- Linux-stable-mirror - lists.linaro.org

FAILED: patch "[PATCH] drm/xe: Ensure fixed_slice_mode gets set after ccs_mode" failed to apply to 6.12-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.12-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.12.y git checkout FETCH_HEAD git cherry-pick -x 262de94a3a7ef23c326534b3d9483602b7af841e # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025042256-unshackle-unwashed-bd50@gregkh' --subject-prefix 'PATCH 6.12.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 262de94a3a7ef23c326534b3d9483602b7af841e Mon Sep 17 00:00:00 2001 From: Niranjana Vishwanathapura <niranjana.vishwanathapura(a)intel.com> Date: Thu, 27 Mar 2025 11:56:04 -0700 Subject: [PATCH] drm/xe: Ensure fixed_slice_mode gets set after ccs_mode change The RCU_MODE_FIXED_SLICE_CCS_MODE setting is not getting invoked in the gt reset path after the ccs_mode setting by the user. Add it to engine register update list (in hw_engine_setup_default_state()) which ensures it gets set in the gt reset and engine reset paths. v2: Add register update to engine list to ensure it gets updated after engine reset also. Fixes: 0d97ecce16bd ("drm/xe: Enable Fixed CCS mode setting") Cc: stable(a)vger.kernel.org Signed-off-by: Niranjana Vishwanathapura <niranjana.vishwanathapura(a)intel.com> Reviewed-by: Matt Roper <matthew.d.roper(a)intel.com> Signed-off-by: Matthew Brost <matthew.brost(a)intel.com> Link: https://lore.kernel.org/r/20250327185604.18230-1-niranjana.vishwanathapura@… (cherry picked from commit 12468e519f98e4d93370712e3607fab61df9dae9) Signed-off-by: Lucas De Marchi <lucas.demarchi(a)intel.com> diff --git a/drivers/gpu/drm/xe/xe_hw_engine.c b/drivers/gpu/drm/xe/xe_hw_engine.c index 8c05fd30b7df..93241fd0a4ba 100644 --- a/drivers/gpu/drm/xe/xe_hw_engine.c +++ b/drivers/gpu/drm/xe/xe_hw_engine.c @@ -389,12 +389,6 @@ xe_hw_engine_setup_default_lrc_state(struct xe_hw_engine *hwe) blit_cctl_val, XE_RTP_ACTION_FLAG(ENGINE_BASE))) }, - /* Use Fixed slice CCS mode */ - { XE_RTP_NAME("RCU_MODE_FIXED_SLICE_CCS_MODE"), - XE_RTP_RULES(FUNC(xe_hw_engine_match_fixed_cslice_mode)), - XE_RTP_ACTIONS(FIELD_SET(RCU_MODE, RCU_MODE_FIXED_SLICE_CCS_MODE, - RCU_MODE_FIXED_SLICE_CCS_MODE)) - }, /* Disable WMTP if HW doesn't support it */ { XE_RTP_NAME("DISABLE_WMTP_ON_UNSUPPORTED_HW"), XE_RTP_RULES(FUNC(xe_rtp_cfeg_wmtp_disabled)), @@ -461,6 +455,12 @@ hw_engine_setup_default_state(struct xe_hw_engine *hwe) XE_RTP_ACTIONS(SET(CSFE_CHICKEN1(0), CS_PRIORITY_MEM_READ, XE_RTP_ACTION_FLAG(ENGINE_BASE))) }, + /* Use Fixed slice CCS mode */ + { XE_RTP_NAME("RCU_MODE_FIXED_SLICE_CCS_MODE"), + XE_RTP_RULES(FUNC(xe_hw_engine_match_fixed_cslice_mode)), + XE_RTP_ACTIONS(FIELD_SET(RCU_MODE, RCU_MODE_FIXED_SLICE_CCS_MODE, + RCU_MODE_FIXED_SLICE_CCS_MODE)) + }, }; xe_rtp_process_to_sr(&ctx, engine_entries, ARRAY_SIZE(engine_entries), &hwe->reg_sr);

4 months, 1 week

3
4
0 0

[PATCH v5] mm: mmap: map MAP_STACK to VM_NOHUGEPAGE only if THP is enabled

by Ignacio Moreno Gonzalez via B4 Relay

From: Ignacio Moreno Gonzalez <Ignacio.MorenoGonzalez(a)kuka.com> commit c4608d1bf7c6 ("mm: mmap: map MAP_STACK to VM_NOHUGEPAGE") maps the mmap option MAP_STACK to VM_NOHUGEPAGE. This is also done if CONFIG_TRANSPARENT_HUGEPAGE is not defined. But in that case, the VM_NOHUGEPAGE does not make sense. I discovered this issue when trying to use the tool CRIU to checkpoint and restore a container. Our running kernel is compiled without CONFIG_TRANSPARENT_HUGEPAGE. CRIU parses the output of /proc/<pid>/smaps and saves the "nh" flag. When trying to restore the container, CRIU fails to restore the "nh" mappings, since madvise() MADV_NOHUGEPAGE always returns an error because CONFIG_TRANSPARENT_HUGEPAGE is not defined. Fixes: c4608d1bf7c6 ("mm: mmap: map MAP_STACK to VM_NOHUGEPAGE") Cc: stable(a)vger.kernel.org Reviewed-by: Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> Reviewed-by: Yang Shi <yang(a)os.amperecomputing.com> Reviewed-by: Liam R. Howlett <Liam.Howlett(a)oracle.com> Signed-off-by: Ignacio Moreno Gonzalez <Ignacio.MorenoGonzalez(a)kuka.com> --- I discovered this issue when trying to use the tool CRIU to checkpoint and restore a container. Our running kernel is compiled without CONFIG_TRANSPARENT_HUGEPAGE. CRIU parses the output of /proc/<pid>/smaps and saves the "nh" flag. When trying to restore the container, CRIU fails to restore the "nh" mappings, since madvise() MADV_NOHUGEPAGE always returns an error because CONFIG_TRANSPARENT_HUGEPAGE is not defined. The mapping MAP_STACK -> VM_NOHUGEPAGE was introduced by commit c4608d1bf7c6 ("mm: mmap: map MAP_STACK to VM_NOHUGEPAGE") in order to fix a regression introduced by commit efa7df3e3bb5 ("mm: align larger anonymous mappings on THP boundaries"). The change introducing the regression (efa7df3e3bb5) was limited to THP kernels, but its fix (c4608d1bf7c6) is applied without checking if THP is set. The mapping MAP_STACK -> VM_NOHUGEPAGE should only be applied if THP is enabled. --- Changes in v5: - Correct typo CONFIG_TRANSPARENT_HUGETABLES -> CONFIG_TRANSPARENT_HUGEPAGE in patch description - Link to v4: https://lore.kernel.org/r/20250507-map-map_stack-to-vm_nohugepage-only-if-t… Changes in v4: - Correct typo CONFIG_TRANSPARENT_HUGETABLES -> CONFIG_TRANSPARENT_HUGEPAGE - Copy description from cover letter to commit description - Link to v3: https://lore.kernel.org/r/20250507-map-map_stack-to-vm_nohugepage-only-if-t… Changes in v3: - Exclude non-stable patch (for huge_mm.h) from this series to avoid mixing stable and non-stable patches, as suggested by Andrew. - Extend description in cover letter. - Link to v2: https://lore.kernel.org/r/20250506-map-map_stack-to-vm_nohugepage-only-if-t… Changes in v2: - [Patch 1/2] Use '#ifdef' instead of '#if defined(...)' - [Patch 1/2] Add 'Fixes: c4608d1bf7c6...' - Create [Patch 2/2] - Link to v1: https://lore.kernel.org/r/20250502-map-map_stack-to-vm_nohugepage-only-if-t… --- include/linux/mman.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/linux/mman.h b/include/linux/mman.h index bce214fece16b9af3791a2baaecd6063d0481938..f4c6346a8fcd29b08d43f7cd9158c3eddc3383e1 100644 --- a/include/linux/mman.h +++ b/include/linux/mman.h @@ -155,7 +155,9 @@ calc_vm_flag_bits(struct file *file, unsigned long flags) return _calc_vm_trans(flags, MAP_GROWSDOWN, VM_GROWSDOWN ) | _calc_vm_trans(flags, MAP_LOCKED, VM_LOCKED ) | _calc_vm_trans(flags, MAP_SYNC, VM_SYNC ) | +#ifdef CONFIG_TRANSPARENT_HUGEPAGE _calc_vm_trans(flags, MAP_STACK, VM_NOHUGEPAGE) | +#endif arch_calc_vm_flag_bits(file, flags); } --- base-commit: fc96b232f8e7c0a6c282f47726b2ff6a5fb341d2 change-id: 20250428-map-map_stack-to-vm_nohugepage-only-if-thp-is-enabled-ce40a1de095d Best regards, -- Ignacio Moreno Gonzalez <Ignacio.MorenoGonzalez(a)kuka.com>

4 months, 1 week

2
1
0 0

[PATCH v1] drm/bridge: cdns-dsi: Replace deprecated UNIVERSAL_DEV_PM_OPS()

by Vitor Soares

From: Vitor Soares <vitor.soares(a)toradex.com> The deprecated UNIVERSAL_DEV_PM_OPS() macro uses the provided callbacks for both runtime PM and system sleep. This causes the DSI clocks to be disabled twice: once during runtime suspend and again during system suspend, resulting in a WARN message from the clock framework when attempting to disable already-disabled clocks. [ 84.384540] clk:231:5 already disabled [ 84.388314] WARNING: CPU: 2 PID: 531 at /drivers/clk/clk.c:1181 clk_core_disable+0xa4/0xac ... [ 84.579183] Call trace: [ 84.581624] clk_core_disable+0xa4/0xac [ 84.585457] clk_disable+0x30/0x4c [ 84.588857] cdns_dsi_suspend+0x20/0x58 [cdns_dsi] [ 84.593651] pm_generic_suspend+0x2c/0x44 [ 84.597661] ti_sci_pd_suspend+0xbc/0x15c [ 84.601670] dpm_run_callback+0x8c/0x14c [ 84.605588] __device_suspend+0x1a0/0x56c [ 84.609594] dpm_suspend+0x17c/0x21c [ 84.613165] dpm_suspend_start+0xa0/0xa8 [ 84.617083] suspend_devices_and_enter+0x12c/0x634 [ 84.621872] pm_suspend+0x1fc/0x368 To address this issue, replace UNIVERSAL_DEV_PM_OPS() with DEFINE_RUNTIME_DEV_PM_OPS(), which avoids redundant suspend/resume calls by checking if the device is already runtime suspended. Cc: <stable(a)vger.kernel.org> # 6.1.x Fixes: e19233955d9e ("drm/bridge: Add Cadence DSI driver") Signed-off-by: Vitor Soares <vitor.soares(a)toradex.com> --- drivers/gpu/drm/bridge/cadence/cdns-dsi-core.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/drivers/gpu/drm/bridge/cadence/cdns-dsi-core.c b/drivers/gpu/drm/bridge/cadence/cdns-dsi-core.c index b022dd6e6b6e..62179e55e032 100644 --- a/drivers/gpu/drm/bridge/cadence/cdns-dsi-core.c +++ b/drivers/gpu/drm/bridge/cadence/cdns-dsi-core.c @@ -1258,7 +1258,7 @@ static const struct mipi_dsi_host_ops cdns_dsi_ops = { .transfer = cdns_dsi_transfer, }; -static int __maybe_unused cdns_dsi_resume(struct device *dev) +static int cdns_dsi_resume(struct device *dev) { struct cdns_dsi *dsi = dev_get_drvdata(dev); @@ -1269,7 +1269,7 @@ static int __maybe_unused cdns_dsi_resume(struct device *dev) return 0; } -static int __maybe_unused cdns_dsi_suspend(struct device *dev) +static int cdns_dsi_suspend(struct device *dev) { struct cdns_dsi *dsi = dev_get_drvdata(dev); @@ -1279,8 +1279,8 @@ static int __maybe_unused cdns_dsi_suspend(struct device *dev) return 0; } -static UNIVERSAL_DEV_PM_OPS(cdns_dsi_pm_ops, cdns_dsi_suspend, cdns_dsi_resume, - NULL); +static DEFINE_RUNTIME_DEV_PM_OPS(cdns_dsi_pm_ops, cdns_dsi_suspend, + cdns_dsi_resume, NULL); static int cdns_dsi_drm_probe(struct platform_device *pdev) { @@ -1427,7 +1427,7 @@ static struct platform_driver cdns_dsi_platform_driver = { .driver = { .name = "cdns-dsi", .of_match_table = cdns_dsi_of_match, - .pm = &cdns_dsi_pm_ops, + .pm = pm_ptr(&cdns_dsi_pm_ops), }, }; module_platform_driver(cdns_dsi_platform_driver); -- 2.34.1

4 months, 1 week

2
6
0 0

net/sched: codel: Inclusion of patchset

by Tai, Gerrard

Upstream commits: 01: 5ba8b837b522d7051ef81bacf3d95383ff8edce5 ("sch_htb: make htb_qlen_notify() idempotent") 02: df008598b3a00be02a8051fde89ca0fbc416bd55 ("sch_drr: make drr_qlen_notify() idempotent") 03: 51eb3b65544c9efd6a1026889ee5fb5aa62da3bb ("sch_hfsc: make hfsc_qlen_notify() idempotent") 04: 55f9eca4bfe30a15d8656f915922e8c98b7f0728 ("sch_qfq: make qfq_qlen_notify() idempotent") 05: a7a15f39c682ac4268624da2abdb9114bdde96d5 ("sch_ets: make est_qlen_notify() idempotent") 06: 342debc12183b51773b3345ba267e9263bdfaaef ("codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()") These patches are patch 01-06 of the original patchset ([1]) authored by Cong Wang. I have omitted patches 07-11 which are selftests. This patchset addresses a UAF vulnerability. Originally, only the last commit (06) was picked to merge into the latest round of stable queues 5.15,5.10,5.4. For 6.x stable branches, that sole commit has already been merged in a previous cycle. From my understanding, this patch depends on the previous patches to work. Without patches 01-05 which make various classful qdiscs' qlen_notify() idempotent, if an fq_codel's dequeue() routine empties the fq_codel qdisc, it will be doubly deactivated - first in the parent qlen_notify and then again in the parent dequeue. For instance, in the case of parent drr, the double deactivation will either cause a fault on an invalid address, or trigger a splat if list checks are compiled into the kernel. This is also why the original unpatched code included the qlen check in the first place. After discussion with Greg, he has helped to temporarily drop the patch from the 5.x queues ([2]). My suggestion is to include patches 01-06 of the patchset, as listed above, for the 5.x queues. For the 6.x queues that have already merged patch 06, the earlier patches 01-05 should be merged too. I'm not too familiar with the stable patch process, so I may be completely mistaken here. Cheers, Gerrard [1]: https://lore.kernel.org/netdev/174410343500.1831514.15019771038334698036.gi… [2]: https://lore.kernel.org/stable/2025050131-fragrant-famine-eb32@gregkh/

4 months, 1 week

3
4
0 0

[PATCH 6.1 000/167] 6.1.136-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.1.136 release. There are 167 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu, 01 May 2025 16:10:15 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.1.136-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.1.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.1.136-rc1 Josh Poimboeuf <jpoimboe(a)kernel.org> objtool: Silence more KCOV warnings, part 2 Srinivas Kandagatla <srinivas.kandagatla(a)linaro.org> ASoC: qcom: q6afe-dai: fix Display Port Playback stream name Rob Herring <robh(a)kernel.org> PCI: Fix use-after-free in pci_bus_release_domain_nr() Steven Rostedt (Google) <rostedt(a)goodmis.org> tracing: Remove pointer (asterisk) and brackets from cpumask_t field Richard Zhu <hongxing.zhu(a)nxp.com> phy: freescale: imx8m-pcie: Add one missing error return Richard Zhu <hongxing.zhu(a)nxp.com> phy: freescale: imx8m-pcie: Do CMN_RST just before PHY PLL lock check Hannes Reinecke <hare(a)kernel.org> nvme: fixup scan failure for non-ANA multipath controllers Thomas Bogendoerfer <tsbogend(a)alpha.franken.de> MIPS: cm: Fix warning if MIPS_CM is disabled Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> xdp: Reset bpf_redirect_info before running a xdp's BPF prog. Marek Behún <kabel(a)kernel.org> net: dsa: mv88e6xxx: enable STU methods for 6320 family Marek Behún <kabel(a)kernel.org> net: dsa: mv88e6xxx: enable .port_set_policy() for 6320 family Marek Behún <kabel(a)kernel.org> net: dsa: mv88e6xxx: enable PVT for 6321 switch Marek Behún <kabel(a)kernel.org> net: dsa: mv88e6xxx: fix atu_move_port_mask for 6341 family Jakub Kicinski <kuba(a)kernel.org> net/sched: act_mirred: don't override retval if we already lost the skb Marek Behún <kabel(a)kernel.org> crypto: atmel-sha204a - Set hwrng quality to lowest possible Ian Abbott <abbotti(a)mev.co.uk> comedi: jr3_pci: Fix synchronous deletion of timer Dave Kleikamp <dave.kleikamp(a)oracle.com> jfs: define xtree root and page independently Sergey Shtylyov <s.shtylyov(a)omp.ru> of: module: add buffer overflow check in of_modalias() Tamura Dai <kirinode0(a)gmail.com> spi: spi-imx: Add check for spi_imx_setupxfer() Meir Elisha <meir.elisha(a)volumez.com> md/raid1: Add check for missing source disk in process_checks() Mostafa Saleh <smostafa(a)google.com> ubsan: Fix panic from test_ubsan_out_of_bounds Breno Leitao <leitao(a)debian.org> spi: tegra210-quad: add rate limiting and simplify timeout error message Breno Leitao <leitao(a)debian.org> spi: tegra210-quad: use WARN_ON_ONCE instead of WARN_ON for timeouts Yunlong Xing <yunlong.xing(a)unisoc.com> loop: aio inherit the ioprio of original request Fernando Fernandez Mancera <ffmancera(a)riseup.net> x86/i8253: Call clockevent_i8253_disable() with interrupts disabled Igor Pylypiv <ipylypiv(a)google.com> scsi: pm80xx: Set phy_attached to zero when device is gone Peter Griffin <peter.griffin(a)linaro.org> scsi: ufs: exynos: Ensure pre_link() executes before exynos_ufs_phy_init() Xingui Yang <yangxingui(a)huawei.com> scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes Ojaswin Mujoo <ojaswin(a)linux.ibm.com> ext4: make block validity check resistent to sb bh corruption Daniel Wagner <wagi(a)kernel.org> nvmet-fc: put ref when assoc->del_work is already scheduled Daniel Wagner <wagi(a)kernel.org> nvmet-fc: take tgtport reference only once Josh Poimboeuf <jpoimboe(a)kernel.org> x86/bugs: Don't fill RSB on context switch with eIBRS Josh Poimboeuf <jpoimboe(a)kernel.org> x86/bugs: Don't fill RSB on VMEXIT with eIBRS+retpoline Josh Poimboeuf <jpoimboe(a)kernel.org> x86/bugs: Use SBPB in write_ibpb() if applicable Qiuxu Zhuo <qiuxu.zhuo(a)intel.com> selftests/mincore: Allow read-ahead pages to reach the end of the file Josh Poimboeuf <jpoimboe(a)kernel.org> objtool: Stop UNRET validation on UD2 Hannes Reinecke <hare(a)kernel.org> nvme: re-read ANA log page after ns scan completes Jean-Marc Eurin <jmeurin(a)google.com> ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls Mario Limonciello <mario.limonciello(a)amd.com> ACPI: EC: Set ec_no_wakeup for Lenovo Go S Hannes Reinecke <hare(a)kernel.org> nvme: requeue namespace scan on missed AENs Jason Andryuk <jason.andryuk(a)amd.com> xen: Change xen-acpi-processor dom0 dependency Ming Lei <ming.lei(a)redhat.com> selftests: ublk: fix test_stripe_04 Xiaogang Chen <xiaogang.chen(a)amd.com> udmabuf: fix a buf size overflow issue during udmabuf creation Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> KVM: s390: Don't use %pK through tracepoints Oleg Nesterov <oleg(a)redhat.com> sched/isolation: Make CONFIG_CPU_ISOLATION depend on CONFIG_SMP Lukas Stockmann <lukas.stockmann(a)siemens.com> rtc: pcf85063: do a SW reset if POR failed Dominique Martinet <asmadeus(a)codewreck.org> 9p/net: fix improper handling of bogus negative read/write replies Basavaraj Natikar <Basavaraj.Natikar(a)amd.com> ntb_hw_amd: Add NTB PCI ID for new gen CPU Arnd Bergmann <arnd(a)arndb.de> ntb: reduce stack usage in idt_scan_mws Al Viro <viro(a)zeniv.linux.org.uk> qibfs: fix _another_ leak Josh Poimboeuf <jpoimboe(a)kernel.org> objtool, lkdtm: Obfuscate the do_nothing() pointer Josh Poimboeuf <jpoimboe(a)kernel.org> objtool, ASoC: codecs: wcd934x: Remove potential undefined behavior in wcd934x_slim_irq_handler() Josh Poimboeuf <jpoimboe(a)kernel.org> objtool: Silence more KCOV warnings Mika Westerberg <mika.westerberg(a)linux.intel.com> thunderbolt: Scan retimers after device router has been enumerated Théo Lebrun <theo.lebrun(a)bootlin.com> usb: host: xhci-plat: mvebu: use ->quirks instead of ->init_quirk() func Chenyuan Yang <chenyuan0y(a)gmail.com> usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() Michal Pecio <michal.pecio(a)gmail.com> usb: xhci: Avoid Stop Endpoint retry loop if the endpoint seems Running Vinicius Costa Gomes <vinicius.gomes(a)intel.com> dmaengine: dmatest: Fix dmatest waiting less when interrupted John Stultz <jstultz(a)google.com> sound/virtio: Fix cancel_sync warnings on uninitialized work_structs Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> usb: dwc3: gadget: Avoid using reserved endpoints on Intel Merrifield Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> usb: dwc3: gadget: Refactor loop to avoid NULL endpoints Edward Adam Davis <eadavis(a)qq.com> fs/ntfs3: Fix WARNING in ntfs_extend_initialized_size Alexander Stein <alexander.stein(a)mailbox.org> usb: host: max3421-hcd: Add missing spi_device_id table Haoxiang Li <haoxiang_li2024(a)163.com> s390/tty: Fix a potential memory leak bug Haoxiang Li <haoxiang_li2024(a)163.com> s390/sclp: Add check for get_zeroed_page() Yu-Chun Lin <eleanor15x(a)gmail.com> parisc: PDT: Fix missing prototype warning Heiko Stuebner <heiko(a)sntech.de> clk: check for disabled clock-provider in of_clk_get_hw_from_clkspec() Alexei Starovoitov <ast(a)kernel.org> bpf: Fix deadlock between rcu_tasks_trace and event_mutex. Herbert Xu <herbert(a)gondor.apana.org.au> crypto: null - Use spin lock instead of mutex Gregory CLEMENT <gregory.clement(a)bootlin.com> MIPS: cm: Detect CM quirks from device tree Chenyuan Yang <chenyuan0y(a)gmail.com> pinctrl: renesas: rza2: Fix potential NULL pointer dereference Oliver Neukum <oneukum(a)suse.com> USB: wdm: add annotation Oliver Neukum <oneukum(a)suse.com> USB: wdm: wdm_wwan_port_tx_complete mutex in atomic context Oliver Neukum <oneukum(a)suse.com> USB: wdm: close race between wdm_open and wdm_wwan_port_stop Oliver Neukum <oneukum(a)suse.com> USB: wdm: handle IO errors in wdm_wwan_port_start Oliver Neukum <oneukum(a)suse.com> USB: VLI disk crashes if LPM is used Miao Li <limiao(a)kylinos.cn> usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive Miao Li <limiao(a)kylinos.cn> usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive Mike Looijmans <mike.looijmans(a)topic.nl> usb: dwc3: xilinx: Prevent spike in reset signal Frode Isaksen <frode(a)meta.com> usb: dwc3: gadget: check that event count does not exceed event buffer length Huacai Chen <chenhuacai(a)kernel.org> USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02) Fedor Pchelkin <pchelkin(a)ispras.ru> usb: chipidea: ci_hdrc_imx: implement usb_phy_init() error handling Fedor Pchelkin <pchelkin(a)ispras.ru> usb: chipidea: ci_hdrc_imx: fix call balance of regulator routines Fedor Pchelkin <pchelkin(a)ispras.ru> usb: chipidea: ci_hdrc_imx: fix usbmisc handling Ralph Siemsen <ralph.siemsen(a)linaro.org> usb: cdns3: Fix deadlock when using NCM gadget Craig Hesling <craig(a)hesling.com> USB: serial: simple: add OWON HDS200 series oscilloscope support Adam Xue <zxue(a)semtech.com> USB: serial: option: add Sierra Wireless EM9291 Michael Ehrenreich <michideep(a)gmail.com> USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe Ryo Takakura <ryotkkr98(a)gmail.com> serial: sifive: lock port in startup()/shutdown() callbacks Stephan Gerhold <stephan.gerhold(a)linaro.org> serial: msm: Configure correct working mode before starting earlycon Rengarajan S <rengarajan.s(a)microchip.com> misc: microchip: pci1xxxx: Fix incorrect IRQ status handling during ack Rengarajan S <rengarajan.s(a)microchip.com> misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration Sean Christopherson <seanjc(a)google.com> KVM: x86: Reset IRTE to host control if *new* route isn't postable Sean Christopherson <seanjc(a)google.com> KVM: x86: Explicitly treat routing entry type changes as changes Alexander Usyskin <alexander.usyskin(a)intel.com> mei: me: add panther lake H DID Oliver Neukum <oneukum(a)suse.com> USB: storage: quirk for ADATA Portable HDD CH94 Haoxiang Li <haoxiang_li2024(a)163.com> mcb: fix a double free bug in chameleon_parse_gdd() Sean Christopherson <seanjc(a)google.com> KVM: SVM: Allocate IR data using atomic allocation Petr Tesarik <ptesarik(a)suse.com> LoongArch: Remove a bogus reference to ZONE_DMA Ming Wang <wangming01(a)loongson.cn> LoongArch: Return NULL from huge_pte_offset() for invalid PMD Roman Li <Roman.Li(a)amd.com> drm/amd/display: Force full update in gpu reset Roman Li <Roman.Li(a)amd.com> drm/amd/display: Fix gpu reset in multidisplay config Fiona Klute <fiona.klute(a)gmx.de> net: phy: microchip: force IRQ polling mode for lan88xx Oleksij Rempel <linux(a)rempel-privat.de> net: selftests: initialize TCP header and skb payload with zero Alexey Nepomnyashih <sdl(a)nppct.ru> xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() Halil Pasic <pasic(a)linux.ibm.com> virtio_console: fix missing byte order handling for cols and rows Ping-Ke Shih <pkshih(a)realtek.com> wifi: rtw88: use ieee80211_purge_tx_queue() to purge TX skb Ping-Ke Shih <pkshih(a)realtek.com> wifi: mac80211: export ieee80211_purge_tx_queue() for drivers Tiezhu Yang <yangtiezhu(a)loongson.cn> LoongArch: Make regs_irqs_disabled() more clear Yuli Wang <wangyuli(a)uniontech.com> LoongArch: Select ARCH_USE_MEMTEST Luo Gengkun <luogengkun(a)huaweicloud.com> perf/x86: Fix non-sampling (counting) events on certain x86 platforms Björn Töpel <bjorn(a)rivosinc.com> riscv: uprobes: Add missing fence.i after building the XOL buffer Sean Christopherson <seanjc(a)google.com> iommu/amd: Return an error if vCPU affinity is set for non-vCPU IRTE Daniel Golle <daniel(a)makrotopia.org> net: dsa: mt7530: sync driver-specific behavior of MT7531 variants Cong Wang <xiyou.wangcong(a)gmail.com> net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too Cong Wang <xiyou.wangcong(a)gmail.com> net_sched: hfsc: Fix a UAF vulnerability in class handling Tung Nguyen <tung.quang.nguyen(a)est.tech> tipc: fix NULL pointer dereference in tipc_mon_reinit_self() Qingfang Deng <qingfang.deng(a)siflower.com.cn> net: phy: leds: fix memory leak Justin Iurman <justin.iurman(a)uliege.be> net: lwtunnel: disable BHs when required Anastasia Kovaleva <a.kovaleva(a)yadro.com> scsi: core: Clear flags for scsi_cmnd that did not complete Qu Wenruo <wqu(a)suse.com> btrfs: avoid page_lockend underflow in btrfs_punch_hole_lock_range() Marc Zyngier <maz(a)kernel.org> cpufreq: cppc: Fix invalid return value in .get() callback Henry Martin <bsdhenrymartin(a)gmail.com> cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() Henry Martin <bsdhenrymartin(a)gmail.com> cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() Arnd Bergmann <arnd(a)arndb.de> dma/contiguous: avoid warning about unused size_bytes Mark Brown <broonie(a)kernel.org> selftests/mm: generate a temporary mountpoint for cgroup filesystem Evgeny Pimenov <pimenoveu12(a)gmail.com> ASoC: qcom: Fix sc7280 lpass potential buffer overflow Srinivas Kandagatla <srinivas.kandagatla(a)linaro.org> ASoC: qcom: q6dsp: add support to more display ports Niklas Schnelle <schnelle(a)linux.ibm.com> s390/pci: Support mmap() of PCI resources except for ISM devices Niklas Schnelle <schnelle(a)linux.ibm.com> s390/pci: Report PCI error recovery results via SCLP Niklas Schnelle <schnelle(a)linux.ibm.com> s390/sclp: Allow user-space to provide PCI reports for optical modules Stefan Eichenberger <stefan.eichenberger(a)toradex.com> phy: freescale: imx8m-pcie: assert phy reset and perst in power off Richard Zhu <hongxing.zhu(a)nxp.com> phy: freescale: imx8m-pcie: Add i.MX8MP PCIe PHY support David Hildenbrand <david(a)redhat.com> s390/virtio_ccw: Don't allocate/assign airqs for non-existing queues Halil Pasic <pasic(a)linux.ibm.com> s390/virtio_ccw: fix virtual vs physical address confusion Alexander Gordeev <agordeev(a)linux.ibm.com> s390/virtio: sort out physical vs virtual pointers usage Ma Ke <make24(a)iscas.ac.cn> PCI: Fix reference leak in pci_register_host_bridge() Pali Rohár <pali(a)kernel.org> PCI: Assign PCI domain IDs by ida_alloc() Zijun Hu <quic_zijuhu(a)quicinc.com> of: resolver: Fix device node refcount leakage in of_resolve_phandles() Rob Herring (Arm) <robh(a)kernel.org> of: resolver: Simplify of_resolve_phandles() using __free() Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> clk: renesas: r9a07g043: Fix HP clock source for RZ/Five Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> clk: renesas: r9a07g04[34]: Fix typo for sel_shdi variable Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> clk: renesas: r9a07g04[34]: Use SEL_SDHI1_STS status configuration for SD1 mux Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> clk: renesas: rzg2l: Refactor SD mux driver Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> clk: renesas: rzg2l: Remove CPG_SDHI_DSEL from generic header Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> clk: renesas: rzg2l: Add struct clk_hw_data Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> clk: renesas: rzg2l: Use u32 for flag and mux_flags Herve Codina <herve.codina(a)bootlin.com> backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> backlight: led_bl: Convert to platform remove callback returning void Sergiu Cuciurean <sergiu.cuciurean(a)analog.com> iio: adc: ad7768-1: Fix conversion result sign Jonathan Cameron <Jonathan.Cameron(a)huawei.com> iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check Marek Behún <kabel(a)kernel.org> net: dsa: mv88e6xxx: fix VTU methods for 6320 family Marek Behún <kabel(a)kernel.org> net: dsa: mv88e6xxx: fix internal PHYs for 6320 family Alexis Lothoré <alexis.lothore(a)bootlin.com> net: dsa: mv88e6xxx: add field to specify internal phys layout Alexis Lothoré <alexis.lothore(a)bootlin.com> net: dsa: mv88e6xxx: pass directly chip structure to mv88e6xxx_phy_is_internal Russell King (Oracle) <rmk+kernel(a)armlinux.org.uk> net: dsa: mv88e6xxx: move link forcing to mac_prepare/mac_finish Russell King (Oracle) <rmk+kernel(a)armlinux.org.uk> net: dsa: add support for mac_prepare() and mac_finish() calls Vladimir Oltean <vladimir.oltean(a)nxp.com> net: dsa: mv88e6xxx: don't dispose of Global2 IRQ mappings from mdiobus code Haoxiang Li <haoxiang_li2024(a)163.com> auxdisplay: hd44780: Fix an API misuse in hd44780.c Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> auxdisplay: hd44780: Convert to platform remove callback returning void Steven Rostedt <rostedt(a)goodmis.org> tracing: Verify event formats that have "%*p.." Steven Rostedt <rostedt(a)goodmis.org> tracing: Add __print_dynamic_array() helper Steven Rostedt (Google) <rostedt(a)goodmis.org> tracing: Add __string_len() example Steven Rostedt (Google) <rostedt(a)goodmis.org> tracing: Fix cpumask() example typo Steven Rostedt (Google) <rostedt(a)goodmis.org> tracing: Add __cpumask to denote a trace event field that is a cpumask_t Shakeel Butt <shakeel.butt(a)linux.dev> memcg: drain obj stock on cpu hotplug teardown Thorsten Leemhuis <linux(a)leemhuis.info> module: sign with sha512 instead of sha1 by default ------------- Diffstat: Makefile | 4 +- arch/loongarch/Kconfig | 1 + arch/loongarch/include/asm/ptrace.h | 4 +- arch/loongarch/mm/hugetlbpage.c | 2 +- arch/loongarch/mm/init.c | 3 - arch/mips/include/asm/mips-cm.h | 22 +++ arch/mips/kernel/mips-cm.c | 14 ++ arch/parisc/kernel/pdt.c | 2 + arch/riscv/kernel/probes/uprobes.c | 10 +- arch/s390/Kconfig | 4 +- arch/s390/include/asm/pci.h | 3 + arch/s390/include/asm/sclp.h | 33 ++++ arch/s390/kvm/trace-s390.h | 4 +- arch/s390/pci/Makefile | 2 +- arch/s390/pci/pci_event.c | 21 ++- arch/s390/pci/pci_fixup.c | 23 +++ arch/s390/pci/pci_report.c | 111 +++++++++++++ arch/s390/pci/pci_report.h | 16 ++ arch/x86/entry/entry.S | 2 +- arch/x86/events/core.c | 2 +- arch/x86/kernel/cpu/bugs.c | 36 ++--- arch/x86/kernel/i8253.c | 3 +- arch/x86/kvm/svm/avic.c | 60 +++---- arch/x86/kvm/vmx/posted_intr.c | 28 ++-- arch/x86/kvm/x86.c | 3 +- arch/x86/mm/tlb.c | 6 +- crypto/crypto_null.c | 37 +++-- drivers/acpi/ec.c | 28 ++++ drivers/acpi/pptt.c | 4 +- drivers/auxdisplay/hd44780.c | 9 +- drivers/block/loop.c | 2 +- drivers/char/virtio_console.c | 7 +- drivers/clk/clk.c | 4 + drivers/clk/renesas/r9a07g043-cpg.c | 28 +++- drivers/clk/renesas/r9a07g044-cpg.c | 21 ++- drivers/clk/renesas/rzg2l-cpg.c | 178 +++++++++++++++------ drivers/clk/renesas/rzg2l-cpg.h | 24 +-- drivers/comedi/drivers/jr3_pci.c | 17 +- drivers/cpufreq/cppc_cpufreq.c | 2 +- drivers/cpufreq/scmi-cpufreq.c | 10 +- drivers/cpufreq/scpi-cpufreq.c | 13 +- drivers/crypto/atmel-sha204a.c | 7 +- drivers/dma-buf/udmabuf.c | 2 +- drivers/dma/dmatest.c | 6 +- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 9 +- drivers/iio/adc/ad7768-1.c | 5 +- drivers/infiniband/hw/qib/qib_fs.c | 1 + drivers/iommu/amd/iommu.c | 2 +- drivers/mcb/mcb-parse.c | 2 +- drivers/md/raid1.c | 26 +-- drivers/misc/lkdtm/perms.c | 14 +- drivers/misc/mchp_pci1xxxx/mchp_pci1xxxx_gpio.c | 8 +- drivers/misc/mei/hw-me-regs.h | 1 + drivers/misc/mei/pci-me.c | 1 + drivers/net/dsa/mt7530.c | 6 +- drivers/net/dsa/mv88e6xxx/chip.c | 106 ++++++++---- drivers/net/dsa/mv88e6xxx/chip.h | 5 + drivers/net/dsa/mv88e6xxx/global2.c | 25 +-- drivers/net/phy/microchip.c | 46 +----- drivers/net/phy/phy_led_triggers.c | 23 +-- drivers/net/wireless/realtek/rtw88/main.c | 2 +- drivers/net/wireless/realtek/rtw88/tx.c | 2 +- drivers/net/xen-netfront.c | 19 ++- drivers/ntb/hw/amd/ntb_hw_amd.c | 1 + drivers/ntb/hw/idt/ntb_hw_idt.c | 18 +-- drivers/nvme/host/core.c | 9 ++ drivers/nvme/target/fc.c | 25 ++- drivers/of/device.c | 7 +- drivers/of/resolver.c | 37 ++--- drivers/pci/pci.c | 107 +++++++------ drivers/pci/probe.c | 16 +- drivers/pci/remove.c | 7 + drivers/phy/freescale/phy-fsl-imx8m-pcie.c | 46 +++++- drivers/pinctrl/renesas/pinctrl-rza2.c | 3 + drivers/rtc/rtc-pcf85063.c | 19 ++- drivers/s390/char/sclp.h | 14 -- drivers/s390/char/sclp_con.c | 17 ++ drivers/s390/char/sclp_pci.c | 19 +-- drivers/s390/char/sclp_tty.c | 12 ++ drivers/s390/net/ism_drv.c | 1 - drivers/s390/virtio/virtio_ccw.c | 100 ++++++------ drivers/scsi/hisi_sas/hisi_sas_main.c | 20 +++ drivers/scsi/pm8001/pm8001_sas.c | 1 + drivers/scsi/scsi_lib.c | 6 +- drivers/spi/spi-imx.c | 5 +- drivers/spi/spi-tegra210-quad.c | 6 +- drivers/thunderbolt/tb.c | 16 +- drivers/tty/serial/msm_serial.c | 6 + drivers/tty/serial/sifive.c | 6 + drivers/ufs/host/ufs-exynos.c | 10 +- drivers/usb/cdns3/cdns3-gadget.c | 2 + drivers/usb/chipidea/ci_hdrc_imx.c | 44 +++-- drivers/usb/class/cdc-wdm.c | 21 ++- drivers/usb/core/quirks.c | 9 ++ drivers/usb/dwc3/dwc3-pci.c | 10 ++ drivers/usb/dwc3/dwc3-xilinx.c | 4 +- drivers/usb/dwc3/gadget.c | 28 +++- drivers/usb/gadget/udc/aspeed-vhub/dev.c | 3 + drivers/usb/host/max3421-hcd.c | 7 + drivers/usb/host/ohci-pci.c | 23 +++ drivers/usb/host/xhci-mvebu.c | 10 -- drivers/usb/host/xhci-mvebu.h | 6 - drivers/usb/host/xhci-plat.c | 2 +- drivers/usb/host/xhci-ring.c | 11 +- drivers/usb/serial/ftdi_sio.c | 2 + drivers/usb/serial/ftdi_sio_ids.h | 5 + drivers/usb/serial/option.c | 3 + drivers/usb/serial/usb-serial-simple.c | 7 + drivers/usb/storage/unusual_uas.h | 7 + drivers/video/backlight/led_bl.c | 11 +- drivers/xen/Kconfig | 2 +- fs/btrfs/file.c | 9 +- fs/ext4/block_validity.c | 5 +- fs/ext4/inode.c | 7 +- fs/jfs/jfs_dinode.h | 2 +- fs/jfs/jfs_imap.c | 6 +- fs/jfs/jfs_incore.h | 2 +- fs/jfs/jfs_txnmgr.c | 4 +- fs/jfs/jfs_xtree.c | 4 +- fs/jfs/jfs_xtree.h | 37 +++-- fs/ntfs3/file.c | 1 + include/dt-bindings/sound/qcom,q6dsp-lpass-ports.h | 8 + include/linux/filter.h | 9 +- include/linux/pci.h | 1 + include/linux/pci_ids.h | 1 + include/net/dsa.h | 6 + include/net/mac80211.h | 13 ++ include/trace/bpf_probe.h | 6 + include/trace/perf.h | 6 + include/trace/stages/stage1_struct_define.h | 6 + include/trace/stages/stage2_data_offsets.h | 6 + include/trace/stages/stage3_trace_output.h | 14 ++ include/trace/stages/stage4_event_fields.h | 12 ++ include/trace/stages/stage5_get_offsets.h | 6 + include/trace/stages/stage6_event_callback.h | 20 +++ include/trace/stages/stage7_class_define.h | 3 + init/Kconfig | 2 +- kernel/dma/contiguous.c | 3 +- kernel/module/Kconfig | 1 + kernel/trace/bpf_trace.c | 7 +- kernel/trace/trace_events.c | 7 + lib/test_ubsan.c | 18 ++- mm/memcontrol.c | 9 ++ net/9p/client.c | 30 ++-- net/core/lwtunnel.c | 26 ++- net/core/selftests.c | 18 ++- net/dsa/port.c | 32 ++++ net/mac80211/ieee80211_i.h | 2 - net/mac80211/status.c | 1 + net/sched/act_mirred.c | 22 +-- net/sched/sch_hfsc.c | 23 ++- net/tipc/monitor.c | 3 +- samples/trace_events/trace-events-sample.c | 2 +- samples/trace_events/trace-events-sample.h | 46 +++++- scripts/Makefile.lib | 2 +- sound/soc/codecs/wcd934x.c | 2 +- sound/soc/qcom/lpass.h | 3 +- sound/soc/qcom/qdsp6/q6afe-dai.c | 2 +- sound/soc/qcom/qdsp6/q6dsp-lpass-ports.c | 43 +++-- sound/virtio/virtio_pcm.c | 21 ++- tools/objtool/check.c | 9 ++ tools/testing/selftests/mincore/mincore_selftest.c | 3 - tools/testing/selftests/ublk/test_stripe_04.sh | 24 +++ .../selftests/vm/charge_reserved_hugetlb.sh | 4 +- .../selftests/vm/hugetlb_reparenting_test.sh | 2 +- 165 files changed, 1713 insertions(+), 720 deletions(-)

4 months, 1 week

16
194
0 0

[PATCH v4] mm: mmap: map MAP_STACK to VM_NOHUGEPAGE only if THP is enabled

by Ignacio Moreno Gonzalez via B4 Relay

From: Ignacio Moreno Gonzalez <Ignacio.MorenoGonzalez(a)kuka.com> commit c4608d1bf7c6 ("mm: mmap: map MAP_STACK to VM_NOHUGEPAGE") maps the mmap option MAP_STACK to VM_NOHUGEPAGE. This is also done if CONFIG_TRANSPARENT_HUGETABLES is not defined. But in that case, the VM_NOHUGEPAGE does not make sense. I discovered this issue when trying to use the tool CRIU to checkpoint and restore a container. Our running kernel is compiled without CONFIG_TRANSPARENT_HUGETABLES. CRIU parses the output of /proc/<pid>/smaps and saves the "nh" flag. When trying to restore the container, CRIU fails to restore the "nh" mappings, since madvise() MADV_NOHUGEPAGE always returns an error because CONFIG_TRANSPARENT_HUGEPAGE is not defined. Fixes: c4608d1bf7c6 ("mm: mmap: map MAP_STACK to VM_NOHUGEPAGE") Cc: stable(a)vger.kernel.org Reviewed-by: Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> Reviewed-by: Yang Shi <yang(a)os.amperecomputing.com> Reviewed-by: Liam R. Howlett <Liam.Howlett(a)oracle.com> Signed-off-by: Ignacio Moreno Gonzalez <Ignacio.MorenoGonzalez(a)kuka.com> --- I discovered this issue when trying to use the tool CRIU to checkpoint and restore a container. Our running kernel is compiled without CONFIG_TRANSPARENT_HUGEPAGE. CRIU parses the output of /proc/<pid>/smaps and saves the "nh" flag. When trying to restore the container, CRIU fails to restore the "nh" mappings, since madvise() MADV_NOHUGEPAGE always returns an error because CONFIG_TRANSPARENT_HUGEPAGE is not defined. The mapping MAP_STACK -> VM_NOHUGEPAGE was introduced by commit c4608d1bf7c6 ("mm: mmap: map MAP_STACK to VM_NOHUGEPAGE") in order to fix a regression introduced by commit efa7df3e3bb5 ("mm: align larger anonymous mappings on THP boundaries"). The change introducing the regression (efa7df3e3bb5) was limited to THP kernels, but its fix (c4608d1bf7c6) is applied without checking if THP is set. The mapping MAP_STACK -> VM_NOHUGEPAGE should only be applied if THP is enabled. --- Changes in v4: - Correct typo CONFIG_TRANSPARENT_HUGETABLES -> CONFIG_TRANSPARENT_HUGEPAGE - Copy description from cover letter to commit description - Link to v3: https://lore.kernel.org/r/20250507-map-map_stack-to-vm_nohugepage-only-if-t… Changes in v3: - Exclude non-stable patch (for huge_mm.h) from this series to avoid mixing stable and non-stable patches, as suggested by Andrew. - Extend description in cover letter. - Link to v2: https://lore.kernel.org/r/20250506-map-map_stack-to-vm_nohugepage-only-if-t… Changes in v2: - [Patch 1/2] Use '#ifdef' instead of '#if defined(...)' - [Patch 1/2] Add 'Fixes: c4608d1bf7c6...' - Create [Patch 2/2] - Link to v1: https://lore.kernel.org/r/20250502-map-map_stack-to-vm_nohugepage-only-if-t… --- include/linux/mman.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/linux/mman.h b/include/linux/mman.h index bce214fece16b9af3791a2baaecd6063d0481938..f4c6346a8fcd29b08d43f7cd9158c3eddc3383e1 100644 --- a/include/linux/mman.h +++ b/include/linux/mman.h @@ -155,7 +155,9 @@ calc_vm_flag_bits(struct file *file, unsigned long flags) return _calc_vm_trans(flags, MAP_GROWSDOWN, VM_GROWSDOWN ) | _calc_vm_trans(flags, MAP_LOCKED, VM_LOCKED ) | _calc_vm_trans(flags, MAP_SYNC, VM_SYNC ) | +#ifdef CONFIG_TRANSPARENT_HUGEPAGE _calc_vm_trans(flags, MAP_STACK, VM_NOHUGEPAGE) | +#endif arch_calc_vm_flag_bits(file, flags); } --- base-commit: fc96b232f8e7c0a6c282f47726b2ff6a5fb341d2 change-id: 20250428-map-map_stack-to-vm_nohugepage-only-if-thp-is-enabled-ce40a1de095d Best regards, -- Ignacio Moreno Gonzalez <Ignacio.MorenoGonzalez(a)kuka.com>

4 months, 1 week

3
2
0 0

[PATCH v2 1/4] mm: fix VM_UFFD_MINOR == VM_SHADOW_STACK on USERFAULTFD=y && ARM64_GCS=y

by Florent Revest

On configs with CONFIG_ARM64_GCS=y, VM_SHADOW_STACK is bit 38. On configs with CONFIG_HAVE_ARCH_USERFAULTFD_MINOR=y (selected by CONFIG_ARM64 when CONFIG_USERFAULTFD=y), VM_UFFD_MINOR is _also_ bit 38. This bit being shared by two different VMA flags could lead to all sorts of unintended behaviors. Presumably, a process could maybe call into userfaultfd in a way that disables the shadow stack vma flag. I can't think of any attack where this would help (presumably, if an attacker tries to disable shadow stacks, they are trying to hijack control flow so can't arbitrarily call into userfaultfd yet anyway) but this still feels somewhat scary. Reviewed-by: Mark Brown <broonie(a)kernel.org> Fixes: ae80e1629aea ("mm: Define VM_SHADOW_STACK for arm64 when we support GCS") Cc: <stable(a)vger.kernel.org> Signed-off-by: Florent Revest <revest(a)chromium.org> --- include/linux/mm.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/linux/mm.h b/include/linux/mm.h index bf55206935c46..fdda6b16263b3 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -385,7 +385,7 @@ extern unsigned int kobjsize(const void *objp); #endif #ifdef CONFIG_HAVE_ARCH_USERFAULTFD_MINOR -# define VM_UFFD_MINOR_BIT 38 +# define VM_UFFD_MINOR_BIT 41 # define VM_UFFD_MINOR BIT(VM_UFFD_MINOR_BIT) /* UFFD minor faults */ #else /* !CONFIG_HAVE_ARCH_USERFAULTFD_MINOR */ # define VM_UFFD_MINOR VM_NONE -- 2.49.0.987.g0cc8ee98dc-goog

4 months, 1 week

1
0
0 0

[PATCH RESEND v3 5/5] phy: renesas: rcar-gen3-usb2: Set timing registers only once

by Claudiu

From: Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> phy-rcar-gen3-usb2 driver exports 4 PHYs. The timing registers are common to all PHYs. There is no need to set them every time a PHY is initialized. Set timing register only when the 1st PHY is initialized. Fixes: f3b5a8d9b50d ("phy: rcar-gen3-usb2: Add R-Car Gen3 USB2 PHY driver") Cc: stable(a)vger.kernel.org Reviewed-by: Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> Tested-by: Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> Reviewed-by: Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> Signed-off-by: Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> --- Changes in v3: - collected tags Changes in v2: - collected tags drivers/phy/renesas/phy-rcar-gen3-usb2.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/drivers/phy/renesas/phy-rcar-gen3-usb2.c b/drivers/phy/renesas/phy-rcar-gen3-usb2.c index 118899efda70..9fdf17e0848a 100644 --- a/drivers/phy/renesas/phy-rcar-gen3-usb2.c +++ b/drivers/phy/renesas/phy-rcar-gen3-usb2.c @@ -467,8 +467,11 @@ static int rcar_gen3_phy_usb2_init(struct phy *p) val = readl(usb2_base + USB2_INT_ENABLE); val |= USB2_INT_ENABLE_UCOM_INTEN | rphy->int_enable_bits; writel(val, usb2_base + USB2_INT_ENABLE); - writel(USB2_SPD_RSM_TIMSET_INIT, usb2_base + USB2_SPD_RSM_TIMSET); - writel(USB2_OC_TIMSET_INIT, usb2_base + USB2_OC_TIMSET); + + if (!rcar_gen3_is_any_rphy_initialized(channel)) { + writel(USB2_SPD_RSM_TIMSET_INIT, usb2_base + USB2_SPD_RSM_TIMSET); + writel(USB2_OC_TIMSET_INIT, usb2_base + USB2_OC_TIMSET); + } /* Initialize otg part (only if we initialize a PHY with IRQs). */ if (rphy->int_enable_bits) -- 2.43.0

4 months, 1 week

1
0
0 0

[PATCH RESEND v3 4/5] phy: renesas: rcar-gen3-usb2: Assert PLL reset on PHY power off

by Claudiu

From: Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> Assert PLL reset on PHY power off. This saves power. Fixes: f3b5a8d9b50d ("phy: rcar-gen3-usb2: Add R-Car Gen3 USB2 PHY driver") Cc: stable(a)vger.kernel.org Reviewed-by: Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> Tested-by: Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> Reviewed-by: Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> Signed-off-by: Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> --- Changes in v3: - collected tags Changes in v2: - collected tags - add an empty line after definition of val to get rid of the checkpatch.pl warning drivers/phy/renesas/phy-rcar-gen3-usb2.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/drivers/phy/renesas/phy-rcar-gen3-usb2.c b/drivers/phy/renesas/phy-rcar-gen3-usb2.c index 00ce564463de..118899efda70 100644 --- a/drivers/phy/renesas/phy-rcar-gen3-usb2.c +++ b/drivers/phy/renesas/phy-rcar-gen3-usb2.c @@ -537,9 +537,17 @@ static int rcar_gen3_phy_usb2_power_off(struct phy *p) struct rcar_gen3_chan *channel = rphy->ch; int ret = 0; - scoped_guard(spinlock_irqsave, &channel->lock) + scoped_guard(spinlock_irqsave, &channel->lock) { rphy->powered = false; + if (rcar_gen3_are_all_rphys_power_off(channel)) { + u32 val = readl(channel->base + USB2_USBCTR); + + val |= USB2_USBCTR_PLL_RST; + writel(val, channel->base + USB2_USBCTR); + } + } + if (channel->vbus) ret = regulator_disable(channel->vbus); -- 2.43.0

4 months, 1 week

1
0
0 0

[PATCH RESEND v3 3/5] phy: renesas: rcar-gen3-usb2: Lock around hardware registers and driver data

by Claudiu

From: Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> The phy-rcar-gen3-usb2 driver exposes four individual PHYs that are requested and configured by PHY users. The struct phy_ops APIs access the same set of registers to configure all PHYs. Additionally, PHY settings can be modified through sysfs or an IRQ handler. While some struct phy_ops APIs are protected by a driver-wide mutex, others rely on individual PHY-specific mutexes. This approach can lead to various issues, including: 1/ the IRQ handler may interrupt PHY settings in progress, racing with hardware configuration protected by a mutex lock 2/ due to msleep(20) in rcar_gen3_init_otg(), while a configuration thread suspends to wait for the delay, another thread may try to configure another PHY (with phy_init() + phy_power_on()); re-running the phy_init() goes to the exact same configuration code, re-running the same hardware configuration on the same set of registers (and bits) which might impact the result of the msleep for the 1st configuring thread 3/ sysfs can configure the hardware (though role_store()) and it can still race with the phy_init()/phy_power_on() APIs calling into the drivers struct phy_ops To address these issues, add a spinlock to protect hardware register access and driver private data structures (e.g., calls to rcar_gen3_is_any_rphy_initialized()). Checking driver-specific data remains necessary as all PHY instances share common settings. With this change, the existing mutex protection is removed and the cleanup.h helpers are used. While at it, to keep the code simpler, do not skip regulator_enable()/regulator_disable() APIs in rcar_gen3_phy_usb2_power_on()/rcar_gen3_phy_usb2_power_off() as the regulators enable/disable operations are reference counted anyway. Fixes: f3b5a8d9b50d ("phy: rcar-gen3-usb2: Add R-Car Gen3 USB2 PHY driver") Cc: stable(a)vger.kernel.org Reviewed-by: Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> Tested-by: Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> Reviewed-by: Lad Prabhakar <prabhakar.mahadev-lad.rj(a)bp.renesas.com> Signed-off-by: Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> --- Changes in v3: - collected tags Changes in v2: - collected tags drivers/phy/renesas/phy-rcar-gen3-usb2.c | 49 +++++++++++++----------- 1 file changed, 26 insertions(+), 23 deletions(-) diff --git a/drivers/phy/renesas/phy-rcar-gen3-usb2.c b/drivers/phy/renesas/phy-rcar-gen3-usb2.c index bb05fd26eb7f..00ce564463de 100644 --- a/drivers/phy/renesas/phy-rcar-gen3-usb2.c +++ b/drivers/phy/renesas/phy-rcar-gen3-usb2.c @@ -9,6 +9,7 @@ * Copyright (C) 2014 Cogent Embedded, Inc. */ +#include <linux/cleanup.h> #include <linux/extcon-provider.h> #include <linux/interrupt.h> #include <linux/io.h> @@ -118,7 +119,7 @@ struct rcar_gen3_chan { struct regulator *vbus; struct reset_control *rstc; struct work_struct work; - struct mutex lock; /* protects rphys[...].powered */ + spinlock_t lock; /* protects access to hardware and driver data structure. */ enum usb_dr_mode dr_mode; u32 obint_enable_bits; bool extcon_host; @@ -348,6 +349,8 @@ static ssize_t role_store(struct device *dev, struct device_attribute *attr, bool is_b_device; enum phy_mode cur_mode, new_mode; + guard(spinlock_irqsave)(&ch->lock); + if (!ch->is_otg_channel || !rcar_gen3_is_any_otg_rphy_initialized(ch)) return -EIO; @@ -415,7 +418,7 @@ static void rcar_gen3_init_otg(struct rcar_gen3_chan *ch) val = readl(usb2_base + USB2_ADPCTRL); writel(val | USB2_ADPCTRL_IDPULLUP, usb2_base + USB2_ADPCTRL); } - msleep(20); + mdelay(20); writel(0xffffffff, usb2_base + USB2_OBINTSTA); writel(ch->obint_enable_bits, usb2_base + USB2_OBINTEN); @@ -436,12 +439,14 @@ static irqreturn_t rcar_gen3_phy_usb2_irq(int irq, void *_ch) if (pm_runtime_suspended(dev)) goto rpm_put; - status = readl(usb2_base + USB2_OBINTSTA); - if (status & ch->obint_enable_bits) { - dev_vdbg(dev, "%s: %08x\n", __func__, status); - writel(ch->obint_enable_bits, usb2_base + USB2_OBINTSTA); - rcar_gen3_device_recognition(ch); - ret = IRQ_HANDLED; + scoped_guard(spinlock, &ch->lock) { + status = readl(usb2_base + USB2_OBINTSTA); + if (status & ch->obint_enable_bits) { + dev_vdbg(dev, "%s: %08x\n", __func__, status); + writel(ch->obint_enable_bits, usb2_base + USB2_OBINTSTA); + rcar_gen3_device_recognition(ch); + ret = IRQ_HANDLED; + } } rpm_put: @@ -456,6 +461,8 @@ static int rcar_gen3_phy_usb2_init(struct phy *p) void __iomem *usb2_base = channel->base; u32 val; + guard(spinlock_irqsave)(&channel->lock); + /* Initialize USB2 part */ val = readl(usb2_base + USB2_INT_ENABLE); val |= USB2_INT_ENABLE_UCOM_INTEN | rphy->int_enable_bits; @@ -479,6 +486,8 @@ static int rcar_gen3_phy_usb2_exit(struct phy *p) void __iomem *usb2_base = channel->base; u32 val; + guard(spinlock_irqsave)(&channel->lock); + rphy->initialized = false; val = readl(usb2_base + USB2_INT_ENABLE); @@ -498,16 +507,17 @@ static int rcar_gen3_phy_usb2_power_on(struct phy *p) u32 val; int ret = 0; - mutex_lock(&channel->lock); - if (!rcar_gen3_are_all_rphys_power_off(channel)) - goto out; - if (channel->vbus) { ret = regulator_enable(channel->vbus); if (ret) - goto out; + return ret; } + guard(spinlock_irqsave)(&channel->lock); + + if (!rcar_gen3_are_all_rphys_power_off(channel)) + goto out; + val = readl(usb2_base + USB2_USBCTR); val |= USB2_USBCTR_PLL_RST; writel(val, usb2_base + USB2_USBCTR); @@ -517,7 +527,6 @@ static int rcar_gen3_phy_usb2_power_on(struct phy *p) out: /* The powered flag should be set for any other phys anyway */ rphy->powered = true; - mutex_unlock(&channel->lock); return 0; } @@ -528,18 +537,12 @@ static int rcar_gen3_phy_usb2_power_off(struct phy *p) struct rcar_gen3_chan *channel = rphy->ch; int ret = 0; - mutex_lock(&channel->lock); - rphy->powered = false; - - if (!rcar_gen3_are_all_rphys_power_off(channel)) - goto out; + scoped_guard(spinlock_irqsave, &channel->lock) + rphy->powered = false; if (channel->vbus) ret = regulator_disable(channel->vbus); -out: - mutex_unlock(&channel->lock); - return ret; } @@ -750,7 +753,7 @@ static int rcar_gen3_phy_usb2_probe(struct platform_device *pdev) if (phy_data->no_adp_ctrl) channel->obint_enable_bits = USB2_OBINT_IDCHG_EN; - mutex_init(&channel->lock); + spin_lock_init(&channel->lock); for (i = 0; i < NUM_OF_PHYS; i++) { channel->rphys[i].phy = devm_phy_create(dev, NULL, phy_data->phy_usb2_ops); -- 2.43.0

4 months, 1 week

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror