- Linux-stable-mirror - lists.linaro.org

[PATCH] ASoC: sdw_utils: Fix potential NULL pointer deref in is_sdca_endpoint_present()

by Thorsten Blum

Check the return value of kzalloc() and exit early to avoid a potential NULL pointer dereference. Cc: stable(a)vger.kernel.org Fixes: 4f8ef33dd44a ("ASoC: soc_sdw_utils: skip the endpoint that doesn't present") Signed-off-by: Thorsten Blum <thorsten.blum(a)linux.dev> --- sound/soc/sdw_utils/soc_sdw_utils.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sound/soc/sdw_utils/soc_sdw_utils.c b/sound/soc/sdw_utils/soc_sdw_utils.c index 30f84f4e7637..b70cb3793d8f 100644 --- a/sound/soc/sdw_utils/soc_sdw_utils.c +++ b/sound/soc/sdw_utils/soc_sdw_utils.c @@ -1180,6 +1180,8 @@ static int is_sdca_endpoint_present(struct device *dev, int i; dlc = kzalloc(sizeof(*dlc), GFP_KERNEL); + if (!dlc) + return -ENOMEM; adr_end = &adr_dev->endpoints[end_index]; dai_info = &codec_info->dais[adr_end->num]; -- 2.49.0

3 weeks, 3 days

3
2
0 0

FAILED: patch "[PATCH] dt-bindings: pwm: adi,axi-pwmgen: Fix clocks" failed to apply to 6.12-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.12-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.12.y git checkout FETCH_HEAD git cherry-pick -x e683131e64f71e957ca77743cb3d313646157329 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2025060734-elated-juvenile-da5c@gregkh' --subject-prefix 'PATCH 6.12.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From e683131e64f71e957ca77743cb3d313646157329 Mon Sep 17 00:00:00 2001 From: David Lechner <dlechner(a)baylibre.com> Date: Thu, 29 May 2025 11:53:19 -0500 Subject: [PATCH] dt-bindings: pwm: adi,axi-pwmgen: Fix clocks MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fix a shortcoming in the bindings that doesn't allow for a separate external clock. The AXI PWMGEN IP block has a compile option ASYNC_CLK_EN that allows the use of an external clock for the PWM output separate from the AXI clock that runs the peripheral. This was missed in the original bindings and so users were writing dts files where the one and only clock specified would be the external clock, if there was one, incorrectly missing the separate AXI clock. The correct bindings are that the AXI clock is always required and the external clock is optional (must be given only when HDL compile option ASYNC_CLK_EN=1). Fixes: 1edf2c2a2841 ("dt-bindings: pwm: Add AXI PWM generator") Cc: stable(a)vger.kernel.org Signed-off-by: David Lechner <dlechner(a)baylibre.com> Reviewed-by: Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> Link: https://lore.kernel.org/r/20250529-pwm-axi-pwmgen-add-external-clock-v3-2-5… Signed-off-by: Uwe Kleine-König <ukleinek(a)kernel.org> diff --git a/Documentation/devicetree/bindings/pwm/adi,axi-pwmgen.yaml b/Documentation/devicetree/bindings/pwm/adi,axi-pwmgen.yaml index 45e112d0efb4..5575c58357d6 100644 --- a/Documentation/devicetree/bindings/pwm/adi,axi-pwmgen.yaml +++ b/Documentation/devicetree/bindings/pwm/adi,axi-pwmgen.yaml @@ -30,11 +30,19 @@ properties: const: 3 clocks: - maxItems: 1 + minItems: 1 + maxItems: 2 + + clock-names: + minItems: 1 + items: + - const: axi + - const: ext required: - reg - clocks + - clock-names unevaluatedProperties: false @@ -43,6 +51,7 @@ examples: pwm@44b00000 { compatible = "adi,axi-pwmgen-2.00.a"; reg = <0x44b00000 0x1000>; - clocks = <&spi_clk>; + clocks = <&fpga_clk>, <&spi_clk>; + clock-names = "axi", "ext"; #pwm-cells = <3>; };

3 weeks, 3 days

3
3
0 0

[PATCH] sched: Fix preemption string of preempt_dynamic_none

by Thomas Weißschuh

Zero is a valid value for "preempt_dynamic_mode", namely "preempt_dynamic_none". Fix the off-by-one in preempt_model_str(), so that "preempty_dynamic_none" is correctly formatted as PREEMPT(none) instead of PREEMPT(undef). Fixes: 8bdc5daaa01e ("sched: Add a generic function to return the preemption string") Cc: stable(a)vger.kernel.org Signed-off-by: Thomas Weißschuh <thomas.weissschuh(a)linutronix.de> --- kernel/sched/core.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kernel/sched/core.c b/kernel/sched/core.c index dce50fa57471dffc4311b9d393ae300a43d38d20..021b0a703d094b3386c5ba50e0e111e3a7c2b3df 100644 --- a/kernel/sched/core.c +++ b/kernel/sched/core.c @@ -7663,7 +7663,7 @@ const char *preempt_model_str(void) if (IS_ENABLED(CONFIG_PREEMPT_DYNAMIC)) { seq_buf_printf(&s, "(%s)%s", - preempt_dynamic_mode > 0 ? + preempt_dynamic_mode >= 0 ? preempt_modes[preempt_dynamic_mode] : "undef", brace ? "}" : ""); return seq_buf_str(&s); --- base-commit: 546b1c9e93c2bb8cf5ed24e0be1c86bb089b3253 change-id: 20250603-preempt-str-none-d21231cc2238 Best regards, -- Thomas Weißschuh <thomas.weissschuh(a)linutronix.de>

3 weeks, 3 days

3
3
0 0

[PATCH 5.10] usb: dwc3: dwc3-qcom: Add missing platform_device_put() in dwc3_qcom_acpi_register_core

by Denis Arefev

From: Miaoqian Lin <linmq006(a)gmail.com> commit fa0ef93868a6062babe1144df2807a8b1d4924d2 upstream. Add the missing platform_device_put() before return from dwc3_qcom_acpi_register_core in the error handling case. Fixes: 2bc02355f8ba ("usb: dwc3: qcom: Add support for booting with ACPI") Signed-off-by: Miaoqian Lin <linmq006(a)gmail.com> Link: https://lore.kernel.org/r/20211231113641.31474-1-linmq006@gmail.com Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> [Denis: minor fix to resolve merge conflict and add tag Fixes.] Signed-off-by: Denis Arefev <arefev(a)swemel.ru> --- Backport fix for CVE-2023-22995 Link: https://nvd.nist.gov/vuln/detail/cve-2023-22995 --- drivers/usb/dwc3/dwc3-qcom.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/drivers/usb/dwc3/dwc3-qcom.c b/drivers/usb/dwc3/dwc3-qcom.c index db3559a10207..568973582b75 100644 --- a/drivers/usb/dwc3/dwc3-qcom.c +++ b/drivers/usb/dwc3/dwc3-qcom.c @@ -622,8 +622,10 @@ static int dwc3_qcom_acpi_register_core(struct platform_device *pdev) qcom->dwc3->dev.coherent_dma_mask = dev->coherent_dma_mask; child_res = kcalloc(2, sizeof(*child_res), GFP_KERNEL); - if (!child_res) + if (!child_res) { + platform_device_put(qcom->dwc3); return -ENOMEM; + } res = platform_get_resource(pdev, IORESOURCE_MEM, 0); if (!res) { @@ -659,10 +661,15 @@ static int dwc3_qcom_acpi_register_core(struct platform_device *pdev) } ret = platform_device_add(qcom->dwc3); - if (ret) + if (ret) { dev_err(&pdev->dev, "failed to add device\n"); + goto out; + } + kfree(child_res); + return 0; out: + platform_device_put(qcom->dwc3); kfree(child_res); return ret; } -- 2.43.0

3 weeks, 3 days

1
0
0 0

Re: Patch "USB: serial: bus: fix const issue in usb_serial_device_match()" has been added to the 6.15-stable tree

by Johan Hovold

Hi Sasha, On Tue, Jun 10, 2025 at 08:18:13AM -0400, Sasha Levin wrote: > This is a note to let you know that I've just added the patch titled > > USB: serial: bus: fix const issue in usb_serial_device_match() > > to the 6.15-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… > > The filename of the patch is: > usb-serial-bus-fix-const-issue-in-usb_serial_device_.patch > and it can be found in the queue-6.15 subdirectory. > > If you, or anyone else, feels it should not be added to the stable tree, > please let <stable(a)vger.kernel.org> know about it. > > > > commit 0e91be50efc1a26ec9047dadc980631d31ef8578 > Author: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> > Date: Wed May 21 15:41:34 2025 +0200 > > USB: serial: bus: fix const issue in usb_serial_device_match() > > [ Upstream commit 92cd405b648605db4da866f3b9818b271ae84ef0 ] > > usb_serial_device_match() takes a const pointer, and then decides to > cast it away into a non-const one, which is not a good thing to do > overall. Fix this up by properly setting the pointers to be const to > preserve that attribute. > > Fixes: d69d80484598 ("driver core: have match() callback in struct bus_type take a const *") > Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> > Signed-off-by: Johan Hovold <johan(a)kernel.org> > Signed-off-by: Sasha Levin <sashal(a)kernel.org> This patch does not need to be backported and I left out the stable patch on purpose as usual. Please drop. Johan

3 weeks, 3 days

1
0
0 0

Re: [PATCH v2] mm/shmem, swap: fix softlockup with mTHP swapin

by Kairui Song

On Tue, Jun 10, 2025 at 1:18 AM Kairui Song <ryncsn(a)gmail.com> wrote: > > From: Kairui Song <kasong(a)tencent.com> > > Following softlockup can be easily reproduced on my test machine with: > > echo always > /sys/kernel/mm/transparent_hugepage/hugepages-64kB/enabled > swapon /dev/zram0 # zram0 is a 48G swap device > mkdir -p /sys/fs/cgroup/memory/test > echo 1G > /sys/fs/cgroup/test/memory.max > echo $BASHPID > /sys/fs/cgroup/test/cgroup.procs > while true; do > dd if=/dev/zero of=/tmp/test.img bs=1M count=5120 > cat /tmp/test.img > /dev/null > rm /tmp/test.img > done > > Then after a while: > watchdog: BUG: soft lockup - CPU#0 stuck for 763s! [cat:5787] > Modules linked in: zram virtiofs > CPU: 0 UID: 0 PID: 5787 Comm: cat Kdump: loaded Tainted: G L 6.15.0.orig-gf3021d9246bc-dirty #118 PREEMPT(voluntary)· > Tainted: [L]=SOFTLOCKUP > Hardware name: Red Hat KVM/RHEL-AV, BIOS 0.0.0 02/06/2015 > RIP: 0010:mpol_shared_policy_lookup+0xd/0x70 > Code: e9 b8 b4 ff ff 31 c0 c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 0f 1f 44 00 00 41 54 55 53 <48> 8b 1f 48 85 db 74 41 4c 8d 67 08 48 89 fb 48 89 f5 4c 89 e7 e8 > RSP: 0018:ffffc90002b1fc28 EFLAGS: 00000202 > RAX: 00000000001c20ca RBX: 0000000000724e1e RCX: 0000000000000001 > RDX: ffff888118e214c8 RSI: 0000000000057d42 RDI: ffff888118e21518 > RBP: 000000000002bec8 R08: 0000000000000001 R09: 0000000000000000 > R10: 0000000000000bf4 R11: 0000000000000000 R12: 0000000000000001 > R13: 00000000001c20ca R14: 00000000001c20ca R15: 0000000000000000 > FS: 00007f03f995c740(0000) GS:ffff88a07ad9a000(0000) knlGS:0000000000000000 > CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > CR2: 00007f03f98f1000 CR3: 0000000144626004 CR4: 0000000000770eb0 > DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 > DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 > PKRU: 55555554 > Call Trace: > <TASK> > shmem_alloc_folio+0x31/0xc0 > shmem_swapin_folio+0x309/0xcf0 > ? filemap_get_entry+0x117/0x1e0 > ? xas_load+0xd/0xb0 > ? filemap_get_entry+0x101/0x1e0 > shmem_get_folio_gfp+0x2ed/0x5b0 > shmem_file_read_iter+0x7f/0x2e0 > vfs_read+0x252/0x330 > ksys_read+0x68/0xf0 > do_syscall_64+0x4c/0x1c0 > entry_SYSCALL_64_after_hwframe+0x76/0x7e > RIP: 0033:0x7f03f9a46991 > Code: 00 48 8b 15 81 14 10 00 f7 d8 64 89 02 b8 ff ff ff ff eb bd e8 20 ad 01 00 f3 0f 1e fa 80 3d 35 97 10 00 00 74 13 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 4f c3 66 0f 1f 44 00 00 55 48 89 e5 48 83 ec > RSP: 002b:00007fff3c52bd28 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 > RAX: ffffffffffffffda RBX: 0000000000040000 RCX: 00007f03f9a46991 > RDX: 0000000000040000 RSI: 00007f03f98ba000 RDI: 0000000000000003 > RBP: 00007fff3c52bd50 R08: 0000000000000000 R09: 00007f03f9b9a380 > R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000040000 > R13: 00007f03f98ba000 R14: 0000000000000003 R15: 0000000000000000 > </TASK> > > The reason is simple, readahead brought some order 0 folio in swap > cache, and the swapin mTHP folio being allocated is in confict with it, > so swapcache_prepare fails and causes shmem_swap_alloc_folio to return > -EEXIST, and shmem simply retries again and again causing this loop. > > Fix it by applying a similar fix for anon mTHP swapin. > > The performance change is very slight, time of swapin 10g zero folios > with shmem (test for 12 times): > Before: 2.47s > After: 2.48s > > Fixes: 1dd44c0af4fa1 ("mm: shmem: skip swapcache for swapin of synchronous swap device") > Signed-off-by: Kairui Song <kasong(a)tencent.com> > > --- > > V1: https://lore.kernel.org/linux-mm/20250608192713.95875-1-ryncsn@gmail.com/ > Updates: > - Move non_swapcache_batch check before swapcache_prepare, I was > expecting this could improve the performance, turns out it barely > helps and may even cause more overhead in some cases. [ Barry Song ] > - Remove zero map check, no need to do that for shmem [ Barry Song, > Baolin Wang ] > - Fix build bot error. > > mm/memory.c | 20 -------------------- > mm/shmem.c | 4 +++- > mm/swap.h | 23 +++++++++++++++++++++++ > 3 files changed, 26 insertions(+), 21 deletions(-) > > diff --git a/mm/memory.c b/mm/memory.c > index 9ead7ab07e8e..3845ed068d74 100644 > --- a/mm/memory.c > +++ b/mm/memory.c > @@ -4313,26 +4313,6 @@ static struct folio *__alloc_swap_folio(struct vm_fault *vmf) > } > > #ifdef CONFIG_TRANSPARENT_HUGEPAGE > -static inline int non_swapcache_batch(swp_entry_t entry, int max_nr) > -{ > - struct swap_info_struct *si = swp_swap_info(entry); > - pgoff_t offset = swp_offset(entry); > - int i; > - > - /* > - * While allocating a large folio and doing swap_read_folio, which is > - * the case the being faulted pte doesn't have swapcache. We need to > - * ensure all PTEs have no cache as well, otherwise, we might go to > - * swap devices while the content is in swapcache. > - */ > - for (i = 0; i < max_nr; i++) { > - if ((si->swap_map[offset + i] & SWAP_HAS_CACHE)) > - return i; > - } > - > - return i; > -} > - > /* > * Check if the PTEs within a range are contiguous swap entries > * and have consistent swapcache, zeromap. > diff --git a/mm/shmem.c b/mm/shmem.c > index 73182e904f9c..a4fdfbd086f1 100644 > --- a/mm/shmem.c > +++ b/mm/shmem.c > @@ -2256,6 +2256,7 @@ static int shmem_swapin_folio(struct inode *inode, pgoff_t index, > folio = swap_cache_get_folio(swap, NULL, 0); > order = xa_get_order(&mapping->i_pages, index); > if (!folio) { > + int nr_pages = 1 << order; > bool fallback_order0 = false; > > /* Or update major stats only when swapin succeeds?? */ > @@ -2271,7 +2272,8 @@ static int shmem_swapin_folio(struct inode *inode, pgoff_t index, > * to swapin order-0 folio, as well as for zswap case. > */ > if (order > 0 && ((vma && unlikely(userfaultfd_armed(vma))) || > - !zswap_never_enabled())) > + !zswap_never_enabled() || > + non_swapcache_batch(swap, nr_pages) != nr_pages)) > fallback_order0 = true; > > /* Skip swapcache for synchronous device. */ > diff --git a/mm/swap.h b/mm/swap.h > index e87a0f19a0ee..911ad5ff0f89 100644 > --- a/mm/swap.h > +++ b/mm/swap.h > @@ -108,6 +108,25 @@ static inline int swap_zeromap_batch(swp_entry_t entry, int max_nr, > return find_next_bit(sis->zeromap, end, start) - start; > } > > +static inline int non_swapcache_batch(swp_entry_t entry, int max_nr) > +{ > + struct swap_info_struct *si = swp_swap_info(entry); > + pgoff_t offset = swp_offset(entry); > + int i; > + > + /* > + * While allocating a large folio and doing mTHP swapin, we need to > + * ensure all entries are not cached, otherwise, the mTHP folio will > + * be in conflict with the folio in swap cache. > + */ > + for (i = 0; i < max_nr; i++) { > + if ((si->swap_map[offset + i] & SWAP_HAS_CACHE)) > + return i; > + } > + > + return i; > +} > + > #else /* CONFIG_SWAP */ > struct swap_iocb; > static inline void swap_read_folio(struct folio *folio, struct swap_iocb **plug) > @@ -202,6 +221,10 @@ static inline int swap_zeromap_batch(swp_entry_t entry, int max_nr, > return 0; > } > > +static inline int non_swapcache_batch(swp_entry_t entry, int max_nr) > +{ > + return 0; > +} > #endif /* CONFIG_SWAP */ > > /** > -- > 2.49.0 > I really should Cc stable for this, sorry I forgot it. Cc: stable(a)vger.kernel.org # 6.14

3 weeks, 3 days

2
2
0 0

[PATCH] staging: rtl8723bs: Avoid memset() in aes_cipher() and aes_decipher()

by Nathan Chancellor

After commit 6f110a5e4f99 ("Disable SLUB_TINY for build testing"), which causes CONFIG_KASAN to be enabled in allmodconfig again, arm64 allmodconfig builds with older versions of clang (15 through 17) show an instance of -Wframe-larger-than (which breaks the build with CONFIG_WERROR=y): drivers/staging/rtl8723bs/core/rtw_security.c:1287:5: error: stack frame size (2208) exceeds limit (2048) in 'rtw_aes_decrypt' [-Werror,-Wframe-larger-than] 1287 | u32 rtw_aes_decrypt(struct adapter *padapter, u8 *precvframe) | ^ This comes from aes_decipher() being inlined in rtw_aes_decrypt(). Running the same build with CONFIG_FRAME_WARN=128 shows aes_cipher() also uses a decent amount of stack, just under the limit of 2048: drivers/staging/rtl8723bs/core/rtw_security.c:864:19: warning: stack frame size (1952) exceeds limit (128) in 'aes_cipher' [-Wframe-larger-than] 864 | static signed int aes_cipher(u8 *key, uint hdrlen, | ^ -Rpass-analysis=stack-frame-layout only shows one large structure on the stack, which is the ctx variable inlined from aes128k128d(). A good number of the other variables come from the additional checks of fortified string routines, which are present in memset(), which both aes_cipher() and aes_decipher() use to initialize some temporary buffers. In this case, since the size is known at compile time, these additional checks should not result in any code generation changes but allmodconfig has several sanitizers enabled, which may make it harder for the compiler to eliminate the compile time checks and the variables that come about from them. The memset() calls are just initializing these buffers to zero, so use '= {}' instead, which is used all over the kernel and does the exact same thing as memset() without the fortify checks, which drops the stack usage of these functions by a few hundred kilobytes. drivers/staging/rtl8723bs/core/rtw_security.c:864:19: warning: stack frame size (1584) exceeds limit (128) in 'aes_cipher' [-Wframe-larger-than] 864 | static signed int aes_cipher(u8 *key, uint hdrlen, | ^ drivers/staging/rtl8723bs/core/rtw_security.c:1271:5: warning: stack frame size (1456) exceeds limit (128) in 'rtw_aes_decrypt' [-Wframe-larger-than] 1271 | u32 rtw_aes_decrypt(struct adapter *padapter, u8 *precvframe) | ^ Cc: stable(a)vger.kernel.org Fixes: 554c0a3abf21 ("staging: Add rtl8723bs sdio wifi driver") Signed-off-by: Nathan Chancellor <nathan(a)kernel.org> --- drivers/staging/rtl8723bs/core/rtw_security.c | 44 +++++++++------------------ 1 file changed, 14 insertions(+), 30 deletions(-) diff --git a/drivers/staging/rtl8723bs/core/rtw_security.c b/drivers/staging/rtl8723bs/core/rtw_security.c index 1e9eff01b1aa..e9f382c280d9 100644 --- a/drivers/staging/rtl8723bs/core/rtw_security.c +++ b/drivers/staging/rtl8723bs/core/rtw_security.c @@ -868,29 +868,21 @@ static signed int aes_cipher(u8 *key, uint hdrlen, num_blocks, payload_index; u8 pn_vector[6]; - u8 mic_iv[16]; - u8 mic_header1[16]; - u8 mic_header2[16]; - u8 ctr_preload[16]; + u8 mic_iv[16] = {}; + u8 mic_header1[16] = {}; + u8 mic_header2[16] = {}; + u8 ctr_preload[16] = {}; /* Intermediate Buffers */ - u8 chain_buffer[16]; - u8 aes_out[16]; - u8 padded_buffer[16]; + u8 chain_buffer[16] = {}; + u8 aes_out[16] = {}; + u8 padded_buffer[16] = {}; u8 mic[8]; uint frtype = GetFrameType(pframe); uint frsubtype = GetFrameSubType(pframe); frsubtype = frsubtype>>4; - memset((void *)mic_iv, 0, 16); - memset((void *)mic_header1, 0, 16); - memset((void *)mic_header2, 0, 16); - memset((void *)ctr_preload, 0, 16); - memset((void *)chain_buffer, 0, 16); - memset((void *)aes_out, 0, 16); - memset((void *)padded_buffer, 0, 16); - if ((hdrlen == WLAN_HDR_A3_LEN) || (hdrlen == WLAN_HDR_A3_QOS_LEN)) a4_exists = 0; else @@ -1080,15 +1072,15 @@ static signed int aes_decipher(u8 *key, uint hdrlen, num_blocks, payload_index; signed int res = _SUCCESS; u8 pn_vector[6]; - u8 mic_iv[16]; - u8 mic_header1[16]; - u8 mic_header2[16]; - u8 ctr_preload[16]; + u8 mic_iv[16] = {}; + u8 mic_header1[16] = {}; + u8 mic_header2[16] = {}; + u8 ctr_preload[16] = {}; /* Intermediate Buffers */ - u8 chain_buffer[16]; - u8 aes_out[16]; - u8 padded_buffer[16]; + u8 chain_buffer[16] = {}; + u8 aes_out[16] = {}; + u8 padded_buffer[16] = {}; u8 mic[8]; uint frtype = GetFrameType(pframe); @@ -1096,14 +1088,6 @@ static signed int aes_decipher(u8 *key, uint hdrlen, frsubtype = frsubtype>>4; - memset((void *)mic_iv, 0, 16); - memset((void *)mic_header1, 0, 16); - memset((void *)mic_header2, 0, 16); - memset((void *)ctr_preload, 0, 16); - memset((void *)chain_buffer, 0, 16); - memset((void *)aes_out, 0, 16); - memset((void *)padded_buffer, 0, 16); - /* start to decrypt the payload */ num_blocks = (plen-8) / 16; /* plen including LLC, payload_length and mic) */ --- base-commit: 19272b37aa4f83ca52bdf9c16d5d81bdd1354494 change-id: 20250609-rtl8723bs-fix-clang-arm64-wflt-b4b9652904b5 Best regards, -- Nathan Chancellor <nathan(a)kernel.org>

3 weeks, 3 days

2
1
0 0

Linux 6.14.11

by Greg Kroah-Hartman

----------------- Note this is the LAST 6.14.y release. This kernel branch is now end-of-life. Please move to the 6.15.y kernel branch at this time. If you notice, this has happened a bit more "early" than previous end-of-life announcements. Normally, after -rc1 is out there is a TON of stable patches happening due to the changes that come into the merge-window that were marked for stable backports but didn't get into Linus's release before -final. As some people have objected to this large influx being added to a stable kernel that is just about to go end-of-life, let's try marking this end-of-life a bit earlier to see how it goes. It might also spur maintainers/developers to get fixes into -final a bit more as well :) ----------------- I'm announcing the release of the 6.14.11 kernel. All users of the 6.14 kernel series must upgrade. The updated 6.14.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.14.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/devicetree/bindings/phy/fsl,imx8mq-usb-phy.yaml | 3 - Documentation/devicetree/bindings/pwm/adi,axi-pwmgen.yaml | 13 ++++- Documentation/devicetree/bindings/usb/cypress,hx3.yaml | 19 ++++++- Documentation/firmware-guide/acpi/dsd/data-node-references.rst | 26 ++++------ Documentation/firmware-guide/acpi/dsd/graph.rst | 11 +--- Documentation/firmware-guide/acpi/dsd/leds.rst | 7 -- Makefile | 2 drivers/android/binder.c | 16 +++++- drivers/android/binder_internal.h | 8 ++- drivers/android/binderfs.c | 2 drivers/bluetooth/hci_qca.c | 14 ++--- drivers/clk/samsung/clk-exynosautov920.c | 2 drivers/cpufreq/acpi-cpufreq.c | 2 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 16 +----- drivers/nvmem/Kconfig | 1 drivers/pinctrl/mvebu/pinctrl-armada-37xx.c | 14 +++-- drivers/rtc/class.c | 2 drivers/rtc/lib.c | 24 +++++++-- drivers/thunderbolt/ctl.c | 5 + drivers/tty/serial/jsm/jsm_tty.c | 1 drivers/usb/class/usbtmc.c | 4 + drivers/usb/core/quirks.c | 3 + drivers/usb/serial/pl2303.c | 2 drivers/usb/storage/unusual_uas.h | 7 ++ drivers/usb/typec/ucsi/ucsi.h | 2 fs/orangefs/inode.c | 9 +-- kernel/trace/trace.c | 2 27 files changed, 138 insertions(+), 79 deletions(-) Alexandre Mergnat (2): rtc: Make rtc_time64_to_tm() support dates before 1970 rtc: Fix offset calculation for .start_secs < 0 Arnd Bergmann (1): nvmem: rmem: select CONFIG_CRC32 Aurabindo Pillai (1): Revert "drm/amd/display: more liberal vmin/vmax update for freesync" Bartosz Golaszewski (1): Bluetooth: hci_qca: move the SoC type check to the right place Carlos Llamas (1): binder: fix yet another UAF in binder_devices Charles Yeh (1): USB: serial: pl2303: add new chip PL2303GC-Q20 and PL2303GT-2AB Dave Penkler (1): usb: usbtmc: Fix timeout value in get_stb David Lechner (1): dt-bindings: pwm: adi,axi-pwmgen: Fix clocks Dmitry Antipov (1): binder: fix use-after-free in binderfs_evict_inode() Dustin Lundquist (1): serial: jsm: fix NPE during jsm_uart_port_init Gabor Juhos (2): pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs > 31 pinctrl: armada-37xx: set GPIO output value before setting direction Gautham R. Shenoy (1): acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio() Greg Kroah-Hartman (1): Linux 6.14.11 Hongyu Xie (1): usb: storage: Ignore UAS driver for SanDisk 3.2 Gen2 storage device Jiayi Li (1): usb: quirks: Add NO_LPM quirk for SanDisk Extreme 55AE Lukasz Czechowski (1): dt-bindings: usb: cypress,hx3: Add support for all variants Mike Marshall (1): orangefs: adjust counting code to recover from 665575cf Pan Taixi (1): tracing: Fix compilation warning on arm32 Pritam Manohar Sutar (1): clk: samsung: correct clock summary for hsi1 block Qasim Ijaz (1): usb: typec: ucsi: fix Clang -Wsign-conversion warning Sakari Ailus (1): Documentation: ACPI: Use all-string data node references Sergey Senozhatsky (1): thunderbolt: Do not double dequeue a configuration request Xu Yang (1): dt-bindings: phy: imx8mq-usb: fix fsl,phy-tx-vboost-level-microvolt property

3 weeks, 3 days

1
1
0 0

Linux 6.15.2

by Greg Kroah-Hartman

I'm announcing the release of the 6.15.2 kernel. All users of the 6.15 kernel series must upgrade. The updated 6.15.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.15.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/devicetree/bindings/phy/fsl,imx8mq-usb-phy.yaml | 3 Documentation/devicetree/bindings/pwm/adi,axi-pwmgen.yaml | 13 + Documentation/devicetree/bindings/remoteproc/qcom,sm8150-pas.yaml | 3 Documentation/devicetree/bindings/usb/cypress,hx3.yaml | 19 ++ Documentation/firmware-guide/acpi/dsd/data-node-references.rst | 26 +-- Documentation/firmware-guide/acpi/dsd/graph.rst | 11 - Documentation/firmware-guide/acpi/dsd/leds.rst | 7 Makefile | 2 arch/x86/kernel/smpboot.c | 54 ++++++- drivers/acpi/acpica/acdebug.h | 2 drivers/acpi/acpica/aclocal.h | 4 drivers/acpi/acpica/nsnames.c | 2 drivers/acpi/acpica/nsrepair2.c | 2 drivers/android/binder.c | 16 +- drivers/android/binder_internal.h | 8 - drivers/android/binderfs.c | 2 drivers/bluetooth/hci_qca.c | 14 - drivers/clk/samsung/clk-exynosautov920.c | 2 drivers/cpufreq/acpi-cpufreq.c | 2 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 16 -- drivers/nvmem/Kconfig | 1 drivers/pinctrl/mediatek/mtk-eint.c | 26 +-- drivers/pinctrl/mediatek/mtk-eint.h | 5 drivers/pinctrl/mediatek/pinctrl-mtk-common-v2.c | 2 drivers/pinctrl/mediatek/pinctrl-mtk-common.c | 2 drivers/pinctrl/mvebu/pinctrl-armada-37xx.c | 14 + drivers/rtc/class.c | 2 drivers/rtc/lib.c | 24 ++- drivers/thunderbolt/ctl.c | 5 drivers/tty/serial/jsm/jsm_tty.c | 1 drivers/usb/class/usbtmc.c | 4 drivers/usb/core/quirks.c | 3 drivers/usb/serial/pl2303.c | 2 drivers/usb/storage/unusual_uas.h | 7 drivers/usb/typec/ucsi/ucsi.h | 2 fs/bcachefs/dirent.c | 12 - fs/bcachefs/dirent.h | 4 fs/bcachefs/errcode.h | 2 fs/bcachefs/fs.c | 8 - fs/bcachefs/fsck.c | 8 + fs/bcachefs/inode.c | 77 ++++++---- fs/bcachefs/namei.c | 4 fs/bcachefs/sb-errors_format.h | 4 fs/bcachefs/subvolume.c | 19 +- include/acpi/actbl.h | 6 include/acpi/actypes.h | 4 include/acpi/platform/acgcc.h | 8 + kernel/trace/trace.c | 2 tools/power/acpi/os_specific/service_layers/oslinuxtbl.c | 2 tools/power/acpi/tools/acpidump/apfiles.c | 2 50 files changed, 313 insertions(+), 157 deletions(-) Ahmed Salem (1): ACPICA: Apply ACPI_NONSTRING in more places Alexandre Mergnat (2): rtc: Make rtc_time64_to_tm() support dates before 1970 rtc: Fix offset calculation for .start_secs < 0 Arnd Bergmann (1): nvmem: rmem: select CONFIG_CRC32 Aurabindo Pillai (1): Revert "drm/amd/display: more liberal vmin/vmax update for freesync" Bartosz Golaszewski (1): Bluetooth: hci_qca: move the SoC type check to the right place Carlos Llamas (1): binder: fix yet another UAF in binder_devices Charles Yeh (1): USB: serial: pl2303: add new chip PL2303GC-Q20 and PL2303GT-2AB Dave Penkler (1): usb: usbtmc: Fix timeout value in get_stb David Lechner (1): dt-bindings: pwm: adi,axi-pwmgen: Fix clocks Dmitry Antipov (1): binder: fix use-after-free in binderfs_evict_inode() Dustin Lundquist (1): serial: jsm: fix NPE during jsm_uart_port_init Gabor Juhos (2): pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs > 31 pinctrl: armada-37xx: set GPIO output value before setting direction Gautham R. Shenoy (1): acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio() Greg Kroah-Hartman (1): Linux 6.15.2 Hongyu Xie (1): usb: storage: Ignore UAS driver for SanDisk 3.2 Gen2 storage device Jiayi Li (1): usb: quirks: Add NO_LPM quirk for SanDisk Extreme 55AE Kees Cook (2): ACPICA: Introduce ACPI_NONSTRING ACPICA: Apply ACPI_NONSTRING Kent Overstreet (5): bcachefs: Kill un-reverted directory i_size code bcachefs: Repair code for directory i_size bcachefs: delete dead code from may_delete_deleted_inode() bcachefs: Run may_delete_deleted_inode() checks in bch2_inode_rm() bcachefs: Fix subvol to missing root repair Krzysztof Kozlowski (1): dt-bindings: remoteproc: qcom,sm8150-pas: Add missing SC8180X compatible Lukasz Czechowski (1): dt-bindings: usb: cypress,hx3: Add support for all variants Nícolas F. R. A. Prado (1): pinctrl: mediatek: eint: Fix invalid pointer dereference for v1 platforms Pan Taixi (1): tracing: Fix compilation warning on arm32 Pritam Manohar Sutar (1): clk: samsung: correct clock summary for hsi1 block Qasim Ijaz (1): usb: typec: ucsi: fix Clang -Wsign-conversion warning Rafael J. Wysocki (1): Revert "x86/smp: Eliminate mwait_play_dead_cpuid_hint()" Sakari Ailus (1): Documentation: ACPI: Use all-string data node references Sergey Senozhatsky (1): thunderbolt: Do not double dequeue a configuration request Xu Yang (1): dt-bindings: phy: imx8mq-usb: fix fsl,phy-tx-vboost-level-microvolt property

3 weeks, 3 days

1
1
0 0

Linux 6.12.33

by Greg Kroah-Hartman

I'm announcing the release of the 6.12.33 kernel. All users of the 6.12 kernel series must upgrade. The updated 6.12.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-6.12.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/devicetree/bindings/phy/fsl,imx8mq-usb-phy.yaml | 3 Documentation/devicetree/bindings/usb/cypress,hx3.yaml | 19 +- Documentation/firmware-guide/acpi/dsd/data-node-references.rst | 26 +- Documentation/firmware-guide/acpi/dsd/graph.rst | 11 - Documentation/firmware-guide/acpi/dsd/leds.rst | 7 Makefile | 2 block/bio.c | 11 - drivers/accel/ivpu/ivpu_drv.c | 1 drivers/accel/ivpu/ivpu_drv.h | 10 - drivers/accel/ivpu/ivpu_fw.c | 3 drivers/accel/ivpu/ivpu_hw_40xx_reg.h | 2 drivers/accel/ivpu/ivpu_hw_ip.c | 49 +++-- drivers/bluetooth/hci_qca.c | 14 - drivers/cpufreq/acpi-cpufreq.c | 2 drivers/cpufreq/tegra186-cpufreq.c | 7 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 16 - drivers/pci/pcie/aspm.c | 92 +++++----- drivers/pinctrl/mvebu/pinctrl-armada-37xx.c | 14 - drivers/rtc/class.c | 2 drivers/rtc/lib.c | 24 ++ drivers/thunderbolt/ctl.c | 5 drivers/tty/serial/jsm/jsm_tty.c | 1 drivers/usb/class/usbtmc.c | 4 drivers/usb/core/quirks.c | 3 drivers/usb/serial/pl2303.c | 2 drivers/usb/storage/unusual_uas.h | 7 drivers/usb/typec/ucsi/ucsi.h | 2 fs/f2fs/inode.c | 7 fs/f2fs/segment.h | 9 kernel/trace/trace.c | 2 30 files changed, 216 insertions(+), 141 deletions(-) Ajay Agarwal (1): PCI/ASPM: Disable L1 before disabling L1 PM Substates Alexandre Mergnat (2): rtc: Make rtc_time64_to_tm() support dates before 1970 rtc: Fix offset calculation for .start_secs < 0 Aurabindo Pillai (1): Revert "drm/amd/display: more liberal vmin/vmax update for freesync" Bartosz Golaszewski (1): Bluetooth: hci_qca: move the SoC type check to the right place Chao Yu (1): f2fs: fix to avoid accessing uninitialized curseg Charles Yeh (1): USB: serial: pl2303: add new chip PL2303GC-Q20 and PL2303GT-2AB Dave Penkler (1): usb: usbtmc: Fix timeout value in get_stb Dustin Lundquist (1): serial: jsm: fix NPE during jsm_uart_port_init Gabor Juhos (2): pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs > 31 pinctrl: armada-37xx: set GPIO output value before setting direction Gautham R. Shenoy (1): acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio() Greg Kroah-Hartman (1): Linux 6.12.33 Hongyu Xie (1): usb: storage: Ignore UAS driver for SanDisk 3.2 Gen2 storage device Jiayi Li (1): usb: quirks: Add NO_LPM quirk for SanDisk Extreme 55AE Jon Hunter (1): Revert "cpufreq: tegra186: Share policy per cluster" Karol Wachowski (1): accel/ivpu: Update power island delays Lukasz Czechowski (1): dt-bindings: usb: cypress,hx3: Add support for all variants Maciej Falkowski (1): accel/ivpu: Add initial Panther Lake support Ming Lei (1): block: fix adding folio to bio Pan Taixi (1): tracing: Fix compilation warning on arm32 Qasim Ijaz (1): usb: typec: ucsi: fix Clang -Wsign-conversion warning Sakari Ailus (1): Documentation: ACPI: Use all-string data node references Sergey Senozhatsky (1): thunderbolt: Do not double dequeue a configuration request Xu Yang (1): dt-bindings: phy: imx8mq-usb: fix fsl,phy-tx-vboost-level-microvolt property

3 weeks, 3 days

1
1
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror