- Linux-stable-mirror - lists.linaro.org

[PATCH v3 1/3] drm/xe: Attempt to bring bos back to VRAM after eviction

by Thomas Hellström

VRAM+TT bos that are evicted from VRAM to TT may remain in TT also after a revalidation following eviction or suspend. This manifests itself as applications becoming sluggish after buffer objects get evicted or after a resume from suspend or hibernation. If the bo supports placement in both VRAM and TT, and we are on DGFX, mark the TT placement as fallback. This means that it is tried only after VRAM + eviction. This flaw has probably been present since the xe module was upstreamed but use a Fixes: commit below where backporting is likely to be simple. For earlier versions we need to open- code the fallback algorithm in the driver. v2: - Remove check for dgfx. (Matthew Auld) - Update the xe_dma_buf kunit test for the new strategy (CI) - Allow dma-buf to pin in current placement (CI) - Make xe_bo_validate() for pinned bos a NOP. Closes: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/5995 Fixes: a78a8da51b36 ("drm/ttm: replace busy placement with flags v6") Cc: Matthew Brost <matthew.brost(a)intel.com> Cc: Matthew Auld <matthew.auld(a)intel.com> Cc: <stable(a)vger.kernel.org> # v6.9+ Signed-off-by: Thomas Hellström <thomas.hellstrom(a)linux.intel.com> Reviewed-by: Matthew Auld <matthew.auld(a)intel.com> #v1 --- drivers/gpu/drm/xe/tests/xe_bo.c | 2 +- drivers/gpu/drm/xe/tests/xe_dma_buf.c | 10 +--------- drivers/gpu/drm/xe/xe_bo.c | 16 ++++++++++++---- drivers/gpu/drm/xe/xe_bo.h | 2 +- drivers/gpu/drm/xe/xe_dma_buf.c | 2 +- 5 files changed, 16 insertions(+), 16 deletions(-) diff --git a/drivers/gpu/drm/xe/tests/xe_bo.c b/drivers/gpu/drm/xe/tests/xe_bo.c index bb469096d072..7b40cc8be1c9 100644 --- a/drivers/gpu/drm/xe/tests/xe_bo.c +++ b/drivers/gpu/drm/xe/tests/xe_bo.c @@ -236,7 +236,7 @@ static int evict_test_run_tile(struct xe_device *xe, struct xe_tile *tile, struc } xe_bo_lock(external, false); - err = xe_bo_pin_external(external); + err = xe_bo_pin_external(external, false); xe_bo_unlock(external); if (err) { KUNIT_FAIL(test, "external bo pin err=%pe\n", diff --git a/drivers/gpu/drm/xe/tests/xe_dma_buf.c b/drivers/gpu/drm/xe/tests/xe_dma_buf.c index 3c5ad8cc65a0..5baeab6b6fb7 100644 --- a/drivers/gpu/drm/xe/tests/xe_dma_buf.c +++ b/drivers/gpu/drm/xe/tests/xe_dma_buf.c @@ -85,15 +85,7 @@ static void check_residency(struct kunit *test, struct xe_bo *exported, return; } - /* - * If on different devices, the exporter is kept in system if - * possible, saving a migration step as the transfer is just - * likely as fast from system memory. - */ - if (params->mem_mask & XE_BO_FLAG_SYSTEM) - KUNIT_EXPECT_TRUE(test, xe_bo_is_mem_type(exported, XE_PL_TT)); - else - KUNIT_EXPECT_TRUE(test, xe_bo_is_mem_type(exported, mem_type)); + KUNIT_EXPECT_TRUE(test, xe_bo_is_mem_type(exported, mem_type)); if (params->force_different_devices) KUNIT_EXPECT_TRUE(test, xe_bo_is_mem_type(imported, XE_PL_TT)); diff --git a/drivers/gpu/drm/xe/xe_bo.c b/drivers/gpu/drm/xe/xe_bo.c index 4faf15d5fa6d..870f43347281 100644 --- a/drivers/gpu/drm/xe/xe_bo.c +++ b/drivers/gpu/drm/xe/xe_bo.c @@ -188,6 +188,8 @@ static void try_add_system(struct xe_device *xe, struct xe_bo *bo, bo->placements[*c] = (struct ttm_place) { .mem_type = XE_PL_TT, + .flags = (bo_flags & XE_BO_FLAG_VRAM_MASK) ? + TTM_PL_FLAG_FALLBACK : 0, }; *c += 1; } @@ -2322,6 +2324,7 @@ uint64_t vram_region_gpu_offset(struct ttm_resource *res) /** * xe_bo_pin_external - pin an external BO * @bo: buffer object to be pinned + * @in_place: Pin in current placement, don't attempt to migrate. * * Pin an external (not tied to a VM, can be exported via dma-buf / prime FD) * BO. Unique call compared to xe_bo_pin as this function has it own set of @@ -2329,7 +2332,7 @@ uint64_t vram_region_gpu_offset(struct ttm_resource *res) * * Returns 0 for success, negative error code otherwise. */ -int xe_bo_pin_external(struct xe_bo *bo) +int xe_bo_pin_external(struct xe_bo *bo, bool in_place) { struct xe_device *xe = xe_bo_device(bo); int err; @@ -2338,9 +2341,11 @@ int xe_bo_pin_external(struct xe_bo *bo) xe_assert(xe, xe_bo_is_user(bo)); if (!xe_bo_is_pinned(bo)) { - err = xe_bo_validate(bo, NULL, false); - if (err) - return err; + if (!in_place) { + err = xe_bo_validate(bo, NULL, false); + if (err) + return err; + } spin_lock(&xe->pinned.lock); list_add_tail(&bo->pinned_link, &xe->pinned.late.external); @@ -2493,6 +2498,9 @@ int xe_bo_validate(struct xe_bo *bo, struct xe_vm *vm, bool allow_res_evict) }; int ret; + if (xe_bo_is_pinned(bo)) + return 0; + if (vm) { lockdep_assert_held(&vm->lock); xe_vm_assert_held(vm); diff --git a/drivers/gpu/drm/xe/xe_bo.h b/drivers/gpu/drm/xe/xe_bo.h index 8cce413b5235..cfb1ec266a6d 100644 --- a/drivers/gpu/drm/xe/xe_bo.h +++ b/drivers/gpu/drm/xe/xe_bo.h @@ -200,7 +200,7 @@ static inline void xe_bo_unlock_vm_held(struct xe_bo *bo) } } -int xe_bo_pin_external(struct xe_bo *bo); +int xe_bo_pin_external(struct xe_bo *bo, bool in_place); int xe_bo_pin(struct xe_bo *bo); void xe_bo_unpin_external(struct xe_bo *bo); void xe_bo_unpin(struct xe_bo *bo); diff --git a/drivers/gpu/drm/xe/xe_dma_buf.c b/drivers/gpu/drm/xe/xe_dma_buf.c index 346f857f3837..af64baf872ef 100644 --- a/drivers/gpu/drm/xe/xe_dma_buf.c +++ b/drivers/gpu/drm/xe/xe_dma_buf.c @@ -72,7 +72,7 @@ static int xe_dma_buf_pin(struct dma_buf_attachment *attach) return ret; } - ret = xe_bo_pin_external(bo); + ret = xe_bo_pin_external(bo, true); xe_assert(xe, !ret); return 0; -- 2.50.1

2 weeks

1
0
0 0

Bug: Performance regression in 1013af4f585f: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race

by Uschakow, Stanislav

Hello. We have observed a huge latency increase using `fork()` after ingesting the CVE-2025-38085 fix which leads to the commit `1013af4f585f: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race`. On large machines with 1.5TB of memory with 196 cores, we identified mmapping of 1.2TB of shared memory and forking itself dozens or hundreds of times we see a increase of execution times of a factor of 4. The reproducer is at the end of the email. Comparing the a kernel without this patch with a kernel with this patch applied when spawning 1000 children we see those execution times: Patched kernel: $ time make stress ... real 0m11.275s user 0m0.177s sys 0m23.905s Original kernel : $ time make stress ...real 0m2.475s user 0m1.398s sys 0m2.501s The patch in question: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id… My observation/assumption is: each child touches 100 random pages and despawns on each despawn `huge_pmd_unshare()` is called each call to `huge_pmd_unshare()` syncrhonizes all threads using `tlb_remove_table_sync_one()` leading to the regression I'm happy to provide more information. Thank you Stanislav Uschakow === Reproducer === Setup: #!/bin/bash echo "Setting up hugepages for reproduction..." # hugepages (1.2TB / 2MB = 614400 pages) REQUIRED_PAGES=614400 # Check current hugepage allocation CURRENT_PAGES=$(cat /proc/sys/vm/nr_hugepages) echo "Current hugepages: $CURRENT_PAGES" if [ "$CURRENT_PAGES" -lt "$REQUIRED_PAGES" ]; then echo "Allocating $REQUIRED_PAGES hugepages..." echo $REQUIRED_PAGES | sudo tee /proc/sys/vm/nr_hugepages ALLOCATED=$(cat /proc/sys/vm/nr_hugepages) echo "Allocated hugepages: $ALLOCATED" if [ "$ALLOCATED" -lt "$REQUIRED_PAGES" ]; then echo "Warning: Could not allocate all required hugepages" echo "Available: $ALLOCATED, Required: $REQUIRED_PAGES" fi fi echo never | sudo tee /sys/kernel/mm/transparent_hugepage/enabled echo -e "\nHugepage information:" cat /proc/meminfo | grep -i huge echo -e "\nSetup complete. You can now run the reproduction test." Makefile: CXX = gcc CXXFLAGS = -O2 -Wall TARGET = hugepage_repro SOURCE = hugepage_repro.c $(TARGET): $(SOURCE) $(CXX) $(CXXFLAGS) -o $(TARGET) $(SOURCE) clean: rm -f $(TARGET) setup: chmod +x setup_hugepages.sh ./setup_hugepages.sh test: $(TARGET) ./$(TARGET) 20 3 stress: $(TARGET) ./$(TARGET) 1000 1 .PHONY: clean setup test stress hugepage_repro.c: #include <sys/mman.h> #include <sys/wait.h> #include <unistd.h> #include <stdlib.h> #include <string.h> #include <time.h> #include <stdio.h> #define HUGEPAGE_SIZE (2 * 1024 * 1024) // 2MB #define TOTAL_SIZE (1200ULL * 1024 * 1024 * 1024) // 1.2TB #define NUM_HUGEPAGES (TOTAL_SIZE / HUGEPAGE_SIZE) void* create_hugepage_mapping() { void* addr = mmap(NULL, TOTAL_SIZE, PROT_READ | PROT_WRITE, MAP_SHARED | MAP_ANONYMOUS | MAP_HUGETLB, -1, 0); if (addr == MAP_FAILED) { perror("mmap hugepages failed"); exit(1); } return addr; } void touch_random_pages(void* addr, int num_touches) { char* base = (char*)addr; for (int i = 0; i < num_touches; ++i) { size_t offset = (rand() % NUM_HUGEPAGES) * HUGEPAGE_SIZE; volatile char val = base[offset]; (void)val; } } void child_process(void* shared_mem, int child_id) { struct timespec start, end; clock_gettime(CLOCK_MONOTONIC, &start); touch_random_pages(shared_mem, 100); clock_gettime(CLOCK_MONOTONIC, &end); long duration = (end.tv_sec - start.tv_sec) * 1000000 + (end.tv_nsec - start.tv_nsec) / 1000; printf("Child %d completed in %ld μs\n", child_id, duration); } int main(int argc, char* argv[]) { int num_processes = argc > 1 ? atoi(argv[1]) : 50; int iterations = argc > 2 ? atoi(argv[2]) : 5; printf("Creating %lluGB hugepage mapping...\n", TOTAL_SIZE / (1024*1024*1024)); void* shared_mem = create_hugepage_mapping(); for (int iter = 0; iter < iterations; ++iter) { printf("\nIteration %d: Forking %d processes\n", iter + 1, num_processes); pid_t children[num_processes]; struct timespec iter_start, iter_end; clock_gettime(CLOCK_MONOTONIC, &iter_start); for (int i = 0; i < num_processes; ++i) { pid_t pid = fork(); if (pid == 0) { child_process(shared_mem, i); exit(0); } else if (pid > 0) { children[i] = pid; } } for (int i = 0; i < num_processes; ++i) { waitpid(children[i], NULL, 0); } clock_gettime(CLOCK_MONOTONIC, &iter_end); long iter_duration = (iter_end.tv_sec - iter_start.tv_sec) * 1000 + (iter_end.tv_nsec - iter_start.tv_nsec) / 1000000; printf("Iteration completed in %ld ms\n", iter_duration); } munmap(shared_mem, TOTAL_SIZE); return 0; } Amazon Web Services Development Center Germany GmbH Tamara-Danz-Str. 13 10243 Berlin Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss Eingetragen am Amtsgericht Charlottenburg unter HRB 257764 B Sitz: Berlin Ust-ID: DE 365 538 597

2 weeks

3
3
0 0

[PATCH 5.10 00/34] 5.10.242-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.10.242 release. There are 34 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu, 04 Sep 2025 13:19:14 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.10.242-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.10.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.10.242-rc1 Eric Sandeen <sandeen(a)redhat.com> xfs: do not propagate ENODATA disk errors into xattr code Brent Lu <brent.lu(a)intel.com> ASoC: Intel: sof_da7219_mx98360a: fail to initialize soundcard Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> ASoC: Intel: glk_rt5682_max98357a: shrink platform_id below 20 characters Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> ASoC: Intel: sof_rt5682: shrink platform_id names below 20 characters Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> ASoC: Intel: bxt_da7219_max98357a: shrink platform_id below 20 characters Imre Deak <imre.deak(a)intel.com> Revert "drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS" Hamish Martin <hamish.martin(a)alliedtelesis.co.nz> HID: mcp2221: Handle reads greater than 60 bytes Hamish Martin <hamish.martin(a)alliedtelesis.co.nz> HID: mcp2221: Don't set bus speed on every transfer James Jones <jajones(a)nvidia.com> drm/nouveau/disp: Always accept linear modifier Fabio Porcedda <fabio.porcedda(a)gmail.com> net: usb: qmi_wwan: add Telit Cinterion LE910C4-WWX new compositions Shanker Donthineni <sdonthineni(a)nvidia.com> dma/pool: Ensure DMA_DIRECT_REMAP allocations are decrypted Alex Deucher <alexander.deucher(a)amd.com> Revert "drm/amdgpu: fix incorrect vm flags to map bo" Minjong Kim <minbell.kim(a)samsung.com> HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version() Ping Cheng <pinglinux(a)gmail.com> HID: wacom: Add a new Art Pen 2 Qasim Ijaz <qasdev00(a)gmail.com> HID: asus: fix UAF via HID_CLAIMED_INPUT validation Thijs Raymakers <thijs(a)raymakers.nl> KVM: x86: use array_index_nospec with indices that come from guest Li Nan <linan122(a)huawei.com> efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare Eric Dumazet <edumazet(a)google.com> sctp: initialize more fields in sctp_v6_from_sk() Rohan G Thomas <rohan.g.thomas(a)altera.com> net: stmmac: xgmac: Do not enable RX FIFO Overflow interrupts Alexei Lazar <alazar(a)nvidia.com> net/mlx5e: Set local Xoff after FW update Alexei Lazar <alazar(a)nvidia.com> net/mlx5e: Update and set Xon/Xoff upon port speed set Alexei Lazar <alazar(a)nvidia.com> net/mlx5e: Update and set Xon/Xoff upon MTU set Yeounsu Moon <yyyynoom(a)gmail.com> net: dlink: fix multicast stats being counted incorrectly Kuniyuki Iwashima <kuniyu(a)google.com> atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control(). Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced Madhavan Srinivasan <maddy(a)linux.ibm.com> powerpc/kvm: Fix ifdef to remove build warning Oscar Maes <oscmaes92(a)gmail.com> net: ipv4: fix regression in local-broadcast routes Nikolay Kuratov <kniv(a)yandex-team.ru> vhost/net: Protect ubufs with rcu read lock in vhost_net_ubuf_put() Trond Myklebust <trond.myklebust(a)hammerspace.com> NFS: Fix a race when updating an existing write Christoph Hellwig <hch(a)lst.de> nfs: fold nfs_page_group_lock_subrequests into nfs_lock_and_join_requests Tianxiang Peng <txpeng(a)tencent.com> x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper Damien Le Moal <dlemoal(a)kernel.org> scsi: core: sysfs: Correct sysfs attributes access rights Tengda Wu <wutengda(a)huaweicloud.com> ftrace: Fix potential warning in trace_printk_seq during ftrace_dump Randy Dunlap <rdunlap(a)infradead.org> pinctrl: STMFX: add missing HAS_IOMEM dependency ------------- Diffstat: Makefile | 4 +- arch/powerpc/kernel/kvm.c | 8 +- arch/x86/kernel/cpu/hygon.c | 3 + arch/x86/kvm/lapic.c | 2 + arch/x86/kvm/x86.c | 7 +- drivers/atm/atmtcp.c | 17 ++- drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c | 4 +- drivers/gpu/drm/drm_dp_helper.c | 2 +- drivers/gpu/drm/nouveau/dispnv50/wndw.c | 4 + drivers/hid/hid-asus.c | 8 +- drivers/hid/hid-mcp2221.c | 71 +++++++---- drivers/hid/hid-ntrig.c | 3 + drivers/hid/wacom_wac.c | 1 + drivers/net/ethernet/dlink/dl2k.c | 2 +- .../ethernet/mellanox/mlx5/core/en/port_buffer.c | 3 +- .../ethernet/mellanox/mlx5/core/en/port_buffer.h | 12 ++ drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 19 ++- drivers/net/ethernet/stmicro/stmmac/dwxgmac2_dma.c | 4 - drivers/net/usb/qmi_wwan.c | 3 + drivers/pinctrl/Kconfig | 1 + drivers/scsi/scsi_sysfs.c | 4 +- drivers/vhost/net.c | 9 +- fs/efivarfs/super.c | 4 + fs/nfs/pagelist.c | 86 +------------ fs/nfs/write.c | 142 +++++++++++++-------- fs/xfs/libxfs/xfs_attr_remote.c | 7 + fs/xfs/libxfs/xfs_da_btree.c | 6 + include/linux/atmdev.h | 1 + include/linux/nfs_page.h | 2 +- kernel/dma/pool.c | 4 +- kernel/trace/trace.c | 4 +- net/atm/common.c | 15 ++- net/bluetooth/hci_event.c | 12 +- net/ipv4/route.c | 10 +- net/sctp/ipv6.c | 2 + sound/soc/intel/boards/bxt_da7219_max98357a.c | 12 +- sound/soc/intel/boards/glk_rt5682_max98357a.c | 4 +- sound/soc/intel/boards/sof_da7219_max98373.c | 2 +- sound/soc/intel/boards/sof_rt5682.c | 12 +- sound/soc/intel/common/soc-acpi-intel-bxt-match.c | 2 +- sound/soc/intel/common/soc-acpi-intel-cml-match.c | 2 +- sound/soc/intel/common/soc-acpi-intel-glk-match.c | 4 +- sound/soc/intel/common/soc-acpi-intel-jsl-match.c | 2 +- sound/soc/intel/common/soc-acpi-intel-tgl-match.c | 4 +- 44 files changed, 317 insertions(+), 213 deletions(-)

2 weeks

8
43
0 0

[PATCH 5.15.y 0/2] Fix TSA CPUID management in KVM

by Boris Ostrovsky

Backport of AMD's TSA mitigation to 5.15 did not set CPUID bits that are passed to a guest correctly (commit c334ae4a545a "KVM: SVM: Advertise TSA CPUID bits to guests"). This series attempts to address this: * The first patch from Kim allows us to properly use cpuid caps. * The second patch is a combination of fixes to c334ae4a545a and f3f9deccfc68, which is stable-only patch to 6.12.y. (Not sure what to do with attribution) Alternatively, we can opencode all of this (the way it's currently done in __do_cpuid_func()'s 0x80000021 case) and do everything in a single patch. Boris Ostrovsky (1): KVM: SVM: Properly advertise TSA CPUID bits to guests Kim Phillips (1): KVM: x86: Move open-coded CPUID leaf 0x80000021 EAX bit propagation code arch/x86/kvm/cpuid.c | 31 ++++++++++++++++++------------- 1 file changed, 18 insertions(+), 13 deletions(-) -- 2.43.5

2 weeks

2
5
0 0

[PATCH 1/2] mmc: sdhci-uhs2: Fix calling incorrect sdhci_set_clock() function

by Ben Chuang

From: Ben Chuang <ben.chuang(a)genesyslogic.com.tw> Fix calling incorrect sdhci_set_clock() in __sdhci_uhs2_set_ios() when the vendor defines its own sdhci_set_clock(). Fixes: 10c8298a052b ("mmc: sdhci-uhs2: add set_ios()") Cc: stable(a)vger.kernel.org # v6.13+ Signed-off-by: Ben Chuang <ben.chuang(a)genesyslogic.com.tw> --- drivers/mmc/host/sdhci-uhs2.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/drivers/mmc/host/sdhci-uhs2.c b/drivers/mmc/host/sdhci-uhs2.c index 0efeb9d0c376..704fdc946ac3 100644 --- a/drivers/mmc/host/sdhci-uhs2.c +++ b/drivers/mmc/host/sdhci-uhs2.c @@ -295,7 +295,10 @@ static void __sdhci_uhs2_set_ios(struct mmc_host *mmc, struct mmc_ios *ios) else sdhci_uhs2_set_power(host, ios->power_mode, ios->vdd); - sdhci_set_clock(host, host->clock); + if (host->ops->set_clock) + host->ops->set_clock(host, host->clock); + else + sdhci_set_clock(host, host->clock); } static int sdhci_uhs2_set_ios(struct mmc_host *mmc, struct mmc_ios *ios) -- 2.51.0

2 weeks

2
5
0 0

[PATCH] scsi: hpsa: Fix potential memory leak in hpsa_big_passthru_ioctl()

by Thorsten Blum

Replace kmalloc() followed by copy_from_user() with memdup_user() to fix a memory leak that occurs when copy_from_user(buff[sg_used],,) fails and the 'cleanup1:' path does not free the memory for 'buff[sg_used]'. Using memdup_user() avoids this by freeing the memory internally. Since memdup_user() already allocates memory, use kzalloc() in the else branch instead of manually zeroing 'buff[sg_used]' using memset(0). Cc: stable(a)vger.kernel.org Fixes: edd163687ea5 ("[SCSI] hpsa: add driver for HP Smart Array controllers.") Signed-off-by: Thorsten Blum <thorsten.blum(a)linux.dev> --- drivers/scsi/hpsa.c | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/drivers/scsi/hpsa.c b/drivers/scsi/hpsa.c index c73a71ac3c29..1c6161d0b85c 100644 --- a/drivers/scsi/hpsa.c +++ b/drivers/scsi/hpsa.c @@ -6522,18 +6522,21 @@ static int hpsa_big_passthru_ioctl(struct ctlr_info *h, while (left) { sz = (left > ioc->malloc_size) ? ioc->malloc_size : left; buff_size[sg_used] = sz; - buff[sg_used] = kmalloc(sz, GFP_KERNEL); - if (buff[sg_used] == NULL) { - status = -ENOMEM; - goto cleanup1; - } + if (ioc->Request.Type.Direction & XFER_WRITE) { - if (copy_from_user(buff[sg_used], data_ptr, sz)) { - status = -EFAULT; + buff[sg_used] = memdup_user(data_ptr, sz); + if (IS_ERR(buff[sg_used])) { + status = PTR_ERR(buff[sg_used]); goto cleanup1; } - } else - memset(buff[sg_used], 0, sz); + } else { + buff[sg_used] = kzalloc(sz, GFP_KERNEL); + if (!buff[sg_used]) { + status = -ENOMEM; + goto cleanup1; + } + } + left -= sz; data_ptr += sz; sg_used++; -- 2.51.0

2 weeks

1
0
0 0

[PATCH] cpuset: prevent freeing unallocated cpumask in hotplug handling

by Ashay Jaiswal

In cpuset hotplug handling, temporary cpumasks are allocated only when running under cgroup v2. The current code unconditionally frees these masks, which can lead to a crash on cgroup v1 case. Free the temporary cpumasks only when they were actually allocated. Fixes: 4b842da276a8 ("cpuset: Make CPU hotplug work with partition") Cc: stable(a)vger.kernel.org Signed-off-by: Ashay Jaiswal <quic_ashayj(a)quicinc.com> --- kernel/cgroup/cpuset.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/kernel/cgroup/cpuset.c b/kernel/cgroup/cpuset.c index a78ccd11ce9b43c2e8b0e2c454a8ee845ebdc808..a4f908024f3c0a22628a32f8a5b0ae96c7dccbb9 100644 --- a/kernel/cgroup/cpuset.c +++ b/kernel/cgroup/cpuset.c @@ -4019,7 +4019,8 @@ static void cpuset_handle_hotplug(void) if (force_sd_rebuild) rebuild_sched_domains_cpuslocked(); - free_tmpmasks(ptmp); + if (on_dfl && ptmp) + free_tmpmasks(ptmp); } void cpuset_update_active_cpus(void) --- base-commit: 33bcf93b9a6b028758105680f8b538a31bc563cf change-id: 20250902-cpuset-free-on-condition-85cf4eadb18c Best regards, -- Ashay Jaiswal <quic_ashayj(a)quicinc.com>

2 weeks

3
5
0 0

[PATCH v2] ASoC: SDCA: Add quirk for incorrect function types for 3 systems

by Maciej Strozek

Certain systems have CS42L43 DisCo that claims to conform to version 0.6.28 but uses the function types from the 1.0 spec. Add a quirk as a workaround. Closes: https://github.com/thesofproject/linux/issues/5515 Cc: stable(a)vger.kernel.org Signed-off-by: Maciej Strozek <mstrozek(a)opensource.cirrus.com> Reviewed-by: Pierre-Louis Bossart <pierre-louis.bossart(a)linux.dev> --- v2: Added a Closes: and Cc: stable tags --- include/sound/sdca.h | 1 + sound/soc/sdca/sdca_device.c | 20 ++++++++++++++++++++ sound/soc/sdca/sdca_functions.c | 13 ++++++++----- 3 files changed, 29 insertions(+), 5 deletions(-) diff --git a/include/sound/sdca.h b/include/sound/sdca.h index 5a5d6de78d728..9c6a351c9d474 100644 --- a/include/sound/sdca.h +++ b/include/sound/sdca.h @@ -46,6 +46,7 @@ struct sdca_device_data { enum sdca_quirk { SDCA_QUIRKS_RT712_VB, + SDCA_QUIRKS_SKIP_FUNC_TYPE_PATCHING, }; #if IS_ENABLED(CONFIG_ACPI) && IS_ENABLED(CONFIG_SND_SOC_SDCA) diff --git a/sound/soc/sdca/sdca_device.c b/sound/soc/sdca/sdca_device.c index 0244cdcdd109a..4798ce2c8f0b4 100644 --- a/sound/soc/sdca/sdca_device.c +++ b/sound/soc/sdca/sdca_device.c @@ -7,6 +7,7 @@ */ #include <linux/acpi.h> +#include <linux/dmi.h> #include <linux/module.h> #include <linux/property.h> #include <linux/soundwire/sdw.h> @@ -55,11 +56,30 @@ static bool sdca_device_quirk_rt712_vb(struct sdw_slave *slave) return false; } +static bool sdca_device_quirk_skip_func_type_patching(struct sdw_slave *slave) +{ + const char *vendor, *sku; + + vendor = dmi_get_system_info(DMI_SYS_VENDOR); + sku = dmi_get_system_info(DMI_PRODUCT_SKU); + + if (vendor && sku && + !strcmp(vendor, "Dell Inc.") && + (!strcmp(sku, "0C62") || !strcmp(sku, "0C63") || !strcmp(sku, "0C6B")) && + slave->sdca_data.interface_revision == 0x061c && + slave->id.mfg_id == 0x01fa && slave->id.part_id == 0x4243) + return true; + + return false; +} + bool sdca_device_quirk_match(struct sdw_slave *slave, enum sdca_quirk quirk) { switch (quirk) { case SDCA_QUIRKS_RT712_VB: return sdca_device_quirk_rt712_vb(slave); + case SDCA_QUIRKS_SKIP_FUNC_TYPE_PATCHING: + return sdca_device_quirk_skip_func_type_patching(slave); default: break; } diff --git a/sound/soc/sdca/sdca_functions.c b/sound/soc/sdca/sdca_functions.c index f26f597dca9e9..13f68f7b6dd6a 100644 --- a/sound/soc/sdca/sdca_functions.c +++ b/sound/soc/sdca/sdca_functions.c @@ -90,6 +90,7 @@ static int find_sdca_function(struct acpi_device *adev, void *data) { struct fwnode_handle *function_node = acpi_fwnode_handle(adev); struct sdca_device_data *sdca_data = data; + struct sdw_slave *slave = container_of(sdca_data, struct sdw_slave, sdca_data); struct device *dev = &adev->dev; struct fwnode_handle *control5; /* used to identify function type */ const char *function_name; @@ -137,11 +138,13 @@ static int find_sdca_function(struct acpi_device *adev, void *data) return ret; } - ret = patch_sdca_function_type(sdca_data->interface_revision, &function_type); - if (ret < 0) { - dev_err(dev, "SDCA version %#x invalid function type %d\n", - sdca_data->interface_revision, function_type); - return ret; + if (!sdca_device_quirk_match(slave, SDCA_QUIRKS_SKIP_FUNC_TYPE_PATCHING)) { + ret = patch_sdca_function_type(sdca_data->interface_revision, &function_type); + if (ret < 0) { + dev_err(dev, "SDCA version %#x invalid function type %d\n", + sdca_data->interface_revision, function_type); + return ret; + } } function_name = get_sdca_function_name(function_type); -- 2.47.2

2 weeks

3
2
0 0

[PATCH v2 0/3] phy: qcom: edp: Add missing refclk clock to x1e80100

by Abel Vesa

According to documentation, the DP PHY on x1e80100 has another clock called refclk. Rework the driver to allow different number of clocks. Fix the dt-bindings schema and add the clock to the DT node as well. Signed-off-by: Abel Vesa <abel.vesa(a)linaro.org> --- Changes in v2: - Fix schema by adding the minItems, as suggested by Krzysztof. - Use devm_clk_bulk_get_all, as suggested by Konrad. - Rephrase the commit messages to reflect the flexible number of clocks. - Link to v1: https://lore.kernel.org/r/20250730-phy-qcom-edp-add-missing-refclk-v1-0-6f7… --- Abel Vesa (3): dt-bindings: phy: qcom-edp: Add missing clock for X Elite phy: qcom: edp: Make the number of clocks flexible arm64: dts: qcom: Add missing TCSR refclk to the DP PHYs .../devicetree/bindings/phy/qcom,edp-phy.yaml | 28 +++++++++++++++++++++- arch/arm64/boot/dts/qcom/x1e80100.dtsi | 12 ++++++---- drivers/phy/qualcomm/phy-qcom-edp.c | 18 +++++++------- 3 files changed, 45 insertions(+), 13 deletions(-) --- base-commit: 5d50cf9f7cf20a17ac469c20a2e07c29c1f6aab7 change-id: 20250730-phy-qcom-edp-add-missing-refclk-5ab82828f8e7 Best regards, -- Abel Vesa <abel.vesa(a)linaro.org>

2 weeks

4
13
0 0

[PATCH 5.4 only v2] powerpc: boot: Remove leading zero in label in udelay()

by Nathan Chancellor

When building powerpc configurations in linux-5.4.y with binutils 2.43 or newer, there is an assembler error in arch/powerpc/boot/util.S: arch/powerpc/boot/util.S: Assembler messages: arch/powerpc/boot/util.S:44: Error: junk at end of line, first unrecognized character is `0' arch/powerpc/boot/util.S:49: Error: syntax error; found `b', expected `,' arch/powerpc/boot/util.S:49: Error: junk at end of line: `b' binutils 2.43 contains stricter parsing of certain labels [1], namely that leading zeros are no longer allowed. The GNU assembler documentation already somewhat forbade this construct: To define a local label, write a label of the form 'N:' (where N represents any non-negative integer). Eliminate the leading zero in the label to fix the syntax error. This is only needed in linux-5.4.y because commit 8b14e1dff067 ("powerpc: Remove support for PowerPC 601") removed this code altogether in 5.10. Link: https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=226749d5a6ff0d5c6… [1] Signed-off-by: Nathan Chancellor <nathan(a)kernel.org> --- v1 -> v2: - Adjust commit message to make it clearer this construct was already incorrect under the existing GNU assembler documentation (Segher) v1: https://lore.kernel.org/20250902235234.2046667-1-nathan@kernel.org/ --- arch/powerpc/boot/util.S | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/powerpc/boot/util.S b/arch/powerpc/boot/util.S index f11f0589a669..5ab2bc864e66 100644 --- a/arch/powerpc/boot/util.S +++ b/arch/powerpc/boot/util.S @@ -41,12 +41,12 @@ udelay: srwi r4,r4,16 cmpwi 0,r4,1 /* 601 ? */ bne .Ludelay_not_601 -00: li r0,86 /* Instructions / microsecond? */ +0: li r0,86 /* Instructions / microsecond? */ mtctr r0 10: addi r0,r0,0 /* NOP */ bdnz 10b subic. r3,r3,1 - bne 00b + bne 0b blr .Ludelay_not_601: base-commit: c25f780e491e4734eb27d65aa58e0909fd78ad9f -- 2.51.0

2 weeks

3
2
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror