- Linux-stable-mirror - lists.linaro.org

[PATCH v5 0/5] arm64: Support 2024 dpISA extensions

by Mark Brown

The 2024 architecture release includes a number of data processing extensions, mostly SVE and SME additions with a few others. These are all very straightforward extensions which add instructions but no architectural state so only need hwcaps and exposing of the ID registers to KVM guests and userspace. Signed-off-by: Mark Brown <broonie(a)kernel.org> --- Changes in v5: - Rebase onto arm64/for-next/cpufeature, which incorporates most of the sysreg updates from earlier versions. - Remove SF8MM8 and SF8MM4 register defintitions which were removed from the ISA in the 2024-12 XML release, along with their associated hwcaps. - Incorporate Marc's fix for SVE hwcaps on SME only systems and update the hwcaps for the newly added features to follow the same pattern. - Link to v4: https://lore.kernel.org/r/20241211-arm64-2024-dpisa-v4-0-0fd403876df2@kerne… Changes in v4: - Fix encodings for ID_AA64ISAR3_EL1. - Link to v3: https://lore.kernel.org/r/20241203-arm64-2024-dpisa-v3-0-a6c78b1aa297@kerne… Changes in v3: - Commit log update for the hwcap test. - Link to v2: https://lore.kernel.org/r/20241030-arm64-2024-dpisa-v2-0-b6601a15d2a5@kerne… Changes in v2: - Filter KVM guest visible bitfields in ID_AA64ISAR3_EL1 to only those we make writeable. - Link to v1: https://lore.kernel.org/r/20241028-arm64-2024-dpisa-v1-0-a38d08b008a8@kerne… --- Marc Zyngier (1): arm64: Filter out SVE hwcaps when FEAT_SVE isn't implemented Mark Brown (4): arm64/sysreg: Update ID_AA64SMFR0_EL1 to DDI0601 2024-12 arm64/hwcap: Describe 2024 dpISA extensions to userspace KVM: arm64: Allow control of dpISA extensions in ID_AA64ISAR3_EL1 kselftest/arm64: Add 2024 dpISA extensions to hwcap test Documentation/arch/arm64/elf_hwcaps.rst | 89 +++++++++-- arch/arm64/include/asm/hwcap.h | 15 ++ arch/arm64/include/uapi/asm/hwcap.h | 15 ++ arch/arm64/kernel/cpufeature.c | 71 +++++++-- arch/arm64/kernel/cpuinfo.c | 15 ++ arch/arm64/kvm/sys_regs.c | 6 +- arch/arm64/tools/sysreg | 26 +++- tools/testing/selftests/arm64/abi/hwcap.c | 235 +++++++++++++++++++++++++++++- 8 files changed, 441 insertions(+), 31 deletions(-) --- base-commit: d66e21d59ed0e043e68ef8c6541c1e9f1a962614 change-id: 20241008-arm64-2024-dpisa-8091074a7f48 Best regards, -- Mark Brown <broonie(a)kernel.org>

3 weeks, 3 days

3
3
0 0

[PATCH v3] arm64/sme: Move storage of reg_smidr to __cpuinfo_store_cpu()

by Mark Brown

In commit 892f7237b3ff ("arm64: Delay initialisation of cpuinfo_arm64::reg_{zcr,smcr}") we moved access to ZCR, SMCR and SMIDR later in the boot process in order to ensure that we don't attempt to interact with them if SVE or SME is disabled on the command line. Unfortunately when initialising the boot CPU in init_cpu_features() we work on a copy of the struct cpuinfo_arm64 for the boot CPU used only during boot, not the percpu copy used by the sysfs code. The expectation of the feature identification code was that the ID registers would be read in __cpuinfo_store_cpu() and the values not modified by init_cpu_features(). The main reason for the original change was to avoid early accesses to ZCR on practical systems that were seen shipping with SVE reported in ID registers but traps enabled at EL3 and handled as fatal errors, SME was rolled in due to the similarity with SVE. Since then we have removed the early accesses to ZCR and SMCR in commits: abef0695f9665c3d ("arm64/sve: Remove ZCR pseudo register from cpufeature code") 391208485c3ad50f ("arm64/sve: Remove SMCR pseudo register from cpufeature code") so only the SMIDR_EL1 part of the change remains. Since SMIDR_EL1 is only trapped via FEAT_IDST and not the SME trap it is less likely to be affected by similar issues, and the factors that lead to issues with SVE are less likely to apply to SME. Since we have not yet seen practical SME systems that need to use a command line override (and are only just beginning to see SME systems at all) and the ID register read is much more likely to be safe let's just store SMIDR_EL1 along with all the other ID register reads in __cpuinfo_store_cpu(). This issue wasn't apparent when testing on emulated platforms that do not report values in SMIDR_EL1. Fixes: 892f7237b3ff ("arm64: Delay initialisation of cpuinfo_arm64::reg_{zcr,smcr}") Signed-off-by: Mark Brown <broonie(a)kernel.org> Cc: stable(a)vger.kernel.org --- Changes in v3: - Leave the override in place. - Link to v2: https://lore.kernel.org/r/20241216-arm64-fix-boot-cpu-smidr-v2-1-a99ffba2c3… Changes in v2: - Move the ID register read back to __cpuinfo_store_cpu(). - Remove the command line option for SME ID register override. - Link to v1: https://lore.kernel.org/r/20241214-arm64-fix-boot-cpu-smidr-v1-1-0745c40772… --- arch/arm64/kernel/cpufeature.c | 13 ------------- arch/arm64/kernel/cpuinfo.c | 10 ++++++++++ 2 files changed, 10 insertions(+), 13 deletions(-) diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c index 6ce71f444ed84f9056196bb21bbfac61c9687e30..818aca922ca6066eb4bdf79e153cccb24246c61b 100644 --- a/arch/arm64/kernel/cpufeature.c +++ b/arch/arm64/kernel/cpufeature.c @@ -1167,12 +1167,6 @@ void __init init_cpu_features(struct cpuinfo_arm64 *info) id_aa64pfr1_sme(read_sanitised_ftr_reg(SYS_ID_AA64PFR1_EL1))) { unsigned long cpacr = cpacr_save_enable_kernel_sme(); - /* - * We mask out SMPS since even if the hardware - * supports priorities the kernel does not at present - * and we block access to them. - */ - info->reg_smidr = read_cpuid(SMIDR_EL1) & ~SMIDR_EL1_SMPS; vec_init_vq_map(ARM64_VEC_SME); cpacr_restore(cpacr); @@ -1423,13 +1417,6 @@ void update_cpu_features(int cpu, id_aa64pfr1_sme(read_sanitised_ftr_reg(SYS_ID_AA64PFR1_EL1))) { unsigned long cpacr = cpacr_save_enable_kernel_sme(); - /* - * We mask out SMPS since even if the hardware - * supports priorities the kernel does not at present - * and we block access to them. - */ - info->reg_smidr = read_cpuid(SMIDR_EL1) & ~SMIDR_EL1_SMPS; - /* Probe vector lengths */ if (!system_capabilities_finalized()) vec_update_vq_map(ARM64_VEC_SME); diff --git a/arch/arm64/kernel/cpuinfo.c b/arch/arm64/kernel/cpuinfo.c index d79e88fccdfce427507e7a34c5959ce6309cbd12..c45633b5ae233fe78607fce3d623efb28a9f341a 100644 --- a/arch/arm64/kernel/cpuinfo.c +++ b/arch/arm64/kernel/cpuinfo.c @@ -482,6 +482,16 @@ static void __cpuinfo_store_cpu(struct cpuinfo_arm64 *info) if (id_aa64pfr0_mpam(info->reg_id_aa64pfr0)) info->reg_mpamidr = read_cpuid(MPAMIDR_EL1); + if (IS_ENABLED(CONFIG_ARM64_SME) && + id_aa64pfr1_sme(info->reg_id_aa64pfr1)) { + /* + * We mask out SMPS since even if the hardware + * supports priorities the kernel does not at present + * and we block access to them. + */ + info->reg_smidr = read_cpuid(SMIDR_EL1) & ~SMIDR_EL1_SMPS; + } + cpuinfo_detect_icache_policy(info); } --- base-commit: fac04efc5c793dccbd07e2d59af9f90b7fc0dca4 change-id: 20241213-arm64-fix-boot-cpu-smidr-386b8db292b2 Best regards, -- Mark Brown <broonie(a)kernel.org>

3 weeks, 3 days

2
1
0 0

[PATCH] m68k: Fix VGA I/O defines

by Thomas Zimmermann

Including m86k's <asm/raw_io.h> in vga.h on nommu platforms results in conflicting defines with io_no.h for various I/O macros from the __raw_read and __raw_write families. An example error is In file included from arch/m68k/include/asm/vga.h:12, from include/video/vga.h:22, from include/linux/vgaarb.h:34, from drivers/video/aperture.c:12: >> arch/m68k/include/asm/raw_io.h:39: warning: "__raw_readb" redefined 39 | #define __raw_readb in_8 | In file included from arch/m68k/include/asm/io.h:6, from include/linux/io.h:13, from include/linux/irq.h:20, from include/asm-generic/hardirq.h:17, from ./arch/m68k/include/generated/asm/hardirq.h:1, from include/linux/hardirq.h:11, from include/linux/interrupt.h:11, from include/linux/trace_recursion.h:5, from include/linux/ftrace.h:10, from include/linux/kprobes.h:28, from include/linux/kgdb.h:19, from include/linux/fb.h:6, from drivers/video/aperture.c:5: arch/m68k/include/asm/io_no.h:16: note: this is the location of the previous definition 16 | #define __raw_readb(addr) \ | Include <asm/io.h>, which avoid raw_io.h on nommu platforms. Also change the defined values of some of the read/write symbols in vga.h to __raw_read/__raw_write as the raw_in/raw_out symbols are not generally available. Signed-off-by: Thomas Zimmermann <tzimmermann(a)suse.de> Reported-by: kernel test robot <lkp(a)intel.com> Closes: https://lore.kernel.org/oe-kbuild-all/202501071629.DNEswlm8-lkp@intel.com/ Fixes: 5c3f968712ce ("m68k/video: Create <asm/vga.h>") Cc: Geert Uytterhoeven <geert(a)linux-m68k.org> Cc: linux-fbdev(a)vger.kernel.org Cc: dri-devel(a)lists.freedesktop.org Cc: Helge Deller <deller(a)gmx.de> Cc: <stable(a)vger.kernel.org> # v3.5+ --- arch/m68k/include/asm/vga.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/arch/m68k/include/asm/vga.h b/arch/m68k/include/asm/vga.h index 4742e6bc3ab8..cdd414fa8710 100644 --- a/arch/m68k/include/asm/vga.h +++ b/arch/m68k/include/asm/vga.h @@ -9,7 +9,7 @@ */ #ifndef CONFIG_PCI -#include <asm/raw_io.h> +#include <asm/io.h> #include <asm/kmap.h> /* @@ -29,9 +29,9 @@ #define inw_p(port) 0 #define outb_p(port, val) do { } while (0) #define outw(port, val) do { } while (0) -#define readb raw_inb -#define writeb raw_outb -#define writew raw_outw +#define readb __raw_readb +#define writeb __raw_writeb +#define writew __raw_writew #endif /* CONFIG_PCI */ #endif /* _ASM_M68K_VGA_H */ -- 2.47.1

3 weeks, 3 days

2
1
0 0

[PATCH v2 2/2] mm: zswap: disable migration while using per-CPU acomp_ctx

by Yosry Ahmed

In zswap_compress() and zswap_decompress(), the per-CPU acomp_ctx of the current CPU at the beginning of the operation is retrieved and used throughout. However, since neither preemption nor migration are disabled, it is possible that the operation continues on a different CPU. If the original CPU is hotunplugged while the acomp_ctx is still in use, we run into a UAF bug as the resources attached to the acomp_ctx are freed during hotunplug in zswap_cpu_comp_dead(). The problem was introduced in commit 1ec3b5fe6eec ("mm/zswap: move to use crypto_acomp API for hardware acceleration") when the switch to the crypto_acomp API was made. Prior to that, the per-CPU crypto_comp was retrieved using get_cpu_ptr() which disables preemption and makes sure the CPU cannot go away from under us. Preemption cannot be disabled with the crypto_acomp API as a sleepable context is needed. Commit 8ba2f844f050 ("mm/zswap: change per-cpu mutex and buffer to per-acomp_ctx") increased the UAF surface area by making the per-CPU buffers dynamic, adding yet another resource that can be freed from under zswap compression/decompression by CPU hotunplug. This cannot be fixed by holding cpus_read_lock(), as it is possible for code already holding the lock to fall into reclaim and enter zswap (causing a deadlock). It also cannot be fixed by wrapping the usage of acomp_ctx in an SRCU critical section and using synchronize_srcu() in zswap_cpu_comp_dead(), because synchronize_srcu() is not allowed in CPU-hotplug notifiers (see Documentation/RCU/Design/Requirements/Requirements.rst). This can be fixed by refcounting the acomp_ctx, but it involves complexity in handling the race between the refcount dropping to zero in zswap_[de]compress() and the refcount being re-initialized when the CPU is onlined. Keep things simple for now and just disable migration while using the per-CPU acomp_ctx to block CPU hotunplug until the usage is over. Fixes: 1ec3b5fe6eec ("mm/zswap: move to use crypto_acomp API for hardware acceleration") Cc: <stable(a)vger.kernel.org> Signed-off-by: Yosry Ahmed <yosryahmed(a)google.com> Reported-by: Johannes Weiner <hannes(a)cmpxchg.org> Closes: https://lore.kernel.org/lkml/20241113213007.GB1564047@cmpxchg.org/ Reported-by: Sam Sun <samsun1006219(a)gmail.com> Closes: https://lore.kernel.org/lkml/CAEkJfYMtSdM5HceNsXUDf5haghD5+o2e7Qv4OcuruL4tP… --- mm/zswap.c | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/mm/zswap.c b/mm/zswap.c index f6316b66fb236..ecd86153e8a32 100644 --- a/mm/zswap.c +++ b/mm/zswap.c @@ -880,6 +880,18 @@ static int zswap_cpu_comp_dead(unsigned int cpu, struct hlist_node *node) return 0; } +/* Remain on the CPU while using its acomp_ctx to stop it from going offline */ +static struct crypto_acomp_ctx *acomp_ctx_get_cpu(struct crypto_acomp_ctx __percpu *acomp_ctx) +{ + migrate_disable(); + return raw_cpu_ptr(acomp_ctx); +} + +static void acomp_ctx_put_cpu(void) +{ + migrate_enable(); +} + static bool zswap_compress(struct page *page, struct zswap_entry *entry, struct zswap_pool *pool) { @@ -893,8 +905,7 @@ static bool zswap_compress(struct page *page, struct zswap_entry *entry, gfp_t gfp; u8 *dst; - acomp_ctx = raw_cpu_ptr(pool->acomp_ctx); - + acomp_ctx = acomp_ctx_get_cpu(pool->acomp_ctx); mutex_lock(&acomp_ctx->mutex); dst = acomp_ctx->buffer; @@ -950,6 +961,7 @@ static bool zswap_compress(struct page *page, struct zswap_entry *entry, zswap_reject_alloc_fail++; mutex_unlock(&acomp_ctx->mutex); + acomp_ctx_put_cpu(); return comp_ret == 0 && alloc_ret == 0; } @@ -960,7 +972,7 @@ static void zswap_decompress(struct zswap_entry *entry, struct folio *folio) struct crypto_acomp_ctx *acomp_ctx; u8 *src; - acomp_ctx = raw_cpu_ptr(entry->pool->acomp_ctx); + acomp_ctx = acomp_ctx_get_cpu(entry->pool->acomp_ctx); mutex_lock(&acomp_ctx->mutex); src = zpool_map_handle(zpool, entry->handle, ZPOOL_MM_RO); @@ -990,6 +1002,7 @@ static void zswap_decompress(struct zswap_entry *entry, struct folio *folio) if (src != acomp_ctx->buffer) zpool_unmap_handle(zpool, entry->handle); + acomp_ctx_put_cpu(); } /********************************* -- 2.47.1.613.gc27f4b7a9f-goog

3 weeks, 3 days

6
23
0 0

[PATCH 1/1] usb: pd: fix the SenderResponseTimer conform to specification

by joswang

From: Jos Wang <joswang(a)lenovo.com> According to the USB PD3 CTS specification (https://usb.org/document-library/ usb-power-delivery-compliance-test-specification-0/ USB_PD3_CTS_Q4_2024_OR.zip), the requirements for tSenderResponse are different in PD2 and PD3 modes, see Table 19 Timing Table & Calculations. For PD2 mode, the tSenderResponse min 24ms and max 30ms; for PD3 mode, the tSenderResponse min 27ms and max 33ms. For the "TEST.PD.PROT.SRC.2 Get_Source_Cap No Request" test item, after receiving the Source_Capabilities Message sent by the UUT, the tester deliberately does not send a Request Message in order to force the SenderResponse timer on the Source UUT to timeout. The Tester checks that a Hard Reset is detected between tSenderResponse min and max，the delay is between the last bit of the GoodCRC Message EOP has been sent and the first bit of Hard Reset SOP has been received. The current code does not distinguish between PD2 and PD3 modes, and tSenderResponse defaults to 60ms. This will cause this test item and the following tests to fail: TEST.PD.PROT.SRC3.2 SenderResponseTimer Timeout TEST.PD.PROT.SNK.6 SenderResponseTimer Timeout Set the SenderResponseTimer timeout to 27ms to meet the PD2 and PD3 mode requirements. Fixes: f0690a25a140 ("staging: typec: USB Type-C Port Manager (tcpm)") Cc: stable(a)vger.kernel.org Signed-off-by: Jos Wang <joswang(a)lenovo.com> --- include/linux/usb/pd.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/linux/usb/pd.h b/include/linux/usb/pd.h index 3068c3084eb6..99ca49bbf376 100644 --- a/include/linux/usb/pd.h +++ b/include/linux/usb/pd.h @@ -475,7 +475,7 @@ static inline unsigned int rdo_max_power(u32 rdo) #define PD_T_NO_RESPONSE 5000 /* 4.5 - 5.5 seconds */ #define PD_T_DB_DETECT 10000 /* 10 - 15 seconds */ #define PD_T_SEND_SOURCE_CAP 150 /* 100 - 200 ms */ -#define PD_T_SENDER_RESPONSE 60 /* 24 - 30 ms, relaxed */ +#define PD_T_SENDER_RESPONSE 27 /* 24 - 30 ms */ #define PD_T_RECEIVER_RESPONSE 15 /* 15ms max */ #define PD_T_SOURCE_ACTIVITY 45 #define PD_T_SINK_ACTIVITY 135 -- 2.17.1

3 weeks, 3 days

3
4
0 0

[PATCH 6.1 00/81] 6.1.124-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.1.124 release. There are 81 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 08 Jan 2025 15:11:04 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.1.124-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.1.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.1.124-rc1 Paolo Abeni <pabeni(a)redhat.com> mptcp: don't always assume copied data in mptcp_cleanup_rbuf() Paolo Abeni <pabeni(a)redhat.com> mptcp: fix recvbuffer adjust on sleeping rcvmsg Paolo Abeni <pabeni(a)redhat.com> mptcp: fix TCP options overflow. Seiji Nishikawa <snishika(a)redhat.com> mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() Yafang Shao <laoar.shao(a)gmail.com> mm/readahead: fix large folio support in async readahead Biju Das <biju.das.jz(a)bp.renesas.com> dt-bindings: display: adi,adv7533: Drop single lane support Biju Das <biju.das.jz(a)bp.renesas.com> drm: adv7511: Drop dsi single lane support Nikolay Kuratov <kniv(a)yandex-team.ru> net/sctp: Prevent autoclose integer overflow in sctp_association_init() Pascal Hambourg <pascal(a)plouf.fr.eu.org> sky2: Add device ID 11ab:4373 for Marvell 88E8075 Evgenii Shatokhin <e.shatokhin(a)yadro.com> pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking Dan Carpenter <dan.carpenter(a)linaro.org> RDMA/uverbs: Prevent integer overflow issue Arnd Bergmann <arnd(a)arndb.de> kcov: mark in_softirq_really() as __always_inline Takashi Iwai <tiwai(a)suse.de> ALSA: seq: oss: Fix races at processing SysEx messages Daniel Schaefer <dhs(a)frame.work> ALSA hda/realtek: Add quirk for Framework F111:000C Masahiro Yamada <masahiroy(a)kernel.org> modpost: fix the missed iteration for the max bit in do_input() Masahiro Yamada <masahiroy(a)kernel.org> modpost: fix input MODULE_DEVICE_TABLE() built for 64-bit on 32-bit host Michal Pecio <michal.pecio(a)gmail.com> usb: xhci: Avoid queuing redundant Stop Endpoint commands Leon Romanovsky <leon(a)kernel.org> ARC: build: Try to guess GCC variant of cross compiler Uros Bizjak <ubizjak(a)gmail.com> irqchip/gic: Correct declaration of *percpu_base pointer in union gic_base Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: hci_core: Fix sleeping function called from invalid context Daniele Palmas <dnlplm(a)gmail.com> net: usb: qmi_wwan: add Telit FE910C04 compositions Hobin Woo <hobin.woo(a)samsung.com> ksmbd: retry iterate_dir in smb2_query_dir Anton Protopopov <aspsk(a)isovalent.com> bpf: fix potential error return Adrian Ratiu <adrian.ratiu(a)collabora.com> sound: usb: format: don't warn that raw DSD is unsupported Adrian Ratiu <adrian.ratiu(a)collabora.com> sound: usb: enable DSD output for ddHiFi TC44C Vasiliy Kovalev <kovalev(a)altlinux.org> ALSA: hda/realtek: Add new alc2xx-fixup-headset-mic model Filipe Manana <fdmanana(a)suse.com> btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount Prike Liang <Prike.Liang(a)amd.com> drm/amdkfd: Correct the migration DMA map direction Emmanuel Grumbach <emmanuel.grumbach(a)intel.com> wifi: mac80211: wake the queues in case of failure in resume Filipe Manana <fdmanana(a)suse.com> btrfs: fix use-after-free when COWing tree bock and tracing is enabled Filipe Manana <fdmanana(a)suse.com> btrfs: rename and export __btrfs_cow_block() Eric Dumazet <edumazet(a)google.com> ila: serialize calls to nf_register_net_hooks() Eric Dumazet <edumazet(a)google.com> af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK Eric Dumazet <edumazet(a)google.com> af_packet: fix vlan_get_tci() vs MSG_PEEK Maciej S. Szmigiero <mail(a)maciej.szmigiero.name> net: wwan: iosm: Properly check for valid exec stage in ipc_mmio_init() Eric Dumazet <edumazet(a)google.com> net: restrict SO_REUSEPORT to inet sockets Willem de Bruijn <willemb(a)google.com> net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets Li Zhijian <lizhijian(a)fujitsu.com> RDMA/rtrs: Ensure 'ib_sge list' is accessible Jinjian Song <jinjian.song(a)fibocom.com> net: wwan: t7xx: Fix FSM command timeout issue Joe Hattori <joe(a)pf.is.s.u-tokyo.ac.jp> net: mv643xx_eth: fix an OF node reference leak Vitalii Mordan <mordan(a)ispras.ru> eth: bcmsysport: fix call balance of priv->clk handling routines Tanya Agarwal <tanyaagarwal25699(a)gmail.com> ALSA: usb-audio: US16x08: Initialize array before use Antonio Pastor <antonio.pastor(a)gmail.com> net: llc: reset skb->transport_header Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext Rodrigo Vivi <rodrigo.vivi(a)intel.com> drm/i915/dg1: Fix power gate sequence. Ilya Shchipletsov <rabbelkin(a)mail.ru> netrom: check buffer length before accessing it Xiao Liang <shaw.leon(a)gmail.com> net: Fix netns for ip_tunnel_init_flow() Ido Schimmel <idosch(a)nvidia.com> ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() Ido Schimmel <idosch(a)nvidia.com> ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() Ido Schimmel <idosch(a)nvidia.com> ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() Eric Dumazet <edumazet(a)google.com> ip_tunnel: annotate data-races around t->parms.link Christian Ehrig <cehrig(a)cloudflare.com> ipip,ip_tunnel,sit: Add FOU support for externally controlled ipip devices Wang Liang <wangliang74(a)huawei.com> net: fix memory leak in tcp_conn_request() Joe Hattori <joe(a)pf.is.s.u-tokyo.ac.jp> net: stmmac: restructure the error path of stmmac_probe_config_dt() Andrew Halaney <ahalaney(a)redhat.com> net: stmmac: don't create a MDIO bus if unnecessary Bartosz Golaszewski <bartosz.golaszewski(a)linaro.org> net: stmmac: platform: provide devm_stmmac_probe_config_dt() Chengchang Tang <tangchengchang(a)huawei.com> RDMA/hns: Fix missing flush CQE for DWQE Chengchang Tang <tangchengchang(a)huawei.com> RDMA/hns: Fix warning storm caused by invalid input in IO path wenglianfa <wenglianfa(a)huawei.com> RDMA/hns: Fix mapping error of zero-hop WQE buffer Chengchang Tang <tangchengchang(a)huawei.com> RDMA/hns: Remove unused parameters and variables Chengchang Tang <tangchengchang(a)huawei.com> RDMA/hns: Refactor mtr find Tristram Ha <tristram.ha(a)microchip.com> net: dsa: microchip: Fix LAN937X set_ageing_time function Oleksij Rempel <linux(a)rempel-privat.de> net: dsa: microchip: add ksz_rmw8() function Tristram Ha <tristram.ha(a)microchip.com> net: dsa: microchip: Fix KSZ9477 set_ageing_time function Stefan Ekenberg <stefan.ekenberg(a)axis.com> drm/bridge: adv7511_audio: Update Audio InfoFrame properly Selvin Xavier <selvin.xavier(a)broadcom.com> RDMA/bnxt_re: Fix the locking while accessing the QP table Selvin Xavier <selvin.xavier(a)broadcom.com> RDMA/bnxt_re: Fix max_qp_wrs reported Kalesh AP <kalesh-anakkur.purayil(a)broadcom.com> RDMA/bnxt_re: Fix reporting hw_ver in query_device Saravanan Vajravel <saravanan.vajravel(a)broadcom.com> RDMA/bnxt_re: Add check for path mtu in modify_qp Patrisious Haddad <phaddad(a)nvidia.com> RDMA/mlx5: Enforce same type port association for multiport RoCE Jeremy Kerr <jk(a)codeconstruct.com.au> net: mctp: handle skb cleanup on sock_queue failures Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: Turn NEC specific quirk for handling Stop Endpoint errors generic Michal Pecio <michal.pecio(a)gmail.com> usb: xhci: Limit Stop Endpoint retries Michal Pecio <michal.pecio(a)gmail.com> xhci: retry Stop Endpoint on buggy NEC controllers Mario Limonciello <mario.limonciello(a)amd.com> thunderbolt: Don't display nvm_version unless upgrade supported Mika Westerberg <mika.westerberg(a)linux.intel.com> thunderbolt: Add support for Intel Panther Lake-M/P Mika Westerberg <mika.westerberg(a)linux.intel.com> thunderbolt: Add support for Intel Lunar Lake Steven Rostedt <rostedt(a)goodmis.org> tracing: Have process_string() also allow arrays Johannes Thumshirn <johannes.thumshirn(a)wdc.com> btrfs: fix use-after-free in btrfs_encoded_read_endio() Thiébaud Weksteen <tweek(a)google.com> selinux: ignore unknown extended permissions Naman Jain <namjain(a)linux.microsoft.com> x86/hyperv: Fix hv tsc page based sched_clock for hibernation ------------- Diffstat: .../bindings/display/bridge/adi,adv7533.yaml | 2 +- Makefile | 4 +- arch/arc/Makefile | 2 +- arch/x86/kernel/cpu/mshyperv.c | 58 ++++++++ drivers/clocksource/hyperv_timer.c | 14 +- drivers/gpu/drm/amd/amdkfd/kfd_migrate.c | 4 +- drivers/gpu/drm/bridge/adv7511/adv7511_audio.c | 14 +- drivers/gpu/drm/bridge/adv7511/adv7533.c | 2 +- drivers/gpu/drm/i915/gt/intel_rc6.c | 2 +- drivers/infiniband/core/uverbs_cmd.c | 16 ++- drivers/infiniband/hw/bnxt_re/ib_verbs.c | 28 ++-- drivers/infiniband/hw/bnxt_re/qplib_fp.c | 2 + drivers/infiniband/hw/bnxt_re/qplib_sp.c | 2 +- drivers/infiniband/hw/hns/hns_roce_alloc.c | 3 +- drivers/infiniband/hw/hns/hns_roce_cq.c | 11 +- drivers/infiniband/hw/hns/hns_roce_device.h | 12 +- drivers/infiniband/hw/hns/hns_roce_hem.c | 54 +++++--- drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 130 ++++++++--------- drivers/infiniband/hw/hns/hns_roce_mr.c | 95 ++++++++----- drivers/infiniband/hw/hns/hns_roce_qp.c | 4 +- drivers/infiniband/hw/hns/hns_roce_srq.c | 4 +- drivers/infiniband/hw/mlx5/main.c | 6 +- drivers/infiniband/ulp/rtrs/rtrs-srv.c | 2 +- drivers/irqchip/irq-gic.c | 2 +- drivers/net/dsa/microchip/ksz9477.c | 47 +++++-- drivers/net/dsa/microchip/ksz9477_reg.h | 4 +- drivers/net/dsa/microchip/ksz_common.h | 5 + drivers/net/dsa/microchip/lan937x_main.c | 62 ++++++++- drivers/net/dsa/microchip/lan937x_reg.h | 9 +- drivers/net/ethernet/broadcom/bcmsysport.c | 21 ++- drivers/net/ethernet/marvell/mv643xx_eth.c | 14 +- drivers/net/ethernet/marvell/sky2.c | 1 + .../net/ethernet/mellanox/mlxsw/spectrum_span.c | 3 +- .../net/ethernet/stmicro/stmmac/stmmac_platform.c | 153 +++++++++++++++------ .../net/ethernet/stmicro/stmmac/stmmac_platform.h | 2 + drivers/net/usb/qmi_wwan.c | 3 + drivers/net/wwan/iosm/iosm_ipc_mmio.c | 2 +- drivers/net/wwan/t7xx/t7xx_state_monitor.c | 26 ++-- drivers/net/wwan/t7xx/t7xx_state_monitor.h | 5 +- drivers/pinctrl/pinctrl-mcp23s08.c | 6 + drivers/thunderbolt/nhi.c | 12 ++ drivers/thunderbolt/nhi.h | 6 + drivers/thunderbolt/retimer.c | 17 ++- drivers/usb/host/xhci-ring.c | 42 +++++- drivers/usb/host/xhci.c | 21 ++- drivers/usb/host/xhci.h | 2 + fs/btrfs/ctree.c | 37 +++-- fs/btrfs/ctree.h | 7 + fs/btrfs/disk-io.c | 9 ++ fs/btrfs/inode.c | 2 +- fs/smb/server/smb2pdu.c | 12 +- fs/smb/server/vfs.h | 1 + include/clocksource/hyperv_timer.h | 2 + include/linux/if_vlan.h | 16 ++- include/linux/mlx5/driver.h | 6 + include/net/bluetooth/hci_core.h | 108 ++++++++++----- include/net/ip_tunnels.h | 28 ++-- include/net/netfilter/nf_tables.h | 7 +- kernel/bpf/core.c | 6 +- kernel/kcov.c | 2 +- kernel/trace/trace_events.c | 12 ++ mm/readahead.c | 6 +- mm/vmscan.c | 9 +- net/bluetooth/hci_core.c | 10 +- net/bluetooth/iso.c | 6 + net/bluetooth/l2cap_core.c | 12 +- net/bluetooth/rfcomm/core.c | 6 + net/bluetooth/sco.c | 12 +- net/core/dev.c | 4 +- net/core/sock.c | 5 +- net/ipv4/ip_tunnel.c | 60 +++++--- net/ipv4/ipip.c | 1 + net/ipv4/tcp_input.c | 1 + net/ipv6/ila/ila_xlat.c | 16 ++- net/ipv6/sit.c | 2 +- net/llc/llc_input.c | 2 +- net/mac80211/util.c | 3 + net/mctp/route.c | 36 +++-- net/mptcp/options.c | 7 + net/mptcp/protocol.c | 22 +-- net/netrom/nr_route.c | 6 + net/packet/af_packet.c | 28 +--- net/sctp/associola.c | 3 +- scripts/mod/file2alias.c | 4 +- security/selinux/ss/services.c | 8 +- sound/core/seq/oss/seq_oss_synth.c | 2 + sound/pci/hda/patch_realtek.c | 2 + sound/usb/format.c | 7 +- sound/usb/mixer_us16x08.c | 2 +- sound/usb/quirks.c | 2 + 90 files changed, 1031 insertions(+), 444 deletions(-)

3 weeks, 3 days

12
92
0 0

[PATCH 6.12 000/156] 6.12.9-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.12.9 release. There are 156 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 08 Jan 2025 15:11:04 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.12.9-rc1… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.12.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.12.9-rc1 Paolo Abeni <pabeni(a)redhat.com> mptcp: don't always assume copied data in mptcp_cleanup_rbuf() Paolo Abeni <pabeni(a)redhat.com> mptcp: fix recvbuffer adjust on sleeping rcvmsg Paolo Abeni <pabeni(a)redhat.com> mptcp: fix TCP options overflow. Liu Shixin <liushixin2(a)huawei.com> mm: hugetlb: independent PMD page table shared count Lorenzo Stoakes <lorenzo.stoakes(a)oracle.com> mm: reinstate ability to map write-sealed memfd mappings read-only Seiji Nishikawa <snishika(a)redhat.com> mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() Alessandro Carminati <acarmina(a)redhat.com> mm/kmemleak: fix sleeping function called from invalid context at print message Yafang Shao <laoar.shao(a)gmail.com> mm/readahead: fix large folio support in async readahead Joshua Washington <joshwash(a)google.com> gve: trigger RX NAPI instead of TX NAPI in gve_xsk_wakeup Joshua Washington <joshwash(a)google.com> gve: guard XDP xmit NDO on existence of xdp queues Joshua Washington <joshwash(a)google.com> gve: fix XDP allocation path in edge cases Joshua Washington <joshwash(a)google.com> gve: guard XSK operations on the existence of queues Joshua Washington <joshwash(a)google.com> gve: clean XDP queues in gve_tx_stop_ring_gqi Joshua Washington <joshwash(a)google.com> gve: process XSK TX descriptors as part of RX NAPI David Hildenbrand <david(a)redhat.com> fs/proc/task_mmu: fix pagemap flags with PMD THP entries on 32bit Baolin Wang <baolin.wang(a)linux.alibaba.com> mm: shmem: fix incorrect index alignment for within_size policy Baolin Wang <baolin.wang(a)linux.alibaba.com> mm: shmem: fix the update of 'shmem_falloc->nr_unswapped' SeongJae Park <sj(a)kernel.org> mm/damon/core: fix new damon_target objects leaks on damon_commit_targets() SeongJae Park <sj(a)kernel.org> mm/damon/core: fix ignored quota goals and filters of newly committed schemes Siddharth Vadapalli <s-vadapalli(a)ti.com> net: ethernet: ti: am65-cpsw: default to round-robin for host port receive Zilin Guan <zilin(a)seu.edu.cn> fgraph: Add READ_ONCE() when accessing fgraph_array[] Kees Cook <kees(a)kernel.org> wifi: iwlwifi: mvm: Fix __counted_by usage in cfg80211_wowlan_nd_* Biju Das <biju.das.jz(a)bp.renesas.com> drm: adv7511: Fix use-after-free in adv7533_attach_dsi() Biju Das <biju.das.jz(a)bp.renesas.com> dt-bindings: display: adi,adv7533: Drop single lane support Biju Das <biju.das.jz(a)bp.renesas.com> drm: adv7511: Drop dsi single lane support Pavel Begunkov <asml.silence(a)gmail.com> io_uring/rw: fix downgraded mshot read Nikolay Kuratov <kniv(a)yandex-team.ru> net/sctp: Prevent autoclose integer overflow in sctp_association_init() Henry Huang <henry.hj(a)antgroup.com> sched_ext: initialize kit->cursor.flags Pascal Hambourg <pascal(a)plouf.fr.eu.org> sky2: Add device ID 11ab:4373 for Marvell 88E8075 Tvrtko Ursulin <tvrtko.ursulin(a)igalia.com> workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker Evgenii Shatokhin <e.shatokhin(a)yadro.com> pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking Dan Carpenter <dan.carpenter(a)linaro.org> RDMA/uverbs: Prevent integer overflow issue Tejun Heo <tj(a)kernel.org> sched_ext: Fix invalid irq restore in scx_ops_bypass() Kuan-Wei Chiu <visitorckw(a)gmail.com> scripts/sorttable: fix orc_sort_cmp() to maintain symmetry and transitivity Nikolaus Voss <nv(a)vosn.de> clk: clk-imx8mp-audiomix: fix function signature Yang Erkun <yangerkun(a)huawei.com> maple_tree: reload mas before the second call for mas_empty_area Arnd Bergmann <arnd(a)arndb.de> kcov: mark in_softirq_really() as __always_inline Dennis Lam <dennis.lamerice(a)gmail.com> ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv Takashi Iwai <tiwai(a)suse.de> ALSA: seq: oss: Fix races at processing SysEx messages Daniel Schaefer <dhs(a)frame.work> ALSA hda/realtek: Add quirk for Framework F111:000C Nirmoy Das <nirmoy.das(a)intel.com> drm/xe: Wait for migration job before unmapping pages Nirmoy Das <nirmoy.das(a)intel.com> drm/xe: Use non-interruptible wait when moving BO to system Kohei Enju <enjuk(a)amazon.com> ftrace: Fix function profiler's filtering functionality Takashi Iwai <tiwai(a)suse.de> ALSA: seq: Check UMP support for midi_version change Jens Axboe <axboe(a)kernel.dk> io_uring/kbuf: use pre-committed buffer address for non-pollable file Mark Zhang <markzhang(a)nvidia.com> RDMA/mlx5: Enable multiplane mode only when it is supported Takashi Iwai <tiwai(a)suse.de> Revert "ALSA: ump: Don't enumeration invalid groups for legacy rawmidi" Thomas Weißschuh <linux(a)weissschuh.net> kbuild: pacman-pkg: provide versioned linux-api-headers package Masahiro Yamada <masahiroy(a)kernel.org> modpost: fix the missed iteration for the max bit in do_input() Mostafa Saleh <smostafa(a)google.com> scripts/mksysmap: Fix escape chars '$' Maksim Kiselev <bigunclemax(a)gmail.com> clk: thead: Fix TH1520 emmc and shdci clock rate Eduard Zingerman <eddyz87(a)gmail.com> bpf: consider that tail calls invalidate packet pointers Eduard Zingerman <eddyz87(a)gmail.com> bpf: refactor bpf_helper_changes_pkt_data to use helper number Leon Romanovsky <leon(a)kernel.org> ARC: build: Try to guess GCC variant of cross compiler Uros Bizjak <ubizjak(a)gmail.com> irqchip/gic: Correct declaration of *percpu_base pointer in union gic_base Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: hci_core: Fix sleeping function called from invalid context Daniele Palmas <dnlplm(a)gmail.com> net: usb: qmi_wwan: add Telit FE910C04 compositions Enzo Matsumiya <ematsumiya(a)suse.de> smb: client: destroy cfid_put_wq on module exit Namjae Jeon <linkinjeon(a)kernel.org> ksmbd: set ATTR_CTIME flags when setting mtime Hobin Woo <hobin.woo(a)samsung.com> ksmbd: retry iterate_dir in smb2_query_dir Anton Protopopov <aspsk(a)isovalent.com> bpf: fix potential error return Hardevsinh Palaniya <hardevsinh.palaniya(a)siliconsignals.io> ARC: bpf: Correct conditional check in 'check_jmp_32' Paul E. McKenney <paulmck(a)kernel.org> ARC: build: Use __force to suppress per-CPU cmpxchg warnings Vineet Gupta <vgupta(a)kernel.org> ARC: build: disallow invalid PAE40 + 4K page config Stephen Gordon <gordoste(a)iinet.net.au> ASoC: audio-graph-card: Call of_node_put() on correct node Niravkumar L Rabara <niravkumar.l.rabara(a)intel.com> spi: spi-cadence-qspi: Disable STIG mode for Altera SoCFPGA. Adrian Ratiu <adrian.ratiu(a)collabora.com> sound: usb: format: don't warn that raw DSD is unsupported Adrian Ratiu <adrian.ratiu(a)collabora.com> sound: usb: enable DSD output for ddHiFi TC44C Vasiliy Kovalev <kovalev(a)altlinux.org> ALSA: hda/realtek: Add new alc2xx-fixup-headset-mic model Takashi Iwai <tiwai(a)suse.de> ALSA: hda/ca0132: Use standard HD-audio quirk matching helpers Filipe Manana <fdmanana(a)suse.com> btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount Johannes Thumshirn <johannes.thumshirn(a)wdc.com> btrfs: handle bio_split() errors Vasiliy Kovalev <kovalev(a)altlinux.org> ALSA: hda/realtek - Add support for ASUS Zen AIO 27 Z272SD_A272SD audio Simon Trimmer <simont(a)opensource.cirrus.com> ALSA: hda: cs35l56: Remove calls to cs35l56_force_sync_asp1_registers_from_cache() Prike Liang <Prike.Liang(a)amd.com> drm/amdkfd: Correct the migration DMA map direction Victor Zhao <Victor.Zhao(a)amd.com> drm/amdgpu: use sjt mec fw on gfx943 for sriov Emmanuel Grumbach <emmanuel.grumbach(a)intel.com> wifi: mac80211: wake the queues in case of failure in resume Aditya Kumar Singh <quic_adisi(a)quicinc.com> wifi: cfg80211: clear link ID from bitmap during link delete after clean up Issam Hamdi <ih(a)simonwunderlich.de> wifi: mac80211: fix mbss changed flags corruption on 32 bit systems Kan Liang <kan.liang(a)linux.intel.com> perf/x86/intel: Add Arrow Lake U support Filipe Manana <fdmanana(a)suse.com> btrfs: allow swap activation to be interruptible Meghana Malladi <m-malladi(a)ti.com> net: ti: icssg-prueth: Fix clearing of IEP_CMP_CFG registers during iep_init MD Danish Anwar <danishanwar(a)ti.com> net: ti: icssg-prueth: Fix firmware load sequence. Eric Dumazet <edumazet(a)google.com> ila: serialize calls to nf_register_net_hooks() Eric Dumazet <edumazet(a)google.com> af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK Eric Dumazet <edumazet(a)google.com> af_packet: fix vlan_get_tci() vs MSG_PEEK Maciej S. Szmigiero <mail(a)maciej.szmigiero.name> net: wwan: iosm: Properly check for valid exec stage in ipc_mmio_init() Eric Dumazet <edumazet(a)google.com> net: restrict SO_REUSEPORT to inet sockets Willem de Bruijn <willemb(a)google.com> net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets Liang Jie <liangjie(a)lixiang.com> net: sfc: Correct key_len for efx_tc_ct_zone_ht_params Jens Axboe <axboe(a)kernel.dk> io_uring/net: always initialize kmsg->msg.msg_inq upfront Kalesh AP <kalesh-anakkur.purayil(a)broadcom.com> RDMA/bnxt_re: Fix error recovery sequence Li Zhijian <lizhijian(a)fujitsu.com> RDMA/rtrs: Ensure 'ib_sge list' is accessible Jinjian Song <jinjian.song(a)fibocom.com> net: wwan: t7xx: Fix FSM command timeout issue Joe Hattori <joe(a)pf.is.s.u-tokyo.ac.jp> net: mv643xx_eth: fix an OF node reference leak Vitalii Mordan <mordan(a)ispras.ru> eth: bcmsysport: fix call balance of priv->clk handling routines Tanya Agarwal <tanyaagarwal25699(a)gmail.com> ALSA: usb-audio: US16x08: Initialize array before use Leo Stone <leocstone(a)gmail.com> nvmet: Don't overflow subsysnqn Antonio Pastor <antonio.pastor(a)gmail.com> net: llc: reset skb->transport_header Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext Su Hui <suhui(a)nfschina.com> workqueue: add printf attribute to __alloc_workqueue() Rodrigo Vivi <rodrigo.vivi(a)intel.com> drm/i915/dg1: Fix power gate sequence. Suraj Kandpal <suraj.kandpal(a)intel.com> drm/i915/cx0_phy: Fix C10 pll programming sequence Zhu Yanjun <yanjun.zhu(a)linux.dev> RDMA/rxe: Remove the direct link to net_device Jianbo Liu <jianbol(a)nvidia.com> net/mlx5e: Keep netdev when leave switchdev for devlink set legacy only Jianbo Liu <jianbol(a)nvidia.com> net/mlx5e: Skip restore TC rules for vport rep without loaded flag Dragos Tatulea <dtatulea(a)nvidia.com> net/mlx5e: macsec: Maintain TX SA from encoding_sa Shahar Shitrit <shshitrit(a)nvidia.com> net/mlx5: DR, select MSIX vector 0 for completion queue creation Kory Maincent <kory.maincent(a)bootlin.com> net: pse-pd: tps23881: Fix power on/off issue Ilya Shchipletsov <rabbelkin(a)mail.ru> netrom: check buffer length before accessing it Xiao Liang <shaw.leon(a)gmail.com> net: Fix netns for ip_tunnel_init_flow() Wang Liang <wangliang74(a)huawei.com> net: fix memory leak in tcp_conn_request() Joe Hattori <joe(a)pf.is.s.u-tokyo.ac.jp> net: stmmac: restructure the error path of stmmac_probe_config_dt() Lucas De Marchi <lucas.demarchi(a)intel.com> drm/xe: Fix fault on fd close after unbind Michal Wajdeczko <michal.wajdeczko(a)intel.com> drm/xe/pf: Use correct function to check LMEM provisioning John Harrison <John.C.Harrison(a)Intel.com> drm/xe: Revert some changes that break a mesa debug tool Chengchang Tang <tangchengchang(a)huawei.com> RDMA/hns: Fix missing flush CQE for DWQE Chengchang Tang <tangchengchang(a)huawei.com> RDMA/hns: Fix warning storm caused by invalid input in IO path Chengchang Tang <tangchengchang(a)huawei.com> RDMA/hns: Fix accessing invalid dip_ctx during destroying QP wenglianfa <wenglianfa(a)huawei.com> RDMA/hns: Fix mapping error of zero-hop WQE buffer Jakub Kicinski <kuba(a)kernel.org> netdev-genl: avoid empty messages in napi get Vladimir Oltean <vladimir.oltean(a)nxp.com> selftests: net: local_termination: require mausezahn Tristram Ha <tristram.ha(a)microchip.com> net: dsa: microchip: Fix LAN937X set_ageing_time function Tristram Ha <tristram.ha(a)microchip.com> net: dsa: microchip: Fix KSZ9477 set_ageing_time function Stefan Ekenberg <stefan.ekenberg(a)axis.com> drm/bridge: adv7511_audio: Update Audio InfoFrame properly Wei Fang <wei.fang(a)nxp.com> net: phy: micrel: Dynamically control external clock of KSZ PHY Selvin Xavier <selvin.xavier(a)broadcom.com> RDMA/bnxt_re: Fix the locking while accessing the QP table Damodharam Ammepalli <damodharam.ammepalli(a)broadcom.com> RDMA/bnxt_re: Fix MSN table size for variable wqe mode Damodharam Ammepalli <damodharam.ammepalli(a)broadcom.com> RDMA/bnxt_re: Add send queue size check for variable wqe Kalesh AP <kalesh-anakkur.purayil(a)broadcom.com> RDMA/bnxt_re: Disable use of reserved wqes Selvin Xavier <selvin.xavier(a)broadcom.com> RDMA/bnxt_re: Fix max_qp_wrs reported Bernard Metzler <bmt(a)zurich.ibm.com> RDMA/siw: Remove direct link to net_device Chiara Meiohas <cmeiohas(a)nvidia.com> RDMA/nldev: Set error code in rdma_nl_notify_event Kalesh AP <kalesh-anakkur.purayil(a)broadcom.com> RDMA/bnxt_re: Fix reporting hw_ver in query_device Saravanan Vajravel <saravanan.vajravel(a)broadcom.com> RDMA/bnxt_re: Add check for path mtu in modify_qp Kalesh AP <kalesh-anakkur.purayil(a)broadcom.com> RDMA/bnxt_re: Fix the check for 9060 condition Emmanuel Grumbach <emmanuel.grumbach(a)intel.com> wifi: iwlwifi: fix CRF name for Bz Robert Beckett <bob.beckett(a)collabora.com> nvme-pci: 512 byte aligned dma pool segment quirk Anumula Murali Mohan Reddy <anumula(a)chelsio.com> RDMA/core: Fix ENODEV error for iWARP test over vlan Kashyap Desai <kashyap.desai(a)broadcom.com> RDMA/bnxt_re: Avoid sending the modify QP workaround for latest adapters Selvin Xavier <selvin.xavier(a)broadcom.com> RDMA/bnxt_re: Avoid initializing the software queue for user queues Kashyap Desai <kashyap.desai(a)broadcom.com> RDMA/bnxt_re: Fix max SGEs for the Work Request Patrisious Haddad <phaddad(a)nvidia.com> RDMA/mlx5: Enforce same type port association for multiport RoCE guanjing <guanjing(a)cmss.chinamobile.com> sched_ext: fix application of sizeof to pointer Leon Romanovsky <leon(a)kernel.org> RDMA/bnxt_re: Remove always true dattr validity check Christoph Hellwig <hch(a)lst.de> btrfs: use bio_is_zone_append() in the completion handler Christoph Hellwig <hch(a)lst.de> block: lift bio_is_zone_append to bio.h Steven Rostedt <rostedt(a)goodmis.org> tracing: Have process_string() also allow arrays Lucas Stach <l.stach(a)pengutronix.de> pmdomain: core: add dummy release function to genpd device Joe Hattori <joe(a)pf.is.s.u-tokyo.ac.jp> pmdomain: imx: gpcv2: fix an OF node reference leak in imx_gpcv2_probe() Eric Biggers <ebiggers(a)google.com> mmc: sdhci-msm: fix crypto key eviction Thiébaud Weksteen <tweek(a)google.com> selinux: ignore unknown extended permissions Mingcong Bai <jeffbai(a)aosc.io> platform/x86: hp-wmi: mark 8A15 board for timed OMEN thermal profile Vishnu Sankar <vishnuocv(a)gmail.com> platform/x86: thinkpad-acpi: Add support for hotkey 0x1401 Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: fix backport of commit 73dae652dcac Joe Hattori <joe(a)pf.is.s.u-tokyo.ac.jp> platform/x86: mlx-platform: call pci_dev_put() to balance the refcount ------------- Diffstat: .../admin-guide/laptops/thinkpad-acpi.rst | 10 +- .../bindings/display/bridge/adi,adv7533.yaml | 2 +- Makefile | 4 +- arch/arc/Kconfig | 4 +- arch/arc/Makefile | 2 +- arch/arc/include/asm/cmpxchg.h | 2 +- arch/arc/net/bpf_jit_arcv2.c | 2 +- arch/x86/events/intel/core.c | 1 + block/blk.h | 9 - drivers/clk/imx/clk-imx8mp-audiomix.c | 3 +- drivers/clk/thead/clk-th1520-ap.c | 13 +- drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 6 +- drivers/gpu/drm/amd/amdgpu/gfx_v9_4_3.c | 10 +- drivers/gpu/drm/amd/amdkfd/kfd_migrate.c | 4 +- drivers/gpu/drm/bridge/adv7511/adv7511_audio.c | 14 +- drivers/gpu/drm/bridge/adv7511/adv7511_drv.c | 10 +- drivers/gpu/drm/bridge/adv7511/adv7533.c | 4 +- drivers/gpu/drm/i915/display/intel_cx0_phy.c | 12 +- drivers/gpu/drm/i915/gt/intel_rc6.c | 2 +- drivers/gpu/drm/xe/xe_bo.c | 12 +- drivers/gpu/drm/xe/xe_devcoredump.c | 15 +- drivers/gpu/drm/xe/xe_exec_queue.c | 9 + drivers/gpu/drm/xe/xe_gt_sriov_pf_config.c | 2 +- drivers/infiniband/core/cma.c | 16 ++ drivers/infiniband/core/nldev.c | 2 +- drivers/infiniband/core/uverbs_cmd.c | 16 +- drivers/infiniband/hw/bnxt_re/ib_verbs.c | 34 +-- drivers/infiniband/hw/bnxt_re/main.c | 8 +- drivers/infiniband/hw/bnxt_re/qplib_fp.c | 65 +++-- drivers/infiniband/hw/bnxt_re/qplib_fp.h | 3 +- drivers/infiniband/hw/bnxt_re/qplib_rcfw.c | 5 +- drivers/infiniband/hw/bnxt_re/qplib_sp.c | 18 +- drivers/infiniband/hw/hns/hns_roce_hem.c | 43 +++- drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 11 +- drivers/infiniband/hw/hns/hns_roce_mr.c | 5 - drivers/infiniband/hw/mlx5/main.c | 8 +- drivers/infiniband/sw/rxe/rxe.c | 23 +- drivers/infiniband/sw/rxe/rxe.h | 3 +- drivers/infiniband/sw/rxe/rxe_mcast.c | 22 +- drivers/infiniband/sw/rxe/rxe_net.c | 24 +- drivers/infiniband/sw/rxe/rxe_verbs.c | 26 +- drivers/infiniband/sw/rxe/rxe_verbs.h | 11 +- drivers/infiniband/sw/siw/siw.h | 7 +- drivers/infiniband/sw/siw/siw_cm.c | 27 +- drivers/infiniband/sw/siw/siw_main.c | 15 +- drivers/infiniband/sw/siw/siw_verbs.c | 35 ++- drivers/infiniband/ulp/rtrs/rtrs-srv.c | 2 +- drivers/irqchip/irq-gic.c | 2 +- drivers/mmc/host/sdhci-msm.c | 16 +- drivers/net/dsa/microchip/ksz9477.c | 47 +++- drivers/net/dsa/microchip/ksz9477_reg.h | 4 +- drivers/net/dsa/microchip/lan937x_main.c | 62 ++++- drivers/net/dsa/microchip/lan937x_reg.h | 9 +- drivers/net/ethernet/broadcom/bcmsysport.c | 21 +- drivers/net/ethernet/google/gve/gve.h | 1 + drivers/net/ethernet/google/gve/gve_main.c | 63 +++-- drivers/net/ethernet/google/gve/gve_tx.c | 46 ++-- drivers/net/ethernet/marvell/mv643xx_eth.c | 14 +- drivers/net/ethernet/marvell/sky2.c | 1 + .../ethernet/mellanox/mlx5/core/en_accel/macsec.c | 4 + drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 19 +- drivers/net/ethernet/mellanox/mlx5/core/en_rep.c | 15 ++ .../net/ethernet/mellanox/mlx5/core/esw/ipsec_fs.c | 6 +- drivers/net/ethernet/mellanox/mlx5/core/eswitch.h | 3 + .../ethernet/mellanox/mlx5/core/eswitch_offloads.c | 5 +- .../ethernet/mellanox/mlx5/core/steering/dr_send.c | 4 +- .../net/ethernet/mellanox/mlxsw/spectrum_span.c | 3 +- drivers/net/ethernet/sfc/tc_conntrack.c | 2 +- .../net/ethernet/stmicro/stmmac/stmmac_platform.c | 43 ++-- drivers/net/ethernet/ti/am65-cpsw-nuss.c | 2 +- drivers/net/ethernet/ti/icssg/icss_iep.c | 8 + drivers/net/ethernet/ti/icssg/icssg_common.c | 25 -- drivers/net/ethernet/ti/icssg/icssg_config.c | 41 ++- drivers/net/ethernet/ti/icssg/icssg_config.h | 1 + drivers/net/ethernet/ti/icssg/icssg_prueth.c | 281 ++++++++++++++------- drivers/net/ethernet/ti/icssg/icssg_prueth.h | 5 +- drivers/net/ethernet/ti/icssg/icssg_prueth_sr1.c | 24 +- drivers/net/phy/micrel.c | 114 ++++++++- drivers/net/pse-pd/tps23881.c | 16 +- drivers/net/usb/qmi_wwan.c | 3 + drivers/net/wireless/intel/iwlwifi/cfg/bz.c | 1 + drivers/net/wireless/intel/iwlwifi/iwl-config.h | 1 + drivers/net/wireless/intel/iwlwifi/mvm/d3.c | 14 +- drivers/net/wireless/intel/iwlwifi/pcie/drv.c | 41 ++- drivers/net/wwan/iosm/iosm_ipc_mmio.c | 2 +- drivers/net/wwan/t7xx/t7xx_state_monitor.c | 26 +- drivers/net/wwan/t7xx/t7xx_state_monitor.h | 5 +- drivers/nvme/host/nvme.h | 5 + drivers/nvme/host/pci.c | 9 +- drivers/nvme/target/configfs.c | 11 +- drivers/pinctrl/pinctrl-mcp23s08.c | 6 + drivers/platform/x86/hp/hp-wmi.c | 4 +- drivers/platform/x86/mlx-platform.c | 2 + drivers/platform/x86/thinkpad_acpi.c | 4 +- drivers/pmdomain/core.c | 6 + drivers/pmdomain/imx/gpcv2.c | 4 +- drivers/spi/spi-cadence-quadspi.c | 10 +- fs/btrfs/bio.c | 23 +- fs/btrfs/disk-io.c | 9 + fs/btrfs/inode.c | 5 + fs/ocfs2/quota_global.c | 2 +- fs/ocfs2/quota_local.c | 1 + fs/proc/task_mmu.c | 2 +- fs/smb/client/cifsfs.c | 1 + fs/smb/server/smb2pdu.c | 22 +- fs/smb/server/vfs.h | 1 + include/linux/bio.h | 17 ++ include/linux/filter.h | 2 +- include/linux/if_vlan.h | 16 +- include/linux/memfd.h | 14 + include/linux/mlx5/driver.h | 7 + include/linux/mlx5/mlx5_ifc.h | 4 +- include/linux/mm.h | 57 +++-- include/linux/mm_types.h | 30 +++ include/net/bluetooth/hci_core.h | 108 +++++--- include/net/netfilter/nf_tables.h | 7 +- include/sound/cs35l56.h | 6 - io_uring/kbuf.c | 4 +- io_uring/net.c | 1 + io_uring/rw.c | 2 + kernel/bpf/core.c | 8 +- kernel/bpf/verifier.c | 2 +- kernel/kcov.c | 2 +- kernel/sched/ext.c | 4 +- kernel/trace/fgraph.c | 2 +- kernel/trace/ftrace.c | 8 +- kernel/trace/trace_events.c | 12 + kernel/workqueue.c | 23 +- lib/maple_tree.c | 1 + mm/damon/core.c | 10 +- mm/hugetlb.c | 16 +- mm/kmemleak.c | 2 +- mm/memfd.c | 2 +- mm/mmap.c | 4 + mm/readahead.c | 6 +- mm/shmem.c | 7 +- mm/vmscan.c | 9 +- net/bluetooth/hci_core.c | 10 +- net/bluetooth/iso.c | 6 + net/bluetooth/l2cap_core.c | 12 +- net/bluetooth/rfcomm/core.c | 6 + net/bluetooth/sco.c | 12 +- net/core/dev.c | 4 +- net/core/filter.c | 63 +++-- net/core/netdev-genl.c | 6 +- net/core/sock.c | 5 +- net/ipv4/ip_tunnel.c | 6 +- net/ipv4/tcp_input.c | 1 + net/ipv6/ila/ila_xlat.c | 16 +- net/llc/llc_input.c | 2 +- net/mac80211/cfg.c | 8 +- net/mac80211/mesh.c | 6 +- net/mac80211/util.c | 3 + net/mptcp/options.c | 7 + net/mptcp/protocol.c | 22 +- net/netrom/nr_route.c | 6 + net/packet/af_packet.c | 28 +- net/sctp/associola.c | 3 +- net/wireless/util.c | 3 +- scripts/mksysmap | 4 +- scripts/mod/file2alias.c | 2 +- scripts/package/PKGBUILD | 2 +- scripts/sorttable.h | 5 +- security/selinux/ss/services.c | 8 +- sound/core/seq/oss/seq_oss_synth.c | 2 + sound/core/seq/seq_clientmgr.c | 14 +- sound/core/ump.c | 2 +- sound/pci/hda/cs35l56_hda.c | 8 - sound/pci/hda/patch_ca0132.c | 37 +-- sound/pci/hda/patch_realtek.c | 24 ++ sound/soc/generic/audio-graph-card2.c | 2 +- sound/usb/format.c | 7 +- sound/usb/mixer_us16x08.c | 2 +- sound/usb/quirks.c | 2 + tools/sched_ext/scx_central.c | 2 +- tools/testing/selftests/bpf/progs/tc_bpf2bpf.c | 2 + .../selftests/net/forwarding/local_termination.sh | 1 - 177 files changed, 1698 insertions(+), 764 deletions(-)

3 weeks, 3 days

19
175
0 0

[PATCH] clk: mmp2: call pm_genpd_init() only after genpd.name is set

by Lubomir Rintel

Setting the genpd's struct device's name with dev_set_name() is happening within pm_genpd_init(). If it remains NULL, things can blow up later, such as when crafting the devfs hierarchy for the power domain: 8<--- cut here --- [please do not actually cut, you'll ruin your display] Unable to handle kernel NULL pointer dereference at virtual address 00000000 when read ... Call trace: strlen from start_creating+0x90/0x138 start_creating from debugfs_create_dir+0x20/0x178 debugfs_create_dir from genpd_debug_add.part.0+0x4c/0x144 genpd_debug_add.part.0 from genpd_debug_init+0x74/0x90 genpd_debug_init from do_one_initcall+0x5c/0x244 do_one_initcall from kernel_init_freeable+0x19c/0x1f4 kernel_init_freeable from kernel_init+0x1c/0x12c kernel_init from ret_from_fork+0x14/0x28 Bisecting tracks this crash back to commit 899f44531fe6 ("pmdomain: core: Add GENPD_FLAG_DEV_NAME_FW flag"), which exchanges use of genpd->name with dev_name(&genpd->dev) in genpd_debug_add.part(). Fixes: 899f44531fe6 ("pmdomain: core: Add GENPD_FLAG_DEV_NAME_FW flag") Signed-off-by: Lubomir Rintel <lkundrak(a)v3.sk> Cc: stable(a)vger.kernel.org # v6.12+ --- drivers/clk/mmp/pwr-island.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/clk/mmp/pwr-island.c b/drivers/clk/mmp/pwr-island.c index edaa2433a472..eaf5d2c5e593 100644 --- a/drivers/clk/mmp/pwr-island.c +++ b/drivers/clk/mmp/pwr-island.c @@ -106,10 +106,10 @@ struct generic_pm_domain *mmp_pm_domain_register(const char *name, pm_domain->flags = flags; pm_domain->lock = lock; - pm_genpd_init(&pm_domain->genpd, NULL, true); pm_domain->genpd.name = name; pm_domain->genpd.power_on = mmp_pm_domain_power_on; pm_domain->genpd.power_off = mmp_pm_domain_power_off; + pm_genpd_init(&pm_domain->genpd, NULL, true); return &pm_domain->genpd; } -- 2.47.1

3 weeks, 3 days

2
3
0 0

[PATCH] USB: serial: cp210x: add Phoenix Contact UPS Device

by Johan Hovold

Phoenix Contact sells UPS Quint devices [1] with a custom datacable [2] that embeds a Silicon Labs converter: Bus 001 Device 003: ID 1b93:1013 Silicon Labs Phoenix Contact UPS Device Device Descriptor: bLength 18 bDescriptorType 1 bcdUSB 2.00 bDeviceClass 0 bDeviceSubClass 0 bDeviceProtocol 0 bMaxPacketSize0 64 idVendor 0x1b93 idProduct 0x1013 bcdDevice 1.00 iManufacturer 1 Silicon Labs iProduct 2 Phoenix Contact UPS Device iSerial 3 <redacted> bNumConfigurations 1 Configuration Descriptor: bLength 9 bDescriptorType 2 wTotalLength 0x0020 bNumInterfaces 1 bConfigurationValue 1 iConfiguration 0 bmAttributes 0x80 (Bus Powered) MaxPower 100mA Interface Descriptor: bLength 9 bDescriptorType 4 bInterfaceNumber 0 bAlternateSetting 0 bNumEndpoints 2 bInterfaceClass 255 Vendor Specific Class bInterfaceSubClass 0 bInterfaceProtocol 0 iInterface 2 Phoenix Contact UPS Device Endpoint Descriptor: bLength 7 bDescriptorType 5 bEndpointAddress 0x01 EP 1 OUT bmAttributes 2 Transfer Type Bulk Synch Type None Usage Type Data wMaxPacketSize 0x0040 1x 64 bytes bInterval 0 Endpoint Descriptor: bLength 7 bDescriptorType 5 bEndpointAddress 0x82 EP 2 IN bmAttributes 2 Transfer Type Bulk Synch Type None Usage Type Data wMaxPacketSize 0x0040 1x 64 bytes bInterval 0 [1] https://www.phoenixcontact.com/en-pc/products/power-supply-unit-quint-ps-1a… [2] https://www.phoenixcontact.com/en-il/products/data-cable-preassembled-ifs-u… Reported-by: Giuseppe Corbelli <giuseppe.corbelli(a)antaresvision.com> Cc: stable(a)vger.kernel.org Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/usb/serial/cp210x.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/usb/serial/cp210x.c b/drivers/usb/serial/cp210x.c index c24101f0a07a..9960ac2b10b7 100644 --- a/drivers/usb/serial/cp210x.c +++ b/drivers/usb/serial/cp210x.c @@ -223,6 +223,7 @@ static const struct usb_device_id id_table[] = { { USB_DEVICE(0x19CF, 0x3000) }, /* Parrot NMEA GPS Flight Recorder */ { USB_DEVICE(0x1ADB, 0x0001) }, /* Schweitzer Engineering C662 Cable */ { USB_DEVICE(0x1B1C, 0x1C00) }, /* Corsair USB Dongle */ + { USB_DEVICE(0x1B93, 0x1013) }, /* Phoenix Contact UPS Device */ { USB_DEVICE(0x1BA4, 0x0002) }, /* Silicon Labs 358x factory default */ { USB_DEVICE(0x1BE3, 0x07A6) }, /* WAGO 750-923 USB Service Cable */ { USB_DEVICE(0x1D6F, 0x0010) }, /* Seluxit ApS RF Dongle */ -- 2.45.2

3 weeks, 3 days

1
0
0 0

[PATCH] gpio: loongson: Fix Loongson-2K2000 ACPI GPIO register offset

by Binbin Zhou

Since commit 3feb70a61740 ("gpio: loongson: add more gpio chip support"), the Loongson-2K2000 GPIO is supported. However, according to the firmware development specification, the Loongson-2K2000 ACPI GPIO register offsets in the driver do not match the register base addresses in the firmware, resulting in the registers not being accessed properly. Now, we fix it to ensure the GPIO function works properly. Cc: stable(a)vger.kernel.org Cc: Yinbo Zhu <zhuyinbo(a)loongson.cn> Fixes: 3feb70a61740 ("gpio: loongson: add more gpio chip support") Co-developed-by: Hongliang Wang <wanghongliang(a)loongson.cn> Signed-off-by: Hongliang Wang <wanghongliang(a)loongson.cn> Signed-off-by: Binbin Zhou <zhoubinbin(a)loongson.cn> --- drivers/gpio/gpio-loongson-64bit.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/drivers/gpio/gpio-loongson-64bit.c b/drivers/gpio/gpio-loongson-64bit.c index 6749d4dd6d64..7f4d78fd800e 100644 --- a/drivers/gpio/gpio-loongson-64bit.c +++ b/drivers/gpio/gpio-loongson-64bit.c @@ -237,9 +237,9 @@ static const struct loongson_gpio_chip_data loongson_gpio_ls2k2000_data1 = { static const struct loongson_gpio_chip_data loongson_gpio_ls2k2000_data2 = { .label = "ls2k2000_gpio", .mode = BIT_CTRL_MODE, - .conf_offset = 0x84, - .in_offset = 0x88, - .out_offset = 0x80, + .conf_offset = 0x4, + .in_offset = 0x8, + .out_offset = 0x0, }; static const struct loongson_gpio_chip_data loongson_gpio_ls3a5000_data = { -- 2.43.5

3 weeks, 3 days

2
1
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror