Apply bridge window offsets to screen_info framebuffers during
relocation. Fixes invalid access to I/O memory.
Resources behind a PCI bridge can be located at a certain offset
in the kernel's I/O range. The framebuffer memory range stored in
screen_info refers to the offset as seen during boot (essentialy 0).
During boot up, the kernel may assign a different memory offset to
the bridge device and thereby relocating the framebuffer address of
the PCI graphics device as seen by the kernel. The information in
screen_info must be updated as well.
The helper pcibios_bus_to_resource() performs the relocation of
the screen_info resource. The result now matches the I/O-memory
resource of the PCI graphics device. As before, we store away the
information necessary to update the information in screen_info.
Commit 78aa89d1dfba ("firmware/sysfb: Update screen_info for relocated
EFI framebuffers") added the code for updating screen_info. It is
based on similar functionality that pre-existed in efifb. Efifb uses
a pointer to the PCI resource, while the newer code does a memcpy of
the region. Hence efifb sees any updates to the PCI resource and avoids
the issue.
v2:
- Fixed tags (Takashi, Ivan)
- Updated information on efifb
Signed-off-by: Thomas Zimmermann <tzimmermann(a)suse.de>
Reported-by: "Ivan T. Ivanov" <iivanov(a)suse.de>
Closes: https://bugzilla.suse.com/show_bug.cgi?id=1240696
Tested-by: "Ivan T. Ivanov" <iivanov(a)suse.de>
Fixes: 78aa89d1dfba ("firmware/sysfb: Update screen_info for relocated EFI framebuffers")
Cc: dri-devel(a)lists.freedesktop.org
Cc: <stable(a)vger.kernel.org> # v6.9+
---
drivers/video/screen_info_pci.c | 17 ++++++++++++++---
1 file changed, 14 insertions(+), 3 deletions(-)
diff --git a/drivers/video/screen_info_pci.c b/drivers/video/screen_info_pci.c
index 6c5833517141..c46c75dc3fae 100644
--- a/drivers/video/screen_info_pci.c
+++ b/drivers/video/screen_info_pci.c
@@ -8,7 +8,7 @@
static struct pci_dev *screen_info_lfb_pdev;
static size_t screen_info_lfb_bar;
static resource_size_t screen_info_lfb_offset;
-static struct resource screen_info_lfb_res = DEFINE_RES_MEM(0, 0);
+static struct pci_bus_region screen_info_lfb_region;
static bool __screen_info_relocation_is_valid(const struct screen_info *si, struct resource *pr)
{
@@ -31,7 +31,7 @@ void screen_info_apply_fixups(void)
if (screen_info_lfb_pdev) {
struct resource *pr = &screen_info_lfb_pdev->resource[screen_info_lfb_bar];
- if (pr->start != screen_info_lfb_res.start) {
+ if (pr->start != screen_info_lfb_region.start) {
if (__screen_info_relocation_is_valid(si, pr)) {
/*
* Only update base if we have an actual
@@ -69,10 +69,21 @@ static void screen_info_fixup_lfb(struct pci_dev *pdev)
for (i = 0; i < numres; ++i) {
struct resource *r = &res[i];
+ struct pci_bus_region bus_region = {
+ .start = r->start,
+ .end = r->end,
+ };
const struct resource *pr;
if (!(r->flags & IORESOURCE_MEM))
continue;
+
+ /*
+ * Translate the address to resource if the framebuffer
+ * is behind a PCI bridge.
+ */
+ pcibios_bus_to_resource(pdev->bus, r, &bus_region);
+
pr = pci_find_resource(pdev, r);
if (!pr)
continue;
@@ -85,7 +96,7 @@ static void screen_info_fixup_lfb(struct pci_dev *pdev)
screen_info_lfb_pdev = pdev;
screen_info_lfb_bar = pr - pdev->resource;
screen_info_lfb_offset = r->start - pr->start;
- memcpy(&screen_info_lfb_res, r, sizeof(screen_info_lfb_res));
+ memcpy(&screen_info_lfb_region, &bus_region, sizeof(screen_info_lfb_region));
}
}
DECLARE_PCI_FIXUP_CLASS_HEADER(PCI_ANY_ID, PCI_ANY_ID, PCI_BASE_CLASS_DISPLAY, 16,
--
2.49.0
Starting with Rust 1.87.0 (expected 2025-05-15) [1], Clippy may expand
the `ptr_eq` lint, e.g.:
error: use `core::ptr::eq` when comparing raw pointers
--> rust/kernel/list.rs:438:12
|
438 | if self.first == item {
| ^^^^^^^^^^^^^^^^^^ help: try: `core::ptr::eq(self.first, item)`
|
= help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#ptr_eq
= note: `-D clippy::ptr-eq` implied by `-D warnings`
= help: to override `-D warnings` add `#[allow(clippy::ptr_eq)]`
Thus clean the few cases we have.
This patch may not be actually needed by the time Rust 1.87.0 releases
since a PR to relax the lint has been beta nominated [2] due to reports
of being too eager (at least by default) [3].
Cc: stable(a)vger.kernel.org # Needed in 6.12.y and later (Rust is pinned in older LTSs).
Link: https://github.com/rust-lang/rust-clippy/pull/14339 [1]
Link: https://github.com/rust-lang/rust-clippy/pull/14526 [2]
Link: https://github.com/rust-lang/rust-clippy/issues/14525 [3]
Signed-off-by: Miguel Ojeda <ojeda(a)kernel.org>
---
rust/kernel/alloc/kvec.rs | 2 +-
rust/kernel/list.rs | 12 ++++++------
2 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/rust/kernel/alloc/kvec.rs b/rust/kernel/alloc/kvec.rs
index ae9d072741ce..cde911551327 100644
--- a/rust/kernel/alloc/kvec.rs
+++ b/rust/kernel/alloc/kvec.rs
@@ -743,7 +743,7 @@ fn into_raw_parts(self) -> (*mut T, NonNull<T>, usize, usize) {
pub fn collect(self, flags: Flags) -> Vec<T, A> {
let old_layout = self.layout;
let (mut ptr, buf, len, mut cap) = self.into_raw_parts();
- let has_advanced = ptr != buf.as_ptr();
+ let has_advanced = !core::ptr::eq(ptr, buf.as_ptr());
if has_advanced {
// Copy the contents we have advanced to at the beginning of the buffer.
diff --git a/rust/kernel/list.rs b/rust/kernel/list.rs
index a335c3b1ff5e..c63cbeee3316 100644
--- a/rust/kernel/list.rs
+++ b/rust/kernel/list.rs
@@ -435,7 +435,7 @@ unsafe fn remove_internal_inner(
// * If `item` was the only item in the list, then `prev == item`, and we just set
// `item->next` to null, so this correctly sets `first` to null now that the list is
// empty.
- if self.first == item {
+ if core::ptr::eq(self.first, item) {
// SAFETY: The `prev` pointer is the value that `item->prev` had when it was in this
// list, so it must be valid. There is no race since `prev` is still in the list and we
// still have exclusive access to the list.
@@ -556,7 +556,7 @@ fn next(&mut self) -> Option<ArcBorrow<'a, T>> {
let next = unsafe { (*current).next };
// INVARIANT: If `current` was the last element of the list, then this updates it to null.
// Otherwise, we update it to the next element.
- self.current = if next != self.stop {
+ self.current = if !core::ptr::eq(next, self.stop) {
next
} else {
ptr::null_mut()
@@ -726,7 +726,7 @@ impl<'a, T: ?Sized + ListItem<ID>, const ID: u64> Cursor<'a, T, ID> {
fn prev_ptr(&self) -> *mut ListLinksFields {
let mut next = self.next;
let first = self.list.first;
- if next == first {
+ if core::ptr::eq(next, first) {
// We are before the first element.
return core::ptr::null_mut();
}
@@ -788,7 +788,7 @@ pub fn move_next(&mut self) -> bool {
// access the `next` field.
let mut next = unsafe { (*self.next).next };
- if next == self.list.first {
+ if core::ptr::eq(next, self.list.first) {
next = core::ptr::null_mut();
}
@@ -802,7 +802,7 @@ pub fn move_next(&mut self) -> bool {
/// If the cursor is before the first element, then this call does nothing. This call returns
/// `true` if the cursor's position was changed.
pub fn move_prev(&mut self) -> bool {
- if self.next == self.list.first {
+ if core::ptr::eq(self.next, self.list.first) {
return false;
}
@@ -822,7 +822,7 @@ fn insert_inner(&mut self, item: ListArc<T, ID>) -> *mut ListLinksFields {
// * `ptr` is an element in the list or null.
// * if `ptr` is null, then `self.list.first` is null so the list is empty.
let item = unsafe { self.list.insert_inner(item, ptr) };
- if self.next == self.list.first {
+ if core::ptr::eq(self.next, self.list.first) {
// INVARIANT: We just inserted `item`, so it's a member of list.
self.list.first = item;
}
--
2.49.0
The commit cdd30ebb1b9f ("module: Convert symbol namespace to string
literal") makes the grammar of MODULE_IMPORT_NS and EXPORT_SYMBOL_NS
different between the stable branches and the mainline. But when
the commit 955f9ede52b8 ("bpf: Add namespace to BPF internal symbols")
was backported from mainline, only EXPORT_SYMBOL_NS instances are
adapted, leaving the MODULE_IMPORT_NS instance with the "new" grammar
and causing the module fails to build:
ERROR: modpost: module bpf_preload uses symbol bpf_link_get_from_fd from namespace BPF_INTERNAL, but does not import it.
ERROR: modpost: module bpf_preload uses symbol kern_sys_bpf from namespace BPF_INTERNAL, but does not import it.
Reported-by: Mingcong Bai <jeffbai(a)aosc.io>
Reported-by: Alex Davis <alex47794(a)gmail.com>
Closes: https://lore.kernel.org/all/CADiockBKBQTVqjA5G+RJ9LBwnEnZ8o0odYnL=LBZ_7QN=_…
Fixes: 955f9ede52b8 ("bpf: Add namespace to BPF internal symbols")
Signed-off-by: Xi Ruoyao <xry111(a)xry111.site>
---
kernel/bpf/preload/bpf_preload_kern.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/bpf/preload/bpf_preload_kern.c b/kernel/bpf/preload/bpf_preload_kern.c
index 56a81df7a9d7..fdad0eb308fe 100644
--- a/kernel/bpf/preload/bpf_preload_kern.c
+++ b/kernel/bpf/preload/bpf_preload_kern.c
@@ -89,5 +89,5 @@ static void __exit fini(void)
}
late_initcall(load);
module_exit(fini);
-MODULE_IMPORT_NS("BPF_INTERNAL");
+MODULE_IMPORT_NS(BPF_INTERNAL);
MODULE_LICENSE("GPL");
--
2.49.0
Hi,
Could you please apply commit 6eab70345799 ("ASoC: soc-core: Stop using
of_property_read_bool() for non-boolean properties") to v6.14.x in order
to silence warnings introduced in v6.14 by commit c141ecc3cecd ("of:
Warn when of_property_read_bool() is used on non-boolean properties")
Thanks
Christophe
The following changes since commit 02a22be3c0003af08df510cba3d79d00c6495b74:
bcachefs: bch2_ioctl_subvolume_destroy() fixes (2025-04-03 16:13:53 -0400)
are available in the Git repository at:
git://evilpiepirate.org/bcachefs.git tags/bcachefs-for-6.14-2025-05-02
for you to fetch changes up to 52b17bca7b20663e5df6dbfc24cc2030259b64b6:
bcachefs: Remove incorrect __counted_by annotation (2025-05-02 21:09:51 -0400)
----------------------------------------------------------------
bcachefs fixes for 6.15
remove incorrect counted_by annotation, fixing FORTIFY_SOURCE crashes
that have been hitting arch users
----------------------------------------------------------------
Alan Huang (1):
bcachefs: Remove incorrect __counted_by annotation
fs/bcachefs/xattr_format.h | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
The following changes since commit 1a7a2300e0dd8b4a73bcd3777a2947fe42a16bef:
bcachefs: bch2_ioctl_subvolume_destroy() fixes (2025-03-31 13:16:15 -0400)
are available in the Git repository at:
git://evilpiepirate.org/bcachefs.git tags/bcachefs-for-6.12-2025-05-5
for you to fetch changes up to 3f105630c0b2e53a93713c2328e3426081f961c1:
bcachefs: Remove incorrect __counted_by annotation (2025-05-05 09:41:26 -0400)
----------------------------------------------------------------
bcachefs fixes for 6.12
remove incorrect counted_by annotation, fixing FORTIFY_SOURCE crashes
that have been hitting arch users
----------------------------------------------------------------
Alan Huang (1):
bcachefs: Remove incorrect __counted_by annotation
fs/bcachefs/xattr_format.h | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
The following commit has been merged into the timers/urgent branch of tip:
Commit-ID: 94cff94634e506a4a44684bee1875d2dbf782722
Gitweb: https://git.kernel.org/tip/94cff94634e506a4a44684bee1875d2dbf782722
Author: Sebastian Andrzej Siewior <bigeasy(a)linutronix.de>
AuthorDate: Fri, 04 Apr 2025 15:31:16 +02:00
Committer: Thomas Gleixner <tglx(a)linutronix.de>
CommitterDate: Mon, 05 May 2025 15:34:49 +02:00
clocksource/i8253: Use raw_spinlock_irqsave() in clockevent_i8253_disable()
On x86 during boot, clockevent_i8253_disable() can be invoked via
x86_late_time_init -> hpet_time_init() -> pit_timer_init() which happens
with enabled interrupts.
If some of the old i8253 hardware is actually used then lockdep will notice
that i8253_lock is used in hard interrupt context. This causes lockdep to
complain because it observed the lock being acquired with interrupts
enabled and in hard interrupt context.
Make clockevent_i8253_disable() acquire the lock with
raw_spinlock_irqsave() to cure this.
[ tglx: Massage change log and use guard() ]
Fixes: c8c4076723dac ("x86/timer: Skip PIT initialization on modern chipsets")
Signed-off-by: Sebastian Andrzej Siewior <bigeasy(a)linutronix.de>
Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de>
Cc: stable(a)vger.kernel.org
Link: https://lore.kernel.org/all/20250404133116.p-XRWJXf@linutronix.de
---
drivers/clocksource/i8253.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/drivers/clocksource/i8253.c b/drivers/clocksource/i8253.c
index 39f7c2d..b603c25 100644
--- a/drivers/clocksource/i8253.c
+++ b/drivers/clocksource/i8253.c
@@ -103,7 +103,7 @@ int __init clocksource_i8253_init(void)
#ifdef CONFIG_CLKEVT_I8253
void clockevent_i8253_disable(void)
{
- raw_spin_lock(&i8253_lock);
+ guard(raw_spinlock_irqsave)(&i8253_lock);
/*
* Writing the MODE register should stop the counter, according to
@@ -132,8 +132,6 @@ void clockevent_i8253_disable(void)
outb_p(0, PIT_CH0);
outb_p(0x30, PIT_MODE);
-
- raw_spin_unlock(&i8253_lock);
}
static int pit_shutdown(struct clock_event_device *evt)