vcodec: venc: avoid -Wenum-compare-conditional warning Bjorn Andersson (1): soc: qcom: mdt_loader: Deal with zero e_shentsize Boris Ostrovsky (1): KVM: SVM: Return TSA_SQ_NO and TSA_L1_NO bits in __do_cpuid_func() Borislav Petkov (AMD) (1): KVM: SVM: Set synthesized TSA CPUID flags Brett A C Sheffield (1): Revert "fbdev: Disable sysfb device registration when removing conflicting FBs" Charles Keepax (2): ASoC: wm8940: Correct typo in control name ASoC: wm8974: Correct PLL rate rounding Chen Ni (1): ALSA: usb-audio: Convert comma to semicolon Chen Ridong (1): cgroup: split cgroup_destroy_wq into 3 workqueues Christian Loehle (1): cpufreq: Initialize cpufreq-based invariance before subsys Christoffer Sandberg (1): Input: i8042 - add TUXEDO InfinityBook Pro Gen10 AMD to i8042 quirk table Christophe Kerello (2): mtd: rawnand: stm32_fmc2: fix ECC overwrite mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer Colin Ian King (1): ASoC: SOF: Intel: hda-stream: Fix incorrect variable used in error message Cristian Ciocaltea (6): ALSA: usb-audio: Fix block comments in mixer_quirks ALSA: usb-audio: Drop unnecessary parentheses in mixer_quirks ALSA: usb-audio: Avoid multiple assignments in mixer_quirks ALSA: usb-audio: Simplify NULL comparison in mixer_quirks ALSA: usb-audio: Remove unneeded wmb() in mixer_quirks ALSA: usb-audio: Add mixer quirk for Sony DualSense PS5 David Hildenbrand (2): mm/rmap: reject hugetlb folios in folio_make_device_exclusive() mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize() Duoming Zhou (1): cnic: Fix use-after-free bugs in cnic_delete_task Eric Biggers (1): crypto: af_alg - Fix incorrect boolean values in af_alg_ctx Eric Sandeen (1): xfs: short circuit xfs_growfs_data_private() if delta is zero Fabian Vogt (1): tty: hvc_console: Call hvc_kick in hvc_write unconditionally Fabio Porcedda (2): USB: serial: option: add Telit Cinterion FN990A w/audio compositions USB: serial: option: add Telit Cinterion LE910C4-WWX new compositions Geert Uytterhoeven (2): pcmcia: omap_cf: Mark driver struct with __refdata to prevent section mismatch can: rcar_can: rcar_can_resume(): fix s2ram with PSCI Greg Kroah-Hartman (1): Linux 5.15.194 Guenter Roeck (1): drm/i915/backlight: Return immediately when scale() finds invalid parameters H. Nikolaus Schaller (2): power: supply: bq27xxx: fix error return in case of no bq27000 hdq battery power: supply: bq27xxx: restrict no-battery detection to bq27000 Hangbin Liu (2): hsr: use rtnl lock when iterating over ports hsr: use hsr_for_each_port_rtnl in hsr_port_get_hsr Hans de Goede (1): net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer Harry Yoo (1): mm: introduce and use {pgd,p4d}_populate_kernel() Herbert Xu (1): crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg Hugo Villeneuve (1): serial: sc16is7xx: fix bug in flow control levels init Håkon Bugge (1): rds: ib: Increment i_fastreg_wrs before bailing out Ido Schimmel (2): nexthop: Forbid FDB status change while nexthop is in a group selftests: fib_nexthops: Fix creation of non-FDB nexthops Ilya Dryomov (1): libceph: fix invalid accesses to ceph_connection_v1_info Ioana Ciornei (1): dpaa2-switch: fix buffer pool seeding for control traffic Jack Wang (1): mtd: rawnand: stm32_fmc2: Fix dma_map_sg error check Jakob Koschel (1): usb: gadget: dummy_hcd: remove usage of list iterator past the loop body Jamie Bainbridge (1): qed: Don't collect too many protection override GRC elements Jani Nikula (1): drm/i915/power: fix size for for_each_set_bit() in abox iteration Jiapeng Chong (2): hrtimer: Remove unused function hrtimer: Rename __hrtimer_hres_active() to hrtimer_hres_active() Jiayi Li (1): usb: core: Add 0x prefix to quirks debug output Jinjiang Tu (1): mm/hugetlb: fix folio is still mapped when deleted Johan Hovold (3): phy: tegra: xusb: fix device and OF node leak at probe phy: ti-pipe3: fix device leak at unbind phy: ti: omap-usb2: fix device leak at unbind Jonathan Curley (1): NFSv4/flexfiles: Fix layout merge mirror check. Justin Bronder (1): i40e: increase max descriptors for XL710 Kim Phillips (1): KVM: x86: Move open-coded CPUID leaf 0x80000021 EAX bit propagation code Kohei Enju (1): igb: fix link test skipping when interface is admin down Krister Johansen (1): mptcp: sockopt: make sync_socket_options propagate SOCK_KEEPOPEN Krzysztof Kozlowski (2): dt-bindings: serial: brcm,bcm7271-uart: Constrain clocks phy: broadcom: ns-usb3: fix Wvoid-pointer-to-enum-cast warning Kuniyuki Iwashima (4): net: Fix null-ptr-deref by sock_lock_init_class_and_name() and rmmod. tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork. tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect(). af_unix: Don't leave consecutive consumed OOB skbs. Leon Hwang (1): bpf: Reject bpf_timer for PREEMPT_RT Liao Yuanhong (1): wifi: mac80211: fix incorrect type for ret Loic Poulain (1): drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ Lukasz Czapnik (7): i40e: fix idx validation in i40e_validate_queue_map i40e: fix input validation logic for action_meta i40e: add max boundary check for VF filters i40e: add mask to apply valid bits for itr_idx i40e: fix validation of VF state in get resources i40e: fix idx validation in config queues msg i40e: add validation for ring_len param Luo Gengkun (1): tracing: Fix tracing_marker may trigger page fault during preempt_disable Maciej Fijalkowski (1): i40e: remove redundant memory barrier when cleaning Tx descs Maciej S. Szmigiero (1): KVM: SVM: Sync TPR from LAPIC into VMCB::V_TPR even if AVIC is active Mark Tinguely (1): ocfs2: fix recursive semaphore deadlock in fiemap call Martin Schiller (1): net: dsa: lantiq_gswip: do also enable or disable cpu port Masami Hiramatsu (Google) (1): tracing: dynevent: Add a missing lockdown check on dynevent Mathias Nyman (2): xhci: dbc: decouple endpoint allocation from initialization xhci: dbc: Fix full DbC transfer ring after several reconnects Matthieu Baerts (NGI0) (2): mptcp: set remote_deny_join_id0 on SYN recv mptcp: propagate shutdown to subflows when possible Miaohe Lin (1): mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory Miaoqian Lin (1): um: virtio_uml: Fix use-after-free after put_device in probe Michal Schmidt (1): i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path Miklos Szeredi (2): fuse: check if copy_file_range() returns larger than requested size fuse: prevent overflow in copy_file_range return value Murali Karicheri (2): net: hsr: Add support for MC filtering at the slave device net: hsr: Add VLAN CTAG filter support Namjae Jeon (1): ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer Nathan Chancellor (2): compiler-clang.h: define __SANITIZE_*__ macros only when undefined nilfs2: fix CFI failure when accessing /sys/fs/nilfs2/features/* Nitesh Narayan Lal (1): i40e: Use irq_update_affinity_hint() Or Har-Toov (1): IB/mlx5: Fix obj_type mismatch for SRQ event subscriptions Peng Fan (1): arm64: dts: imx8mp: Correct thermal sensor index Petr Malat (1): ethernet: rvu-af: Remove slash from the driver name Philipp Zabel (1): net: rfkill: gpio: add DT support Qi Xi (1): drm: bridge: cdns-mhdp8546: Fix missing mutex unlock on error path Qu Wenruo (1): btrfs: tree-checker: fix the incorrect inode ref size check Ravi Gunasekaran (2): net: hsr: Disable promiscuous mode in offload mode net: hsr: hsr_slave: Fix the promiscuous mode in offload mode Rob Herring (1): phy: Use device_get_match_data() Salah Triki (1): EDAC/altera: Delete an inappropriate dma_free_coherent() call Samasth Norway Ananda (1): fbcon: fix integer overflow in fbcon_do_set_font Stefan Wahren (1): net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() Stephan Gerhold (1): dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees Steven Rostedt (1): tracing: Do not add length to print format in synthetic events Stéphane Grosjean (1): can: peak_usb: fix shift-out-of-bounds issue Takashi Iwai (1): ALSA: usb-audio: Fix build with CONFIG_INPUT=n Takashi Sakamoto (1): ALSA: firewire-motu: drop EPOLLOUT from poll return values as write is not supported Tariq Toukan (1): Revert "net/mlx5e: Update and set Xon/Xoff upon port speed set" Tetsuo Handa (2): can: j1939: j1939_sk_bind(): call j1939_priv_put() immediately when j1939_local_ecu_get() failed can: j1939: j1939_local_ecu_get(): undo increment when j1939_local_ecu_get() fails Thomas Fourier (1): mmc: mvsdio: Fix dma_unmap_sg() nents value Thomas Gleixner (1): genirq: Provide new interfaces for affinity hints Thomas Zimmermann (1): fbcon: Fix OOB access in font allocation Tigran Mkrtchyan (1): flexfiles/pNFS: fix NULL checks on result of ff_layout_choose_ds_for_read Trond Myklebust (3): NFSv4: Don't clear capabilities that won't be reset NFSv4: Clear the NFS_CAP_FS_LOCATIONS flag if it is not set NFSv4: Clear the NFS_CAP_XATTR flag if not supported by the server Vincent Mailhol (10): can: bittiming: allow TDC{V,O} to be zero and add can_tdc_const::tdc{v,o,f}_min can: bittiming: replace CAN units with the generic ones from linux/units.h can: dev: add generic function can_ethtool_op_get_ts_info_hwts() can: dev: add generic function can_eth_ioctl_hwts() can: etas_es58x: advertise timestamping capabilities and add ioctl support can: etas_es58x: sort the includes by alphabetic order can: etas_es58x: populate ndo_change_mtu() to prevent buffer overflow can: hi311x: populate ndo_change_mtu() to prevent buffer overflow can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow Vladimir Oltean (2): net: dsa: lantiq_gswip: move gswip_add_single_port_br() call to port_setup() net: dsa: lantiq_gswip: suppress -EINVAL errors for bridge FDB entries added to the CPU port Wei Yang (1): mm/khugepaged: fix the address passed to notifier on testing young Xiongfeng Wang (1): hrtimers: Unconditionally update target CPU base after offline timer migration Yeoreum Yun (1): kunit: kasan_test: disable fortify string checker on kasan_strings() test Yeounsu Moon (1): net: natsemi: fix `rx_dropped` double accounting on `netif_rx()` failure Zabelin Nikita (1): drm/gma500: Fix null dereference in hdmi teardown

1 week, 5 days

1
1
0 0

Linux 5.10.245

by Greg Kroah-Hartman

I'm announcing the release of the 5.10.245 kernel. All users of the 5.10 kernel series must upgrade. The updated 5.10.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.10.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arm64/boot/dts/freescale/imx8mp.dtsi | 4 arch/um/drivers/virtio_uml.c | 6 arch/x86/kvm/svm/svm.c | 3 crypto/af_alg.c | 7 drivers/cpufreq/cpufreq.c | 20 - drivers/dma/qcom/bam_dma.c | 8 drivers/dma/ti/edma.c | 4 drivers/edac/altera_edac.c | 1 drivers/gpu/drm/bridge/cadence/cdns-mhdp8546-core.c | 6 drivers/gpu/drm/gma500/oaktrail_hdmi.c | 2 drivers/gpu/drm/i915/display/intel_display_power.c | 6 drivers/infiniband/hw/mlx5/devx.c | 1 drivers/input/serio/i8042-acpipnpio.h | 14 drivers/media/i2c/imx214.c | 27 + drivers/media/platform/mtk-vcodec/venc/venc_h264_if.c | 6 drivers/mmc/host/mvsdio.c | 2 drivers/mtd/mtdpstore.c | 3 drivers/mtd/nand/raw/atmel/nand-controller.c | 18 - drivers/mtd/nand/raw/stm32_fmc2_nand.c | 48 +- drivers/net/can/rcar/rcar_can.c | 8 drivers/net/can/spi/hi311x.c | 1 drivers/net/can/sun4i_can.c | 1 drivers/net/can/usb/mcba_usb.c | 1 drivers/net/can/usb/peak_usb/pcan_usb_core.c | 2 drivers/net/ethernet/broadcom/bnxt/bnxt_tc.c | 2 drivers/net/ethernet/broadcom/cnic.c | 3 drivers/net/ethernet/cavium/liquidio/request_manager.c | 2 drivers/net/ethernet/freescale/fec_main.c | 3 drivers/net/ethernet/intel/i40e/i40e.h | 1 drivers/net/ethernet/intel/i40e/i40e_ethtool.c | 25 + drivers/net/ethernet/intel/i40e/i40e_main.c | 10 drivers/net/ethernet/intel/i40e/i40e_txrx.c | 3 drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 45 ++ drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.h | 3 drivers/net/ethernet/intel/igb/igb_ethtool.c | 5 drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 2 drivers/net/ethernet/natsemi/ns83820.c | 13 drivers/net/ethernet/qlogic/qed/qed_debug.c | 7 drivers/pcmcia/omap_cf.c | 8 drivers/phy/broadcom/phy-bcm-cygnus-pcie.c | 4 drivers/phy/broadcom/phy-bcm-kona-usb2.c | 4 drivers/phy/broadcom/phy-bcm-ns-usb2.c | 4 drivers/phy/broadcom/phy-bcm-ns-usb3.c | 168 ---------- drivers/phy/broadcom/phy-bcm-ns2-usbdrd.c | 13 drivers/phy/broadcom/phy-bcm-sr-pcie.c | 5 drivers/phy/broadcom/phy-bcm-sr-usb.c | 4 drivers/phy/broadcom/phy-brcm-sata.c | 8 drivers/phy/marvell/phy-berlin-usb.c | 7 drivers/phy/ralink/phy-ralink-usb.c | 10 drivers/phy/rockchip/phy-rockchip-pcie.c | 11 drivers/phy/rockchip/phy-rockchip-usb.c | 10 drivers/phy/ti/phy-omap-control.c | 26 - drivers/phy/ti/phy-omap-usb2.c | 28 + drivers/phy/ti/phy-ti-pipe3.c | 42 +- drivers/power/supply/bq27xxx_battery.c | 4 drivers/soc/qcom/mdt_loader.c | 12 drivers/tty/hvc/hvc_console.c | 6 drivers/tty/serial/sc16is7xx.c | 14 drivers/usb/core/quirks.c | 2 drivers/usb/gadget/udc/dummy_hcd.c | 25 - drivers/usb/host/xhci-dbgcap.c | 94 +++-- drivers/usb/serial/option.c | 17 + drivers/video/fbdev/core/fbcon.c | 13 fs/btrfs/tree-checker.c | 4 fs/fuse/file.c | 5 fs/hugetlbfs/inode.c | 14 fs/nfs/client.c | 2 fs/nfs/flexfilelayout/flexfilelayout.c | 21 - fs/nfs/nfs4proc.c | 1 fs/nilfs2/sysfs.c | 4 fs/nilfs2/sysfs.h | 8 fs/ocfs2/extent_map.c | 10 include/crypto/if_alg.h | 10 include/linux/compiler-clang.h | 42 +- include/linux/compiler-gcc.h | 4 include/linux/interrupt.h | 72 ++-- include/linux/overflow.h | 208 ++---------- include/net/nexthop.h | 3 include/net/sock.h | 40 ++ include/uapi/linux/rtnetlink.h | 6 kernel/cgroup/cgroup.c | 43 ++ kernel/irq/manage.c | 111 ++++++ kernel/trace/trace.c | 4 kernel/trace/trace_dynevent.c | 4 mm/khugepaged.c | 2 mm/memory-failure.c | 7 mm/migrate.c | 12 net/can/j1939/bus.c | 5 net/can/j1939/socket.c | 3 net/core/sock.c | 5 net/ipv4/fib_semantics.c | 2 net/ipv4/ip_tunnel_core.c | 6 net/ipv4/nexthop.c | 28 + net/ipv4/tcp.c | 5 net/ipv4/tcp_bpf.c | 5 net/mac80211/driver-ops.h | 2 net/mptcp/pm_netlink.c | 1 net/mptcp/protocol.c | 16 net/rds/ib_frmr.c | 20 - net/rfkill/rfkill-gpio.c | 22 + sound/firewire/motu/motu-hwdep.c | 2 sound/soc/codecs/wm8940.c | 2 sound/soc/codecs/wm8974.c | 8 sound/soc/sof/intel/hda-stream.c | 2 sound/usb/mixer_quirks.c | 285 ++++++++++++++++- tools/include/linux/compiler-gcc.h | 4 tools/include/linux/overflow.h | 140 -------- tools/testing/selftests/net/fib_nexthops.sh | 12 109 files changed, 1181 insertions(+), 895 deletions(-) Alan Stern (1): USB: gadget: dummy-hcd: Fix locking bug in RT-enabled kernels Alexander Dahl (1): mtd: nand: raw: atmel: Fix comment in timings preparation Alexander Sverdlin (1): mtd: nand: raw: atmel: Respect tAR, tCLR in read setup timing Alexey Nepomnyashih (1): net: liquidio: fix overflow in octeon_init_instr_queue() Alok Tiwari (1): bnxt_en: correct offset handling for IPv6 destination address Anders Roxell (1): dmaengine: ti: edma: Fix memory allocation size for queue_priority_map André Apitzsch (1): media: i2c: imx214: Fix link frequency validation Antoine Tenart (1): tunnels: reset the GSO metadata before reusing the skb Arnd Bergmann (1): media: mtk-vcodec: venc: avoid -Wenum-compare-conditional warning Bjorn Andersson (1): soc: qcom: mdt_loader: Deal with zero e_shentsize Charles Keepax (2): ASoC: wm8940: Correct typo in control name ASoC: wm8974: Correct PLL rate rounding Chen Ni (1): ALSA: usb-audio: Convert comma to semicolon Chen Ridong (1): cgroup: split cgroup_destroy_wq into 3 workqueues Christian Loehle (1): cpufreq: Initialize cpufreq-based invariance before subsys Christoffer Sandberg (1): Input: i8042 - add TUXEDO InfinityBook Pro Gen10 AMD to i8042 quirk table Christophe Kerello (2): mtd: rawnand: stm32_fmc2: fix ECC overwrite mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer Chunfeng Yun (2): phy: broadcom: convert to devm_platform_ioremap_resource(_byname) phy: ti: convert to devm_platform_ioremap_resource(_byname) Colin Ian King (1): ASoC: SOF: Intel: hda-stream: Fix incorrect variable used in error message Cristian Ciocaltea (6): ALSA: usb-audio: Fix block comments in mixer_quirks ALSA: usb-audio: Drop unnecessary parentheses in mixer_quirks ALSA: usb-audio: Avoid multiple assignments in mixer_quirks ALSA: usb-audio: Simplify NULL comparison in mixer_quirks ALSA: usb-audio: Remove unneeded wmb() in mixer_quirks ALSA: usb-audio: Add mixer quirk for Sony DualSense PS5 David Hildenbrand (1): mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize() Duoming Zhou (1): cnic: Fix use-after-free bugs in cnic_delete_task Eric Biggers (1): crypto: af_alg - Fix incorrect boolean values in af_alg_ctx Fabian Vogt (1): tty: hvc_console: Call hvc_kick in hvc_write unconditionally Fabio Porcedda (2): USB: serial: option: add Telit Cinterion FN990A w/audio compositions USB: serial: option: add Telit Cinterion LE910C4-WWX new compositions Geert Uytterhoeven (2): pcmcia: omap_cf: Mark driver struct with __refdata to prevent section mismatch can: rcar_can: rcar_can_resume(): fix s2ram with PSCI Greg Kroah-Hartman (1): Linux 5.10.245 H. Nikolaus Schaller (2): power: supply: bq27xxx: fix error return in case of no bq27000 hdq battery power: supply: bq27xxx: restrict no-battery detection to bq27000 Hans de Goede (1): net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer Herbert Xu (1): crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg Hugo Villeneuve (1): serial: sc16is7xx: fix bug in flow control levels init Håkon Bugge (1): rds: ib: Increment i_fastreg_wrs before bailing out Ido Schimmel (6): nexthop: Pass extack to nexthop notifier rtnetlink: Add RTNH_F_TRAP flag nexthop: Emit a notification when a nexthop is added nexthop: Emit a notification when a single nexthop is replaced nexthop: Forbid FDB status change while nexthop is in a group selftests: fib_nexthops: Fix creation of non-FDB nexthops Jack Wang (1): mtd: rawnand: stm32_fmc2: Fix dma_map_sg error check Jakob Koschel (1): usb: gadget: dummy_hcd: remove usage of list iterator past the loop body Jamie Bainbridge (1): qed: Don't collect too many protection override GRC elements Jani Nikula (1): drm/i915/power: fix size for for_each_set_bit() in abox iteration Jiasheng Jiang (1): mtd: Add check for devm_kcalloc() Jiayi Li (1): usb: core: Add 0x prefix to quirks debug output Jinjiang Tu (1): mm/hugetlb: fix folio is still mapped when deleted Johan Hovold (2): phy: ti-pipe3: fix device leak at unbind phy: ti: omap-usb2: fix device leak at unbind John Garry (1): genirq/affinity: Add irq_update_affinity_desc() Jonathan Curley (1): NFSv4/flexfiles: Fix layout merge mirror check. Justin Bronder (1): i40e: increase max descriptors for XL710 Kees Cook (1): overflow: Allow mixed type arguments Keith Busch (1): overflow: Correct check_shl_overflow() comment Kohei Enju (1): igb: fix link test skipping when interface is admin down Krzysztof Kozlowski (1): phy: broadcom: ns-usb3: fix Wvoid-pointer-to-enum-cast warning Kuniyuki Iwashima (3): net: Fix null-ptr-deref by sock_lock_init_class_and_name() and rmmod. tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork. tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect(). Liao Yuanhong (1): wifi: mac80211: fix incorrect type for ret Lukasz Czapnik (7): i40e: fix idx validation in i40e_validate_queue_map i40e: fix input validation logic for action_meta i40e: add max boundary check for VF filters i40e: add mask to apply valid bits for itr_idx i40e: add validation for ring_len param i40e: fix idx validation in config queues msg i40e: fix validation of VF state in get resources Luo Gengkun (1): tracing: Fix tracing_marker may trigger page fault during preempt_disable Maciej Fijalkowski (1): i40e: remove redundant memory barrier when cleaning Tx descs Maciej S. Szmigiero (1): KVM: SVM: Sync TPR from LAPIC into VMCB::V_TPR even if AVIC is active Mark Tinguely (1): ocfs2: fix recursive semaphore deadlock in fiemap call Masami Hiramatsu (Google) (1): tracing: dynevent: Add a missing lockdown check on dynevent Mathias Nyman (2): xhci: dbc: decouple endpoint allocation from initialization xhci: dbc: Fix full DbC transfer ring after several reconnects Matthieu Baerts (NGI0) (2): mptcp: pm: kernel: flush: do not reset ADD_ADDR limit mptcp: propagate shutdown to subflows when possible Miaohe Lin (1): mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory Miaoqian Lin (1): um: virtio_uml: Fix use-after-free after put_device in probe Michal Schmidt (1): i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path Miklos Szeredi (2): fuse: check if copy_file_range() returns larger than requested size fuse: prevent overflow in copy_file_range return value Nathan Chancellor (2): compiler-clang.h: define __SANITIZE_*__ macros only when undefined nilfs2: fix CFI failure when accessing /sys/fs/nilfs2/features/* Nick Desaulniers (1): compiler.h: drop fallback overflow checkers Nitesh Narayan Lal (1): i40e: Use irq_update_affinity_hint() Or Har-Toov (1): IB/mlx5: Fix obj_type mismatch for SRQ event subscriptions Peng Fan (1): arm64: dts: imx8mp: Correct thermal sensor index Philipp Zabel (1): net: rfkill: gpio: add DT support Qi Xi (1): drm: bridge: cdns-mhdp8546: Fix missing mutex unlock on error path Qu Wenruo (1): btrfs: tree-checker: fix the incorrect inode ref size check Rafał Miłecki (1): phy: phy-bcm-ns-usb3: drop support for deprecated DT binding Rob Herring (1): phy: Use device_get_match_data() Salah Triki (1): EDAC/altera: Delete an inappropriate dma_free_coherent() call Samasth Norway Ananda (1): fbcon: fix integer overflow in fbcon_do_set_font Stefan Wahren (1): net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() Stephan Gerhold (1): dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees Stéphane Grosjean (1): can: peak_usb: fix shift-out-of-bounds issue Takashi Iwai (1): ALSA: usb-audio: Fix build with CONFIG_INPUT=n Takashi Sakamoto (1): ALSA: firewire-motu: drop EPOLLOUT from poll return values as write is not supported Tariq Toukan (1): Revert "net/mlx5e: Update and set Xon/Xoff upon port speed set" Tetsuo Handa (2): can: j1939: j1939_sk_bind(): call j1939_priv_put() immediately when j1939_local_ecu_get() failed can: j1939: j1939_local_ecu_get(): undo increment when j1939_local_ecu_get() fails Thomas Fourier (1): mmc: mvsdio: Fix dma_unmap_sg() nents value Thomas Gleixner (2): genirq: Export affinity setter for modules genirq: Provide new interfaces for affinity hints Thomas Zimmermann (1): fbcon: Fix OOB access in font allocation Tigran Mkrtchyan (1): flexfiles/pNFS: fix NULL checks on result of ff_layout_choose_ds_for_read Trond Myklebust (2): NFSv4: Don't clear capabilities that won't be reset NFSv4: Clear the NFS_CAP_XATTR flag if not supported by the server Vincent Mailhol (3): can: hi311x: populate ndo_change_mtu() to prevent buffer overflow can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow Wei Yang (1): mm/khugepaged: fix the address passed to notifier on testing young Yeounsu Moon (1): net: natsemi: fix `rx_dropped` double accounting on `netif_rx()` failure Zabelin Nikita (1): drm/gma500: Fix null dereference in hdmi teardown

1 week, 5 days

1
1
0 0

Linux 5.4.300

by Greg Kroah-Hartman

I'm announcing the release of the 5.4.300 kernel. All users of the 5.4 kernel series must upgrade. The updated 5.4.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.4.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/x86/kvm/svm.c | 3 drivers/dma/qcom/bam_dma.c | 8 drivers/dma/ti/edma.c | 4 drivers/edac/altera_edac.c | 1 drivers/gpu/drm/gma500/oaktrail_hdmi.c | 2 drivers/infiniband/hw/mlx5/devx.c | 1 drivers/mmc/host/mvsdio.c | 2 drivers/mtd/nand/raw/atmel/nand-controller.c | 18 - drivers/mtd/nand/raw/stm32_fmc2_nand.c | 45 +- drivers/net/can/rcar/rcar_can.c | 8 drivers/net/can/spi/hi311x.c | 1 drivers/net/can/sun4i_can.c | 1 drivers/net/can/usb/mcba_usb.c | 1 drivers/net/can/usb/peak_usb/pcan_usb_core.c | 2 drivers/net/ethernet/broadcom/cnic.c | 3 drivers/net/ethernet/cavium/liquidio/request_manager.c | 2 drivers/net/ethernet/freescale/fec_main.c | 3 drivers/net/ethernet/intel/i40e/i40e.h | 1 drivers/net/ethernet/intel/i40e/i40e_ethtool.c | 25 + drivers/net/ethernet/intel/i40e/i40e_main.c | 10 drivers/net/ethernet/intel/i40e/i40e_txrx.c | 3 drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 46 ++ drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.h | 3 drivers/net/ethernet/intel/igb/igb_ethtool.c | 5 drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 2 drivers/net/ethernet/natsemi/ns83820.c | 13 drivers/pcmcia/omap_cf.c | 8 drivers/phy/ti/phy-ti-pipe3.c | 13 drivers/power/supply/bq27xxx_battery.c | 4 drivers/soc/qcom/mdt_loader.c | 12 drivers/tty/hvc/hvc_console.c | 6 drivers/tty/serial/sc16is7xx.c | 13 drivers/usb/core/hub.c | 21 - drivers/usb/core/hub.h | 1 drivers/usb/core/quirks.c | 2 drivers/usb/gadget/udc/dummy_hcd.c | 25 - drivers/usb/serial/option.c | 17 + drivers/video/fbdev/core/fbcon.c | 13 fs/fuse/file.c | 5 fs/hugetlbfs/inode.c | 14 fs/nfs/nfs4proc.c | 1 fs/nilfs2/sysfs.c | 4 fs/nilfs2/sysfs.h | 8 fs/ocfs2/extent_map.c | 10 include/linux/interrupt.h | 72 +++- include/net/sock.h | 40 ++ kernel/cgroup/cgroup.c | 43 ++ kernel/irq/manage.c | 111 ++++++ mm/khugepaged.c | 2 mm/memory-failure.c | 7 mm/migrate.c | 12 net/can/j1939/bus.c | 5 net/can/j1939/socket.c | 3 net/core/sock.c | 5 net/ipv4/tcp.c | 5 net/ipv4/tcp_bpf.c | 5 net/mac80211/driver-ops.h | 2 net/rds/ib_frmr.c | 20 - net/rfkill/rfkill-gpio.c | 22 + sound/firewire/motu/motu-hwdep.c | 2 sound/soc/codecs/wm8940.c | 2 sound/soc/codecs/wm8974.c | 8 sound/soc/sof/intel/hda-stream.c | 2 sound/usb/mixer_quirks.c | 279 ++++++++++++++++- 65 files changed, 816 insertions(+), 223 deletions(-) Alan Stern (1): USB: gadget: dummy-hcd: Fix locking bug in RT-enabled kernels Alexander Dahl (1): mtd: nand: raw: atmel: Fix comment in timings preparation Alexander Sverdlin (1): mtd: nand: raw: atmel: Respect tAR, tCLR in read setup timing Alexey Nepomnyashih (1): net: liquidio: fix overflow in octeon_init_instr_queue() Anders Roxell (1): dmaengine: ti: edma: Fix memory allocation size for queue_priority_map Bjorn Andersson (1): soc: qcom: mdt_loader: Deal with zero e_shentsize Charles Keepax (2): ASoC: wm8940: Correct typo in control name ASoC: wm8974: Correct PLL rate rounding Chen Ni (1): ALSA: usb-audio: Convert comma to semicolon Chen Ridong (1): cgroup: split cgroup_destroy_wq into 3 workqueues Christophe Kerello (2): mtd: rawnand: stm32_fmc2: fix ECC overwrite mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer Colin Ian King (1): ASoC: SOF: Intel: hda-stream: Fix incorrect variable used in error message Cristian Ciocaltea (5): ALSA: usb-audio: Fix block comments in mixer_quirks ALSA: usb-audio: Avoid multiple assignments in mixer_quirks ALSA: usb-audio: Simplify NULL comparison in mixer_quirks ALSA: usb-audio: Remove unneeded wmb() in mixer_quirks ALSA: usb-audio: Add mixer quirk for Sony DualSense PS5 David Hildenbrand (1): mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize() Duoming Zhou (1): cnic: Fix use-after-free bugs in cnic_delete_task Fabian Vogt (1): tty: hvc_console: Call hvc_kick in hvc_write unconditionally Fabio Porcedda (2): USB: serial: option: add Telit Cinterion FN990A w/audio compositions USB: serial: option: add Telit Cinterion LE910C4-WWX new compositions Geert Uytterhoeven (2): pcmcia: omap_cf: Mark driver struct with __refdata to prevent section mismatch can: rcar_can: rcar_can_resume(): fix s2ram with PSCI Greg Kroah-Hartman (1): Linux 5.4.300 H. Nikolaus Schaller (2): power: supply: bq27xxx: fix error return in case of no bq27000 hdq battery power: supply: bq27xxx: restrict no-battery detection to bq27000 Hans de Goede (1): net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer Hugo Villeneuve (1): serial: sc16is7xx: fix bug in flow control levels init Håkon Bugge (1): rds: ib: Increment i_fastreg_wrs before bailing out Jakob Koschel (1): usb: gadget: dummy_hcd: remove usage of list iterator past the loop body Jiayi Li (1): usb: core: Add 0x prefix to quirks debug output Jinjiang Tu (1): mm/hugetlb: fix folio is still mapped when deleted Johan Hovold (1): phy: ti-pipe3: fix device leak at unbind John Garry (1): genirq/affinity: Add irq_update_affinity_desc() Justin Bronder (1): i40e: increase max descriptors for XL710 Kohei Enju (1): igb: fix link test skipping when interface is admin down Kuniyuki Iwashima (3): net: Fix null-ptr-deref by sock_lock_init_class_and_name() and rmmod. tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork. tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect(). Liao Yuanhong (1): wifi: mac80211: fix incorrect type for ret Lukasz Czapnik (7): i40e: fix idx validation in i40e_validate_queue_map i40e: fix input validation logic for action_meta i40e: add max boundary check for VF filters i40e: add validation for ring_len param i40e: fix idx validation in config queues msg i40e: fix validation of VF state in get resources i40e: add mask to apply valid bits for itr_idx Maciej Fijalkowski (1): i40e: remove redundant memory barrier when cleaning Tx descs Maciej S. Szmigiero (1): KVM: SVM: Sync TPR from LAPIC into VMCB::V_TPR even if AVIC is active Mark Tinguely (1): ocfs2: fix recursive semaphore deadlock in fiemap call Mathias Nyman (1): usb: hub: Fix flushing of delayed work used for post resume purposes Miaohe Lin (1): mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory Michal Schmidt (1): i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path Miklos Szeredi (2): fuse: check if copy_file_range() returns larger than requested size fuse: prevent overflow in copy_file_range return value Nathan Chancellor (1): nilfs2: fix CFI failure when accessing /sys/fs/nilfs2/features/* Nitesh Narayan Lal (1): i40e: Use irq_update_affinity_hint() Or Har-Toov (1): IB/mlx5: Fix obj_type mismatch for SRQ event subscriptions Philipp Zabel (1): net: rfkill: gpio: add DT support Salah Triki (1): EDAC/altera: Delete an inappropriate dma_free_coherent() call Samasth Norway Ananda (1): fbcon: fix integer overflow in fbcon_do_set_font Stefan Wahren (1): net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() Stephan Gerhold (1): dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees Stéphane Grosjean (1): can: peak_usb: fix shift-out-of-bounds issue Takashi Iwai (1): ALSA: usb-audio: Fix build with CONFIG_INPUT=n Takashi Sakamoto (1): ALSA: firewire-motu: drop EPOLLOUT from poll return values as write is not supported Tariq Toukan (1): Revert "net/mlx5e: Update and set Xon/Xoff upon port speed set" Tetsuo Handa (2): can: j1939: j1939_sk_bind(): call j1939_priv_put() immediately when j1939_local_ecu_get() failed can: j1939: j1939_local_ecu_get(): undo increment when j1939_local_ecu_get() fails Thomas Fourier (1): mmc: mvsdio: Fix dma_unmap_sg() nents value Thomas Gleixner (2): genirq: Export affinity setter for modules genirq: Provide new interfaces for affinity hints Thomas Zimmermann (1): fbcon: Fix OOB access in font allocation Trond Myklebust (1): NFSv4: Don't clear capabilities that won't be reset Vincent Mailhol (3): can: hi311x: populate ndo_change_mtu() to prevent buffer overflow can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow Wei Yang (1): mm/khugepaged: fix the address passed to notifier on testing young Yeounsu Moon (1): net: natsemi: fix `rx_dropped` double accounting on `netif_rx()` failure Zabelin Nikita (1): drm/gma500: Fix null dereference in hdmi teardown

1 week, 5 days

1
1
0 0

[PATCH v2] i2c: fix reference leak in MP2 PCI device

by Ma Ke

In i2c_amd_probe(), amd_mp2_find_device() utilizes driver_find_next_device() which internally calls driver_find_device() to locate the matching device. driver_find_device() increments the reference count of the found device by calling get_device(), but amd_mp2_find_device() fails to call put_device() to decrement the reference count before returning. This results in a reference count leak of the PCI device each time i2c_amd_probe() is executed, which may prevent the device from being properly released and cause a memory leak. Found by code review. Cc: stable(a)vger.kernel.org Fixes: 529766e0a011 ("i2c: Add drivers for the AMD PCIe MP2 I2C controller") Signed-off-by: Ma Ke <make24(a)iscas.ac.cn> --- Changes in v2: - modified the missing initialization in the patch. Sorry for the omission. --- drivers/i2c/busses/i2c-amd-mp2-pci.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/drivers/i2c/busses/i2c-amd-mp2-pci.c b/drivers/i2c/busses/i2c-amd-mp2-pci.c index ef7370d3dbea..60edbabc2986 100644 --- a/drivers/i2c/busses/i2c-amd-mp2-pci.c +++ b/drivers/i2c/busses/i2c-amd-mp2-pci.c @@ -458,13 +458,16 @@ struct amd_mp2_dev *amd_mp2_find_device(void) { struct device *dev; struct pci_dev *pci_dev; + struct amd_mp2_dev *mp2_dev; dev = driver_find_next_device(&amd_mp2_pci_driver.driver, NULL); if (!dev) return NULL; pci_dev = to_pci_dev(dev); - return (struct amd_mp2_dev *)pci_get_drvdata(pci_dev); + mp2_dev = (struct amd_mp2_dev *)pci_get_drvdata(pci_dev); + put_device(dev); + return mp2_dev; } EXPORT_SYMBOL_GPL(amd_mp2_find_device); -- 2.17.1

1 week, 5 days

4
5
0 0

[PATCH 2/2] rv: Make rtapp/pagefault monitor depends on CONFIG_MMU

by Nam Cao

There is no page fault without MMU. Compiling the rtapp/pagefault monitor without CONFIG_MMU fails as page fault tracepoints' definitions are not available. Make rtapp/pagefault monitor depends on CONFIG_MMU. Fixes: 9162620eb604 ("rv: Add rtapp_pagefault monitor") Signed-off-by: Nam Cao <namcao(a)linutronix.de> Reported-by: kernel test robot <lkp(a)intel.com> Closes: https://lore.kernel.org/oe-kbuild-all/202509260455.6Z9Vkty4-lkp@intel.com/ Cc: stable(a)vger.kernel.org --- kernel/trace/rv/monitors/pagefault/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/kernel/trace/rv/monitors/pagefault/Kconfig b/kernel/trace/rv/monitors/pagefault/Kconfig index 5e16625f1653..0e013f00c33b 100644 --- a/kernel/trace/rv/monitors/pagefault/Kconfig +++ b/kernel/trace/rv/monitors/pagefault/Kconfig @@ -5,6 +5,7 @@ config RV_MON_PAGEFAULT select RV_LTL_MONITOR depends on RV_MON_RTAPP depends on X86 || RISCV + depends on MMU default y select LTL_MON_EVENTS_ID bool "pagefault monitor" -- 2.51.0

1 week, 5 days

2
1
0 0

[PATCH 1/2] rv: Fully convert enabled_monitors to use list_head as iterator

by Nam Cao

The callbacks in enabled_monitors_seq_ops are inconsistent. Some treat the iterator as struct rv_monitor *, while others treat the iterator as struct list_head *. This causes a wrong type cast and crashes the system as reported by Nathan. Convert everything to use struct list_head * as iterator. This also makes enabled_monitors consistent with available_monitors. Fixes: de090d1ccae1 ("rv: Fix wrong type cast in enabled_monitors_next()") Reported-by: Nathan Chancellor <nathan(a)kernel.org> Closes: https://lore.kernel.org/linux-trace-kernel/20250923002004.GA2836051@ax162/ Signed-off-by: Nam Cao <namcao(a)linutronix.de> Cc: <stable(a)vger.kernel.org> --- kernel/trace/rv/rv.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/kernel/trace/rv/rv.c b/kernel/trace/rv/rv.c index 48338520376f..43e9ea473cda 100644 --- a/kernel/trace/rv/rv.c +++ b/kernel/trace/rv/rv.c @@ -501,7 +501,7 @@ static void *enabled_monitors_next(struct seq_file *m, void *p, loff_t *pos) list_for_each_entry_continue(mon, &rv_monitors_list, list) { if (mon->enabled) - return mon; + return &mon->list; } return NULL; @@ -509,7 +509,7 @@ static void *enabled_monitors_next(struct seq_file *m, void *p, loff_t *pos) static void *enabled_monitors_start(struct seq_file *m, loff_t *pos) { - struct rv_monitor *mon; + struct list_head *head; loff_t l; mutex_lock(&rv_interface_lock); @@ -517,15 +517,15 @@ static void *enabled_monitors_start(struct seq_file *m, loff_t *pos) if (list_empty(&rv_monitors_list)) return NULL; - mon = list_entry(&rv_monitors_list, struct rv_monitor, list); + head = &rv_monitors_list; for (l = 0; l <= *pos; ) { - mon = enabled_monitors_next(m, mon, &l); - if (!mon) + head = enabled_monitors_next(m, head, &l); + if (!head) break; } - return mon; + return head; } /* -- 2.51.0

1 week, 5 days

2
1
0 0

[PATCH] stable: crypto: sha256 - fix crash at kexec

by Breno Leitao

Loading a large (~2.1G) files with kexec crashes the host with when running: # kexec --load kernel --initrd initrd_with_2G_or_more UBSAN: signed-integer-overflow in ./include/crypto/sha256_base.h:64:19 34152083 * 64 cannot be represented in type 'int' ... BUG: unable to handle page fault for address: ff9fffff83b624c0 sha256_update (lib/crypto/sha256.c:137) crypto_sha256_update (crypto/sha256_generic.c:40) kexec_calculate_store_digests (kernel/kexec_file.c:769) __se_sys_kexec_file_load (kernel/kexec_file.c:397 kernel/kexec_file.c:332) ... (Line numbers based on commit da274362a7bd9 ("Linux 6.12.49") This is not happening upstream (v6.16+), given that `block` type was upgraded from "int" to "size_t" in commit 74a43a2cf5e8 ("crypto: lib/sha256 - Move partial block handling out") Upgrade the block type similar to the commit above, avoiding hitting the overflow. This patch is only suitable for the stable tree, and before 6.16, which got commit 74a43a2cf5e8 ("crypto: lib/sha256 - Move partial block handling out") Signed-off-by: Breno Leitao <leitao(a)debian.org> Fixes: 11b8d5ef9138 ("crypto: sha256 - implement base layer for SHA-256") # not after v6.16 Reported-by: Michael van der Westhuizen <rmikey(a)meta.com> Reported-by: Tobias Fleig <tfleig(a)meta.com> --- include/crypto/sha256_base.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/crypto/sha256_base.h b/include/crypto/sha256_base.h index e0418818d63c8..fa63af10102b2 100644 --- a/include/crypto/sha256_base.h +++ b/include/crypto/sha256_base.h @@ -44,7 +44,7 @@ static inline int lib_sha256_base_do_update(struct sha256_state *sctx, sctx->count += len; if (unlikely((partial + len) >= SHA256_BLOCK_SIZE)) { - int blocks; + size_t blocks; if (partial) { int p = SHA256_BLOCK_SIZE - partial; --- base-commit: da274362a7bd9ab3a6e46d15945029145ebce672 change-id: 20251001-stable_crash-f2151baf043b Best regards, -- Breno Leitao <leitao(a)debian.org>

1 week, 5 days

3
5
0 0

New September Order. 27115 Thursday, October 2, 2025 at 05:34:29 AM

by Info - Albinayah 204

Hi Stable, Please provide a quote for your products: Include: 1.Pricing (per unit) 2.Delivery cost & timeline 3.Quote expiry date Deadline: September Thanks! Kamal Prasad Albinayah Trading

1 week, 6 days

1
0
0 0

[PATCH 4/7] drm/amd/display: Incorrect Mirror Cositing

by Alex Hung

From: Jesse Agate <jesse.agate(a)amd.com> [WHY] hinit/vinit are incorrect in the case of mirroring. [HOW] Cositing sign must be flipped when image is mirrored in the vertical or horizontal direction. Cc: Mario Limonciello <mario.limonciello(a)amd.com> Cc: Alex Deucher <alexander.deucher(a)amd.com> Cc: stable(a)vger.kernel.org Reviewed-by: Samson Tam <samson.tam(a)amd.com> Signed-off-by: Jesse Agate <jesse.agate(a)amd.com> Signed-off-by: Brendan Leder <breleder(a)amd.com> Signed-off-by: Alex Hung <alex.hung(a)amd.com> --- drivers/gpu/drm/amd/display/dc/sspl/dc_spl.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/drivers/gpu/drm/amd/display/dc/sspl/dc_spl.c b/drivers/gpu/drm/amd/display/dc/sspl/dc_spl.c index 55b929ca7982..b1fb0f8a253a 100644 --- a/drivers/gpu/drm/amd/display/dc/sspl/dc_spl.c +++ b/drivers/gpu/drm/amd/display/dc/sspl/dc_spl.c @@ -641,16 +641,16 @@ static void spl_calculate_inits_and_viewports(struct spl_in *spl_in, /* this gives the direction of the cositing (negative will move * left, right otherwise) */ - int sign = 1; + int h_sign = flip_horz_scan_dir ? -1 : 1; + int v_sign = flip_vert_scan_dir ? -1 : 1; switch (spl_in->basic_in.cositing) { - case CHROMA_COSITING_TOPLEFT: - init_adj_h = spl_fixpt_from_fraction(sign, 4); - init_adj_v = spl_fixpt_from_fraction(sign, 4); + init_adj_h = spl_fixpt_from_fraction(h_sign, 4); + init_adj_v = spl_fixpt_from_fraction(v_sign, 4); break; case CHROMA_COSITING_LEFT: - init_adj_h = spl_fixpt_from_fraction(sign, 4); + init_adj_h = spl_fixpt_from_fraction(h_sign, 4); init_adj_v = spl_fixpt_zero; break; case CHROMA_COSITING_NONE: -- 2.43.0

1 week, 6 days

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror