b92d1cb293
4143 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Greg Kroah-Hartman
|
b92d1cb293 |
Merge 6.1.51 into android14-6.1-lts
Changes in 6.1.51 ACPI: thermal: Drop nocrt parameter module: Expose module_init_layout_section() arm64: module-plts: inline linux/moduleloader.h arm64: module: Use module_init_layout_section() to spot init sections ARM: module: Use module_init_layout_section() to spot init sections lockdep: fix static memory detection even more parisc: Cleanup mmap implementation regarding color alignment parisc: sys_parisc: parisc_personality() is called from asm code io_uring/parisc: Adjust pgoff in io_uring mmap() for parisc kallsyms: Fix kallsyms_selftest failure thunderbolt: Fix a backport error for display flickering issue Linux 6.1.51 Change-Id: I8bc79fc29ebf10ba654c16b771af1519eea39b38 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Greg Kroah-Hartman
|
50874c58d8 |
Merge 6.1.47 into android14-6.1-lts
Changes in 6.1.47 mmc: sdhci-f-sdh30: Replace with sdhci_pltfm cpuidle: psci: Extend information in log about OSI/PC mode cpuidle: psci: Move enabling OSI mode after power domains creation zsmalloc: consolidate zs_pool's migrate_lock and size_class's locks zsmalloc: fix races between modifications of fullness and isolated selftests: forwarding: tc_actions: cleanup temporary files when test is aborted selftests: forwarding: tc_actions: Use ncat instead of nc net/smc: replace mutex rmbs_lock and sndbufs_lock with rw_semaphore net/smc: Fix setsockopt and sysctl to specify same buffer size again net: phy: at803x: Use devm_regulator_get_enable_optional() net: phy: at803x: fix the wol setting functions drm/amdgpu: fix calltrace warning in amddrm_buddy_fini drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1 drm/amdgpu: fix memory leak in mes self test ASoC: Intel: sof_sdw: add quirk for MTL RVP ASoC: Intel: sof_sdw: add quirk for LNL RVP PCI: tegra194: Fix possible array out of bounds access ASoC: SOF: amd: Add pci revision id check drm/stm: ltdc: fix late dereference check drm: rcar-du: remove R-Car H3 ES1.* workarounds ASoC: amd: vangogh: Add check for acp config flags in vangogh platform ARM: dts: imx6dl: prtrvt, prtvt7, prti6q, prtwd2: fix USB related warnings ASoC: Intel: sof_sdw_rt_sdca_jack_common: test SOF_JACK_JDSRC in _exit ASoC: Intel: sof_sdw: Add support for Rex soundwire iopoll: Call cpu_relax() in busy loops ASoC: SOF: Intel: fix SoundWire/HDaudio mutual exclusion dma-remap: use kvmalloc_array/kvfree for larger dma memory remap accel/habanalabs: add pci health check during heartbeat HID: logitech-hidpp: Add USB and Bluetooth IDs for the Logitech G915 TKL Keyboard iommu/amd: Introduce Disable IRTE Caching Support drm/amdgpu: install stub fence into potential unused fence pointers drm/amd/display: Apply 60us prefetch for DCFCLK <= 300Mhz RDMA/mlx5: Return the firmware result upon destroying QP/RQ drm/amd/display: Skip DPP DTO update if root clock is gated drm/amd/display: Enable dcn314 DPP RCO ASoC: SOF: core: Free the firmware trace before calling snd_sof_shutdown() HID: intel-ish-hid: ipc: Add Arrow Lake PCI device ID ALSA: hda/realtek: Add quirks for ROG ALLY CS35l41 audio smb: client: fix warning in cifs_smb3_do_mount() cifs: fix session state check in reconnect to avoid use-after-free issue serial: stm32: Ignore return value of uart_remove_one_port() in .remove() led: qcom-lpg: Fix resource leaks in for_each_available_child_of_node() loops media: v4l2-mem2mem: add lock to protect parameter num_rdy media: camss: set VFE bpl_alignment to 16 for sdm845 and sm8250 usb: gadget: u_serial: Avoid spinlock recursion in __gs_console_push usb: gadget: uvc: queue empty isoc requests if no video buffer is available media: platform: mediatek: vpu: fix NULL ptr dereference thunderbolt: Read retimer NVM authentication status prior tb_retimer_set_inbound_sbtx() usb: chipidea: imx: don't request QoS for imx8ulp usb: chipidea: imx: add missing USB PHY DPDM wakeup setting gfs2: Fix possible data races in gfs2_show_options() pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db() thunderbolt: Add Intel Barlow Ridge PCI ID thunderbolt: Limit Intel Barlow Ridge USB3 bandwidth firewire: net: fix use after free in fwnet_finish_incoming_packet() watchdog: sp5100_tco: support Hygon FCH/SCH (Server Controller Hub) Bluetooth: L2CAP: Fix use-after-free Bluetooth: btusb: Add MT7922 bluetooth ID for the Asus Ally ceph: try to dump the msgs when decoding fails drm/amdgpu: Fix potential fence use-after-free v2 fs/ntfs3: Enhance sanity check while generating attr_list fs: ntfs3: Fix possible null-pointer dereferences in mi_read() fs/ntfs3: Mark ntfs dirty when on-disk struct is corrupted ALSA: hda/realtek: Add quirks for Unis H3C Desktop B760 & Q760 ALSA: hda: fix a possible null-pointer dereference due to data race in snd_hdac_regmap_sync() ALSA: hda/realtek: Add quirk for ASUS ROG GX650P ALSA: hda/realtek: Add quirk for ASUS ROG GA402X ALSA: hda/realtek: Add quirk for ASUS ROG GZ301V powerpc/kasan: Disable KCOV in KASAN code Bluetooth: MGMT: Use correct address for memcpy() ring-buffer: Do not swap cpu_buffer during resize process igc: read before write to SRRCTL register drm/amd/display: save restore hdcp state when display is unplugged from mst hub drm/amd/display: phase3 mst hdcp for multiple displays drm/amd/display: fix access hdcp_workqueue assert KVM: arm64: vgic-v4: Make the doorbell request robust w.r.t preemption ARM: dts: nxp/imx6sll: fix wrong property name in usbphy node fbdev/hyperv-fb: Do not set struct fb_info.apertures video/aperture: Only remove sysfb on the default vga pci device btrfs: move out now unused BG from the reclaim list btrfs: convert btrfs_block_group::needs_free_space to runtime flag btrfs: convert btrfs_block_group::seq_zone to runtime flag btrfs: fix use-after-free of new block group that became unused virtio-mmio: don't break lifecycle of vm_dev vduse: Use proper spinlock for IRQ injection vdpa/mlx5: Fix mr->initialized semantics vdpa/mlx5: Delete control vq iotlb in destroy_mr only when necessary cifs: fix potential oops in cifs_oplock_break i2c: bcm-iproc: Fix bcm_iproc_i2c_isr deadlock issue i2c: hisi: Only handle the interrupt of the driver's transfer i2c: tegra: Fix i2c-tegra DMA config option processing fbdev: mmp: fix value check in mmphw_probe() powerpc/rtas_flash: allow user copy to flash block cache objects vdpa: Add features attr to vdpa_nl_policy for nlattr length check vdpa: Add queue index attr to vdpa_nl_policy for nlattr length check vdpa: Add max vqp attr to vdpa_nl_policy for nlattr length check vdpa: Enable strict validation for netlinks ops tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux tty: serial: fsl_lpuart: Clear the error flags by writing 1 for lpuart32 platforms btrfs: fix incorrect splitting in btrfs_drop_extent_map_range btrfs: fix BUG_ON condition in btrfs_cancel_balance i2c: designware: Correct length byte validation logic i2c: designware: Handle invalid SMBus block data response length value net: xfrm: Fix xfrm_address_filter OOB read net: af_key: fix sadb_x_filter validation net: xfrm: Amend XFRMA_SEC_CTX nla_policy structure xfrm: fix slab-use-after-free in decode_session6 ip6_vti: fix slab-use-after-free in decode_session6 ip_vti: fix potential slab-use-after-free in decode_session6 xfrm: add NULL check in xfrm_update_ae_params xfrm: add forgotten nla_policy for XFRMA_MTIMER_THRESH virtio_net: notify MAC address change on device initialization virtio-net: set queues after driver_ok net: pcs: Add missing put_device call in miic_create net: phy: fix IRQ-based wake-on-lan over hibernate / power off selftests: mirror_gre_changes: Tighten up the TTL test match drm/panel: simple: Fix AUO G121EAN01 panel timings according to the docs net: macb: In ZynqMP resume always configure PS GTR for non-wakeup source octeon_ep: cancel tx_timeout_task later in remove sequence netfilter: nf_tables: fix false-positive lockdep splat netfilter: nf_tables: deactivate catchall elements in next generation ipvs: fix racy memcpy in proc_do_sync_threshold netfilter: nft_dynset: disallow object maps net: phy: broadcom: stub c45 read/write for 54810 team: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves net: openvswitch: reject negative ifindex iavf: fix FDIR rule fields masks validation i40e: fix misleading debug logs net: dsa: mv88e6xxx: Wait for EEPROM done before HW reset sfc: don't unregister flow_indr if it was never registered sock: Fix misuse of sk_under_memory_pressure() net: do not allow gso_size to be set to GSO_BY_FRAGS qede: fix firmware halt over suspend and resume ice: Block switchdev mode when ADQ is active and vice versa bus: ti-sysc: Flush posted write on enable before reset arm64: dts: qcom: qrb5165-rb5: fix thermal zone conflict arm64: dts: rockchip: Disable HS400 for eMMC on ROCK Pi 4 arm64: dts: rockchip: Disable HS400 for eMMC on ROCK 4C+ ARM: dts: imx: align LED node names with dtschema ARM: dts: imx6: phytec: fix RTC interrupt level arm64: dts: imx8mm: Drop CSI1 PHY reference clock configuration ARM: dts: imx: Set default tuning step for imx6sx usdhc arm64: dts: imx93: Fix anatop node size ASoC: rt5665: add missed regulator_bulk_disable ASoC: meson: axg-tdm-formatter: fix channel slot allocation ALSA: hda/realtek: Add quirks for HP G11 Laptops soc: aspeed: uart-routing: Use __sysfs_match_string soc: aspeed: socinfo: Add kfree for kstrdup ALSA: hda/realtek - Remodified 3k pull low procedure riscv: uaccess: Return the number of bytes effectively not copied serial: 8250: Fix oops for port->pm on uart_change_pm() ALSA: usb-audio: Add support for Mythware XA001AU capture and playback interfaces. cifs: Release folio lock on fscache read hit. virtio-net: Zero max_tx_vq field for VIRTIO_NET_CTRL_MQ_HASH_CONFIG case arm64: dts: rockchip: Fix Wifi/Bluetooth on ROCK Pi 4 boards blk-crypto: dynamically allocate fallback profile mmc: wbsd: fix double mmc_free_host() in wbsd_init() mmc: block: Fix in_flight[issue_type] value error drm/qxl: fix UAF on handle creation drm/i915/sdvo: fix panel_type initialization drm/amd: flush any delayed gfxoff on suspend entry drm/amdgpu: skip fence GFX interrupts disable/enable for S0ix drm/amdgpu/pm: fix throttle_status for other than MP1 11.0.7 ASoC: amd: vangogh: select CONFIG_SND_AMD_ACP_CONFIG drm/amd/display: disable RCO for DCN314 zsmalloc: allow only one active pool compaction context sched/fair: unlink misfit task from cpu overutilized sched/fair: Remove capacity inversion detection drm/amd/display: Implement workaround for writing to OTG_PIXEL_RATE_DIV register hugetlb: do not clear hugetlb dtor until allocating vmemmap netfilter: set default timeout to 3 secs for sctp shutdown send and recv state arm64/ptrace: Ensure that SME is set up for target when writing SSVE state drm/amd/pm: skip the RLC stop when S0i3 suspend for SMU v13.0.4/11 drm/amdgpu: keep irq count in amdgpu_irq_disable_all af_unix: Fix null-ptr-deref in unix_stream_sendpage(). drm/nouveau/disp: fix use-after-free in error handling of nouveau_connector_create net: fix the RTO timer retransmitting skb every 1ms if linear option is enabled mmc: f-sdh30: fix order of function calls in sdhci_f_sdh30_remove Linux 6.1.47 Change-Id: I7c55c71f43f88a1d44d39c835e3f6e58d4c86279 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Greg Kroah-Hartman
|
706ba4ef8d |
Merge 6.1.45 into android14-6.1-lts
Changes in 6.1.45 io_uring: gate iowait schedule on having pending requests perf: Fix function pointer case net/mlx5: Free irqs only on shutdown callback net: ipa: only reset hashed tables when supported iommu/arm-smmu-v3: Work around MMU-600 erratum 1076982 iommu/arm-smmu-v3: Document MMU-700 erratum 2812531 iommu/arm-smmu-v3: Add explicit feature for nesting iommu/arm-smmu-v3: Document nesting-related errata arm64: dts: imx8mm-venice-gw7903: disable disp_blk_ctrl arm64: dts: imx8mm-venice-gw7904: disable disp_blk_ctrl arm64: dts: phycore-imx8mm: Label typo-fix of VPU arm64: dts: phycore-imx8mm: Correction in gpio-line-names arm64: dts: imx8mn-var-som: add missing pull-up for onboard PHY reset pinmux arm64: dts: freescale: Fix VPU G2 clock firmware: smccc: Fix use of uninitialised results structure lib/bitmap: workaround const_eval test build failure firmware: arm_scmi: Fix chan_free cleanup on SMC word-at-a-time: use the same return type for has_zero regardless of endianness KVM: s390: fix sthyi error handling erofs: fix wrong primary bvec selection on deduplicated extents wifi: cfg80211: Fix return value in scan logic net/mlx5e: fix double free in macsec_fs_tx_create_crypto_table_groups net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx net/mlx5: fix potential memory leak in mlx5e_init_rep_rx net/mlx5e: fix return value check in mlx5e_ipsec_remove_trailer() net/mlx5e: Fix crash moving to switchdev mode when ntuple offload is set net/mlx5e: Move representor neigh cleanup to profile cleanup_tx bpf: Add length check for SK_DIAG_BPF_STORAGE_REQ_MAP_FD parsing rtnetlink: let rtnl_bridge_setlink checks IFLA_BRIDGE_MODE length net: dsa: fix value check in bcm_sf2_sw_probe() perf test uprobe_from_different_cu: Skip if there is no gcc net: sched: cls_u32: Fix match key mis-addressing mISDN: hfcpci: Fix potential deadlock on &hc->lock qed: Fix scheduling in a tasklet while getting stats net: annotate data-races around sk->sk_reserved_mem net: annotate data-race around sk->sk_txrehash net: annotate data-races around sk->sk_max_pacing_rate net: add missing READ_ONCE(sk->sk_rcvlowat) annotation net: add missing READ_ONCE(sk->sk_sndbuf) annotation net: add missing READ_ONCE(sk->sk_rcvbuf) annotation net: annotate data-races around sk->sk_mark net: add missing data-race annotations around sk->sk_peek_off net: add missing data-race annotation for sk_ll_usec net: annotate data-races around sk->sk_priority net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX. ice: Fix RDMA VSI removal during queue rebuild bpf, cpumap: Handle skb as well when clean up ptr_ring net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free net/sched: cls_route: No longer copy tcf_result on update to avoid use-after-free bpf: sockmap: Remove preempt_disable in sock_map_sk_acquire net: ll_temac: fix error checking of irq_of_parse_and_map() net: korina: handle clk prepare error in korina_probe() net: netsec: Ignore 'phy-mode' on SynQuacer in DT mode bnxt_en: Fix page pool logic for page size >= 64K bnxt_en: Fix max_mtu setting for multi-buf XDP net: dcb: choose correct policy to parse DCB_ATTR_BCN s390/qeth: Don't call dev_close/dev_open (DOWN/UP) ip6mr: Fix skb_under_panic in ip6mr_cache_report() vxlan: Fix nexthop hash size net/mlx5: fs_core: Make find_closest_ft more generic net/mlx5: fs_core: Skip the FTs in the same FS_TYPE_PRIO_CHAINS fs_prio prestera: fix fallback to previous version on same major version tcp_metrics: fix addr_same() helper tcp_metrics: annotate data-races around tm->tcpm_stamp tcp_metrics: annotate data-races around tm->tcpm_lock tcp_metrics: annotate data-races around tm->tcpm_vals[] tcp_metrics: annotate data-races around tm->tcpm_net tcp_metrics: fix data-race in tcpm_suck_dst() vs fastopen rust: allocator: Prevent mis-aligned allocation scsi: zfcp: Defer fc_rport blocking until after ADISC response scsi: storvsc: Limit max_sectors for virtual Fibre Channel devices libceph: fix potential hang in ceph_osdc_notify() USB: zaurus: Add ID for A-300/B-500/C-700 ceph: defer stopping mdsc delayed_work firmware: arm_scmi: Drop OF node reference in the transport channel setup exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree exfat: release s_lock before calling dir_emit() mtd: spinand: toshiba: Fix ecc_get_status mtd: rawnand: meson: fix OOB available bytes for ECC bpf: Disable preemption in bpf_perf_event_output arm64: dts: stratix10: fix incorrect I2C property for SCL signal net: tun_chr_open(): set sk_uid from current_fsuid() net: tap_open(): set sk_uid from current_fsuid() wifi: mt76: mt7615: do not advertise 5 GHz on first phy of MT7615D (DBDC) x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction rbd: prevent busy loop when requesting exclusive lock bpf: Disable preemption in bpf_event_output powerpc/ftrace: Create a dummy stackframe to fix stack unwind arm64/fpsimd: Sync and zero pad FPSIMD state for streaming SVE arm64/fpsimd: Clear SME state in the target task when setting the VL arm64/fpsimd: Sync FPSIMD state with SVE for SME only systems open: make RESOLVE_CACHED correctly test for O_TMPFILE drm/ttm: check null pointer before accessing when swapping drm/i915: Fix premature release of request's reusable memory drm/i915/gt: Cleanup aux invalidation registers clk: imx93: Propagate correct error in imx93_clocks_probe() bpf, cpumap: Make sure kthread is running before map update returns file: reinstate f_pos locking optimization for regular files mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required() fs/ntfs3: Use __GFP_NOWARN allocation at ntfs_load_attr_list() fs/sysv: Null check to prevent null-ptr-deref bug Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb debugobjects: Recheck debug_objects_enabled before reporting net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb fs: Protect reconfiguration of sb read-write from racing writes ext2: Drop fragment support btrfs: remove BUG_ON()'s in add_new_free_space() f2fs: fix to do sanity check on direct node in truncate_dnode() io_uring: annotate offset timeout races mtd: rawnand: omap_elm: Fix incorrect type in assignment mtd: rawnand: rockchip: fix oobfree offset and description mtd: rawnand: rockchip: Align hwecc vs. raw page helper layouts mtd: rawnand: fsl_upm: Fix an off-by one test in fun_exec_op() powerpc/mm/altmap: Fix altmap boundary check drm/imx/ipuv3: Fix front porch adjustment upon hactive aligning drm/amd/display: Ensure that planes are in the same order drm/amd/display: skip CLEAR_PAYLOAD_ID_TABLE if device mst_en is 0 selftests/rseq: Play nice with binaries statically linked against glibc 2.35+ f2fs: fix to set flush_merge opt and show noflush_merge f2fs: don't reset unchangable mount option in f2fs_remount() exfat: check if filename entries exceeds max filename length arm64/ptrace: Don't enable SVE when setting streaming SVE drm/amdgpu: add vram reservation based on vram_usagebyfirmware_v2_2 drm/amdgpu: Remove unnecessary domain argument drm/amdgpu: Use apt name for FW reserved region Revert "drm/i915: Disable DC states for all commits" x86/CPU/AMD: Do not leak quotient data after a division by 0 Linux 6.1.45 Change-Id: Ic63af3f07f26c867c9fc361b2f7055dbc04143d2 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Greg Kroah-Hartman
|
e8ac95d4bc |
Revert "arm64: errata: Mitigate Ampere1 erratum AC03_CPU_38 at stage-2"
This reverts commit
|
||
|
Greg Kroah-Hartman
|
7f81705800 |
Merge 6.1.43 into android14-6.1-lts
Changes in 6.1.43
netfilter: nf_tables: fix underflow in object reference counter
netfilter: nf_tables: fix underflow in chain reference counter
platform/x86/amd/pmf: Notify OS power slider update
platform/x86/amd/pmf: reduce verbosity of apmf_get_system_params
drm/amd/display: Keep PHY active for dp config
ovl: fix null pointer dereference in ovl_permission()
drm/amd: Move helper for dynamic speed switch check out of smu13
drm/amd: Align SMU11 SMU_MSG_OverridePcieParameters implementation with SMU13
jbd2: Fix wrongly judgement for buffer head removing while doing checkpoint
blk-mq: Fix stall due to recursive flush plug
powerpc/pseries/vas: Hold mmap_mutex after mmap lock during window close
KVM: s390: pv: fix index value of replaced ASCE
io_uring: don't audit the capability check in io_uring_create()
gpio: tps68470: Make tps68470_gpio_output() always set the initial value
pwm: Add a stub for devm_pwmchip_add()
gpio: mvebu: Make use of devm_pwmchip_add
gpio: mvebu: fix irq domain leak
btrfs: fix race between quota disable and relocation
i2c: Delete error messages for failed memory allocations
i2c: Improve size determinations
i2c: nomadik: Remove unnecessary goto label
i2c: nomadik: Use devm_clk_get_enabled()
i2c: nomadik: Remove a useless call in the remove function
MIPS: Loongson: Move arch cflags to MIPS top level Makefile
MIPS: Loongson: Fix build error when make modules_install
PCI/ASPM: Return 0 or -ETIMEDOUT from pcie_retrain_link()
PCI/ASPM: Factor out pcie_wait_for_retrain()
PCI/ASPM: Avoid link retraining race
PCI: rockchip: Remove writes to unused registers
PCI: rockchip: Fix window mapping and address translation for endpoint
PCI: rockchip: Don't advertise MSI-X in PCIe capabilities
drm/amd/display: add FB_DAMAGE_CLIPS support
drm/amd/display: Check if link state is valid
drm/amd/display: Rework context change check
drm/amd/display: Enable new commit sequence only for DCN32x
drm/amd/display: Copy DC context in the commit streams
drm/amd/display: Include surface of unaffected streams
drm/amd/display: Use min transition for all SubVP plane add/remove
drm/amd/display: add ODM case when looking for first split pipe
drm/amd/display: use low clocks for no plane configs
drm/amd/display: fix unbounded requesting for high pixel rate modes on dcn315
drm/amd/display: add pixel rate based CRB allocation support
drm/amd/display: fix dcn315 single stream crb allocation
drm/amd/display: Update correct DCN314 register header
drm/amd/display: Set minimum requirement for using PSR-SU on Rembrandt
drm/amd/display: Set minimum requirement for using PSR-SU on Phoenix
drm/ttm: Don't print error message if eviction was interrupted
drm/ttm: Don't leak a resource on eviction error
n_tty: Rename tail to old_tail in n_tty_read()
tty: fix hang on tty device with no_room set
drm/ttm: never consider pinned BOs for eviction&swap
KVM: arm64: Condition HW AF updates on config option
arm64: errata: Mitigate Ampere1 erratum AC03_CPU_38 at stage-2
mptcp: introduce 'sk' to replace 'sock->sk' in mptcp_listen()
mptcp: do not rely on implicit state check in mptcp_listen()
tracing/probes: Add symstr type for dynamic events
tracing/probes: Fix to avoid double count of the string length on the array
tracing: Allow synthetic events to pass around stacktraces
Revert "tracing: Add "(fault)" name injection to kernel probes"
tracing/probes: Fix to record 0-length data_loc in fetch_store_string*() if fails
test_maple_tree: test modifications while iterating
maple_tree: add __init and __exit to test module
maple_tree: fix 32 bit mas_next testing
drm/amd/display: Rework comments on dc file
drm/amd/display: fix dc/core/dc.c kernel-doc
drm/amd/display: Add FAMS validation before trying to use it
drm/amd/display: update extended blank for dcn314 onwards
drm/amd/display: Fix possible underflow for displays with large vblank
drm/amd/display: Prevent vtotal from being set to 0
phy: phy-mtk-dp: Fix an error code in probe()
phy: qcom-snps: correct struct qcom_snps_hsphy kerneldoc
phy: qcom-snps-femto-v2: keep cfg_ahb_clk enabled during runtime suspend
phy: qcom-snps-femto-v2: properly enable ref clock
soundwire: qcom: update status correctly with mask
media: staging: atomisp: select V4L2_FWNODE
media: amphion: Fix firmware path to match linux-firmware
i40e: Fix an NULL vs IS_ERR() bug for debugfs_create_dir()
iavf: fix potential deadlock on allocation failure
iavf: check for removal state before IAVF_FLAG_PF_COMMS_FAILED
net: phy: marvell10g: fix 88x3310 power up
net: hns3: fix the imp capability bit cannot exceed 32 bits issue
net: hns3: fix wrong tc bandwidth weight data issue
net: hns3: fix wrong bw weight of disabled tc issue
vxlan: calculate correct header length for GPE
vxlan: generalize vxlan_parse_gpe_hdr and remove unused args
vxlan: fix GRO with VXLAN-GPE
phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe()
atheros: fix return value check in atl1_tso()
ethernet: atheros: fix return value check in atl1e_tso_csum()
ipv6 addrconf: fix bug where deleting a mngtmpaddr can create a new temporary address
tcp: Reduce chance of collisions in inet6_hashfn().
ice: Fix memory management in ice_ethtool_fdir.c
bonding: reset bond's flags when down link is P2P device
team: reset team's flags when down link is P2P device
octeontx2-af: Removed unnecessary debug messages.
octeontx2-af: Fix hash extraction enable configuration
net: stmmac: Apply redundant write work around on 4.xx too
platform/x86: msi-laptop: Fix rfkill out-of-sync on MSI Wind U100
x86/traps: Fix load_unaligned_zeropad() handling for shared TDX memory
igc: Fix Kernel Panic during ndo_tx_timeout callback
netfilter: nft_set_rbtree: fix overlap expiration walk
netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID
mm: suppress mm fault logging if fatal signal already pending
net/sched: mqprio: refactor nlattr parsing to a separate function
net/sched: mqprio: add extack to mqprio_parse_nlattr()
net/sched: mqprio: Add length check for TCA_MQPRIO_{MAX/MIN}_RATE64
benet: fix return value check in be_lancer_xmit_workarounds()
tipc: check return value of pskb_trim()
tipc: stop tipc crypto on failure in tipc_node_create
RDMA/mlx4: Make check for invalid flags stricter
drm/msm/dpu: drop enum dpu_core_perf_data_bus_id
drm/msm/adreno: Fix snapshot BINDLESS_DATA size
RDMA/irdma: Add missing read barriers
RDMA/irdma: Fix data race on CQP completion stats
RDMA/irdma: Fix data race on CQP request done
RDMA/mthca: Fix crash when polling CQ for shared QPs
RDMA/bnxt_re: Prevent handling any completions after qp destroy
drm/msm: Fix IS_ERR_OR_NULL() vs NULL check in a5xx_submit_in_rb()
cxl/acpi: Fix a use-after-free in cxl_parse_cfmws()
cxl/acpi: Return 'rc' instead of '0' in cxl_parse_cfmws()
ASoC: fsl_spdif: Silence output on stop
block: Fix a source code comment in include/uapi/linux/blkzoned.h
smb3: do not set NTLMSSP_VERSION flag for negotiate not auth request
drm/i915: Fix an error handling path in igt_write_huge()
xenbus: check xen_domain in xenbus_probe_initcall
dm raid: fix missing reconfig_mutex unlock in raid_ctr() error paths
dm raid: clean up four equivalent goto tags in raid_ctr()
dm raid: protect md_stop() with 'reconfig_mutex'
drm/amd: Fix an error handling mistake in psp_sw_init()
drm/amd/display: Unlock on error path in dm_handle_mst_sideband_msg_ready_event()
RDMA/irdma: Fix op_type reporting in CQEs
RDMA/irdma: Report correct WC error
drm/msm: Switch idr_lock to spinlock
drm/msm: Disallow submit with fence id 0
ublk_drv: move ublk_get_device_from_id into ublk_ctrl_uring_cmd
ublk: fail to start device if queue setup is interrupted
ublk: fail to recover device if queue setup is interrupted
ata: pata_ns87415: mark ns87560_tf_read static
ring-buffer: Fix wrong stat of cpu_buffer->read
tracing: Fix warning in trace_buffered_event_disable()
Revert "usb: gadget: tegra-xudc: Fix error check in tegra_xudc_powerdomain_init()"
usb: gadget: call usb_gadget_check_config() to verify UDC capability
USB: gadget: Fix the memory leak in raw_gadget driver
usb: gadget: core: remove unbalanced mutex_unlock in usb_gadget_activate
KVM: Grab a reference to KVM for VM and vCPU stats file descriptors
KVM: VMX: Don't fudge CR0 and CR4 for restricted L2 guest
KVM: x86: Disallow KVM_SET_SREGS{2} if incoming CR0 is invalid
serial: qcom-geni: drop bogus runtime pm state update
serial: 8250_dw: Preserve original value of DLF register
serial: sifive: Fix sifive_serial_console_setup() section
USB: serial: option: support Quectel EM060K_128
USB: serial: option: add Quectel EC200A module support
USB: serial: simple: add Kaufmann RKS+CAN VCP
USB: serial: simple: sort driver entries
can: gs_usb: gs_can_close(): add missing set of CAN state to CAN_STATE_STOPPED
usb: typec: Set port->pd before adding device for typec_port
usb: typec: Iterate pds array when showing the pd list
usb: typec: Use sysfs_emit_at when concatenating the string
Revert "usb: dwc3: core: Enable AutoRetry feature in the controller"
usb: dwc3: pci: skip BYT GPIO lookup table for hardwired phy
usb: dwc3: don't reset device side if dwc3 was configured as host-only
usb: misc: ehset: fix wrong if condition
usb: ohci-at91: Fix the unhandle interrupt when resume
USB: quirks: add quirk for Focusrite Scarlett
usb: cdns3: fix incorrect calculation of ep_buf_size when more than one config
usb: xhci-mtk: set the dma max_seg_size
Revert "usb: xhci: tegra: Fix error check"
Documentation: security-bugs.rst: update preferences when dealing with the linux-distros group
Documentation: security-bugs.rst: clarify CVE handling
staging: r8712: Fix memory leak in _r8712_init_xmit_priv()
staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext()
tty: n_gsm: fix UAF in gsm_cleanup_mux
Revert "xhci: add quirk for host controllers that don't update endpoint DCS"
ALSA: hda/realtek: Support ASUS G713PV laptop
ALSA: hda/relatek: Enable Mute LED on HP 250 G8
hwmon: (k10temp) Enable AMD3255 Proc to show negative temperature
hwmon: (nct7802) Fix for temp6 (PECI1) processed even if PECI1 disabled
btrfs: account block group tree when calculating global reserve size
btrfs: check if the transaction was aborted at btrfs_wait_for_commit()
btrfs: check for commit error at btrfs_attach_transaction_barrier()
x86/MCE/AMD: Decrement threshold_bank refcount when removing threshold blocks
file: always lock position for FMODE_ATOMIC_POS
nfsd: Remove incorrect check in nfsd4_validate_stateid
ACPI/IORT: Remove erroneous id_count check in iort_node_get_rmr_info()
tpm_tis: Explicitly check for error code
irq-bcm6345-l1: Do not assume a fixed block to cpu mapping
irqchip/gic-v4.1: Properly lock VPEs when doing a directLPI invalidation
locking/rtmutex: Fix task->pi_waiters integrity
proc/vmcore: fix signedness bug in read_from_oldmem()
xen: speed up grant-table reclaim
virtio-net: fix race between set queues and probe
net: dsa: qca8k: fix search_and_insert wrong handling of new rule
net: dsa: qca8k: fix broken search_and_del
net: dsa: qca8k: fix mdb add/del case with 0 VID
selftests: mptcp: join: only check for ip6tables if needed
soundwire: fix enumeration completion
Revert "um: Use swap() to make code cleaner"
LoongArch: BPF: Fix check condition to call lu32id in move_imm()
LoongArch: BPF: Enable bpf_probe_read{, str}() on LoongArch
s390/dasd: fix hanging device after quiesce/resume
s390/dasd: print copy pair message only for the correct error
ASoC: wm8904: Fill the cache for WM8904_ADC_TEST_0 register
arm64/sme: Set new vector length before reallocating
PM: sleep: wakeirq: fix wake irq arming
ceph: never send metrics if disable_send_metrics is set
drm/i915/dpt: Use shmem for dpt objects
dm cache policy smq: ensure IO doesn't prevent cleaner policy progress
rbd: make get_lock_owner_info() return a single locker or NULL
rbd: harden get_lock_owner_info() a bit
rbd: retrieve and check lock owner twice before blocklisting
drm/amd/display: set per pipe dppclk to 0 when dpp is off
tracing: Fix trace_event_raw_event_synth() if else statement
drm/amd/display: perform a bounds check before filling dirty rectangles
drm/amd/display: Write to correct dirty_rect
ACPI: processor: perflib: Use the "no limit" frequency QoS
ACPI: processor: perflib: Avoid updating frequency QoS unnecessarily
cpufreq: intel_pstate: Drop ACPI _PSS states table patching
mptcp: ensure subflow is unhashed before cleaning the backlog
selftests: mptcp: sockopt: use 'iptables-legacy' if available
test_firmware: return ENOMEM instead of ENOSPC on failed memory allocation
dma-buf: keep the signaling time of merged fences v3
dma-buf: fix an error pointer vs NULL bug
Linux 6.1.43
Change-Id: Id1d61f2351c51edad33ab654f1f3d911b9a75830
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Greg Kroah-Hartman
|
8976ff249f |
Merge 6.1.42 into android14-6.1-lts
Changes in 6.1.42 io_uring: treat -EAGAIN for REQ_F_NOWAIT as final for io-wq ALSA: hda/realtek - remove 3k pull low procedure ALSA: hda/realtek: Add quirk for Clevo NS70AU ALSA: hda/realtek: Enable Mute LED on HP Laptop 15s-eq2xxx maple_tree: set the node limit when creating a new root node maple_tree: fix node allocation testing on 32 bit keys: Fix linking a duplicate key to a keyring's assoc_array perf probe: Add test for regression introduced by switch to die_get_decl_file() btrfs: fix warning when putting transaction with qgroups enabled after abort fuse: revalidate: don't invalidate if interrupted fuse: Apply flags2 only when userspace set the FUSE_INIT_EXT btrfs: set_page_extent_mapped after read_folio in btrfs_cont_expand btrfs: zoned: fix memory leak after finding block group with super blocks fuse: ioctl: translate ENOSYS in outarg btrfs: fix race between balance and cancel/pause selftests: tc: set timeout to 15 minutes selftests: tc: add 'ct' action kconfig dep regmap: Drop initial version of maximum transfer length fixes of: Preserve "of-display" device name for compatibility regmap: Account for register length in SMBus I/O limits arm64/fpsimd: Ensure SME storage is allocated after SVE VL changes can: mcp251xfd: __mcp251xfd_chip_set_mode(): increase poll timeout can: bcm: Fix UAF in bcm_proc_show() can: gs_usb: gs_can_open(): improve error handling selftests: tc: add ConnTrack procfs kconfig dma-buf/dma-resv: Stop leaking on krealloc() failure drm/amdgpu/vkms: relax timer deactivation by hrtimer_try_to_cancel drm/amdgpu/pm: make gfxclock consistent for sienna cichlid drm/amdgpu/pm: make mclk consistent for smu 13.0.7 drm/client: Fix memory leak in drm_client_target_cloned drm/client: Fix memory leak in drm_client_modeset_probe drm/amd/display: only accept async flips for fast updates drm/amd/display: Disable MPC split by default on special asic drm/amd/display: check TG is non-null before checking if enabled drm/amd/display: Keep PHY active for DP displays on DCN31 ASoC: fsl_sai: Disable bit clock with transmitter ASoC: fsl_sai: Revert "ASoC: fsl_sai: Enable MCTL_MCLK_EN bit for master mode" ASoC: tegra: Fix ADX byte map ASoC: rt5640: Fix sleep in atomic context ASoC: cs42l51: fix driver to properly autoload with automatic module loading ASoC: codecs: wcd938x: fix missing clsh ctrl error handling ASoC: codecs: wcd-mbhc-v2: fix resource leaks on component remove ASoC: qdsp6: audioreach: fix topology probe deferral ASoC: tegra: Fix AMX byte map ASoC: codecs: wcd938x: fix resource leaks on component remove ASoC: codecs: wcd938x: fix missing mbhc init error handling ASoC: codecs: wcd934x: fix resource leaks on component remove ASoC: codecs: wcd938x: fix codec initialisation race ASoC: codecs: wcd938x: fix soundwire initialisation race ext4: correct inline offset when handling xattrs in inode body drm/radeon: Fix integer overflow in radeon_cs_parser_init ALSA: emu10k1: roll up loops in DSP setup code for Audigy quota: Properly disable quotas when add_dquot_ref() fails quota: fix warning in dqgrab() HID: add quirk for 03f0:464a HP Elite Presenter Mouse ovl: check type and offset of struct vfsmount in ovl_entry udf: Fix uninitialized array access for some pathnames fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev MIPS: dec: prom: Address -Warray-bounds warning FS: JFS: Fix null-ptr-deref Read in txBegin FS: JFS: Check for read-only mounted filesystem in txBegin ACPI: video: Add backlight=native DMI quirk for Dell Studio 1569 rcu-tasks: Avoid pr_info() with spin lock in cblist_init_generic() rcu: Mark additional concurrent load from ->cpu_no_qs.b.exp sched/fair: Don't balance task to its current running CPU wifi: ath11k: fix registration of 6Ghz-only phy without the full channel range bpf: Print a warning only if writing to unprivileged_bpf_disabled. bpf: Address KCSAN report on bpf_lru_list bpf: tcp: Avoid taking fast sock lock in iterator wifi: ath11k: add support default regdb while searching board-2.bin for WCN6855 wifi: mac80211_hwsim: Fix possible NULL dereference spi: dw: Add compatible for Intel Mount Evans SoC wifi: ath11k: fix memory leak in WMI firmware stats net: ethernet: litex: add support for 64 bit stats devlink: report devlink_port_type_warn source device wifi: wext-core: Fix -Wstringop-overflow warning in ioctl_standard_iw_point() wifi: iwlwifi: Add support for new PCI Id wifi: iwlwifi: mvm: avoid baid size integer overflow wifi: iwlwifi: pcie: add device id 51F1 for killer 1675 igb: Fix igb_down hung on surprise removal net: hns3: fix strncpy() not using dest-buf length as length issue ASoC: amd: acp: fix for invalid dai id handling in acp_get_byte_count() ASoC: codecs: wcd938x: fix mbhc impedance loglevel ASoC: codecs: wcd938x: fix dB range for HPHL and HPHR ASoC: qcom: q6apm: do not close GPR port before closing graph sched/fair: Use recent_used_cpu to test p->cpus_ptr sched/psi: Fix avgs_work re-arm in psi_avgs_work() sched/psi: Rearrange polling code in preparation sched/psi: Rename existing poll members in preparation sched/psi: Extract update_triggers side effect sched/psi: Allow unprivileged polling of N*2s period sched/psi: use kernfs polling functions for PSI trigger polling pinctrl: renesas: rzv2m: Handle non-unique subnode names pinctrl: renesas: rzg2l: Handle non-unique subnode names spi: bcm63xx: fix max prepend length fbdev: imxfb: warn about invalid left/right margin fbdev: imxfb: Removed unneeded release_mem_region perf build: Fix library not found error when using CSLIBS btrfs: be a bit more careful when setting mirror_num_ret in btrfs_map_block spi: s3c64xx: clear loopback bit after loopback test kallsyms: Improve the performance of kallsyms_lookup_name() kallsyms: Correctly sequence symbols when CONFIG_LTO_CLANG=y kallsyms: strip LTO-only suffixes from promoted global functions dsa: mv88e6xxx: Do a final check before timing out net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field()/cpsw_ale_set_field() bridge: Add extack warning when enabling STP in netns. net: ethernet: mtk_eth_soc: handle probe deferral cifs: fix mid leak during reconnection after timeout threshold ASoC: SOF: ipc3-dtrace: uninitialized data in dfsentry_trace_filter_write() net: sched: cls_matchall: Undo tcf_bind_filter in case of failure after mall_set_parms net: sched: cls_u32: Undo tcf_bind_filter if u32_replace_hw_knode net: sched: cls_u32: Undo refcount decrement in case update failed net: sched: cls_bpf: Undo tcf_bind_filter in case of an error net: dsa: microchip: ksz8: Separate static MAC table operations for code reuse net: dsa: microchip: ksz8: Make ksz8_r_sta_mac_table() static net: dsa: microchip: ksz8_r_sta_mac_table(): Avoid using error code for empty entries net: dsa: microchip: correct KSZ8795 static MAC table access iavf: Fix use-after-free in free_netdev iavf: Fix out-of-bounds when setting channels on remove iavf: use internal state to free traffic IRQs iavf: Move netdev_update_features() into watchdog task iavf: send VLAN offloading caps once after VFR iavf: make functions static where possible iavf: Wait for reset in callbacks which trigger it iavf: fix a deadlock caused by rtnl and driver's lock circular dependencies iavf: fix reset task race with iavf_remove() security: keys: Modify mismatched function name octeontx2-pf: Dont allocate BPIDs for LBK interfaces bpf: Fix subprog idx logic in check_max_stack_depth bpf: Repeat check_max_stack_depth for async callbacks bpf, arm64: Fix BTI type used for freplace attached functions igc: Avoid transmit queue timeout for XDP igc: Prevent garbled TX queue with XDP ZEROCOPY net: ipv4: use consistent txhash in TIME_WAIT and SYN_RECV tcp: annotate data-races around tcp_rsk(req)->txhash tcp: annotate data-races around tcp_rsk(req)->ts_recent net: ipv4: Use kfree_sensitive instead of kfree net:ipv6: check return value of pskb_trim() Revert "tcp: avoid the lookup process failing to get sk in ehash table" fbdev: au1200fb: Fix missing IRQ check in au1200fb_drv_probe llc: Don't drop packet from non-root netns. ALSA: hda/realtek: Fix generic fixup definition for cs35l41 amp netfilter: nf_tables: fix spurious set element insertion failure netfilter: nf_tables: can't schedule in nft_chain_validate netfilter: nft_set_pipapo: fix improper element removal netfilter: nf_tables: skip bound chain in netns release path netfilter: nf_tables: skip bound chain on rule flush Bluetooth: use RCU for hci_conn_params and iterate safely in hci_sync Bluetooth: hci_event: call disconnect callback before deleting conn Bluetooth: ISO: fix iso_conn related locking and validity issues Bluetooth: hci_sync: Avoid use-after-free in dbg for hci_remove_adv_monitor() tcp: annotate data-races around tp->tcp_tx_delay tcp: annotate data-races around tp->tsoffset tcp: annotate data-races around tp->keepalive_time tcp: annotate data-races around tp->keepalive_intvl tcp: annotate data-races around tp->keepalive_probes tcp: annotate data-races around icsk->icsk_syn_retries tcp: annotate data-races around tp->linger2 tcp: annotate data-races around rskq_defer_accept tcp: annotate data-races around tp->notsent_lowat tcp: annotate data-races around icsk->icsk_user_timeout tcp: annotate data-races around fastopenq.max_qlen net: phy: prevent stale pointer dereference in phy_init() jbd2: recheck chechpointing non-dirty buffer tracing/histograms: Return an error if we fail to add histogram to hist_vars list drm/ttm: fix bulk_move corruption when adding a entry spi: dw: Remove misleading comment for Mount Evans SoC kallsyms: add kallsyms_seqs_of_names to list of special symbols scripts/kallsyms.c Make the comment up-to-date with current implementation scripts/kallsyms: update the usage in the comment block bpf: allow precision tracking for programs with subprogs bpf: stop setting precise in current state bpf: aggressively forget precise markings during state checkpointing selftests/bpf: make test_align selftest more robust selftests/bpf: Workaround verification failure for fexit_bpf2bpf/func_replace_return_code selftests/bpf: Fix sk_assign on s390x drm/amd/display: use max_dsc_bpp in amdgpu_dm drm/amd/display: fix some coding style issues drm/dp_mst: Clear MSG_RDY flag before sending new message drm/amd/display: force connector state when bpc changes during compliance drm/amd/display: Clean up errors & warnings in amdgpu_dm.c drm/amd/display: fix linux dp link lost handled only one time drm/amd/display: Add polling method to handle MST reply packet Revert "drm/amd/display: edp do not add non-edid timings" Linux 6.1.42 Change-Id: I6b7257a16f9a025d0c23dfd3eb43317c1c164a93 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
James Morse
|
8d99105d6a |
arm64: module: Use module_init_layout_section() to spot init sections
commit f928f8b1a2496e7af95b860f9acf553f20f68f16 upstream.
Today module_frob_arch_sections() spots init sections from their
'init' prefix, and uses this to keep the init PLTs separate from the rest.
module_emit_plt_entry() uses within_module_init() to determine if a
location is in the init text or not, but this depends on whether
core code thought this was an init section.
Naturally the logic is different.
module_init_layout_section() groups the init and exit text together if
module unloading is disabled, as the exit code will never run. The result
is kernels with this configuration can't load all their modules because
there are not enough PLTs for the combined init+exit section.
This results in the following:
| WARNING: CPU: 2 PID: 51 at arch/arm64/kernel/module-plts.c:99 module_emit_plt_entry+0x184/0x1cc
| Modules linked in: crct10dif_common
| CPU: 2 PID: 51 Comm: modprobe Not tainted 6.5.0-rc4-yocto-standard-dirty #15208
| Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0 02/06/2015
| pstate: 20400005 (nzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
| pc : module_emit_plt_entry+0x184/0x1cc
| lr : module_emit_plt_entry+0x94/0x1cc
| sp : ffffffc0803bba60
[...]
| Call trace:
| module_emit_plt_entry+0x184/0x1cc
| apply_relocate_add+0x2bc/0x8e4
| load_module+0xe34/0x1bd4
| init_module_from_file+0x84/0xc0
| __arm64_sys_finit_module+0x1b8/0x27c
| invoke_syscall.constprop.0+0x5c/0x104
| do_el0_svc+0x58/0x160
| el0_svc+0x38/0x110
| el0t_64_sync_handler+0xc0/0xc4
| el0t_64_sync+0x190/0x194
A previous patch exposed module_init_layout_section(), use that so the
logic is the same.
Reported-by: Adam Johnston <adam.johnston@arm.com>
Tested-by: Adam Johnston <adam.johnston@arm.com>
Fixes:
|
||
Arnd Bergmann
|
42efdb3531 |
arm64: module-plts: inline linux/moduleloader.h
commit 60a0aab7463ee69296692d980b96510ccce3934e upstream. module_frob_arch_sections() is declared in moduleloader.h, but that is not included before the definition: arch/arm64/kernel/module-plts.c:286:5: error: no previous prototype for 'module_frob_arch_sections' [-Werror=missing-prototypes] Signed-off-by: Arnd Bergmann <arnd@arndb.de> Reviewed-by: Kees Cook <keescook@chromium.org> Acked-by: Ard Biesheuvel <ardb@kernel.org> Link: https://lore.kernel.org/r/20230516160642.523862-11-arnd@kernel.org Signed-off-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Mark Brown
|
21614ba608 |
arm64/ptrace: Ensure that SME is set up for target when writing SSVE state
commit 5d0a8d2fba50e9c07cde4aad7fba28c008b07a5b upstream.
When we use NT_ARM_SSVE to either enable streaming mode or change the
vector length for a process we do not currently do anything to ensure that
there is storage allocated for the SME specific register state. If the
task had not previously used SME or we changed the vector length then
the task will not have had TIF_SME set or backing storage for ZA/ZT
allocated, resulting in inconsistent register sizes when saving state
and spurious traps which flush the newly set register state.
We should set TIF_SME to disable traps and ensure that storage is
allocated for ZA and ZT if it is not already allocated. This requires
modifying sme_alloc() to make the flush of any existing register state
optional so we don't disturb existing state for ZA and ZT.
Fixes:
|
||
|
Mark Brown
|
99255a2b68 |
arm64/ptrace: Don't enable SVE when setting streaming SVE
commit 045aecdfcb2e060db142d83a0f4082380c465d2c upstream.
Systems which implement SME without also implementing SVE are
architecturally valid but were not initially supported by the kernel,
unfortunately we missed one issue in the ptrace code.
The SVE register setting code is shared between SVE and streaming mode
SVE. When we set full SVE register state we currently enable TIF_SVE
unconditionally, in the case where streaming SVE is being configured on a
system that supports vanilla SVE this is not an issue since we always
initialise enough state for both vector lengths but on a system which only
support SME it will result in us attempting to restore the SVE vector
length after having set streaming SVE registers.
Fix this by making the enabling of SVE conditional on setting SVE vector
state. If we set streaming SVE state and SVE was not already enabled this
will result in a SVE access trap on next use of normal SVE, this will cause
us to flush our register state but this is fine since the only way to
trigger a SVE access trap would be to exit streaming mode which will cause
the in register state to be flushed anyway.
Fixes:
|
||
|
Mark Brown
|
61f96da37d |
arm64/fpsimd: Sync FPSIMD state with SVE for SME only systems
commit 507ea5dd92d23fcf10e4d1a68a443c86a49753ed upstream.
Currently we guard FPSIMD/SVE state conversions with a check for the system
supporting SVE but SME only systems may need to sync streaming mode SVE
state so add a check for SME support too. These functions are only used
by the ptrace code.
Fixes:
|
||
|
Mark Brown
|
654c1dd350 |
arm64/fpsimd: Clear SME state in the target task when setting the VL
commit c9bb40b7f786662e33d71afe236442b0b61f0446 upstream.
When setting SME vector lengths we clear TIF_SME to reenable SME traps,
doing a reallocation of the backing storage on next use. We do this using
clear_thread_flag() which operates on the current thread, meaning that when
setting the vector length via ptrace we may both not force traps for the
target task and force a spurious flush of any SME state that the tracing
task may have.
Clear the flag in the target task.
Fixes:
|
||
|
Mark Brown
|
bae353469a |
arm64/fpsimd: Sync and zero pad FPSIMD state for streaming SVE
commit 69af56ae56a48a2522aad906c4461c6c7c092737 upstream.
We have a function sve_sync_from_fpsimd_zeropad() which is used by the
ptrace code to update the SVE state when the user writes to the the
FPSIMD register set. Currently this checks that the task has SVE
enabled but this will miss updates for tasks which have streaming SVE
enabled if SVE has not been enabled for the thread, also do the
conversion if the task has streaming SVE enabled.
Fixes:
|
||
|
Mark Brown
|
356e711640 |
arm64/sme: Set new vector length before reallocating
commit 05d881b85b48c7ac6a7c92ce00aa916c4a84d052 upstream.
As part of fixing the allocation of the buffer for SVE state when changing
SME vector length we introduced an immediate reallocation of the SVE state,
this is also done when changing the SVE vector length for consistency.
Unfortunately this reallocation is done prior to writing the new vector
length to the task struct, meaning the allocation is done with the old
vector length and can lead to memory corruption due to an undersized buffer
being used.
Move the update of the vector length before the allocation to ensure that
the new vector length is taken into account.
For some reason this isn't triggering any problems when running tests on
the arm64 fixes branch (even after repeated tries) but is triggering
issues very often after merge into mainline.
Fixes: d4d5be94a878 ("arm64/fpsimd: Ensure SME storage is allocated after SVE VL changes")
Signed-off-by: Mark Brown <broonie@kernel.org>
Cc: <stable@vger.kernel.org>
Link: https://lore.kernel.org/r/20230726-arm64-fix-sme-fix-v1-1-7752ec58af27@kernel.org
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Oliver Upton
|
cde7f2fd63 |
arm64: errata: Mitigate Ampere1 erratum AC03_CPU_38 at stage-2
[ Upstream commit 6df696cd9bc1ceed0e92e36908f88bbd16d18255 ] AmpereOne has an erratum in its implementation of FEAT_HAFDBS that required disabling the feature on the design. This was done by reporting the feature as not implemented in the ID register, although the corresponding control bits were not actually RES0. This does not align well with the requirements of the architecture, which mandates these bits be RES0 if HAFDBS isn't implemented. The kernel's use of stage-1 is unaffected, as the HA and HD bits are only set if HAFDBS is detected in the ID register. KVM, on the other hand, relies on the RES0 behavior at stage-2 to use the same value for VTCR_EL2 on any cpu in the system. Mitigate the non-RES0 behavior by leaving VTCR_EL2.HA clear on affected systems. Cc: stable@vger.kernel.org Cc: D Scott Phillips <scott@os.amperecomputing.com> Cc: Darren Hart <darren@os.amperecomputing.com> Acked-by: D Scott Phillips <scott@os.amperecomputing.com> Acked-by: Catalin Marinas <catalin.marinas@arm.com> Link: https://lore.kernel.org/r/20230609220104.1836988-2-oliver.upton@linux.dev Signed-off-by: Oliver Upton <oliver.upton@linux.dev> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Mark Brown
|
aa5cf8bd13 |
arm64/fpsimd: Ensure SME storage is allocated after SVE VL changes
commit d4d5be94a87872421ea2569044092535aff0b886 upstream.
When we reconfigure the SVE vector length we discard the backing storage
for the SVE vectors and then reallocate on next SVE use, leaving the SME
specific state alone. This means that we do not enable SME traps if they
were already disabled. That means that userspace code can enter streaming
mode without trapping, putting the task in a state where if we try to save
the state of the task we will fault.
Since the ABI does not specify that changing the SVE vector length disturbs
SME state, and since SVE code may not be aware of SME code in the process,
we shouldn't simply discard any ZA state. Instead immediately reallocate
the storage for SVE, and disable SME if we change the SVE vector length
while there is no SME state active.
Disabling SME traps on SVE vector length changes would make the overall
code more complex since we would have a state where we have valid SME state
stored but might get a SME trap.
Fixes:
|
||
|
Greg Kroah-Hartman
|
2a77668d45 |
This is the 6.1.33 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmSC5VIACgkQONu9yGCS
aT5RPhAAiVFNzTuQT4DtPzXUzl9hpNtdtZPVa/z28+SbOZyf2YgyDGXLHvnGbJ/2
8DWDV9uSsxdX2InNqzD/IbRSiHjXprpDssthq3Qr5aPH7FO76uICWndrCk0dhZsK
kI/+J7BqS1vgtaxsZeo/IHmMQJ5oEzx/JzvcyK5po0rykNDCxWNnh8cK4YtFOVtk
eRD8cPWXvJGn88pdPPlQuS75MKBGcAUZLodN//tP+x2bcWzocaTZUCEHL36eLcVc
0CxPykCpFOcLFLIJWQ+pY2/HR2ynTBxYoaXsTpscR+FKbS+Lz9B6PUoXCvqaV2/e
lriLjg22lbqxBbBhEk5NLBVozajtU/gNq6pptp/EnZahwjjyavuToZviWf8NWfs0
2u+zQlolinCKnm+8o18dRn24kI7LbUSD2w+V8FydSQNHMikvu/xHgDdLgzmj2XAf
ZIAkHdGjRzKL2euDPrp28D5vPfCqDjqT2wUE2vUsc+Ax4k6ewFCPs3cweWD8hoFS
fAjTC3Q/oNp6eEbWuWJPxl+DW/tD3ezRGeqrRCXQwubcgwB5iaS5ItdCCfG/lfiJ
PNHf4kpg4FlyBf8aPD+R3QA6KOuS1owNNk3cx72zHs8zPusosHWj9hDrXeYVn06G
gj1SIoC+jC/L5nbYH9WFLnKm9+EQ28lcp9j7f1PdlDhkcJmzBRY=
=Qjnb
-----END PGP SIGNATURE-----
Merge 6.1.33 into android14-6.1-lts
Changes in 6.1.33
RDMA/bnxt_re: Fix the page_size used during the MR creation
phy: amlogic: phy-meson-g12a-mipi-dphy-analog: fix CNTL2_DIF_TX_CTL0 value
RDMA/efa: Fix unsupported page sizes in device
RDMA/hns: Fix timeout attr in query qp for HIP08
RDMA/hns: Fix base address table allocation
RDMA/hns: Modify the value of long message loopback slice
dmaengine: at_xdmac: fix potential Oops in at_xdmac_prep_interleaved()
RDMA/bnxt_re: Fix a possible memory leak
RDMA/bnxt_re: Fix return value of bnxt_re_process_raw_qp_pkt_rx
iommu/rockchip: Fix unwind goto issue
iommu/amd: Don't block updates to GATag if guest mode is on
iommu/amd: Handle GALog overflows
iommu/amd: Fix up merge conflict resolution
nfsd: make a copy of struct iattr before calling notify_change
dmaengine: pl330: rename _start to prevent build error
riscv: Fix unused variable warning when BUILTIN_DTB is set
net/mlx5: Drain health before unregistering devlink
net/mlx5: SF, Drain health before removing device
net/mlx5: fw_tracer, Fix event handling
net/mlx5e: Don't attach netdev profile while handling internal error
net: mellanox: mlxbf_gige: Fix skb_panic splat under memory pressure
netrom: fix info-leak in nr_write_internal()
af_packet: Fix data-races of pkt_sk(sk)->num.
tls: improve lockless access safety of tls_err_abort()
amd-xgbe: fix the false linkup in xgbe_phy_status
perf ftrace latency: Remove unnecessary "--" from --use-nsec option
mtd: rawnand: ingenic: fix empty stub helper definitions
RDMA/irdma: Prevent QP use after free
RDMA/irdma: Fix Local Invalidate fencing
af_packet: do not use READ_ONCE() in packet_bind()
tcp: deny tcp_disconnect() when threads are waiting
tcp: Return user_mss for TCP_MAXSEG in CLOSE/LISTEN state if user_mss set
net/smc: Scan from current RMB list when no position specified
net/smc: Don't use RMBs not mapped to new link in SMCRv2 ADD LINK
net/sched: sch_ingress: Only create under TC_H_INGRESS
net/sched: sch_clsact: Only create under TC_H_CLSACT
net/sched: Reserve TC_H_INGRESS (TC_H_CLSACT) for ingress (clsact) Qdiscs
net/sched: Prohibit regrafting ingress or clsact Qdiscs
net: sched: fix NULL pointer dereference in mq_attach
net/netlink: fix NETLINK_LIST_MEMBERSHIPS length report
udp6: Fix race condition in udp6_sendmsg & connect
nfsd: fix double fget() bug in __write_ports_addfd()
nvme: fix the name of Zone Append for verbose logging
net/mlx5e: Fix error handling in mlx5e_refresh_tirs
net/mlx5: Read embedded cpu after init bit cleared
iommu/mediatek: Flush IOTLB completely only if domain has been attached
net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
tcp: fix mishandling when the sack compression is deferred.
net: dsa: mv88e6xxx: Increase wait after reset deactivation
mtd: rawnand: marvell: ensure timing values are written
mtd: rawnand: marvell: don't set the NAND frequency select
rtnetlink: call validate_linkmsg in rtnl_create_link
mptcp: avoid unneeded __mptcp_nmpc_socket() usage
mptcp: add annotations around msk->subflow accesses
mptcp: avoid unneeded address copy
mptcp: simplify subflow_syn_recv_sock()
mptcp: consolidate passive msk socket initialization
mptcp: fix data race around msk->first access
mptcp: add annotations around sk->sk_shutdown accesses
drm/amdgpu: release gpu full access after "amdgpu_device_ip_late_init"
watchdog: menz069_wdt: fix watchdog initialisation
ALSA: hda: Glenfly: add HD Audio PCI IDs and HDMI Codec Vendor IDs.
ASoC: Intel: soc-acpi-cht: Add quirk for Nextbook Ares 8A tablet
drm/amdgpu: Use the default reset when loading or reloading the driver
mailbox: mailbox-test: Fix potential double-free in mbox_test_message_write()
drm/ast: Fix ARM compatibility
btrfs: abort transaction when sibling keys check fails for leaves
ARM: 9295/1: unwind:fix unwind abort for uleb128 case
hwmon: (k10temp) Add PCI ID for family 19, model 78h
media: rcar-vin: Select correct interrupt mode for V4L2_FIELD_ALTERNATE
platform/x86: intel_scu_pcidrv: Add back PCI ID for Medfield
platform/mellanox: fix potential race in mlxbf-tmfifo driver
gfs2: Don't deref jdesc in evict
drm/amdgpu: set gfx9 onwards APU atomics support to be true
fbdev: imsttfb: Fix use after free bug in imsttfb_probe
fbdev: modedb: Add 1920x1080 at 60 Hz video mode
fbdev: stifb: Fix info entry in sti_struct on error path
nbd: Fix debugfs_create_dir error checking
block/rnbd: replace REQ_OP_FLUSH with REQ_OP_WRITE
nvme-pci: add NVME_QUIRK_BOGUS_NID for HS-SSD-FUTURE 2048G
nvme-pci: add quirk for missing secondary temperature thresholds
ASoC: amd: yc: Add DMI entry to support System76 Pangolin 12
ASoC: dwc: limit the number of overrun messages
um: harddog: fix modular build
xfrm: Check if_id in inbound policy/secpath match
ASoC: dt-bindings: Adjust #sound-dai-cells on TI's single-DAI codecs
ALSA: hda/realtek: Add quirks for ASUS GU604V and GU603V
ASoC: ssm2602: Add workaround for playback distortions
media: dvb_demux: fix a bug for the continuity counter
media: dvb-usb: az6027: fix three null-ptr-deref in az6027_i2c_xfer()
media: dvb-usb-v2: ec168: fix null-ptr-deref in ec168_i2c_xfer()
media: dvb-usb-v2: ce6230: fix null-ptr-deref in ce6230_i2c_master_xfer()
media: dvb-usb-v2: rtl28xxu: fix null-ptr-deref in rtl28xxu_i2c_xfer
media: dvb-usb: digitv: fix null-ptr-deref in digitv_i2c_xfer()
media: dvb-usb: dw2102: fix uninit-value in su3000_read_mac_address
media: netup_unidvb: fix irq init by register it at the end of probe
media: dvb_ca_en50221: fix a size write bug
media: ttusb-dec: fix memory leak in ttusb_dec_exit_dvb()
media: mn88443x: fix !CONFIG_OF error by drop of_match_ptr from ID table
media: dvb-core: Fix use-after-free due on race condition at dvb_net
media: dvb-core: Fix use-after-free due to race at dvb_register_device()
media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221
ASoC: SOF: debug: conditionally bump runtime_pm counter on exceptions
ASoC: SOF: pcm: fix pm_runtime imbalance in error handling
ASoC: SOF: sof-client-probes: fix pm_runtime imbalance in error handling
ASoC: SOF: pm: save io region state in case of errors in resume
s390/pkey: zeroize key blobs
s390/topology: honour nr_cpu_ids when adding CPUs
ACPI: resource: Add IRQ override quirk for LG UltraPC 17U70P
wifi: rtl8xxxu: fix authentication timeout due to incorrect RCR value
ARM: dts: stm32: add pin map for CAN controller on stm32f7
arm64/mm: mark private VM_FAULT_X defines as vm_fault_t
arm64: vdso: Pass (void *) to virt_to_page()
wifi: mac80211: simplify chanctx allocation
wifi: mac80211: consider reserved chanctx for mindef
wifi: mac80211: recalc chanctx mindef before assigning
wifi: iwlwifi: mvm: Add locking to the rate read flow
scsi: core: Decrease scsi_device's iorequest_cnt if dispatch failed
wifi: b43: fix incorrect __packed annotation
net: wwan: t7xx: Ensure init is completed before system sleep
netfilter: conntrack: define variables exp_nat_nla_policy and any_addr with CONFIG_NF_NAT
nvme-multipath: don't call blk_mark_disk_dead in nvme_mpath_remove_disk
nvme: do not let the user delete a ctrl before a complete initialization
ALSA: oss: avoid missing-prototype warnings
drm/msm: Be more shouty if per-process pgtables aren't working
atm: hide unused procfs functions
ceph: silence smatch warning in reconnect_caps_cb()
drm/amdgpu: skip disabling fence driver src_irqs when device is unplugged
ublk: fix AB-BA lockdep warning
nvme-pci: Add quirk for Teamgroup MP33 SSD
block: Deny writable memory mapping if block is read-only
KVM: arm64: vgic: Fix a circular locking issue
KVM: arm64: vgic: Wrap vgic_its_create() with config_lock
KVM: arm64: vgic: Fix locking comment
media: mediatek: vcodec: Only apply 4K frame sizes on decoder formats
mailbox: mailbox-test: fix a locking issue in mbox_test_message_write()
drivers: base: cacheinfo: Fix shared_cpu_map changes in event of CPU hotplug
media: uvcvideo: Don't expose unsupported formats to userspace
iio: accel: st_accel: Fix invalid mount_matrix on devices without ACPI _ONT method
iio: adc: mxs-lradc: fix the order of two cleanup operations
HID: google: add jewel USB id
HID: wacom: avoid integer overflow in wacom_intuos_inout()
iio: imu: inv_icm42600: fix timestamp reset
dt-bindings: iio: adc: renesas,rcar-gyroadc: Fix adi,ad7476 compatible value
iio: light: vcnl4035: fixed chip ID check
iio: adc: stm32-adc: skip adc-channels setup if none is present
iio: adc: ad_sigma_delta: Fix IRQ issue by setting IRQ_DISABLE_UNLAZY flag
iio: dac: mcp4725: Fix i2c_master_send() return value handling
iio: addac: ad74413: fix resistance input processing
iio: adc: ad7192: Change "shorted" channels to differential
iio: adc: stm32-adc: skip adc-diff-channels setup if none is present
iio: dac: build ad5758 driver when AD5758 is selected
net: usb: qmi_wwan: Set DTR quirk for BroadMobi BM818
dt-bindings: usb: snps,dwc3: Fix "snps,hsphy_interface" type
usb: cdns3: fix NCM gadget RX speed 20x slow than expection at iMX8QM
usb: gadget: f_fs: Add unbind event before functionfs_unbind
md/raid5: fix miscalculation of 'end_sector' in raid5_read_one_chunk()
misc: fastrpc: return -EPIPE to invocations on device removal
misc: fastrpc: reject new invocations during device removal
scsi: stex: Fix gcc 13 warnings
ata: libata-scsi: Use correct device no in ata_find_dev()
drm/amdgpu: enable tmz by default for GC 11.0.1
drm/amd/pm: reverse mclk and fclk clocks levels for SMU v13.0.4
drm/amd/pm: reverse mclk and fclk clocks levels for vangogh
drm/amd/pm: resolve reboot exception for si oland
drm/amd/pm: reverse mclk clocks levels for SMU v13.0.5
drm/amd/pm: reverse mclk and fclk clocks levels for yellow carp
drm/amd/pm: reverse mclk and fclk clocks levels for renoir
x86/mtrr: Revert 90b926e68f50 ("x86/pat: Fix pat_x_mtrr_type() for MTRR disabled case")
mmc: vub300: fix invalid response handling
mmc: pwrseq: sd8787: Fix WILC CHIP_EN and RESETN toggling order
tty: serial: fsl_lpuart: use UARTCTRL_TXINV to send break instead of UARTCTRL_SBK
btrfs: fix csum_tree_block page iteration to avoid tripping on -Werror=array-bounds
phy: qcom-qmp-combo: fix init-count imbalance
phy: qcom-qmp-pcie-msm8996: fix init-count imbalance
block: fix revalidate performance regression
powerpc/iommu: Limit number of TCEs to 512 for H_STUFF_TCE hcall
iommu/amd: Fix domain flush size when syncing iotlb
tpm, tpm_tis: correct tpm_tis_flags enumeration values
riscv: perf: Fix callchain parse error with kernel tracepoint events
io_uring: undeprecate epoll_ctl support
selinux: don't use make's grouped targets feature yet
mtdchar: mark bits of ioctl handler noinline
tracing/timerlat: Always wakeup the timerlat thread
tracing/histograms: Allow variables to have some modifiers
tracing/probe: trace_probe_primary_from_call(): checked list_first_entry
selftests: mptcp: connect: skip if MPTCP is not supported
selftests: mptcp: pm nl: skip if MPTCP is not supported
selftests: mptcp: join: skip if MPTCP is not supported
selftests: mptcp: sockopt: skip if MPTCP is not supported
selftests: mptcp: userspace pm: skip if MPTCP is not supported
mptcp: fix connect timeout handling
mptcp: fix active subflow finalization
ext4: add EA_INODE checking to ext4_iget()
ext4: set lockdep subclass for the ea_inode in ext4_xattr_inode_cache_find()
ext4: disallow ea_inodes with extended attributes
ext4: add lockdep annotations for i_data_sem for ea_inode's
fbcon: Fix null-ptr-deref in soft_cursor
serial: 8250_tegra: Fix an error handling path in tegra_uart_probe()
serial: cpm_uart: Fix a COMPILE_TEST dependency
powerpc/xmon: Use KSYM_NAME_LEN in array size
test_firmware: fix a memory leak with reqs buffer
test_firmware: fix the memory leak of the allocated firmware buffer
KVM: arm64: Populate fault info for watchpoint
KVM: x86: Account fastpath-only VM-Exits in vCPU stats
ksmbd: fix credit count leakage
ksmbd: fix UAF issue from opinfo->conn
ksmbd: fix incorrect AllocationSize set in smb2_get_info
ksmbd: fix slab-out-of-bounds read in smb2_handle_negotiate
ksmbd: fix multiple out-of-bounds read during context decoding
KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()
fs/ntfs3: Validate MFT flags before replaying logs
regmap: Account for register length when chunking
tpm, tpm_tis: Request threaded interrupt handler
iommu/amd/pgtbl_v2: Fix domain max address
drm/amd/display: Have Payload Properly Created After Resume
xfs: verify buffer contents when we skip log replay
tls: rx: strp: don't use GFP_KERNEL in softirq context
arm64: efi: Use SMBIOS processor version to key off Ampere quirk
selftests: mptcp: diag: skip if MPTCP is not supported
selftests: mptcp: simult flows: skip if MPTCP is not supported
selftests: mptcp: join: avoid using 'cmp --bytes'
ext4: enable the lazy init thread when remounting read/write
Linux 6.1.33
Note, the following commits were reverted from this merge, due to
conflicts with other KVM patches. If they are needed later, they can be
brought back in a way that enables them to actually build properly:
|
||
|
Greg Kroah-Hartman
|
ef75a88787 |
Merge 6.1.28 into android14-6.1-lts
Changes in 6.1.28
ASOC: Intel: sof_sdw: add quirk for Intel 'Rooks County' NUC M15
ASoC: Intel: soc-acpi: add table for Intel 'Rooks County' NUC M15
ASoC: soc-pcm: fix hw->formats cleared by soc_pcm_hw_init() for dpcm
x86/hyperv: Block root partition functionality in a Confidential VM
ASoC: amd: yc: Add DMI entries to support Victus by HP Laptop 16-e1xxx (8A22)
iio: adc: palmas_gpadc: fix NULL dereference on rmmod
ASoC: Intel: bytcr_rt5640: Add quirk for the Acer Iconia One 7 B1-750
ASoC: da7213.c: add missing pm_runtime_disable()
net: wwan: t7xx: do not compile with -Werror
selftests mount: Fix mount_setattr_test builds failed
scsi: mpi3mr: Handle soft reset in progress fault code (0xF002)
net: sfp: add quirk enabling 2500Base-x for HG MXPD-483II
platform/x86: thinkpad_acpi: Add missing T14s Gen1 type to s2idle quirk list
wifi: ath11k: reduce the MHI timeout to 20s
tracing: Error if a trace event has an array for a __field()
asm-generic/io.h: suppress endianness warnings for readq() and writeq()
x86/cpu: Add model number for Intel Arrow Lake processor
wireguard: timers: cast enum limits members to int in prints
wifi: mt76: mt7921e: Set memory space enable in PCI_COMMAND if unset
ASoC: amd: fix ACP version typo mistake
ASoC: amd: ps: update the acp clock source.
arm64: Always load shadow stack pointer directly from the task struct
arm64: Stash shadow stack pointer in the task struct on interrupt
powerpc/boot: Fix boot wrapper code generation with CONFIG_POWER10_CPU
PCI: kirin: Select REGMAP_MMIO
PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock
PCI: qcom: Fix the incorrect register usage in v2.7.0 config
phy: qcom-qmp-pcie: sc8180x PCIe PHY has 2 lanes
IMA: allow/fix UML builds
usb: gadget: udc: core: Invoke usb_gadget_connect only when started
usb: gadget: udc: core: Prevent redundant calls to pullup
usb: dwc3: gadget: Stall and restart EP0 if host is unresponsive
USB: dwc3: fix runtime pm imbalance on probe errors
USB: dwc3: fix runtime pm imbalance on unbind
hwmon: (k10temp) Check range scale when CUR_TEMP register is read-write
hwmon: (adt7475) Use device_property APIs when configuring polarity
tpm: Add !tpm_amd_is_rng_defective() to the hwrng_unregister() call site
posix-cpu-timers: Implement the missing timer_wait_running callback
media: ov8856: Do not check for for module version
blk-stat: fix QUEUE_FLAG_STATS clear
blk-crypto: don't use struct request_queue for public interfaces
blk-crypto: add a blk_crypto_config_supported_natively helper
blk-crypto: move internal only declarations to blk-crypto-internal.h
blk-crypto: Add a missing include directive
blk-mq: release crypto keyslot before reporting I/O complete
blk-crypto: make blk_crypto_evict_key() return void
blk-crypto: make blk_crypto_evict_key() more robust
staging: iio: resolver: ads1210: fix config mode
tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH
xhci: fix debugfs register accesses while suspended
serial: fix TIOCSRS485 locking
serial: 8250: Fix serial8250_tx_empty() race with DMA Tx
serial: max310x: fix IO data corruption in batched operations
tick/nohz: Fix cpu_is_hotpluggable() by checking with nohz subsystem
fs: fix sysctls.c built
MIPS: fw: Allow firmware to pass a empty env
ipmi:ssif: Add send_retries increment
ipmi: fix SSIF not responding under certain cond.
iio: addac: stx104: Fix race condition when converting analog-to-digital
iio: addac: stx104: Fix race condition for stx104_write_raw()
kheaders: Use array declaration instead of char
wifi: mt76: add missing locking to protect against concurrent rx/status calls
pwm: meson: Fix axg ao mux parents
pwm: meson: Fix g12a ao clk81 name
soundwire: qcom: correct setting ignore bit on v1.5.1
pinctrl: qcom: lpass-lpi: set output value before enabling output
ring-buffer: Ensure proper resetting of atomic variables in ring_buffer_reset_online_cpus
ring-buffer: Sync IRQ works before buffer destruction
crypto: api - Demote BUG_ON() in crypto_unregister_alg() to a WARN_ON()
crypto: safexcel - Cleanup ring IRQ workqueues on load failure
crypto: arm64/aes-neonbs - fix crash with CFI enabled
crypto: ccp - Don't initialize CCP for PSP 0x1649
rcu: Avoid stack overflow due to __rcu_irq_enter_check_tick() being kprobe-ed
reiserfs: Add security prefix to xattr name in reiserfs_security_write()
KVM: nVMX: Emulate NOPs in L2, and PAUSE if it's not intercepted
KVM: arm64: Avoid vcpu->mutex v. kvm->lock inversion in CPU_ON
KVM: arm64: Avoid lock inversion when setting the VM register width
KVM: arm64: Use config_lock to protect data ordered against KVM_RUN
KVM: arm64: Use config_lock to protect vgic state
KVM: arm64: vgic: Don't acquire its_lock before config_lock
relayfs: fix out-of-bounds access in relay_file_read
drm/amd/display: Remove stutter only configurations
drm/amd/display: limit timing for single dimm memory
drm/amd/display: fix PSR-SU/DSC interoperability support
drm/amd/display: fix a divided-by-zero error
KVM: RISC-V: Retry fault if vma_lookup() results become invalid
ksmbd: fix racy issue under cocurrent smb2 tree disconnect
ksmbd: call rcu_barrier() in ksmbd_server_exit()
ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
ksmbd: fix memleak in session setup
ksmbd: not allow guest user on multichannel
ksmbd: fix deadlock in ksmbd_find_crypto_ctx()
ACPI: video: Remove acpi_backlight=video quirk for Lenovo ThinkPad W530
i2c: omap: Fix standard mode false ACK readings
riscv: mm: remove redundant parameter of create_fdt_early_page_table
tracing: Fix permissions for the buffer_percent file
swsmu/amdgpu_smu: Fix the wrong if-condition
drm/amd/pm: re-enable the gfx imu when smu resume
iommu/amd: Fix "Guest Virtual APIC Table Root Pointer" configuration in IRTE
RISC-V: Align SBI probe implementation with spec
Revert "ubifs: dirty_cow_znode: Fix memleak in error handling path"
ubifs: Fix memleak when insert_old_idx() failed
ubi: Fix return value overwrite issue in try_write_vid_and_data()
ubifs: Free memory for tmpfile name
ubifs: Fix memory leak in do_rename
ceph: fix potential use-after-free bug when trimming caps
xfs: don't consider future format versions valid
cxl/hdm: Fail upon detecting 0-sized decoders
bus: mhi: host: Remove duplicate ee check for syserr
bus: mhi: host: Use mhi_tryset_pm_state() for setting fw error state
bus: mhi: host: Range check CHDBOFF and ERDBOFF
ASoC: dt-bindings: qcom,lpass-rx-macro: correct minItems for clocks
kunit: improve KTAP compliance of KUnit test output
kunit: fix bug in the order of lines in debugfs logs
rcu: Fix missing TICK_DEP_MASK_RCU_EXP dependency check
selftests/resctrl: Return NULL if malloc_and_init_memory() did not alloc mem
selftests/resctrl: Move ->setup() call outside of test specific branches
selftests/resctrl: Allow ->setup() to return errors
selftests/resctrl: Check for return value after write_schemata()
selinux: fix Makefile dependencies of flask.h
selinux: ensure av_permissions.h is built when needed
tpm, tpm_tis: Do not skip reset of original interrupt vector
tpm, tpm_tis: Claim locality before writing TPM_INT_ENABLE register
tpm, tpm_tis: Disable interrupts if tpm_tis_probe_irq() failed
tpm, tpm_tis: Claim locality before writing interrupt registers
tpm, tpm: Implement usage counter for locality
tpm, tpm_tis: Claim locality when interrupts are reenabled on resume
erofs: stop parsing non-compact HEAD index if clusterofs is invalid
erofs: initialize packed inode after root inode is assigned
erofs: fix potential overflow calculating xattr_isize
drm/rockchip: Drop unbalanced obj unref
drm/i915/dg2: Drop one PCI ID
drm/vgem: add missing mutex_destroy
drm/probe-helper: Cancel previous job before starting new one
drm/amdgpu: register a vga_switcheroo client for MacBooks with apple-gmux
tools/x86/kcpuid: Fix avx512bw and avx512lvl fields in Fn00000007
soc: ti: pm33xx: Fix refcount leak in am33xx_pm_probe
arm64: dts: renesas: r8a77990: Remove bogus voltages from OPP table
arm64: dts: renesas: r8a774c0: Remove bogus voltages from OPP table
arm64: dts: renesas: r9a07g044: Update IRQ numbers for SSI channels
arm64: dts: renesas: r9a07g054: Update IRQ numbers for SSI channels
arm64: dts: renesas: r9a07g043: Introduce SOC_PERIPHERAL_IRQ() macro to specify interrupt property
arm64: dts: renesas: r9a07g043: Update IRQ numbers for SSI channels
drm/mediatek: dp: Only trigger DRM HPD events if bridge is attached
drm/msm/disp/dpu: check for crtc enable rather than crtc active to release shared resources
EDAC/skx: Fix overflows on the DRAM row address mapping arrays
ARM: dts: qcom-apq8064: Fix opp table child name
regulator: core: Shorten off-on-delay-us for always-on/boot-on by time since booted
arm64: dts: ti: k3-am62-main: Fix GPIO numbers in DT
arm64: dts: ti: k3-am62a7-sk: Fix DDR size to full 4GB
arm64: dts: ti: k3-j721e-main: Remove ti,strobe-sel property
arm64: dts: broadcom: bcmbca: bcm4908: fix NAND interrupt name
arm64: dts: broadcom: bcmbca: bcm4908: fix LED nodenames
arm64: dts: broadcom: bcmbca: bcm4908: fix procmon nodename
arm64: dts: qcom: msm8998: Fix stm-stimulus-base reg name
arm64: dts: qcom: sc7280: fix EUD port properties
arm64: dts: qcom: sdm845: correct dynamic power coefficients
arm64: dts: qcom: sdm845: Fix the PCI I/O port range
arm64: dts: qcom: msm8998: Fix the PCI I/O port range
arm64: dts: qcom: sc7280: Fix the PCI I/O port range
arm64: dts: qcom: ipq8074: Fix the PCI I/O port range
arm64: dts: qcom: ipq6018: Fix the PCI I/O port range
arm64: dts: qcom: msm8996: Fix the PCI I/O port range
arm64: dts: qcom: sm8250: Fix the PCI I/O port range
arm64: dts: qcom: sm8150: Fix the PCI I/O port range
arm64: dts: qcom: sm8450: Fix the PCI I/O port range
ARM: dts: qcom: ipq4019: Fix the PCI I/O port range
ARM: dts: qcom: ipq8064: Fix the PCI I/O port range
ARM: dts: qcom: sdx55: Fix the unit address of PCIe EP node
x86/MCE/AMD: Use an u64 for bank_map
media: bdisp: Add missing check for create_workqueue
media: platform: mtk-mdp3: Add missing check and free for ida_alloc
media: amphion: decoder implement display delay enable
media: av7110: prevent underflow in write_ts_to_decoder()
firmware: qcom_scm: Clear download bit during reboot
drm/bridge: adv7533: Fix adv7533_mode_valid for adv7533 and adv7535
media: max9286: Free control handler
arm64: dts: ti: k3-am625: Correct L2 cache size to 512KB
arm64: dts: ti: k3-am62a7: Correct L2 cache size to 512KB
drm/msm/adreno: drop bogus pm_runtime_set_active()
drm: msm: adreno: Disable preemption on Adreno 510
virt/coco/sev-guest: Double-buffer messages
arm64: dts: qcom: sm8350-microsoft-surface: fix USB dual-role mode property
drm/amd/display/dc/dce60/Makefile: Fix previous attempt to silence known override-init warnings
ACPI: processor: Fix evaluating _PDC method when running as Xen dom0
mmc: sdhci-of-esdhc: fix quirk to ignore command inhibit for data
arm64: dts: qcom: sm8450: fix pcie1 gpios properties name
drm: rcar-du: Fix a NULL vs IS_ERR() bug
ARM: dts: gta04: fix excess dma channel usage
firmware: arm_scmi: Fix xfers allocation on Rx channel
perf/arm-cmn: Move overlapping wp_combine field
ARM: dts: stm32: fix spi1 pin assignment on stm32mp15
arm64: dts: apple: t8103: Disable unused PCIe ports
cpufreq: mediatek: fix passing zero to 'PTR_ERR'
cpufreq: mediatek: fix KP caused by handler usage after regulator_put/clk_put
cpufreq: mediatek: raise proc/sram max voltage for MT8516
cpufreq: mediatek: Raise proc and sram max voltage for MT7622/7623
cpufreq: qcom-cpufreq-hw: Revert adding cpufreq qos
arm64: dts: mediatek: mt8192-asurada: Fix voltage constraint for Vgpu
ACPI: VIOT: Initialize the correct IOMMU fwspec
drm/lima/lima_drv: Add missing unwind goto in lima_pdev_probe()
drm/mediatek: dp: Change the aux retries times when receiving AUX_DEFER
mailbox: mpfs: switch to txdone_poll
soc: bcm: brcmstb: biuctrl: fix of_iomap leak
soc: renesas: renesas-soc: Release 'chipid' from ioremap()
gpu: host1x: Fix potential double free if IOMMU is disabled
gpu: host1x: Fix memory leak of device names
arm64: dts: qcom: sc7280-herobrine-villager: correct trackpad supply
arm64: dts: qcom: sc7180-trogdor-lazor: correct trackpad supply
arm64: dts: qcom: sc7180-trogdor-pazquel: correct trackpad supply
arm64: dts: qcom: msm8994-kitakami: drop unit address from PMI8994 regulator
arm64: dts: qcom: msm8994-msft-lumia-octagon: drop unit address from PMI8994 regulator
arm64: dts: qcom: apq8096-db820c: drop unit address from PMI8994 regulator
drm/ttm: optimize pool allocations a bit v2
drm/ttm/pool: Fix ttm_pool_alloc error path
regulator: core: Consistently set mutex_owner when using ww_mutex_lock_slow()
regulator: core: Avoid lockdep reports when resolving supplies
x86/apic: Fix atomic update of offset in reserve_eilvt_offset()
arm64: dts: qcom: msm8994-angler: Fix cont_splash_mem mapping
arm64: dts: qcom: msm8994-angler: removed clash with smem_region
arm64: dts: sc7180: Rename qspi data12 as data23
arm64: dts: sc7280: Rename qspi data12 as data23
media: mediatek: vcodec: Use 4K frame size when supported by stateful decoder
media: mediatek: vcodec: Make MM21 the default capture format
media: mediatek: vcodec: Force capture queue format to MM21
media: mediatek: vcodec: add params to record lat and core lat_buf count
media: mediatek: vcodec: using each instance lat_buf count replace core ready list
media: mediatek: vcodec: move lat_buf to the top of core list
media: mediatek: vcodec: add core decode done event
media: mediatek: vcodec: remove unused lat_buf
media: mediatek: vcodec: making sure queue_work successfully
media: mediatek: vcodec: change lat thread decode error condition
media: cedrus: fix use after free bug in cedrus_remove due to race condition
media: rkvdec: fix use after free bug in rkvdec_remove
platform/x86/amd/pmf: Move out of BIOS SMN pair for driver probe
platform/x86/amd: pmc: Don't try to read SMU version on Picasso
platform/x86/amd: pmc: Hide SMU version and program attributes for Picasso
platform/x86/amd: pmc: Don't dump data after resume from s0i3 on picasso
platform/x86/amd: pmc: Move idlemask check into `amd_pmc_idlemask_read`
platform/x86/amd: pmc: Utilize SMN index 0 for driver probe
platform/x86/amd: pmc: Move out of BIOS SMN pair for STB init
media: dm1105: Fix use after free bug in dm1105_remove due to race condition
media: saa7134: fix use after free bug in saa7134_finidev due to race condition
media: platform: mtk-mdp3: fix potential frame size overflow in mdp_try_fmt_mplane()
media: rcar_fdp1: Fix refcount leak in probe and remove function
media: v4l: async: Return async sub-devices to subnotifier list
media: hi846: Fix memleak in hi846_init_controls()
drm/amd/display: Fix potential null dereference
media: rc: gpio-ir-recv: Fix support for wake-up
media: venus: dec: Fix handling of the start cmd
media: venus: dec: Fix capture formats enumeration order
regulator: stm32-pwr: fix of_iomap leak
x86/ioapic: Don't return 0 from arch_dynirq_lower_bound()
arm64: kgdb: Set PSTATE.SS to 1 to re-enable single-step
perf/arm-cmn: Fix port detection for CMN-700
media: mediatek: vcodec: fix decoder disable pm crash
media: mediatek: vcodec: add remove function for decoder platform driver
debugobject: Prevent init race with static objects
drm/i915: Make intel_get_crtc_new_encoder() less oopsy
tick/common: Align tick period with the HZ tick.
ACPI: bus: Ensure that notify handlers are not running after removal
cpufreq: use correct unit when verify cur freq
rpmsg: glink: Propagate TX failures in intentless mode as well
hwmon: (pmbus/fsp-3y) Fix functionality bitmask in FSP-3Y YM-2151E
platform/chrome: cros_typec_switch: Add missing fwnode_handle_put()
wifi: ath6kl: minor fix for allocation size
wifi: ath9k: hif_usb: fix memory leak of remain_skbs
wifi: ath11k: Use platform_get_irq() to get the interrupt
wifi: ath5k: Use platform_get_irq() to get the interrupt
wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list()
wifi: ath11k: fix SAC bug on peer addition with sta band migration
wifi: brcmfmac: support CQM RSSI notification with older firmware
wifi: ath6kl: reduce WARN to dev_dbg() in callback
tools: bpftool: Remove invalid \' json escape
wifi: rtw88: mac: Return the original error from rtw_pwr_seq_parser()
wifi: rtw88: mac: Return the original error from rtw_mac_power_switch()
bpf: take into account liveness when propagating precision
bpf: fix precision propagation verbose logging
crypto: qat - fix concurrency issue when device state changes
scm: fix MSG_CTRUNC setting condition for SO_PASSSEC
wifi: ath11k: fix deinitialization of firmware resources
selftests/bpf: Fix a fd leak in an error path in network_helpers.c
bpf: Remove misleading spec_v1 check on var-offset stack read
net: pcs: xpcs: remove double-read of link state when using AN
vlan: partially enable SIOCSHWTSTAMP in container
net/packet: annotate accesses to po->xmit
net/packet: convert po->origdev to an atomic flag
net/packet: convert po->auxdata to an atomic flag
libbpf: Fix ld_imm64 copy logic for ksym in light skeleton.
net: dsa: qca8k: remove assignment of an_enabled in pcs_get_state()
netfilter: keep conntrack reference until IPsecv6 policy checks are done
bpf: Fix __reg_bound_offset 64->32 var_off subreg propagation
scsi: target: core: Change the way target_xcopy_do_work() sets restiction on max I/O
scsi: target: Move sess cmd counter to new struct
scsi: target: Move cmd counter allocation
scsi: target: Pass in cmd counter to use during cmd setup
scsi: target: iscsit: isert: Alloc per conn cmd counter
scsi: target: iscsit: Stop/wait on cmds during conn close
scsi: target: Fix multiple LUN_RESET handling
scsi: target: iscsit: Fix TAS handling during conn cleanup
scsi: megaraid: Fix mega_cmd_done() CMDID_INT_CMDS
net: sunhme: Fix uninitialized return code
f2fs: handle dqget error in f2fs_transfer_project_quota()
f2fs: fix uninitialized skipped_gc_rwsem
f2fs: apply zone capacity to all zone type
f2fs: compress: fix to call f2fs_wait_on_page_writeback() in f2fs_write_raw_pages()
f2fs: fix scheduling while atomic in decompression path
crypto: caam - Clear some memory in instantiate_rng
crypto: sa2ul - Select CRYPTO_DES
wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_rfreg()
wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_reg()
scsi: libsas: Add sas_ata_device_link_abort()
scsi: hisi_sas: Handle NCQ error when IPTT is valid
wifi: rt2x00: Fix memory leak when handling surveys
f2fs: fix iostat lock protection
net: qrtr: correct types of trace event parameters
selftests: xsk: Use correct UMEM size in testapp_invalid_desc
selftests: xsk: Disable IPv6 on VETH1
selftests: xsk: Deflakify STATS_RX_DROPPED test
selftests/bpf: Wait for receive in cg_storage_multi test
bpftool: Fix bug for long instructions in program CFG dumps
crypto: drbg - Only fail when jent is unavailable in FIPS mode
xsk: Fix unaligned descriptor validation
f2fs: fix to avoid use-after-free for cached IPU bio
wifi: iwlwifi: fix duplicate entry in iwl_dev_info_table
bpf/btf: Fix is_int_ptr()
scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup()
net: ethernet: stmmac: dwmac-rk: rework optional clock handling
net: ethernet: stmmac: dwmac-rk: fix optional phy regulator handling
wifi: ath11k: fix writing to unintended memory region
bpf, sockmap: fix deadlocks in the sockhash and sockmap
nvmet: fix error handling in nvmet_execute_identify_cns_cs_ns()
nvmet: fix Identify Namespace handling
nvmet: fix Identify Controller handling
nvmet: fix Identify Active Namespace ID list handling
nvmet: fix I/O Command Set specific Identify Controller
nvme: fix async event trace event
nvme-fcloop: fix "inconsistent {IN-HARDIRQ-W} -> {HARDIRQ-ON-W} usage"
selftests/bpf: Use read_perf_max_sample_freq() in perf_event_stackmap
selftests/bpf: Fix leaked bpf_link in get_stackid_cannot_attach
blk-mq: don't plug for head insertions in blk_execute_rq_nowait
wifi: iwlwifi: debug: fix crash in __iwl_err()
wifi: iwlwifi: trans: don't trigger d3 interrupt twice
wifi: iwlwifi: mvm: don't set CHECKSUM_COMPLETE for unsupported protocols
bpf, sockmap: Revert buggy deadlock fix in the sockhash and sockmap
f2fs: fix to check return value of f2fs_do_truncate_blocks()
f2fs: fix to check return value of inc_valid_block_count()
md/raid10: fix task hung in raid10d
md/raid10: fix leak of 'r10bio->remaining' for recovery
md/raid10: fix memleak for 'conf->bio_split'
md/raid10: fix memleak of md thread
md/raid10: don't call bio_start_io_acct twice for bio which experienced read error
wifi: iwlwifi: mvm: don't drop unencrypted MCAST frames
wifi: iwlwifi: yoyo: skip dump correctly on hw error
wifi: iwlwifi: yoyo: Fix possible division by zero
wifi: iwlwifi: mvm: initialize seq variable
wifi: iwlwifi: fw: move memset before early return
jdb2: Don't refuse invalidation of already invalidated buffers
io_uring/rsrc: use nospec'ed indexes
wifi: iwlwifi: make the loop for card preparation effective
wifi: mt76: mt7915: expose device tree match table
wifi: mt76: handle failure of vzalloc in mt7615_coredump_work
wifi: mt76: add flexible polling wait-interval support
wifi: mt76: mt7921e: fix probe timeout after reboot
wifi: mt76: fix 6GHz high channel not be scanned
mt76: mt7921: fix kernel panic by accessing unallocated eeprom.data
wifi: mt76: mt7921: fix missing unwind goto in `mt7921u_probe`
wifi: mt76: mt7921e: improve reliability of dma reset
wifi: mt76: mt7921e: stop chip reset worker in unregister hook
wifi: mt76: connac: fix txd multicast rate setting
wifi: iwlwifi: mvm: check firmware response size
netfilter: conntrack: restore IPS_CONFIRMED out of nf_conntrack_hash_check_insert()
netfilter: conntrack: fix wrong ct->timeout value
wifi: iwlwifi: fw: fix memory leak in debugfs
ixgbe: Allow flow hash to be set via ethtool
ixgbe: Enable setting RSS table to default values
net/mlx5e: Don't clone flow post action attributes second time
net/mlx5: E-switch, Create per vport table based on devlink encap mode
net/mlx5: E-switch, Don't destroy indirect table in split rule
net/mlx5e: Fix error flow in representor failing to add vport rx rule
net/mlx5: Remove "recovery" arg from mlx5_load_one() function
net/mlx5: Suspend auxiliary devices only in case of PCI device suspend
Revert "net/mlx5: Remove "recovery" arg from mlx5_load_one() function"
net/mlx5: Use recovery timeout on sync reset flow
net/mlx5e: Nullify table pointer when failing to create
net: stmmac:fix system hang when setting up tag_8021q VLAN for DSA ports
bpf: Fix race between btf_put and btf_idr walk.
bpf: Don't EFAULT for getsockopt with optval=NULL
netfilter: nf_tables: don't write table validation state without mutex
net: dpaa: Fix uninitialized variable in dpaa_stop()
net/sched: sch_fq: fix integer overflow of "credit"
ipv4: Fix potential uninit variable access bug in __ip_make_skb()
Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work"
netlink: Use copy_to_user() for optval in netlink_getsockopt().
net: amd: Fix link leak when verifying config failed
tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp.
ipmi: ASPEED_BT_IPMI_BMC: select REGMAP_MMIO instead of depending on it
ASoC: cs35l41: Only disable internal boost
drivers: staging: rtl8723bs: Fix locking in _rtw_join_timeout_handler()
drivers: staging: rtl8723bs: Fix locking in rtw_scan_timeout_handler()
pstore: Revert pmsg_lock back to a normal mutex
usb: host: xhci-rcar: remove leftover quirk handling
usb: dwc3: gadget: Change condition for processing suspend event
serial: stm32: Re-assert RTS/DE GPIO in RS485 mode only if more data are transmitted
fpga: bridge: fix kernel-doc parameter description
iio: light: max44009: add missing OF device matching
serial: 8250_bcm7271: Fix arbitration handling
spi: atmel-quadspi: Don't leak clk enable count in pm resume
spi: atmel-quadspi: Free resources even if runtime resume failed in .remove()
spi: imx: Don't skip cleanup in remove's error path
usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition
ASoC: soc-compress: Inherit atomicity from DAI link for Compress FE
PCI: imx6: Install the fault handler only on compatible match
ASoC: es8316: Handle optional IRQ assignment
linux/vt_buffer.h: allow either builtin or modular for macros
spi: qup: Don't skip cleanup in remove's error path
interconnect: qcom: rpm: drop bogus pm domain attach
spi: fsl-spi: Fix CPM/QE mode Litte Endian
vmci_host: fix a race condition in vmci_host_poll() causing GPF
of: Fix modalias string generation
PCI/EDR: Clear Device Status after EDR error recovery
ia64: mm/contig: fix section mismatch warning/error
ia64: salinfo: placate defined-but-not-used warning
scripts/gdb: bail early if there are no clocks
scripts/gdb: bail early if there are no generic PD
HID: amd_sfh: Correct the structure fields
HID: amd_sfh: Correct the sensor enable and disable command
HID: amd_sfh: Fix illuminance value
HID: amd_sfh: Add support for shutdown operation
HID: amd_sfh: Correct the stop all command
HID: amd_sfh: Increase sensor command timeout for SFH1.1
HID: amd_sfh: Handle "no sensors" enabled for SFH1.1
cacheinfo: Check sib_leaf in cache_leaves_are_shared()
coresight: etm_pmu: Set the module field
drm/panel: novatek-nt35950: Improve error handling
ASoC: fsl_mqs: move of_node_put() to the correct location
PCI/PM: Extend D3hot delay for NVIDIA HDA controllers
drm/panel: novatek-nt35950: Only unregister DSI1 if it exists
spi: cadence-quadspi: fix suspend-resume implementations
i2c: cadence: cdns_i2c_master_xfer(): Fix runtime PM leak on error path
i2c: xiic: xiic_xfer(): Fix runtime PM leak on error path
scripts/gdb: raise error with reduced debugging information
uapi/linux/const.h: prefer ISO-friendly __typeof__
sh: sq: Fix incorrect element size for allocating bitmap buffer
usb: gadget: tegra-xudc: Fix crash in vbus_draw
usb: chipidea: fix missing goto in `ci_hdrc_probe`
usb: mtu3: fix kernel panic at qmu transfer done irq handler
firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe
tty: serial: fsl_lpuart: adjust buffer length to the intended size
serial: 8250: Add missing wakeup event reporting
spi: cadence-quadspi: use macro DEFINE_SIMPLE_DEV_PM_OPS
staging: rtl8192e: Fix W_DISABLE# does not work after stop/start
spmi: Add a check for remove callback when removing a SPMI driver
virtio_ring: don't update event idx on get_buf
fbdev: mmp: Fix deferred clk handling in mmphw_probe()
selftests/powerpc/pmu: Fix sample field check in the mmcra_thresh_marked_sample_test
macintosh/windfarm_smu_sat: Add missing of_node_put()
powerpc/perf: Properly detect mpc7450 family
powerpc/mpc512x: fix resource printk format warning
powerpc/wii: fix resource printk format warnings
powerpc/sysdev/tsi108: fix resource printk format warnings
macintosh: via-pmu-led: requires ATA to be set
powerpc/rtas: use memmove for potentially overlapping buffer copy
sched/fair: Fix inaccurate tally of ttwu_move_affine
perf/core: Fix hardlockup failure caused by perf throttle
Revert "objtool: Support addition to set CFA base"
riscv: Fix ptdump when KASAN is enabled
sched/rt: Fix bad task migration for rt tasks
tracing/user_events: Ensure write index cannot be negative
clk: at91: clk-sam9x60-pll: fix return value check
IB/hifi1: add a null check of kzalloc_node in hfi1_ipoib_txreq_init
RDMA/siw: Fix potential page_array out of range access
clk: mediatek: mt2712: Add error handling to clk_mt2712_apmixed_probe()
clk: mediatek: Consistently use GATE_MTK() macro
clk: mediatek: mt7622: Properly use CLK_IS_CRITICAL flag
clk: mediatek: mt8135: Properly use CLK_IS_CRITICAL flag
RDMA/rdmavt: Delete unnecessary NULL check
clk: qcom: gcc-qcm2290: Fix up gcc_sdcc2_apps_clk_src
workqueue: Fix hung time report of worker pools
rtc: omap: include header for omap_rtc_power_off_program prototype
RDMA/mlx4: Prevent shift wrapping in set_user_sq_size()
rtc: meson-vrtc: Use ktime_get_real_ts64() to get the current time
rtc: k3: handle errors while enabling wake irq
RDMA/erdma: Use fixed hardware page size
fs/ntfs3: Fix memory leak if ntfs_read_mft failed
fs/ntfs3: Add check for kmemdup
fs/ntfs3: Fix OOB read in indx_insert_into_buffer
fs/ntfs3: Fix slab-out-of-bounds read in hdr_delete_de()
iommu/mediatek: Set dma_mask for PGTABLE_PA_35_EN
power: supply: generic-adc-battery: fix unit scaling
clk: add missing of_node_put() in "assigned-clocks" property parsing
RDMA/siw: Remove namespace check from siw_netdev_event()
clk: qcom: gcc-sm6115: Mark RCGs shared where applicable
power: supply: rk817: Fix low SOC bugs
RDMA/cm: Trace icm_send_rej event before the cm state is reset
RDMA/srpt: Add a check for valid 'mad_agent' pointer
IB/hfi1: Fix SDMA mmu_rb_node not being evicted in LRU order
IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests
clk: imx: fracn-gppll: fix the rate table
clk: imx: fracn-gppll: disable hardware select control
clk: imx: imx8ulp: Fix XBAR_DIVBUS and AD_SLOW clock parents
NFSv4.1: Always send a RECLAIM_COMPLETE after establishing lease
iommu/amd: Set page size bitmap during V2 domain allocation
clk: qcom: lpasscc-sc7280: Skip qdsp6ss clock registration
clk: qcom: lpassaudiocc-sc7280: Add required gdsc power domain clks in lpass_cc_sc7280_desc
clk: qcom: gcc-sm8350: fix PCIe PIPE clocks handling
clk: qcom: dispcc-qcm2290: get rid of test clock
clk: qcom: dispcc-qcm2290: Remove inexistent DSI1PHY clk
Input: raspberrypi-ts - fix refcount leak in rpi_ts_probe
swiotlb: relocate PageHighMem test away from rmem_swiotlb_setup
swiotlb: fix debugfs reporting of reserved memory pools
RDMA/mlx5: Check pcie_relaxed_ordering_enabled() in UMR
RDMA/mlx5: Fix flow counter query via DEVX
SUNRPC: remove the maximum number of retries in call_bind_status
RDMA/mlx5: Use correct device num_ports when modify DC
clocksource/drivers/davinci: Fix memory leak in davinci_timer_register when init fails
openrisc: Properly store r31 to pt_regs on unhandled exceptions
timekeeping: Fix references to nonexistent ktime_get_fast_ns()
SMB3: Add missing locks to protect deferred close file list
SMB3: Close deferred file handles in case of handle lease break
ext4: fix i_disksize exceeding i_size problem in paritally written case
ext4: fix use-after-free read in ext4_find_extent for bigalloc + inline
pinctrl: renesas: r8a779a0: Remove incorrect AVB[01] pinmux configuration
pinctrl: renesas: r8a779f0: Fix tsn1_avtp_pps pin group
pinctrl: renesas: r8a779g0: Fix Group 4/5 pin functions
pinctrl: renesas: r8a779g0: Fix Group 6/7 pin functions
pinctrl: renesas: r8a779g0: Fix ERROROUTC function names
leds: TI_LMU_COMMON: select REGMAP instead of depending on it
pinctrl: ralink: reintroduce ralink,rt2880-pinmux compatible string
dmaengine: mv_xor_v2: Fix an error code.
leds: tca6507: Fix error handling of using fwnode_property_read_string
pwm: mtk-disp: Disable shadow registers before setting backlight values
pwm: mtk-disp: Configure double buffering before reading in .get_state()
soundwire: cadence: rename sdw_cdns_dai_dma_data as sdw_cdns_dai_runtime
soundwire: intel: don't save hw_params for use in prepare
phy: tegra: xusb: Add missing tegra_xusb_port_unregister for usb2_port and ulpi_port
phy: ti: j721e-wiz: Fix unreachable code in wiz_mode_select()
dma: gpi: remove spurious unlock in gpi_ch_init
dmaengine: dw-edma: Fix to change for continuous transfer
dmaengine: dw-edma: Fix to enable to issue dma request on DMA processing
dmaengine: at_xdmac: do not enable all cyclic channels
pinctrl-bcm2835.c: fix race condition when setting gpio dir
thermal/drivers/mediatek: Use devm_of_iomap to avoid resource leak in mtk_thermal_probe
mfd: tqmx86: Do not access I2C_DETECT register through io_base
mfd: tqmx86: Specify IO port register range more precisely
mfd: tqmx86: Correct board names for TQMxE39x
mfd: ocelot-spi: Fix unsupported bulk read
mfd: arizona-spi: Add missing MODULE_DEVICE_TABLE
hte: tegra: fix 'struct of_device_id' build error
hte: tegra-194: Fix off by one in tegra_hte_map_to_line_id()
ACPI: PM: Do not turn of unused power resources on the Toshiba Click Mini
PM: hibernate: Turn snapshot_test into global variable
PM: hibernate: Do not get block device exclusively in test_resume mode
afs: Fix updating of i_size with dv jump from server
afs: Fix getattr to report server i_size on dirs, not local size
afs: Avoid endless loop if file is larger than expected
parisc: Fix argument pointer in real64_call_asm()
parisc: Ensure page alignment in flush functions
ALSA: usb-audio: Add quirk for Pioneer DDJ-800
ALSA: hda/realtek: Add quirk for ThinkPad P1 Gen 6
ALSA: hda/realtek: Add quirk for ASUS UM3402YAR using CS35L41
ALSA: hda/realtek: support HP Pavilion Aero 13-be0xxx Mute LED
ALSA: hda/realtek: Fix mute and micmute LEDs for an HP laptop
nilfs2: do not write dirty data after degenerating to read-only
nilfs2: fix infinite loop in nilfs_mdt_get_block()
mm: do not reclaim private data from pinned page
drbd: correctly submit flush bio on barrier
md/raid10: fix null-ptr-deref in raid10_sync_request
md/raid5: Improve performance for sequential IO
kasan: hw_tags: avoid invalid virt_to_page()
mtd: core: provide unique name for nvmem device, take two
mtd: core: fix nvmem error reporting
mtd: core: fix error path for nvmem provider
mtd: spi-nor: core: Update flash's current address mode when changing address mode
mailbox: zynqmp: Fix IPI isr handling
kcsan: Avoid READ_ONCE() in read_instrumented_memory()
mailbox: zynqmp: Fix typo in IPI documentation
wifi: rtl8xxxu: RTL8192EU always needs full init
wifi: rtw89: fix potential race condition between napi_init and napi_enable
clk: microchip: fix potential UAF in auxdev release callback
clk: rockchip: rk3399: allow clk_cifout to force clk_cifout_src to reparent
scripts/gdb: fix lx-timerlist for Python3
btrfs: scrub: reject unsupported scrub flags
s390/dasd: fix hanging blockdevice after request requeue
ia64: fix an addr to taddr in huge_pte_offset()
mm/mempolicy: correctly update prev when policy is equal on mbind
vhost_vdpa: fix unmap process in no-batch mode
dm verity: fix error handling for check_at_most_once on FEC
dm clone: call kmem_cache_destroy() in dm_clone_init() error path
dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path
dm flakey: fix a crash with invalid table line
dm ioctl: fix nested locking in table_clear() to remove deadlock concern
dm: don't lock fs when the map is NULL in process of resume
blk-iocost: avoid 64-bit division in ioc_timer_fn
cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname
cifs: protect session status check in smb2_reconnect()
thunderbolt: Use correct type in tb_port_is_clx_enabled() prototype
bonding (gcc13): synchronize bond_{a,t}lb_xmit() types
wifi: ath11k: synchronize ath11k_mac_he_gi_to_nl80211_he_gi()'s return type
perf auxtrace: Fix address filter entire kernel size
perf intel-pt: Fix CYC timestamps after standalone CBR
block/blk-iocost (gcc13): keep large values in a new enum
sfc (gcc13): synchronize ef100_enqueue_skb()'s return type
i40e: Remove unused i40e status codes
i40e: Remove string printing for i40e_status
i40e: use int for i40e_status
drm/amd/display (gcc13): fix enum mismatch
debugobject: Ensure pool refill (again)
scsi: libsas: Grab the ATA port lock in sas_ata_device_link_abort()
netfilter: nf_tables: deactivate anonymous set from preparation phase
Linux 6.1.28
Change-Id: I61b5133e2d051cc2aa39b8c7c1be3fc25da40210
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
Linus Walleij
|
bdd97c99b3 |
arm64: vdso: Pass (void *) to virt_to_page()
[ Upstream commit b0abde80620f42d1ceb3de5e4c1a49cdd5628229 ] Like the other calls in this function virt_to_page() expects a pointer, not an integer. However since many architectures implement virt_to_pfn() as a macro, this function becomes polymorphic and accepts both a (unsigned long) and a (void *). Fix this up with an explicit cast. Signed-off-by: Linus Walleij <linus.walleij@linaro.org> Link: http://lists.infradead.org/pipermail/linux-arm-kernel/2023-May/832583.html Signed-off-by: Will Deacon <will@kernel.org> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
Shreyas K K
|
d7e1f4f021 |
ANDROID: vendor hooks: Add hooks to support bootloader based hibernation
Add vendor hooks to disable randomization of swap slot allocation for swap partition used for saving hibernation image. Another level of randomization of swap slots takes place at the firmware level as well in order to address the wear leveling for UFS/MMC devices, so this vendor hook checks if a block device represents the swap partition being used for saving hibernation image, if yes, the swap slot allocation for such partition is serialized at kernel level. There is a performance advantage of reading contiguous pages of hibernation image, it makes the restore logic of hibernation image simpler and faster as there are no seeks involved in the secondary storage to read multiple contiguous pages of the image. Bug: 279879797 Change-Id: I8258b5166d8c6952fe9eb91a5a9826f33b836f00 Signed-off-by: Vivek Kumar <quic_vivekuma@quicinc.com> Signed-off-by: Shreyas K K <quic_shrekk@quicinc.com> |
||
Peter Collingbourne
|
c0cfeeaa88 |
BACKPORT: FROMLIST: arm64: mte: Simplify swap tag restoration logic
As a result of the previous two patches, there are no circumstances in which a swapped-in page is installed in a page table without first having arch_swap_restore() called on it. Therefore, we no longer need the logic in set_pte_at() that restores the tags, so remove it. Signed-off-by: Peter Collingbourne <pcc@google.com> Link: https://linux-review.googlesource.com/id/I8ad54476f3b2d0144ccd8ce0c1d7a2963e5ff6f3 Reviewed-by: Steven Price <steven.price@arm.com> Reviewed-by: Catalin Marinas <catalin.marinas@arm.com> Link: https://lore.kernel.org/all/20230523004312.1807357-4-pcc@google.com/ Change-Id: I8ad54476f3b2d0144ccd8ce0c1d7a2963e5ff6f3 [pcc: resolved merge conflict] Bug: 274890466 |
||
Ard Biesheuvel
|
d8d33ccbaf |
BACKPORT: arm64: implement dynamic shadow call stack for Clang
Implement dynamic shadow call stack support on Clang, by parsing the unwind tables at init time to locate all occurrences of PACIASP/AUTIASP instructions, and replacing them with the shadow call stack push and pop instructions, respectively. This is useful because the overhead of the shadow call stack is difficult to justify on hardware that implements pointer authentication (PAC), and given that the PAC instructions are executed as NOPs on hardware that doesn't, we can just replace them without breaking anything. As PACIASP/AUTIASP are guaranteed to be paired with respect to manipulations of the return address, replacing them 1:1 with shadow call stack pushes and pops is guaranteed to result in the desired behavior. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Reviewed-by: Sami Tolvanen <samitolvanen@google.com> Tested-by: Sami Tolvanen <samitolvanen@google.com> Link: https://lore.kernel.org/r/20221027155908.1940624-4-ardb@kernel.org Signed-off-by: Will Deacon <will@kernel.org> (cherry picked from commit 3b619e22c4601b444ed2d6a5458271f72625ac89) Bug: 283954062 Change-Id: Idca66f03315191a9fb18ed17d5b79c5bfacc51b8 Signed-off-by: Sami Tolvanen <samitolvanen@google.com> |
||
|
Ard Biesheuvel
|
e8d9375e53 |
BACKPORT: arm64: unwind: add asynchronous unwind tables to kernel and modules
Enable asynchronous unwind table generation for both the core kernel as well as modules, and emit the resulting .eh_frame sections as init code so we can use the unwind directives for code patching at boot or module load time. This will be used by dynamic shadow call stack support, which will rely on code patching rather than compiler codegen to emit the shadow call stack push and pop instructions. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Reviewed-by: Nick Desaulniers <ndesaulniers@google.com> Reviewed-by: Sami Tolvanen <samitolvanen@google.com> Tested-by: Sami Tolvanen <samitolvanen@google.com> Link: https://lore.kernel.org/r/20221027155908.1940624-2-ardb@kernel.org Signed-off-by: Will Deacon <will@kernel.org> (cherry picked from commit 68c76ad4a9571a2b603665c85cf8229bcf04982a) Bug: 283954062 Change-Id: I2e17c7171295dc3859ff385b11a10048f6c87ec5 Signed-off-by: Sami Tolvanen <samitolvanen@google.com> |
||
|
Peter Collingbourne
|
4e38a02b22 |
arm64: mte: Do not set PG_mte_tagged if tags were not initialized
commit c4c597f1b367433c52c531dccd6859a39b4580fb upstream.
The mte_sync_page_tags() function sets PG_mte_tagged if it initializes
page tags. Then we return to mte_sync_tags(), which sets PG_mte_tagged
again. At best, this is redundant. However, it is possible for
mte_sync_page_tags() to return without having initialized tags for the
page, i.e. in the case where check_swap is true (non-compound page),
is_swap_pte(old_pte) is false and pte_is_tagged is false. So at worst,
we set PG_mte_tagged on a page with uninitialized tags. This can happen
if, for example, page migration causes a PTE for an untagged page to
be replaced. If the userspace program subsequently uses mprotect() to
enable PROT_MTE for that page, the uninitialized tags will be exposed
to userspace.
Fix it by removing the redundant call to set_page_mte_tagged().
Fixes: e059853d14ca ("arm64: mte: Fix/clarify the PG_mte_tagged semantics")
Signed-off-by: Peter Collingbourne <pcc@google.com>
Cc: <stable@vger.kernel.org> # 6.1
Link: https://linux-review.googlesource.com/id/Ib02d004d435b2ed87603b858ef7480f7b1463052
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Reviewed-by: Alexandru Elisei <alexandru.elisei@arm.com>
Link: https://lore.kernel.org/r/20230420214327.2357985-1-pcc@google.com
Signed-off-by: Will Deacon <will@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
xieliujie
|
102b4685b3 |
ANDROID: vendor_hooks: export get_wchan
Export get_wchan to get the block reason. It is used to get the block reason(why the thread blocked in Uninterrupted Sleep) when happened long D state. We use this information check if it's reasonable. Bug: 205684022 Signed-off-by: xieliujie <xieliujie@oppo.com> Change-Id: I7b65bb502b805e7dac13e5f9d725da1ff70fe306 (cherry picked from commit 0db69258686618687ccba6fef65e1f5d602c7515) (cherry picked from commit de72c813d12537ea6ced87b39ffcad446815609a) (cherry picked from commit 1bcf1fc767539a0d5cd9ba9a7713fa2dc919b2fc) |
||
Sumit Garg
|
a8897bffca |
arm64: kgdb: Set PSTATE.SS to 1 to re-enable single-step
[ Upstream commit af6c0bd59f4f3ad5daad2f7b777954b1954551d5 ]
Currently only the first attempt to single-step has any effect. After
that all further stepping remains "stuck" at the same program counter
value.
Refer to the ARM Architecture Reference Manual (ARM DDI 0487E.a) D2.12,
PSTATE.SS=1 should be set at each step before transferring the PE to the
'Active-not-pending' state. The problem here is PSTATE.SS=1 is not set
since the second single-step.
After the first single-step, the PE transferes to the 'Inactive' state,
with PSTATE.SS=0 and MDSCR.SS=1, thus PSTATE.SS won't be set to 1 due to
kernel_active_single_step()=true. Then the PE transferes to the
'Active-pending' state when ERET and returns to the debugger by step
exception.
Before this patch:
==================
Entering kdb (current=0xffff3376039f0000, pid 1) on processor 0 due to Keyboard Entry
[0]kdb>
[0]kdb>
[0]kdb> bp write_sysrq_trigger
Instruction(i) BP #0 at 0xffffa45c13d09290 (write_sysrq_trigger)
is enabled addr at ffffa45c13d09290, hardtype=0 installed=0
[0]kdb> go
$ echo h > /proc/sysrq-trigger
Entering kdb (current=0xffff4f7e453f8000, pid 175) on processor 1 due to Breakpoint @ 0xffffad651a309290
[1]kdb> ss
Entering kdb (current=0xffff4f7e453f8000, pid 175) on processor 1 due to SS trap @ 0xffffad651a309294
[1]kdb> ss
Entering kdb (current=0xffff4f7e453f8000, pid 175) on processor 1 due to SS trap @ 0xffffad651a309294
[1]kdb>
After this patch:
=================
Entering kdb (current=0xffff6851c39f0000, pid 1) on processor 0 due to Keyboard Entry
[0]kdb> bp write_sysrq_trigger
Instruction(i) BP #0 at 0xffffc02d2dd09290 (write_sysrq_trigger)
is enabled addr at ffffc02d2dd09290, hardtype=0 installed=0
[0]kdb> go
$ echo h > /proc/sysrq-trigger
Entering kdb (current=0xffff6851c53c1840, pid 174) on processor 1 due to Breakpoint @ 0xffffc02d2dd09290
[1]kdb> ss
Entering kdb (current=0xffff6851c53c1840, pid 174) on processor 1 due to SS trap @ 0xffffc02d2dd09294
[1]kdb> ss
Entering kdb (current=0xffff6851c53c1840, pid 174) on processor 1 due to SS trap @ 0xffffc02d2dd09298
[1]kdb> ss
Entering kdb (current=0xffff6851c53c1840, pid 174) on processor 1 due to SS trap @ 0xffffc02d2dd0929c
[1]kdb>
Fixes:
|
||
|
Ard Biesheuvel
|
4403c7b7e5 |
arm64: Stash shadow stack pointer in the task struct on interrupt
commit 59b37fe52f49955791a460752c37145f1afdcad1 upstream. Instead of reloading the shadow call stack pointer from the ordinary stack, which may be vulnerable to the kind of gadget based attacks shadow call stacks were designed to prevent, let's store a task's shadow call stack pointer in the task struct when switching to the shadow IRQ stack. Given that currently, the task_struct::scs_sp field is only used to preserve the shadow call stack pointer while a task is scheduled out or running in user space, reusing this field to preserve and restore it while running off the IRQ stack must be safe, as those occurrences are guaranteed to never overlap. (The stack switching logic only switches stacks when running from the task stack, and so the value being saved here always corresponds to the task mode shadow stack) While at it, fold a mov/add/mov sequence into a single add. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Reviewed-by: Kees Cook <keescook@chromium.org> Acked-by: Mark Rutland <mark.rutland@arm.com> Link: https://lore.kernel.org/r/20230109174800.3286265-3-ardb@kernel.org Signed-off-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Ard Biesheuvel
|
2dd0f8994d |
arm64: Always load shadow stack pointer directly from the task struct
commit 2198d07c509f1db4a1185d1f65aaada794c6ea59 upstream. All occurrences of the scs_load macro load the value of the shadow call stack pointer from the task which is current at that point. So instead of taking a task struct register argument in the scs_load macro to specify the task struct to load from, let's always reference the current task directly. This should make it much harder to exploit any instruction sequences reloading the shadow call stack pointer register from memory. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Acked-by: Mark Rutland <mark.rutland@arm.com> Reviewed-by: Kees Cook <keescook@chromium.org> Link: https://lore.kernel.org/r/20230109174800.3286265-2-ardb@kernel.org Signed-off-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Quentin Perret
|
444b34b83a |
ANDROID: KVM: arm64: Allow tweaking HFGWTR_EL2 from modules
pKVM modules may need to enable fine grain traps. To allow this use-case, expose a function allowing to manipulate HFGWTR_EL2 on the current CPU. This configuration will be persistent across power management cycles and such as it is propagated all the way to the init params per-cpu struct. Bug: 245034629 Change-Id: If9c29849df50847d3a796345927bd51c37c358bc Signed-off-by: Quentin Perret <qperret@google.com> |
||
|
Peter Collingbourne
|
a3ac1df945 |
FROMLIST: arm64: mte: Do not set PG_mte_tagged if tags were not initialized
The mte_sync_page_tags() function sets PG_mte_tagged if it initializes
page tags. Then we return to mte_sync_tags(), which sets PG_mte_tagged
again. At best, this is redundant. However, it is possible for
mte_sync_page_tags() to return without having initialized tags for the
page, i.e. in the case where check_swap is true (non-compound page),
is_swap_pte(old_pte) is false and pte_is_tagged is false. So at worst,
we set PG_mte_tagged on a page with uninitialized tags. This can happen
if, for example, page migration causes a PTE for an untagged page to
be replaced. If the userspace program subsequently uses mprotect() to
enable PROT_MTE for that page, the uninitialized tags will be exposed
to userspace.
Fix it by removing the redundant call to set_page_mte_tagged().
Fixes: e059853d14ca ("arm64: mte: Fix/clarify the PG_mte_tagged semantics")
Signed-off-by: Peter Collingbourne <pcc@google.com>
Cc: <stable@vger.kernel.org> # 6.1
Link: https://linux-review.googlesource.com/id/Ib02d004d435b2ed87603b858ef7480f7b1463052
Link: https://lore.kernel.org/all/20230420214327.2357985-1-pcc@google.com/
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Bug: 263910115
Change-Id: Ib02d004d435b2ed87603b858ef7480f7b1463052
|
||
|
Greg Kroah-Hartman
|
0fff48d6fe |
Merge 6.1.24 into android14-6.1
Changes in 6.1.24
dm cache: Add some documentation to dm-cache-background-tracker.h
dm integrity: Remove bi_sector that's only used by commented debug code
dm: change "unsigned" to "unsigned int"
dm: fix improper splitting for abnormal bios
KVM: arm64: PMU: Align chained counter implementation with architecture pseudocode
KVM: arm64: PMU: Distinguish between 64bit counter and 64bit overflow
KVM: arm64: PMU: Sanitise PMCR_EL0.LP on first vcpu run
KVM: arm64: PMU: Don't save PMCR_EL0.{C,P} for the vCPU
gpio: GPIO_REGMAP: select REGMAP instead of depending on it
Drivers: vmbus: Check for channel allocation before looking up relids
ASoC: SOF: ipc4: Ensure DSP is in D0I0 during sof_ipc4_set_get_data()
pwm: Make .get_state() callback return an error code
pwm: hibvt: Explicitly set .polarity in .get_state()
pwm: cros-ec: Explicitly set .polarity in .get_state()
pwm: iqs620a: Explicitly set .polarity in .get_state()
pwm: sprd: Explicitly set .polarity in .get_state()
pwm: meson: Explicitly set .polarity in .get_state()
ASoC: codecs: lpass: fix the order or clks turn off during suspend
KVM: s390: pv: fix external interruption loop not always detected
wifi: mac80211: fix the size calculation of ieee80211_ie_len_eht_cap()
wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded sta
net: qrtr: Fix a refcount bug in qrtr_recvmsg()
net: phylink: add phylink_expects_phy() method
net: stmmac: check if MAC needs to attach to a PHY
net: stmmac: remove redundant fixup to support fixed-link mode
l2tp: generate correct module alias strings
wifi: brcmfmac: Fix SDIO suspend/resume regression
NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL
nfsd: call op_release, even when op_func returns an error
icmp: guard against too small mtu
ALSA: hda/hdmi: Preserve the previous PCM device upon re-enablement
net: don't let netpoll invoke NAPI if in xmit context
net: dsa: mv88e6xxx: Reset mv88e6393x force WD event bit
sctp: check send stream number after wait_for_sndbuf
net: qrtr: Do not do DEL_SERVER broadcast after DEL_CLIENT
ipv6: Fix an uninit variable access bug in __ip6_make_skb()
platform/x86: think-lmi: Fix memory leak when showing current settings
platform/x86: think-lmi: Fix memory leaks when parsing ThinkStation WMI strings
platform/x86: think-lmi: Clean up display of current_value on Thinkstation
gpio: davinci: Do not clear the bank intr enable bit in save_context
gpio: davinci: Add irq chip flag to skip set wake
net: ethernet: ti: am65-cpsw: Fix mdio cleanup in probe
net: stmmac: fix up RX flow hash indirection table when setting channels
sunrpc: only free unix grouplist after RCU settles
NFSD: callback request does not use correct credential for AUTH_SYS
ice: fix wrong fallback logic for FDIR
ice: Reset FDIR counter in FDIR init stage
raw: use net_hash_mix() in hash function
raw: Fix NULL deref in raw_get_next().
ping: Fix potentail NULL deref for /proc/net/icmp.
ethtool: reset #lanes when lanes is omitted
netlink: annotate lockless accesses to nlk->max_recvmsg_len
gve: Secure enough bytes in the first TX desc for all TCP pkts
arm64: compat: Work around uninitialized variable warning
net: stmmac: check fwnode for phy device before scanning for phy
cxl/pci: Fix CDAT retrieval on big endian
cxl/pci: Handle truncated CDAT header
cxl/pci: Handle truncated CDAT entries
cxl/pci: Handle excessive CDAT length
PCI/DOE: Silence WARN splat with CONFIG_DEBUG_OBJECTS=y
PCI/DOE: Fix memory leak with CONFIG_DEBUG_OBJECTS=y
usb: xhci: tegra: fix sleep in atomic call
xhci: Free the command allocated for setting LPM if we return early
xhci: also avoid the XHCI_ZERO_64B_REGS quirk with a passthrough iommu
usb: cdnsp: Fixes error: uninitialized symbol 'len'
usb: dwc3: pci: add support for the Intel Meteor Lake-S
USB: serial: cp210x: add Silicon Labs IFS-USB-DATACABLE IDs
usb: typec: altmodes/displayport: Fix configure initial pin assignment
USB: serial: option: add Telit FE990 compositions
USB: serial: option: add Quectel RM500U-CN modem
drivers: iio: adc: ltc2497: fix LSB shift
iio: adis16480: select CONFIG_CRC32
iio: adc: qcom-spmi-adc5: Fix the channel name
iio: adc: ti-ads7950: Set `can_sleep` flag for GPIO chip
iio: dac: cio-dac: Fix max DAC write value check for 12-bit
iio: buffer: correctly return bytes written in output buffers
iio: buffer: make sure O_NONBLOCK is respected
iio: light: cm32181: Unregister second I2C client if present
tty: serial: sh-sci: Fix transmit end interrupt handler
tty: serial: sh-sci: Fix Rx on RZ/G2L SCI
tty: serial: fsl_lpuart: avoid checking for transfer complete when UARTCTRL_SBK is asserted in lpuart32_tx_empty
nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread()
nilfs2: fix sysfs interface lifetime
dt-bindings: serial: renesas,scif: Fix 4th IRQ for 4-IRQ SCIFs
serial: 8250: Prevent starting up DMA Rx on THRI interrupt
ksmbd: do not call kvmalloc() with __GFP_NORETRY | __GFP_NO_WARN
ksmbd: fix slab-out-of-bounds in init_smb2_rsp_hdr
ALSA: hda/realtek: Add quirk for Clevo X370SNW
ALSA: hda/realtek: fix mute/micmute LEDs for a HP ProBook
x86/acpi/boot: Correct acpi_is_processor_usable() check
x86/ACPI/boot: Use FADT version to check support for online capable
KVM: x86: Clear "has_error_code", not "error_code", for RM exception injection
KVM: nVMX: Do not report error code when synthesizing VM-Exit from Real Mode
mm: kfence: fix PG_slab and memcg_data clearing
mm: kfence: fix handling discontiguous page
coresight: etm4x: Do not access TRCIDR1 for identification
coresight-etm4: Fix for() loop drvdata->nr_addr_cmp range bug
counter: 104-quad-8: Fix race condition between FLAG and CNTR reads
counter: 104-quad-8: Fix Synapse action reported for Index signals
blk-mq: directly poll requests
iio: adc: ad7791: fix IRQ flags
io_uring: fix return value when removing provided buffers
io_uring: fix memory leak when removing provided buffers
scsi: qla2xxx: Fix memory leak in qla2x00_probe_one()
scsi: iscsi_tcp: Check that sock is valid before iscsi_set_param()
nvme: fix discard support without oncs
cifs: sanitize paths in cifs_update_super_prepath.
block: ublk: make sure that block size is set correctly
block: don't set GD_NEED_PART_SCAN if scan partition failed
perf/core: Fix the same task check in perf_event_set_output
ftrace: Mark get_lock_parent_ip() __always_inline
ftrace: Fix issue that 'direct->addr' not restored in modify_ftrace_direct()
fs: drop peer group ids under namespace lock
can: j1939: j1939_tp_tx_dat_new(): fix out-of-bounds memory access
can: isotp: fix race between isotp_sendsmg() and isotp_release()
can: isotp: isotp_ops: fix poll() to not report false EPOLLOUT events
can: isotp: isotp_recvmsg(): use sock_recv_cmsgs() to get SOCK_RXQ_OVFL infos
ACPI: video: Add auto_detect arg to __acpi_video_get_backlight_type()
ACPI: video: Make acpi_backlight=video work independent from GPU driver
ACPI: video: Add acpi_backlight=video quirk for Apple iMac14,1 and iMac14,2
ACPI: video: Add acpi_backlight=video quirk for Lenovo ThinkPad W530
net: stmmac: Add queue reset into stmmac_xdp_open() function
tracing/synthetic: Fix races on freeing last_cmd
tracing/timerlat: Notify new max thread latency
tracing/osnoise: Fix notify new tracing_max_latency
tracing: Free error logs of tracing instances
ASoC: hdac_hdmi: use set_stream() instead of set_tdm_slots()
tracing/synthetic: Make lastcmd_mutex static
zsmalloc: document freeable stats
mm: vmalloc: avoid warn_alloc noise caused by fatal signal
wifi: mt76: ignore key disable commands
ublk: read any SQE values upfront
drm/panfrost: Fix the panfrost_mmu_map_fault_addr() error path
drm/nouveau/disp: Support more modes by checking with lower bpc
drm/i915: Fix context runtime accounting
drm/i915: fix race condition UAF in i915_perf_add_config_ioctl
ring-buffer: Fix race while reader and writer are on the same page
mm/swap: fix swap_info_struct race between swapoff and get_swap_pages()
mm/hugetlb: fix uffd wr-protection for CoW optimization path
maple_tree: fix get wrong data_end in mtree_lookup_walk()
maple_tree: fix a potential concurrency bug in RCU mode
blk-throttle: Fix that bps of child could exceed bps limited in parent
drm/amd/display: Clear MST topology if it fails to resume
drm/amdgpu: for S0ix, skip SDMA 5.x+ suspend/resume
drm/amdgpu: skip psp suspend for IMU enabled ASICs mode2 reset
drm/display/dp_mst: Handle old/new payload states in drm_dp_remove_payload()
drm/i915/dp_mst: Fix payload removal during output disabling
drm/bridge: lt9611: Fix PLL being unable to lock
drm/i915: Use _MMIO_PIPE() for SKL_BOTTOM_COLOR
drm/i915: Split icl_color_commit_noarm() from skl_color_commit_noarm()
mm: take a page reference when removing device exclusive entries
maple_tree: remove GFP_ZERO from kmem_cache_alloc() and kmem_cache_alloc_bulk()
maple_tree: fix potential rcu issue
maple_tree: reduce user error potential
maple_tree: fix handle of invalidated state in mas_wr_store_setup()
maple_tree: fix mas_prev() and mas_find() state handling
maple_tree: be more cautious about dead nodes
maple_tree: refine ma_state init from mas_start()
maple_tree: detect dead nodes in mas_start()
maple_tree: fix freeing of nodes in rcu mode
maple_tree: remove extra smp_wmb() from mas_dead_leaves()
maple_tree: add smp_rmb() to dead node detection
maple_tree: add RCU lock checking to rcu callback functions
mm: enable maple tree RCU mode by default.
bpftool: Print newline before '}' for struct with padding only fields
Linux 6.1.24
Change-Id: I475408e1166927565c7788e7095bdf2cb236c4b2
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Ard Biesheuvel
|
70f1913824 |
arm64: compat: Work around uninitialized variable warning
[ Upstream commit 32d85999680601d01b2a36713c9ffd7397c8688b ]
Dan reports that smatch complains about a potential uninitialized
variable being used in the compat alignment fixup code.
The logic is not wrong per se, but we do end up using an uninitialized
variable if reading the instruction that triggered the alignment fault
from user space faults, even if the fault ensures that the uninitialized
value doesn't propagate any further.
Given that we just give up and return 1 if any fault occurs when reading
the instruction, let's get rid of the 'success handling' pattern that
captures the fault in a variable and aborts later, and instead, just
return 1 immediately if any of the get_user() calls result in an
exception.
Fixes:
|
||
Will Deacon
|
d56ad70977 |
ANDROID: arm64: Implement hypervisor workaround for SoCs with DMA beyond the PoC
SoCs featuring peripherals that can issue non-coherent DMA traffic beyond the point of coherency (PoC) present multiple challenges for the DMA-API implementation in Linux. Many of these challenges can be overcome by suitable configuration of the interconnect, however the presence of a cacheable alias for non-cacheable buffers can still lead to coherence issues arising when stale clean lines are back-snooped from the cache hierarchy to satisfy a non-cacheable transaction at the PoC. Removing all cacheable aliases on a case-by-cases basis is both error-prone and expensive. Instead, leverage the stage-2 identity mapping installed by pKVM to enforce consistent cacheability for all stage-1 aliases. Bug: 240786634 Change-Id: I78b0aa51fe3e23811bbd25481173086aa957c4bf Signed-off-by: Will Deacon <willdeacon@google.com> |
||
|
Greg Kroah-Hartman
|
a0f3313ef9 |
This is the 6.1.23 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmQumsIACgkQONu9yGCS aT4yfBAAwaDPXomEa+DY6pkQEE7WPVtIkeO+sQIo7bWHunTDilTLRFeDUJ4THydT CnhhlGsBUt8KGeWgSR6hHeTl/c+b+AcBan5k5BBufUGrsDn/XV8QIEyKWhbLIEja qWehpogs7BJLg2dFRqTfHQEOhLht1jCmC99tfEozEG4zRudmdS3Z2DbRypfEHshc oGOC1Jzg4MLPfB+lCwKNrVMBlR2n/73P7mTUCu/Dc9+DUbm+GtqvsPuGT2LxVyY7 kkNgGzvdxQQCqtK5X6zyoU61gepsobf6c6kHjBucn8mhaYURT5ndfV9VqLWkDYE7 71iH0oY5fg2NgbMtQpbA10MokjijFp46I4QxzG/RVl2ZN2pbCFNm5aNIBCwBbF2k lN6hwJc1nbTi696o29o1osm+yju3347HCAWC8s+DAszXiquihiUeJBwuCfa1c+Gy GhdATa3nNQ/8D0gWULr/kl7DvlgpSpYrbEQGVG2gH6tdsAZt2iKYUtGLFjvDN+fw CoMpq2OZTX5afM7AxTX00f5lGmbXhD+T9a+pS9AXhPqKcGv1tt0Gso8dn7cpWpj5 LxhIE9dK5F1/tI+wPE+8t80CukqQHfoCQ24YO8mfUKmlInwjGd1Hque+ihKJo7ZW W5CXlZJJVvpVk9BxMNaYHKfSE+U6G7hYabEAzJXR3fz9vGfoTII= =rz/i -----END PGP SIGNATURE----- Merge 6.1.23 into android14-6.1 Changes in 6.1.23 thunderbolt: Limit USB3 bandwidth of certain Intel USB4 host routers cifs: update ip_addr for ses only for primary chan setup cifs: prevent data race in cifs_reconnect_tcon() cifs: avoid race conditions with parallel reconnects zonefs: Reorganize code zonefs: Simplify IO error handling zonefs: Reduce struct zonefs_inode_info size zonefs: Separate zone information from inode information zonefs: Fix error message in zonefs_file_dio_append() fsverity: don't drop pagecache at end of FS_IOC_ENABLE_VERITY kernel: kcsan: kcsan_test: build without structleak plugin kcsan: avoid passing -g for test btrfs: rename BTRFS_FS_NO_OVERCOMMIT to BTRFS_FS_ACTIVE_ZONE_TRACKING btrfs: zoned: count fresh BG region as zone unusable net: ethernet: ti: am65-cpsw/cpts: Fix CPTS release action riscv: ftrace: Fixup panic by disabling preemption ARM: dts: aspeed: p10bmc: Update battery node name drm/msm/dpu: Refactor sc7280_pp location drm/msm/dpu: correct sm8250 and sm8350 scaler drm/msm/disp/dpu: fix sc7280_pp base offset tty: serial: fsl_lpuart: switch to new dmaengine_terminate_* API tty: serial: fsl_lpuart: fix race on RX DMA shutdown tracing: Add .percent suffix option to histogram values tracing: Add .graph suffix option to histogram value tracing: Do not let histogram values have some modifiers net: mscc: ocelot: fix stats region batching arm64: efi: Set NX compat flag in PE/COFF header cifs: fix missing unload_nls() in smb2_reconnect() xfrm: Zero padding when dumping algos and encap ASoC: codecs: tx-macro: Fix for KASAN: slab-out-of-bounds ASoC: Intel: avs: max98357a: Explicitly define codec format ASoC: Intel: avs: da7219: Explicitly define codec format ASoC: Intel: avs: ssm4567: Remove nau8825 bits ASoC: Intel: avs: nau8825: Adjust clock control zstd: Fix definition of assert() ACPI: video: Add backlight=native DMI quirk for Dell Vostro 15 3535 ASoC: SOF: ipc3: Check for upper size limit for the received message ASoC: SOF: ipc4-topology: Fix incorrect sample rate print unit ASoC: SOF: Intel: pci-tng: revert invalid bar size setting ASoC: SOF: IPC4: update gain ipc msg definition to align with fw md: avoid signed overflow in slot_store() x86/PVH: obtain VGA console info in Dom0 drm/amdkfd: Fix BO offset for multi-VMA page migration drm/amdkfd: fix a potential double free in pqm_create_queue drm/amdkfd: fix potential kgd_mem UAFs net: hsr: Don't log netdev_err message on unknown prp dst node ALSA: asihpi: check pao in control_message() ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set() fbdev: tgafb: Fix potential divide by zero ACPI: tools: pfrut: Check if the input of level and type is in the right numeric range sched_getaffinity: don't assume 'cpumask_size()' is fully initialized nvme-pci: add NVME_QUIRK_BOGUS_NID for Lexar NM620 drm/amdkfd: Fixed kfd_process cleanup on module exit. net/mlx5e: Lower maximum allowed MTU in XSK to match XDP prerequisites fbdev: nvidia: Fix potential divide by zero fbdev: intelfb: Fix potential divide by zero fbdev: lxfb: Fix potential divide by zero fbdev: au1200fb: Fix potential divide by zero tools/power turbostat: Fix /dev/cpu_dma_latency warnings tools/power turbostat: fix decoding of HWP_STATUS tracing: Fix wrong return in kprobe_event_gen_test.c btrfs: fix uninitialized variable warning in btrfs_update_block_group btrfs: use temporary variable for space_info in btrfs_update_block_group mtd: rawnand: meson: initialize struct with zeroes mtd: nand: mxic-ecc: Fix mxic_ecc_data_xfer_wait_for_completion() when irq is used ca8210: Fix unsigned mac_len comparison with zero in ca8210_skb_tx() riscv/kvm: Fix VM hang in case of timer delta being zero. mips: bmips: BCM6358: disable RAC flush for TP1 ALSA: usb-audio: Fix recursive locking at XRUN during syncing PCI: dwc: Fix PORT_LINK_CONTROL update when CDM check enabled platform/x86: think-lmi: add missing type attribute platform/x86: think-lmi: use correct possible_values delimiters platform/x86: think-lmi: only display possible_values if available platform/x86: think-lmi: Add possible_values for ThinkStation platform/surface: aggregator: Add missing fwnode_handle_put() mtd: rawnand: meson: invalidate cache on polling ECC bit SUNRPC: fix shutdown of NFS TCP client socket sfc: ef10: don't overwrite offload features at NIC reset scsi: megaraid_sas: Fix crash after a double completion scsi: mpt3sas: Don't print sense pool info twice net: dsa: realtek: fix out-of-bounds access ptp_qoriq: fix memory leak in probe() net: dsa: microchip: ksz8: fix ksz8_fdb_dump() net: dsa: microchip: ksz8: fix ksz8_fdb_dump() to extract all 1024 entries net: dsa: microchip: ksz8: fix offset for the timestamp filed net: dsa: microchip: ksz8: ksz8_fdb_dump: avoid extracting ghost entry from empty dynamic MAC table. net: dsa: microchip: ksz8863_smi: fix bulk access net: dsa: microchip: ksz8: fix MDB configuration with non-zero VID r8169: fix RTL8168H and RTL8107E rx crc error regulator: Handle deferred clk net/net_failover: fix txq exceeding warning net: stmmac: don't reject VLANs when IFF_PROMISC is set drm/i915/tc: Fix the ICL PHY ownership check in TC-cold state platform/x86/intel/pmc: Alder Lake PCH slp_s0_residency fix can: bcm: bcm_tx_setup(): fix KMSAN uninit-value in vfs_write s390/vfio-ap: fix memory leak in vfio_ap device driver ACPI: bus: Rework system-level device notification handling loop: LOOP_CONFIGURE: send uevents for partitions net: mvpp2: classifier flow fix fragmentation flags net: mvpp2: parser fix QinQ net: mvpp2: parser fix PPPoE smsc911x: avoid PHY being resumed when interface is not up ice: Fix ice_cfg_rdma_fltr() to only update relevant fields ice: add profile conflict check for AVF FDIR ice: fix invalid check for empty list in ice_sched_assoc_vsi_to_agg() ALSA: ymfpci: Create card with device-managed snd_devm_card_new() ALSA: ymfpci: Fix BUG_ON in probe function net: ipa: compute DMA pool size properly i40e: fix registers dump after run ethtool adapter self test bnxt_en: Fix reporting of test result in ethtool selftest bnxt_en: Fix typo in PCI id to device description string mapping bnxt_en: Add missing 200G link speed reporting net: dsa: mv88e6xxx: Enable IGMP snooping on user ports only net: ethernet: mtk_eth_soc: fix flow block refcounting logic net: ethernet: mtk_eth_soc: add missing ppe cache flush when deleting a flow pinctrl: ocelot: Fix alt mode for ocelot Input: xpad - fix incorrectly applied patch for MAP_PROFILE_BUTTON iommu/vt-d: Allow zero SAGAW if second-stage not supported Input: i8042 - add TUXEDO devices to i8042 quirk tables for partial fix Input: alps - fix compatibility with -funsigned-char Input: focaltech - use explicitly signed char type cifs: prevent infinite recursion in CIFSGetDFSRefer() cifs: fix DFS traversal oops without CONFIG_CIFS_DFS_UPCALL Input: i8042 - add quirk for Fujitsu Lifebook A574/H Input: goodix - add Lenovo Yoga Book X90F to nine_bytes_report DMI table btrfs: fix deadlock when aborting transaction during relocation with scrub btrfs: fix race between quota disable and quota assign ioctls btrfs: scan device in non-exclusive mode zonefs: Do not propagate iomap_dio_rw() ENOTBLK error to user space block/io_uring: pass in issue_flags for uring_cmd task_work handling io_uring/poll: clear single/double poll flags on poll arming io_uring/rsrc: fix rogue rsrc node grabbing io_uring: fix poll/netmsg alloc caches vmxnet3: use gro callback when UPT is enabled zonefs: Always invalidate last cached page on append write dm: fix __send_duplicate_bios() to always allow for splitting IO can: j1939: prevent deadlock by moving j1939_sk_errqueue() xen/netback: don't do grant copy across page boundary net: phy: dp83869: fix default value for tx-/rx-internal-delay modpost: Fix processing of CRCs on 32-bit build machines pinctrl: amd: Disable and mask interrupts on resume pinctrl: at91-pio4: fix domain name assignment platform/x86: ideapad-laptop: Stop sending KEY_TOUCHPAD_TOGGLE powerpc: Don't try to copy PPR for task with NULL pt_regs powerpc/pseries/vas: Ignore VAS update for DLPAR if copy/paste is not enabled powerpc/64s: Fix __pte_needs_flush() false positive warning NFSv4: Fix hangs when recovering open state after a server reboot ALSA: hda/conexant: Partial revert of a quirk for Lenovo ALSA: usb-audio: Fix regression on detection of Roland VS-100 ALSA: hda/realtek: Add quirks for some Clevo laptops ALSA: hda/realtek: Add quirk for Lenovo ZhaoYang CF4620Z xtensa: fix KASAN report for show_stack rcu: Fix rcu_torture_read ftrace event dt-bindings: mtd: jedec,spi-nor: Document CPOL/CPHA support s390/uaccess: add missing earlyclobber annotations to __clear_user() s390: reintroduce expoline dependence to scripts drm/etnaviv: fix reference leak when mmaping imported buffer drm/amdgpu: allow more APUs to do mode2 reset when go to S4 drm/amd/display: Add DSC Support for Synaptics Cascaded MST Hub drm/amd/display: Take FEC Overhead into Timeslot Calculation drm/i915/gem: Flush lmem contents after construction drm/i915/dpt: Treat the DPT BO as a framebuffer drm/i915: Disable DC states for all commits drm/i915: Move CSC load back into .color_commit_arm() when PSR is enabled on skl/glk KVM: arm64: PMU: Fix GET_ONE_REG for vPMC regs to return the current value KVM: arm64: Disable interrupts while walking userspace PTs net: dsa: mv88e6xxx: read FID when handling ATU violations net: dsa: mv88e6xxx: replace ATU violation prints with trace points net: dsa: mv88e6xxx: replace VTU violation prints with trace points selftests/bpf: Test btf dump for struct with padding only fields libbpf: Fix BTF-to-C converter's padding logic selftests/bpf: Add few corner cases to test padding handling of btf_dump libbpf: Fix btf_dump's packed struct determination usb: ucsi: Fix ucsi->connector race drm/amdkfd: Get prange->offset after svm_range_vram_node_new hsr: ratelimit only when errors are printed x86/PVH: avoid 32-bit build warning when obtaining VGA console info Revert "cpuidle, intel_idle: Fix CPUIDLE_FLAG_IRQ_ENABLE *again*" Linux 6.1.23 Change-Id: I15af3697170567c4678bcc9c2380d80e7cef5bc9 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Ard Biesheuvel
|
e0169d62ef |
arm64: efi: Set NX compat flag in PE/COFF header
[ Upstream commit 3c66bb1918c262dd52fb4221a8d372619c5da70a ] The PE/COFF header has a NX compat flag which informs the firmware that the application does not rely on memory regions being mapped with both executable and writable permissions at the same time. This is typically used by the firmware to decide whether it can set the NX attribute on all allocations it returns, but going forward, it may be used to enforce a policy that only permits applications with the NX flag set to be loaded to begin wiht in some configurations, e.g., when Secure Boot is in effect. Even though the arm64 version of the EFI stub may relocate the kernel before executing it, it always did so after disabling the MMU, and so we were always in line with what the NX compat flag conveys, we just never bothered to set it. So let's set the flag now. Cc: <stable@vger.kernel.org> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Greg Kroah-Hartman
|
d956976040 |
Merge 6.1.18 into android14-6.1
Changes in 6.1.18 net/sched: Retire tcindex classifier auxdisplay: hd44780: Fix potential memory leak in hd44780_remove() fs/jfs: fix shift exponent db_agl2size negative driver: soc: xilinx: fix memory leak in xlnx_add_cb_for_notify_event() f2fs: don't rely on F2FS_MAP_* in f2fs_iomap_begin f2fs: fix to avoid potential deadlock objtool: Fix memory leak in create_static_call_sections() soc: mediatek: mtk-pm-domains: Allow mt8186 ADSP default power on memory: renesas-rpc-if: Split-off private data from struct rpcif memory: renesas-rpc-if: Move resource acquisition to .probe() soc: mediatek: mtk-svs: Enable the IRQ later pwm: sifive: Always let the first pwm_apply_state succeed pwm: stm32-lp: fix the check on arr and cmp registers update f2fs: introduce trace_f2fs_replace_atomic_write_block f2fs: correct i_size change for atomic writes f2fs: clear atomic_write_task in f2fs_abort_atomic_write() soc: mediatek: mtk-svs: restore default voltages when svs_init02() fail soc: mediatek: mtk-svs: reset svs when svs_resume() fail soc: mediatek: mtk-svs: Use pm_runtime_resume_and_get() in svs_init01() fs: f2fs: initialize fsdata in pagecache_write() f2fs: allow set compression option of files without blocks f2fs: fix to abort atomic write only during do_exist() um: vector: Fix memory leak in vector_config ubi: ensure that VID header offset + VID header size <= alloc, size ubifs: Fix build errors as symbol undefined ubifs: Fix memory leak in ubifs_sysfs_init() ubifs: Rectify space budget for ubifs_symlink() if symlink is encrypted ubifs: Rectify space budget for ubifs_xrename() ubifs: Fix wrong dirty space budget for dirty inode ubifs: do_rename: Fix wrong space budget when target inode's nlink > 1 ubifs: Reserve one leb for each journal head while doing budget ubi: Fix use-after-free when volume resizing failed ubi: Fix unreferenced object reported by kmemleak in ubi_resize_volume() ubifs: Fix memory leak in alloc_wbufs() ubi: Fix possible null-ptr-deref in ubi_free_volume() ubifs: Re-statistic cleaned znode count if commit failed ubifs: dirty_cow_znode: Fix memleak in error handling path ubifs: ubifs_writepage: Mark page dirty after writing inode failed ubifs: ubifs_releasepage: Remove ubifs_assert(0) to valid this process ubi: fastmap: Fix missed fm_anchor PEB in wear-leveling after disabling fastmap ubi: Fix UAF wear-leveling entry in eraseblk_count_seq_show() ubi: ubi_wl_put_peb: Fix infinite loop when wear-leveling work failed f2fs: fix to avoid potential memory corruption in __update_iostat_latency() soc: qcom: stats: Populate all subsystem debugfs files ext4: use ext4_fc_tl_mem in fast-commit replay path ext4: don't show commit interval if it is zero netfilter: nf_tables: allow to fetch set elements when table has an owner x86: um: vdso: Add '%rcx' and '%r11' to the syscall clobber list um: virtio_uml: free command if adding to virtqueue failed um: virtio_uml: mark device as unregistered when breaking it um: virtio_uml: move device breaking into workqueue um: virt-pci: properly remove PCI device from bus f2fs: synchronize atomic write aborts watchdog: rzg2l_wdt: Issue a reset before we put the PM clocks watchdog: rzg2l_wdt: Handle TYPE-B reset for RZ/V2M watchdog: at91sam9_wdt: use devm_request_irq to avoid missing free_irq() in error path watchdog: Fix kmemleak in watchdog_cdev_register watchdog: pcwd_usb: Fix attempting to access uninitialized memory watchdog: sbsa_wdog: Make sure the timeout programming is within the limits netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() netfilter: conntrack: fix rmmod double-free race netfilter: ip6t_rpfilter: Fix regression with VRF interfaces netfilter: ebtables: fix table blob use-after-free netfilter: xt_length: use skb len to match in length_mt6 netfilter: ctnetlink: make event listener tracking global netfilter: x_tables: fix percpu counter block leak on error path when creating new netns ptp: vclock: use mutex to fix "sleep on atomic" bug drm/i915: move a Kconfig symbol to unbreak the menu presentation ipv6: Add lwtunnel encap size of all siblings in nexthop calculation octeontx2-pf: Recalculate UDP checksum for ptp 1-step sync packet net: sunhme: Fix region request sctp: add a refcnt in sctp_stream_priorities to avoid a nested loop octeontx2-pf: Use correct struct reference in test condition net: fix __dev_kfree_skb_any() vs drop monitor 9p/xen: fix version parsing 9p/xen: fix connection sequence 9p/rdma: unmap receive dma buffer in rdma_request()/post_recv() spi: tegra210-quad: Fix validate combined sequence mlx5: fix skb leak while fifo resync and push mlx5: fix possible ptp queue fifo use-after-free net/mlx5: ECPF, wait for VF pages only after disabling host PFs net/mlx5e: Verify flow_source cap before using it net/mlx5: Geneve, Fix handling of Geneve object id as error code ext4: fix incorrect options show of original mount_opt and extend mount_opt2 nfc: fix memory leak of se_io context in nfc_genl_se_io net/sched: transition act_pedit to rcu and percpu stats net/sched: act_pedit: fix action bind logic net/sched: act_mpls: fix action bind logic net/sched: act_sample: fix action bind logic net: dsa: seville: ignore mscc-miim read errors from Lynx PCS net: dsa: felix: fix internal MDIO controller resource length ARM: dts: spear320-hmi: correct STMPE GPIO compatible tcp: tcp_check_req() can be called from process context vc_screen: modify vcs_size() handling in vcs_read() spi: tegra210-quad: Fix iterator outside loop rtc: sun6i: Always export the internal oscillator genirq/ipi: Fix NULL pointer deref in irq_data_get_affinity_mask() scsi: ipr: Work around fortify-string warning scsi: mpi3mr: Fix an issue found by KASAN scsi: mpi3mr: Use number of bits to manage bitmap sizes rtc: allow rtc_read_alarm without read_alarm callback io_uring: fix size calculation when registering buf ring loop: loop_set_status_from_info() check before assignment ASoC: adau7118: don't disable regulators on device unbind ASoC: apple: mca: Fix final status read on SERDES reset ASoC: apple: mca: Fix SERDES reset sequence ASoC: apple: mca: Improve handling of unavailable DMA channels nvme: bring back auto-removal of deleted namespaces during sequential scan nvme-tcp: don't access released socket during error recovery nvme-fabrics: show well known discovery name ASoC: zl38060 add gpiolib dependency ASoC: mediatek: mt8195: add missing initialization thermal: intel: quark_dts: fix error pointer dereference thermal: intel: BXT_PMIC: select REGMAP instead of depending on it tracing: Add NULL checks for buffer in ring_buffer_free_read_page() kernel/printk/index.c: fix memory leak with using debugfs_lookup() firmware/efi sysfb_efi: Add quirk for Lenovo IdeaPad Duet 3 bootconfig: Increase max nodes of bootconfig from 1024 to 8192 for DCC support mfd: arizona: Use pm_runtime_resume_and_get() to prevent refcnt leak IB/hfi1: Update RMT size calculation iommu/amd: Fix error handling for pdev_pri_ats_enable() PCI/ACPI: Account for _S0W of the target bridge in acpi_pci_bridge_d3() media: uvcvideo: Remove format descriptions media: uvcvideo: Handle cameras with invalid descriptors media: uvcvideo: Handle errors from calls to usb_string media: uvcvideo: Quirk for autosuspend in Logitech B910 and C910 media: uvcvideo: Silence memcpy() run-time false positive warnings USB: fix memory leak with using debugfs_lookup() cacheinfo: Fix shared_cpu_map to handle shared caches at different levels staging: emxx_udc: Add checks for dma_alloc_coherent() tty: fix out-of-bounds access in tty_driver_lookup_tty() tty: serial: fsl_lpuart: disable the CTS when send break signal serial: sc16is7xx: setup GPIO controller later in probe mei: bus-fixup:upon error print return values of send and receive tools/iio/iio_utils:fix memory leak bus: mhi: ep: Fix the debug message for MHI_PKT_TYPE_RESET_CHAN_CMD cmd iio: accel: mma9551_core: Prevent uninitialized variable in mma9551_read_status_word() iio: accel: mma9551_core: Prevent uninitialized variable in mma9551_read_config_word() media: uvcvideo: Add GUID for BGRA/X 8:8:8:8 soundwire: bus_type: Avoid lockdep assert in sdw_drv_probe() PCI: loongson: Prevent LS7A MRRS increases staging: pi433: fix memory leak with using debugfs_lookup() USB: dwc3: fix memory leak with using debugfs_lookup() USB: chipidea: fix memory leak with using debugfs_lookup() USB: ULPI: fix memory leak with using debugfs_lookup() USB: uhci: fix memory leak with using debugfs_lookup() USB: sl811: fix memory leak with using debugfs_lookup() USB: fotg210: fix memory leak with using debugfs_lookup() USB: isp116x: fix memory leak with using debugfs_lookup() USB: isp1362: fix memory leak with using debugfs_lookup() USB: gadget: gr_udc: fix memory leak with using debugfs_lookup() USB: gadget: bcm63xx_udc: fix memory leak with using debugfs_lookup() USB: gadget: lpc32xx_udc: fix memory leak with using debugfs_lookup() USB: gadget: pxa25x_udc: fix memory leak with using debugfs_lookup() USB: gadget: pxa27x_udc: fix memory leak with using debugfs_lookup() usb: host: xhci: mvebu: Iterate over array indexes instead of using pointer math USB: ene_usb6250: Allocate enough memory for full object usb: uvc: Enumerate valid values for color matching usb: gadget: uvc: Make bSourceID read/write PCI: Align extra resources for hotplug bridges properly PCI: Take other bus devices into account when distributing resources PCI: Distribute available resources for root buses, too tty: pcn_uart: fix memory leak with using debugfs_lookup() misc: vmw_balloon: fix memory leak with using debugfs_lookup() drivers: base: component: fix memory leak with using debugfs_lookup() drivers: base: dd: fix memory leak with using debugfs_lookup() kernel/fail_function: fix memory leak with using debugfs_lookup() PCI: loongson: Add more devices that need MRRS quirk PCI: Add ACS quirk for Wangxun NICs PCI: pciehp: Add Qualcomm quirk for Command Completed erratum phy: rockchip-typec: Fix unsigned comparison with less than zero RDMA/cma: Distinguish between sockaddr_in and sockaddr_in6 by size iommu: Attach device group to old domain in error path soundwire: cadence: Remove wasted space in response_buf soundwire: cadence: Drain the RX FIFO after an IO timeout net: tls: avoid hanging tasks on the tx_lock x86/resctl: fix scheduler confusion with 'current' vDPA/ifcvf: decouple hw features manipulators from the adapter vDPA/ifcvf: decouple config space ops from the adapter vDPA/ifcvf: alloc the mgmt_dev before the adapter vDPA/ifcvf: decouple vq IRQ releasers from the adapter vDPA/ifcvf: decouple config IRQ releaser from the adapter vDPA/ifcvf: decouple vq irq requester from the adapter vDPA/ifcvf: decouple config/dev IRQ requester and vectors allocator from the adapter vDPA/ifcvf: ifcvf_request_irq works on ifcvf_hw vDPA/ifcvf: manage ifcvf_hw in the mgmt_dev vDPA/ifcvf: allocate the adapter in dev_add() drm/display/dp_mst: Add drm_atomic_get_old_mst_topology_state() drm/display/dp_mst: Fix down/up message handling after sink disconnect drm/display/dp_mst: Fix down message handling after a packet reception error drm/display/dp_mst: Fix payload addition on a disconnected sink drm/i915/dp_mst: Add the MST topology state for modesetted CRTCs drm/i915: Fix system suspend without fbdev being initialized media: uvcvideo: Fix race condition with usb_kill_urb io_uring: fix two assignments in if conditions io_uring/poll: allow some retries for poll triggering spuriously arm64: efi: Make efi_rt_lock a raw_spinlock arm64: mte: Fix/clarify the PG_mte_tagged semantics arm64: Reset KASAN tag in copy_highpage with HW tags only usb: gadget: uvc: fix missing mutex_unlock() if kstrtou8() fails Linux 6.1.18 Change-Id: Icb8e56528d481a17780bdd517c69efa9e76b94c0 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
Sangmoon Kim
|
4c9611315b |
UPSTREAM: arm64: pass ESR_ELx to die() of cfi_handler
Commit
|
||
|
Greg Kroah-Hartman
|
5b483d8a04 |
Merge changes I95ce33fb,I03723a9f,I4b1cf7f1,I6e17c9b3,I446172f8, ... into android14-6.1
* changes: Merge 6.1.17 into android14-6.1 ANDROID: update abi definition due to io_uring changes. UPSTREAM: Revert "blk-cgroup: dropping parent refcount after pd_free_fn() is done" UPSTREAM: Revert "blk-cgroup: synchronize pd_free_fn() from blkg_free_workfn() and blkcg_deactivate_policy()" Revert "kobject: modify kobject_get_path() to take a const *" Revert "wait: Return number of exclusive waiters awaken" Revert "sbitmap: Use single per-bitmap counting to wake up queued tags" Revert "sbitmap: correct wake_batch recalculation to avoid potential IO hung" Revert "sbitmap: Advance the queue index before waking up a queue" Revert "sbitmap: Try each queue to wake up at least one waiter" Revert "HID: retain initial quirks set up when creating HID devices" Merge 6.1.16 into android14-6.1 |
||
|
Sangmoon Kim
|
bb8c223f2f |
ANDROID: arm64: add vendor hooks for unusal abort cases
Add hooks to gather data of unsual aborts and summarize it with other information. Bug: 273189923 Signed-off-by: Sangmoon Kim <sangmoon.kim@samsung.com> Change-Id: I74eb36b8551ed9a5e6dc87507939a7f4d81c9c18 (cherry picked from commit 102255d1e45607da700f715c5c100427170751a2) |
||
|
Greg Kroah-Hartman
|
2cb73a87e4 |
Merge 6.1.16 into android14-6.1
Changes in 6.1.16
HID: asus: use spinlock to protect concurrent accesses
HID: asus: use spinlock to safely schedule workers
powerpc/mm: Rearrange if-else block to avoid clang warning
ata: ahci: Revert "ata: ahci: Add Tiger Lake UP{3,4} AHCI controller"
ARM: OMAP2+: Fix memory leak in realtime_counter_init()
arm64: dts: qcom: qcs404: use symbol names for PCIe resets
arm64: dts: qcom: msm8996-tone: Fix USB taking 6 minutes to wake up
arm64: dts: qcom: sm8150-kumano: Panel framebuffer is 2.5k instead of 4k
arm64: dts: qcom: sm6350: Fix up the ramoops node
arm64: dts: qcom: sm6125: Reorder HSUSB PHY clocks to match bindings
arm64: dts: qcom: sm6125-seine: Clean up gpio-keys (volume down)
arm64: dts: imx8m: Align SoC unique ID node unit address
ARM: zynq: Fix refcount leak in zynq_early_slcr_init
arm64: dts: mediatek: mt8195: Add power domain to U3PHY1 T-PHY
arm64: dts: mediatek: mt8183: Fix systimer 13 MHz clock description
arm64: dts: mediatek: mt8192: Fix systimer 13 MHz clock description
arm64: dts: mediatek: mt8195: Fix systimer 13 MHz clock description
arm64: dts: mediatek: mt8186: Fix systimer 13 MHz clock description
arm64: dts: qcom: sdm845-db845c: fix audio codec interrupt pin name
x86/acpi/boot: Do not register processors that cannot be onlined for x2APIC
arm64: dts: qcom: sc7180: correct SPMI bus address cells
arm64: dts: qcom: sc7280: correct SPMI bus address cells
arm64: dts: qcom: sc8280xp: correct SPMI bus address cells
arm64: dts: qcom: sc8280xp: Vote for CX in USB controllers
arm64: dts: meson-gxl: jethub-j80: Fix WiFi MAC address node
arm64: dts: meson-gxl: jethub-j80: Fix Bluetooth MAC node name
arm64: dts: meson-axg: jethub-j1xx: Fix MAC address node names
arm64: dts: meson-gx: Fix Ethernet MAC address unit name
arm64: dts: meson-g12a: Fix internal Ethernet PHY unit name
arm64: dts: meson-gx: Fix the SCPI DVFS node name and unit address
cpuidle, intel_idle: Fix CPUIDLE_FLAG_IRQ_ENABLE *again*
arm64: dts: ti: k3-am62: Enable SPI nodes at the board level
arm64: dts: ti: k3-am62-main: Fix clocks for McSPI
arm64: tegra: Fix duplicate regulator on Jetson TX1
arm64: dts: msm8992-bullhead: add memory hole region
arm64: dts: qcom: msm8992-bullhead: Fix cont_splash_mem size
arm64: dts: qcom: msm8992-bullhead: Disable dfps_data_mem
arm64: dts: qcom: ipq8074: correct USB3 QMP PHY-s clock output names
arm64: dts: qcom: ipq8074: fix Gen2 PCIe QMP PHY
arm64: dts: qcom: ipq8074: fix Gen3 PCIe QMP PHY
arm64: dts: qcom: ipq8074: correct Gen2 PCIe ranges
arm64: dts: qcom: ipq8074: fix Gen3 PCIe node
arm64: dts: qcom: ipq8074: correct PCIe QMP PHY output clock names
arm64: dts: meson: remove CPU opps below 1GHz for G12A boards
ARM: OMAP1: call platform_device_put() in error case in omap1_dm_timer_init()
arm64: dts: mediatek: mt8192: Mark scp_adsp clock as broken
ARM: bcm2835_defconfig: Enable the framebuffer
ARM: s3c: fix s3c64xx_set_timer_source prototype
arm64: dts: ti: k3-j7200: Fix wakeup pinmux range
ARM: dts: exynos: correct wr-active property in Exynos3250 Rinato
ARM: imx: Call ida_simple_remove() for ida_simple_get
arm64: dts: amlogic: meson-gx: fix SCPI clock dvfs node name
arm64: dts: amlogic: meson-axg: fix SCPI clock dvfs node name
arm64: dts: amlogic: meson-gx: add missing SCPI sensors compatible
arm64: dts: amlogic: meson-axg-jethome-jethub-j1xx: fix supply name of USB controller node
arm64: dts: amlogic: meson-gxl-s905d-sml5442tw: drop invalid clock-names property
arm64: dts: amlogic: meson-gx: add missing unit address to rng node name
arm64: dts: amlogic: meson-gxl-s905w-jethome-jethub-j80: fix invalid rtc node name
arm64: dts: amlogic: meson-axg-jethome-jethub-j1xx: fix invalid rtc node name
arm64: dts: amlogic: meson-gxl: add missing unit address to eth-phy-mux node name
arm64: dts: amlogic: meson-gx-libretech-pc: fix update button name
arm64: dts: amlogic: meson-sm1-bananapi-m5: fix adc keys node names
arm64: dts: amlogic: meson-gxl-s905d-phicomm-n1: fix led node name
arm64: dts: amlogic: meson-gxbb-kii-pro: fix led node name
arm64: dts: amlogic: meson-sm1-odroid-hc4: fix active fan thermal trip
locking/rwsem: Disable preemption in all down_read*() and up_read() code paths
arm64: dts: renesas: beacon-renesom: Fix gpio expander reference
arm64: dts: meson: radxa-zero: allow usb otg mode
arm64: dts: meson: bananapi-m5: switch VDDIO_C pin to OPEN_DRAIN
ARM: dts: sun8i: nanopi-duo2: Fix regulator GPIO reference
ublk_drv: remove nr_aborted_queues from ublk_device
ublk_drv: don't probe partitions if the ubq daemon isn't trusted
ARM: dts: imx7s: correct iomuxc gpr mux controller cells
sbitmap: remove redundant check in __sbitmap_queue_get_batch
sbitmap: Use single per-bitmap counting to wake up queued tags
sbitmap: correct wake_batch recalculation to avoid potential IO hung
arm64: dts: mt8195: Fix CPU map for single-cluster SoC
arm64: dts: mt8192: Fix CPU map for single-cluster SoC
arm64: dts: mt8186: Fix CPU map for single-cluster SoC
arm64: dts: mediatek: mt7622: Add missing pwm-cells to pwm node
arm64: dts: mediatek: mt8186: Fix watchdog compatible
arm64: dts: mediatek: mt8195: Fix watchdog compatible
arm64: dts: mediatek: mt7986: Fix watchdog compatible
ARM: dts: stm32: Update part number NVMEM description on stm32mp131
blk-mq: avoid sleep in blk_mq_alloc_request_hctx
blk-mq: remove stale comment for blk_mq_sched_mark_restart_hctx
blk-mq: wait on correct sbitmap_queue in blk_mq_mark_tag_wait
blk-mq: Fix potential io hung for shared sbitmap per tagset
blk-mq: correct stale comment of .get_budget
arm64: dts: qcom: msm8996: support using GPLL0 as kryocc input
arm64: dts: qcom: msm8996 switch from RPM_SMD_BB_CLK1 to RPM_SMD_XO_CLK_SRC
arm64: dts: qcom: sm8350: drop incorrect cells from serial
arm64: dts: qcom: sm8450: drop incorrect cells from serial
arm64: dts: qcom: msm8992-lg-bullhead: Correct memory overlaps with the SMEM and MPSS memory regions
arm64: dts: qcom: msm8953: correct TLMM gpio-ranges
arm64: dts: qcom: msm8992-*: Fix up comments
arm64: dts: qcom: msm8992-lg-bullhead: Enable regulators
s390/dasd: Fix potential memleak in dasd_eckd_init()
sched/rt: pick_next_rt_entity(): check list_entry
perf/x86/intel/ds: Fix the conversion from TSC to perf time
x86/perf/zhaoxin: Add stepping check for ZXC
KEYS: asymmetric: Fix ECDSA use via keyctl uapi
block: ublk: check IO buffer based on flag need_get_data
arm64: dts: qcom: pmk8350: Specify PBS register for PON
arm64: dts: qcom: pmk8350: Use the correct PON compatible
erofs: relinquish volume with mutex held
block: sync mixed merged request's failfast with 1st bio's
block: Fix io statistics for cgroup in throttle path
block: bio-integrity: Copy flags when bio_integrity_payload is cloned
block: use proper return value from bio_failfast()
wifi: mt76: mt7915: add missing of_node_put()
wifi: mt76: mt7921s: fix slab-out-of-bounds access in sdio host
wifi: mt76: mt7915: check return value before accessing free_block_num
wifi: mt76: mt7915: drop always true condition of __mt7915_reg_addr()
wifi: mt76: mt7915: fix unintended sign extension of mt7915_hw_queue_read()
wifi: mt76: fix coverity uninit_use_in_call in mt76_connac2_reverse_frag0_hdr_trans()
wifi: rsi: Fix memory leak in rsi_coex_attach()
wifi: rtlwifi: rtl8821ae: don't call kfree_skb() under spin_lock_irqsave()
wifi: rtlwifi: rtl8188ee: don't call kfree_skb() under spin_lock_irqsave()
wifi: rtlwifi: rtl8723be: don't call kfree_skb() under spin_lock_irqsave()
wifi: iwlegacy: common: don't call dev_kfree_skb() under spin_lock_irqsave()
wifi: libertas: fix memory leak in lbs_init_adapter()
wifi: rtl8xxxu: don't call dev_kfree_skb() under spin_lock_irqsave()
wifi: rtw89: 8852c: rfk: correct DACK setting
wifi: rtw89: 8852c: rfk: correct DPK settings
wifi: rtlwifi: Fix global-out-of-bounds bug in _rtl8812ae_phy_set_txpower_limit()
libbpf: Fix btf__align_of() by taking into account field offsets
wifi: ipw2x00: don't call dev_kfree_skb() under spin_lock_irqsave()
wifi: ipw2200: fix memory leak in ipw_wdev_init()
wifi: wilc1000: fix potential memory leak in wilc_mac_xmit()
wifi: wilc1000: add missing unregister_netdev() in wilc_netdev_ifc_init()
wifi: brcmfmac: fix potential memory leak in brcmf_netdev_start_xmit()
wifi: brcmfmac: unmap dma buffer in brcmf_msgbuf_alloc_pktid()
wifi: libertas_tf: don't call kfree_skb() under spin_lock_irqsave()
wifi: libertas: if_usb: don't call kfree_skb() under spin_lock_irqsave()
wifi: libertas: main: don't call kfree_skb() under spin_lock_irqsave()
wifi: libertas: cmdresp: don't call kfree_skb() under spin_lock_irqsave()
wifi: wl3501_cs: don't call kfree_skb() under spin_lock_irqsave()
libbpf: Fix invalid return address register in s390
crypto: x86/ghash - fix unaligned access in ghash_setkey()
ACPICA: Drop port I/O validation for some regions
genirq: Fix the return type of kstat_cpu_irqs_sum()
rcu-tasks: Improve comments explaining tasks_rcu_exit_srcu purpose
rcu-tasks: Remove preemption disablement around srcu_read_[un]lock() calls
rcu-tasks: Fix synchronize_rcu_tasks() VS zap_pid_ns_processes()
lib/mpi: Fix buffer overrun when SG is too long
crypto: ccp - Avoid page allocation failure warning for SEV_GET_ID2
platform/chrome: cros_ec_typec: Update port DP VDO
ACPICA: nsrepair: handle cases without a return value correctly
selftests/xsk: print correct payload for packet dump
selftests/xsk: print correct error codes when exiting
arm64/cpufeature: Fix field sign for DIT hwcap detection
kselftest/arm64: Fix syscall-abi for systems without 128 bit SME
workqueue: Protects wq_unbound_cpumask with wq_pool_attach_mutex
s390/early: fix sclp_early_sccb variable lifetime
s390/vfio-ap: fix an error handling path in vfio_ap_mdev_probe_queue()
x86/signal: Fix the value returned by strict_sas_size()
thermal/drivers/tsens: Drop msm8976-specific defines
thermal/drivers/tsens: Sort out msm8976 vs msm8956 data
thermal/drivers/tsens: fix slope values for msm8939
thermal/drivers/tsens: limit num_sensors to 9 for msm8939
wifi: rtw89: fix potential leak in rtw89_append_probe_req_ie()
wifi: rtw89: Add missing check for alloc_workqueue
wifi: rtl8xxxu: Fix memory leaks with RTL8723BU, RTL8192EU
wifi: orinoco: check return value of hermes_write_wordrec()
thermal/drivers/imx_sc_thermal: Drop empty platform remove function
thermal/drivers/imx_sc_thermal: Fix the loop condition
wifi: ath9k: htc_hst: free skb in ath9k_htc_rx_msg() if there is no callback function
wifi: ath9k: hif_usb: clean up skbs if ath9k_hif_usb_rx_stream() fails
wifi: ath9k: Fix potential stack-out-of-bounds write in ath9k_wmi_rsp_callback()
wifi: ath11k: Fix memory leak in ath11k_peer_rx_frag_setup
wifi: cfg80211: Fix extended KCK key length check in nl80211_set_rekey_data()
ACPI: battery: Fix missing NUL-termination with large strings
selftests/bpf: Fix build errors if CONFIG_NF_CONNTRACK=m
crypto: ccp - Failure on re-initialization due to duplicate sysfs filename
crypto: essiv - Handle EBUSY correctly
crypto: seqiv - Handle EBUSY correctly
powercap: fix possible name leak in powercap_register_zone()
x86/microcode: Add a parameter to microcode_check() to store CPU capabilities
x86/microcode: Check CPU capabilities after late microcode update correctly
x86/microcode: Adjust late loading result reporting message
selftests/bpf: Use consistent build-id type for liburandom_read.so
selftests/bpf: Fix vmtest static compilation error
crypto: xts - Handle EBUSY correctly
leds: led-class: Add missing put_device() to led_put()
s390/bpf: Add expoline to tail calls
wifi: iwlwifi: mei: fix compilation errors in rfkill()
kselftest/arm64: Fix enumeration of systems without 128 bit SME
can: rcar_canfd: Fix R-Car V3U GAFLCFG field accesses
selftests/bpf: Initialize tc in xdp_synproxy
crypto: ccp - Flush the SEV-ES TMR memory before giving it to firmware
bpftool: profile online CPUs instead of possible
wifi: mt76: mt7915: call mt7915_mcu_set_thermal_throttling() only after init_work
wifi: mt76: mt7915: fix memory leak in mt7915_mcu_exit
wifi: mt76: mt7915: fix WED TxS reporting
wifi: mt76: add memory barrier to SDIO queue kick
wifi: mt76: mt7921: fix error code of return in mt7921_acpi_read
net/mlx5: Enhance debug print in page allocation failure
irqchip: Fix refcount leak in platform_irqchip_probe
irqchip/alpine-msi: Fix refcount leak in alpine_msix_init_domains
irqchip/irq-mvebu-gicp: Fix refcount leak in mvebu_gicp_probe
irqchip/ti-sci: Fix refcount leak in ti_sci_intr_irq_domain_probe
s390/mem_detect: fix detect_memory() error handling
s390/vmem: fix empty page tables cleanup under KASAN
s390/boot: cleanup decompressor header files
s390/mem_detect: rely on diag260() if sclp_early_get_memsize() fails
s390/boot: fix mem_detect extended area allocation
net: add sock_init_data_uid()
tun: tun_chr_open(): correctly initialize socket uid
tap: tap_open(): correctly initialize socket uid
OPP: fix error checking in opp_migrate_dentry()
cpufreq: davinci: Fix clk use after free
Bluetooth: hci_conn: Refactor hci_bind_bis() since it always succeeds
Bluetooth: L2CAP: Fix potential user-after-free
Bluetooth: hci_qca: get wakeup status from serdev device handle
net: ipa: generic command param fix
s390: vfio-ap: tighten the NIB validity check
s390/ap: fix status returned by ap_aqic()
s390/ap: fix status returned by ap_qact()
libbpf: Fix alen calculation in libbpf_nla_dump_errormsg()
xen/grant-dma-iommu: Implement a dummy probe_device() callback
rds: rds_rm_zerocopy_callback() correct order for list_add_tail()
crypto: rsa-pkcs1pad - Use akcipher_request_complete
m68k: /proc/hardware should depend on PROC_FS
RISC-V: time: initialize hrtimer based broadcast clock event device
clocksource/drivers/riscv: Patch riscv_clock_next_event() jump before first use
wifi: iwl3945: Add missing check for create_singlethread_workqueue
wifi: iwl4965: Add missing check for create_singlethread_workqueue()
wifi: mwifiex: fix loop iterator in mwifiex_update_ampdu_txwinsize()
selftests/bpf: Fix out-of-srctree build
ACPI: resource: Add IRQ overrides for MAINGEAR Vector Pro 2 models
ACPI: resource: Do IRQ override on all TongFang GMxRGxx
crypto: octeontx2 - Fix objects shared between several modules
crypto: crypto4xx - Call dma_unmap_page when done
wifi: mac80211: move color collision detection report in a delayed work
wifi: mac80211: make rate u32 in sta_set_rate_info_rx()
wifi: mac80211: fix non-MLO station association
wifi: mac80211: Don't translate MLD addresses for multicast
wifi: mac80211: avoid u32_encode_bits() warning
wifi: mac80211: fix off-by-one link setting
tools/lib/thermal: Fix thermal_sampling_exit()
thermal/drivers/hisi: Drop second sensor hi3660
selftests/bpf: Fix map_kptr test.
wifi: mac80211: pass 'sta' to ieee80211_rx_data_set_sta()
bpf: Zeroing allocated object from slab in bpf memory allocator
selftests/bpf: Fix xdp_do_redirect on s390x
can: esd_usb: Move mislocated storage of SJA1000_ECC_SEG bits in case of a bus error
can: esd_usb: Make use of can_change_state() and relocate checking skb for NULL
xsk: check IFF_UP earlier in Tx path
LoongArch, bpf: Use 4 instructions for function address in JIT
bpf: Fix global subprog context argument resolution logic
irqchip/irq-brcmstb-l2: Set IRQ_LEVEL for level triggered interrupts
irqchip/irq-bcm7120-l2: Set IRQ_LEVEL for level triggered interrupts
net/smc: fix potential panic dues to unprotected smc_llc_srv_add_link()
net/smc: fix application data exception
selftests/net: Interpret UDP_GRO cmsg data as an int value
l2tp: Avoid possible recursive deadlock in l2tp_tunnel_register()
net: bcmgenet: fix MoCA LED control
net: lan966x: Fix possible deadlock inside PTP
net/mlx4_en: Introduce flexible array to silence overflow warning
selftest: fib_tests: Always cleanup before exit
sefltests: netdevsim: wait for devlink instance after netns removal
drm: Fix potential null-ptr-deref due to drmm_mode_config_init()
drm/fourcc: Add missing big-endian XRGB1555 and RGB565 formats
drm/bridge: ti-sn65dsi83: Fix delay after reset deassert to match spec
drm: mxsfb: DRM_IMX_LCDIF should depend on ARCH_MXC
drm: mxsfb: DRM_MXSFB should depend on ARCH_MXS || ARCH_MXC
drm/bridge: megachips: Fix error handling in i2c_register_driver()
drm/vkms: Fix memory leak in vkms_init()
drm/vkms: Fix null-ptr-deref in vkms_release()
drm/vc4: dpi: Fix format mapping for RGB565
drm: tidss: Fix pixel format definition
gpu: ipu-v3: common: Add of_node_put() for reference returned by of_graph_get_port_by_id()
drm/vc4: drop all currently held locks if deadlock happens
hwmon: (ftsteutates) Fix scaling of measurements
drm/msm/dpu: check for null return of devm_kzalloc() in dpu_writeback_init()
drm/msm/hdmi: Add missing check for alloc_ordered_workqueue
pinctrl: qcom: pinctrl-msm8976: Correct function names for wcss pins
pinctrl: stm32: Fix refcount leak in stm32_pctrl_get_irq_domain
pinctrl: rockchip: Fix refcount leak in rockchip_pinctrl_parse_groups
drm/vc4: hvs: Set AXI panic modes
drm/vc4: hvs: SCALER_DISPBKGND_AUTOHS is only valid on HVS4
drm/vc4: hvs: Correct interrupt masking bit assignment for HVS5
drm/vc4: hvs: Fix colour order for xRGB1555 on HVS5
drm/vc4: hdmi: Correct interlaced timings again
drm/msm: clean event_thread->worker in case of an error
drm/panel-edp: fix name for IVO product id 854b
scsi: qla2xxx: Fix exchange oversubscription
scsi: qla2xxx: Fix exchange oversubscription for management commands
scsi: qla2xxx: edif: Fix clang warning
ASoC: fsl_sai: initialize is_dsp_mode flag
drm/bridge: tc358767: Set default CLRSIPO count
drm/msm/adreno: Fix null ptr access in adreno_gpu_cleanup()
ALSA: hda/ca0132: minor fix for allocation size
drm/amdgpu: Use the sched from entity for amdgpu_cs trace
drm/msm/gem: Add check for kmalloc
drm/msm/dpu: Disallow unallocated resources to be returned
drm/bridge: lt9611: fix sleep mode setup
drm/bridge: lt9611: fix HPD reenablement
drm/bridge: lt9611: fix polarity programming
drm/bridge: lt9611: fix programming of video modes
drm/bridge: lt9611: fix clock calculation
drm/bridge: lt9611: pass a pointer to the of node
regulator: tps65219: use IS_ERR() to detect an error pointer
drm/mipi-dsi: Fix byte order of 16-bit DCS set/get brightness
drm: exynos: dsi: Fix MIPI_DSI*_NO_* mode flags
drm/msm/dsi: Allow 2 CTRLs on v2.5.0
scsi: ufs: exynos: Fix DMA alignment for PAGE_SIZE != 4096
drm/msm/dpu: sc7180: add missing WB2 clock control
drm/msm: use strscpy instead of strncpy
drm/msm/dpu: Add check for cstate
drm/msm/dpu: Add check for pstates
drm/msm/mdp5: Add check for kzalloc
habanalabs: bugs fixes in timestamps buff alloc
pinctrl: bcm2835: Remove of_node_put() in bcm2835_of_gpio_ranges_fallback()
pinctrl: mediatek: Initialize variable pullen and pullup to zero
pinctrl: mediatek: Initialize variable *buf to zero
gpu: host1x: Fix mask for syncpoint increment register
gpu: host1x: Don't skip assigning syncpoints to channels
drm/tegra: firewall: Check for is_addr_reg existence in IMM check
pinctrl: renesas: rzg2l: Fix configuring the GPIO pins as interrupts
drm/msm/dpu: set pdpu->is_rt_pipe early in dpu_plane_sspp_atomic_update()
drm/mediatek: dsi: Reduce the time of dsi from LP11 to sending cmd
drm/mediatek: Use NULL instead of 0 for NULL pointer
drm/mediatek: Drop unbalanced obj unref
drm/mediatek: mtk_drm_crtc: Add checks for devm_kcalloc
drm/mediatek: Clean dangling pointer on bind error path
ASoC: soc-compress.c: fixup private_data on snd_soc_new_compress()
dt-bindings: display: mediatek: Fix the fallback for mediatek,mt8186-disp-ccorr
gpio: vf610: connect GPIO label to dev name
ASoC: topology: Properly access value coming from topology file
spi: dw_bt1: fix MUX_MMIO dependencies
ASoC: mchp-spdifrx: fix controls which rely on rsr register
ASoC: mchp-spdifrx: fix return value in case completion times out
ASoC: mchp-spdifrx: fix controls that works with completion mechanism
ASoC: mchp-spdifrx: disable all interrupts in mchp_spdifrx_dai_remove()
dm: improve shrinker debug names
regmap: apply reg_base and reg_downshift for single register ops
ASoC: rsnd: fixup #endif position
ASoC: mchp-spdifrx: Fix uninitialized use of mr in mchp_spdifrx_hw_params()
ASoC: dt-bindings: meson: fix gx-card codec node regex
regulator: tps65219: use generic set_bypass()
hwmon: (asus-ec-sensors) add missing mutex path
hwmon: (ltc2945) Handle error case in ltc2945_value_store
ALSA: hda: Fix the control element identification for multiple codecs
drm/amdgpu: fix enum odm_combine_mode mismatch
scsi: mpt3sas: Fix a memory leak
scsi: aic94xx: Add missing check for dma_map_single()
HID: multitouch: Add quirks for flipped axes
HID: retain initial quirks set up when creating HID devices
ASoC: qcom: q6apm-lpass-dai: unprepare stream if its already prepared
ASoC: qcom: q6apm-dai: fix race condition while updating the position pointer
ASoC: qcom: q6apm-dai: Add SNDRV_PCM_INFO_BATCH flag
ASoC: codecs: lpass: register mclk after runtime pm
ASoC: codecs: lpass: fix incorrect mclk rate
drm/amd/display: don't call dc_interrupt_set() for disabled crtcs
HID: logitech-hidpp: Hard-code HID++ 1.0 fast scroll support
spi: bcm63xx-hsspi: Fix multi-bit mode setting
hwmon: (mlxreg-fan) Return zero speed for broken fan
ASoC: tlv320adcx140: fix 'ti,gpio-config' DT property init
dm: remove flush_scheduled_work() during local_exit()
nfs4trace: fix state manager flag printing
NFS: fix disabling of swap
spi: synquacer: Fix timeout handling in synquacer_spi_transfer_one()
ASoC: soc-dapm.h: fixup warning struct snd_pcm_substream not declared
HID: bigben: use spinlock to protect concurrent accesses
HID: bigben_worker() remove unneeded check on report_field
HID: bigben: use spinlock to safely schedule workers
hid: bigben_probe(): validate report count
ALSA: hda/hdmi: Register with vga_switcheroo on Dual GPU Macbooks
drm/shmem-helper: Fix locking for drm_gem_shmem_get_pages_sgt()
NFSD: enhance inter-server copy cleanup
NFSD: fix leaked reference count of nfsd4_ssc_umount_item
nfsd: fix race to check ls_layouts
nfsd: clean up potential nfsd_file refcount leaks in COPY codepath
NFSD: fix problems with cleanup on errors in nfsd4_copy
nfsd: fix courtesy client with deny mode handling in nfs4_upgrade_open
nfsd: don't fsync nfsd_files on last close
NFSD: copy the whole verifier in nfsd_copy_write_verifier
cifs: Fix lost destroy smbd connection when MR allocate failed
cifs: Fix warning and UAF when destroy the MR list
cifs: use tcon allocation functions even for dummy tcon
gfs2: jdata writepage fix
perf llvm: Fix inadvertent file creation
leds: led-core: Fix refcount leak in of_led_get()
leds: is31fl319x: Wrap mutex_destroy() for devm_add_action_or_rest()
leds: simatic-ipc-leds-gpio: Make sure we have the GPIO providing driver
tools/tracing/rtla: osnoise_hist: use total duration for average calculation
perf inject: Use perf_data__read() for auxtrace
perf intel-pt: Do not try to queue auxtrace data on pipe
perf test bpf: Skip test if kernel-debuginfo is not present
perf tools: Fix auto-complete on aarch64
sparc: allow PM configs for sparc32 COMPILE_TEST
selftests: find echo binary to use -ne options
selftests/ftrace: Fix bash specific "==" operator
selftests: use printf instead of echo -ne
perf record: Fix segfault with --overwrite and --max-size
printf: fix errname.c list
perf tests stat_all_metrics: Change true workload to sleep workload for system wide check
objtool: add UACCESS exceptions for __tsan_volatile_read/write
mfd: cs5535: Don't build on UML
mfd: pcf50633-adc: Fix potential memleak in pcf50633_adc_async_read()
dmaengine: idxd: Set traffic class values in GRPCFG on DSA 2.0
RDMA/erdma: Fix refcount leak in erdma_mmap
dmaengine: HISI_DMA should depend on ARCH_HISI
RDMA/hns: Fix refcount leak in hns_roce_mmap
iio: light: tsl2563: Do not hardcode interrupt trigger type
usb: gadget: fusb300_udc: free irq on the error path in fusb300_probe()
i2c: designware: fix i2c_dw_clk_rate() return size to be u32
soundwire: cadence: Don't overflow the command FIFOs
driver core: fix potential null-ptr-deref in device_add()
kobject: modify kobject_get_path() to take a const *
kobject: Fix slab-out-of-bounds in fill_kobj_path()
alpha/boot/tools/objstrip: fix the check for ELF header
media: uvcvideo: Check for INACTIVE in uvc_ctrl_is_accessible()
media: uvcvideo: Implement mask for V4L2_CTRL_TYPE_MENU
media: uvcvideo: Refactor uvc_ctrl_mappings_uvcXX
media: uvcvideo: Refactor power_line_frequency_controls_limited
coresight: etm4x: Fix accesses to TRCSEQRSTEVR and TRCSEQSTR
coresight: cti: Prevent negative values of enable count
coresight: cti: Add PM runtime call in enable_store
usb: typec: intel_pmc_mux: Don't leak the ACPI device reference count
PCI/IOV: Enlarge virtfn sysfs name buffer
PCI: switchtec: Return -EFAULT for copy_to_user() errors
PCI: endpoint: pci-epf-vntb: Clean up kernel_doc warning
PCI: endpoint: pci-epf-vntb: Add epf_ntb_mw_bar_clear() num_mws kernel-doc
hwtracing: hisi_ptt: Only add the supported devices to the filters list
tty: serial: fsl_lpuart: disable Rx/Tx DMA in lpuart32_shutdown()
tty: serial: fsl_lpuart: clear LPUART Status Register in lpuart32_shutdown()
serial: tegra: Add missing clk_disable_unprepare() in tegra_uart_hw_init()
Revert "char: pcmcia: cm4000_cs: Replace mdelay with usleep_range in set_protocol"
eeprom: idt_89hpesx: Fix error handling in idt_init()
applicom: Fix PCI device refcount leak in applicom_init()
firmware: stratix10-svc: add missing gen_pool_destroy() in stratix10_svc_drv_probe()
firmware: stratix10-svc: fix error handle while alloc/add device failed
VMCI: check context->notify_page after call to get_user_pages_fast() to avoid GPF
mei: pxp: Use correct macros to initialize uuid_le
misc/mei/hdcp: Use correct macros to initialize uuid_le
misc: fastrpc: Fix an error handling path in fastrpc_rpmsg_probe()
driver core: fix resource leak in device_add()
driver core: location: Free struct acpi_pld_info *pld before return false
drivers: base: transport_class: fix possible memory leak
drivers: base: transport_class: fix resource leak when transport_add_device() fails
firmware: dmi-sysfs: Fix null-ptr-deref in dmi_sysfs_register_handle
fotg210-udc: Add missing completion handler
dmaengine: dw-edma: Fix missing src/dst address of interleaved xfers
fpga: microchip-spi: move SPI I/O buffers out of stack
fpga: microchip-spi: rewrite status polling in a time measurable way
usb: early: xhci-dbc: Fix a potential out-of-bound memory access
tty: serial: fsl_lpuart: Fix the wrong RXWATER setting for rx dma case
RDMA/cxgb4: add null-ptr-check after ip_dev_find()
usb: musb: mediatek: don't unregister something that wasn't registered
usb: gadget: configfs: Restrict symlink creation is UDC already binded
phy: mediatek: remove temporary variable @mask_
PCI: mt7621: Delay phy ports initialization
iommu: dart: Add suspend/resume support
iommu: dart: Support >64 stream IDs
iommu/dart: Fix apple_dart_device_group for PCI groups
iommu/vt-d: Set No Execute Enable bit in PASID table entry
power: supply: remove faulty cooling logic
RDMA/cxgb4: Fix potential null-ptr-deref in pass_establish()
usb: max-3421: Fix setting of I/O pins
RDMA/irdma: Cap MSIX used to online CPUs + 1
serial: fsl_lpuart: fix RS485 RTS polariy inverse issue
tty: serial: imx: Handle RS485 DE signal active high
tty: serial: imx: disable Ageing Timer interrupt request irq
driver core: fw_devlink: Add DL_FLAG_CYCLE support to device links
driver core: fw_devlink: Don't purge child fwnode's consumer links
driver core: fw_devlink: Allow marking a fwnode link as being part of a cycle
driver core: fw_devlink: Consolidate device link flag computation
driver core: fw_devlink: Improve check for fwnode with no device/driver
driver core: fw_devlink: Make cycle detection more robust
mtd: mtdpart: Don't create platform device that'll never probe
usb: host: fsl-mph-dr-of: reuse device_set_of_node_from_dev
dmaengine: dw-edma: Fix readq_ch() return value truncation
PCI: Fix dropping valid root bus resources with .end = zero
phy: rockchip-typec: fix tcphy_get_mode error case
PCI: qcom: Fix host-init error handling
iw_cxgb4: Fix potential NULL dereference in c4iw_fill_res_cm_id_entry()
iommu: Fix error unwind in iommu_group_alloc()
iommu/amd: Do not identity map v2 capable device when snp is enabled
dmaengine: sf-pdma: pdma_desc memory leak fix
dmaengine: dw-axi-dmac: Do not dereference NULL structure
dmaengine: ptdma: check for null desc before calling pt_cmd_callback
iommu/vt-d: Fix error handling in sva enable/disable paths
iommu/vt-d: Allow to use flush-queue when first level is default
RDMA/rxe: cleanup some error handling in rxe_verbs.c
RDMA/rxe: Fix missing memory barriers in rxe_queue.h
IB/hfi1: Fix math bugs in hfi1_can_pin_pages()
IB/hfi1: Fix sdma.h tx->num_descs off-by-one errors
Revert "remoteproc: qcom_q6v5_mss: map/unmap metadata region before/after use"
remoteproc: qcom_q6v5_mss: Use a carveout to authenticate modem headers
media: ti: cal: fix possible memory leak in cal_ctx_create()
media: platform: ti: Add missing check for devm_regulator_get
media: imx: imx7-media-csi: fix missing clk_disable_unprepare() in imx7_csi_init()
powerpc: Remove linker flag from KBUILD_AFLAGS
s390/vdso: Drop '-shared' from KBUILD_CFLAGS_64
builddeb: clean generated package content
media: max9286: Fix memleak in max9286_v4l2_register()
media: ov2740: Fix memleak in ov2740_init_controls()
media: ov5675: Fix memleak in ov5675_init_controls()
media: ov5640: Fix soft reset sequence and timings
media: ov5640: Handle delays when no reset_gpio set
media: mc: Get media_device directly from pad
media: i2c: ov772x: Fix memleak in ov772x_probe()
media: i2c: imx219: Split common registers from mode tables
media: i2c: imx219: Fix binning for RAW8 capture
media: platform: mtk-mdp3: Fix return value check in mdp_probe()
media: camss: csiphy-3ph: avoid undefined behavior
media: platform: mtk-mdp3: remove unused VIDEO_MEDIATEK_VPU config
media: platform: mtk-mdp3: fix Kconfig dependencies
media: v4l2-jpeg: correct the skip count in jpeg_parse_app14_data
media: v4l2-jpeg: ignore the unknown APP14 marker
media: hantro: Fix JPEG encoder ENUM_FRMSIZE on RK3399
media: imx-jpeg: Apply clk_bulk api instead of operating specific clk
media: amphion: correct the unspecified color space
media: drivers/media/v4l2-core/v4l2-h264 : add detection of null pointers
media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()
media: atomisp: Only set default_run_mode on first open of a stream/asd
media: i2c: ov7670: 0 instead of -EINVAL was returned
media: usb: siano: Fix use after free bugs caused by do_submit_urb
media: saa7134: Use video_unregister_device for radio_dev
rpmsg: glink: Avoid infinite loop on intent for missing channel
rpmsg: glink: Release driver_override
ARM: OMAP2+: omap4-common: Fix refcount leak bug
arm64: dts: qcom: msm8996: Add additional A2NoC clocks
udf: Define EFSCORRUPTED error code
context_tracking: Fix noinstr vs KASAN
exit: Detect and fix irq disabled state in oops
ARM: dts: exynos: Use Exynos5420 compatible for the MIPI video phy
fs: Use CHECK_DATA_CORRUPTION() when kernel bugs are detected
blk-iocost: fix divide by 0 error in calc_lcoefs()
blk-cgroup: dropping parent refcount after pd_free_fn() is done
blk-cgroup: synchronize pd_free_fn() from blkg_free_workfn() and blkcg_deactivate_policy()
trace/blktrace: fix memory leak with using debugfs_lookup()
btrfs: scrub: improve tree block error reporting
arm64: zynqmp: Enable hs termination flag for USB dwc3 controller
cpuidle, intel_idle: Fix CPUIDLE_FLAG_INIT_XSTATE
x86/fpu: Don't set TIF_NEED_FPU_LOAD for PF_IO_WORKER threads
cpuidle: drivers: firmware: psci: Dont instrument suspend code
cpuidle: lib/bug: Disable rcu_is_watching() during WARN/BUG
perf/x86/intel/uncore: Add Meteor Lake support
wifi: ath9k: Fix use-after-free in ath9k_hif_usb_disconnect()
wifi: ath11k: fix monitor mode bringup crash
wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds()
rcu: Make RCU_LOCKDEP_WARN() avoid early lockdep checks
rcu: Suppress smp_processor_id() complaint in synchronize_rcu_expedited_wait()
srcu: Delegate work to the boot cpu if using SRCU_SIZE_SMALL
rcu-tasks: Make rude RCU-Tasks work well with CPU hotplug
rcu-tasks: Handle queue-shrink/callback-enqueue race condition
wifi: ath11k: debugfs: fix to work with multiple PCI devices
thermal: intel: Fix unsigned comparison with less than zero
timers: Prevent union confusion from unexpected restart_syscall()
x86/bugs: Reset speculation control settings on init
bpftool: Always disable stack protection for BPF objects
wifi: brcmfmac: ensure CLM version is null-terminated to prevent stack-out-of-bounds
wifi: mt7601u: fix an integer underflow
inet: fix fast path in __inet_hash_connect()
ice: restrict PTP HW clock freq adjustments to 100, 000, 000 PPB
ice: add missing checks for PF vsi type
ACPI: Don't build ACPICA with '-Os'
bpf, docs: Fix modulo zero, division by zero, overflow, and underflow
thermal: intel: intel_pch: Add support for Wellsburg PCH
clocksource: Suspend the watchdog temporarily when high read latency detected
crypto: hisilicon: Wipe entire pool on error
net: bcmgenet: Add a check for oversized packets
m68k: Check syscall_trace_enter() return code
s390/mm,ptdump: avoid Kasan vs Memcpy Real markers swapping
netfilter: nf_tables: NULL pointer dereference in nf_tables_updobj()
can: isotp: check CAN address family in isotp_bind()
gcc-plugins: drop -std=gnu++11 to fix GCC 13 build
tools/power/x86/intel-speed-select: Add Emerald Rapid quirk
wifi: mt76: dma: free rx_head in mt76_dma_rx_cleanup
ACPI: video: Fix Lenovo Ideapad Z570 DMI match
net/mlx5: fw_tracer: Fix debug print
coda: Avoid partial allocation of sig_inputArgs
uaccess: Add minimum bounds check on kernel buffer size
s390/idle: mark arch_cpu_idle() noinstr
time/debug: Fix memory leak with using debugfs_lookup()
PM: domains: fix memory leak with using debugfs_lookup()
PM: EM: fix memory leak with using debugfs_lookup()
Bluetooth: Fix issue with Actions Semi ATS2851 based devices
Bluetooth: btusb: Add new PID/VID 0489:e0f2 for MT7921
Bluetooth: btusb: Add VID:PID 13d3:3529 for Realtek RTL8821CE
wifi: rtw89: debug: avoid invalid access on RTW89_DBG_SEL_MAC_30
hv_netvsc: Check status in SEND_RNDIS_PKT completion message
s390/kfence: fix page fault reporting
devlink: Fix TP_STRUCT_entry in trace of devlink health report
scm: add user copy checks to put_cmsg()
drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Tab 3 X90F
drm: panel-orientation-quirks: Add quirk for DynaBook K50
drm/amd/display: Reduce expected sdp bandwidth for dcn321
drm/amd/display: Revert Reduce delay when sink device not able to ACK 00340h write
drm/amd/display: Fix potential null-deref in dm_resume
drm/omap: dsi: Fix excessive stack usage
HID: Add Mapping for System Microphone Mute
drm/tiny: ili9486: Do not assume 8-bit only SPI controllers
drm/amd/display: Defer DIG FIFO disable after VID stream enable
drm/radeon: free iio for atombios when driver shutdown
drm/amd: Avoid BUG() for case of SRIOV missing IP version
drm/amdkfd: Page aligned memory reserve size
scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write
Revert "fbcon: don't lose the console font across generic->chip driver switch"
drm/amd: Avoid ASSERT for some message failures
drm: amd: display: Fix memory leakage
drm/amd/display: fix mapping to non-allocated address
HID: uclogic: Add frame type quirk
HID: uclogic: Add battery quirk
HID: uclogic: Add support for XP-PEN Deco Pro SW
HID: uclogic: Add support for XP-PEN Deco Pro MW
drm/msm/dsi: Add missing check for alloc_ordered_workqueue
drm: rcar-du: Add quirk for H3 ES1.x pclk workaround
drm: rcar-du: Fix setting a reserved bit in DPLLCR
drm/drm_print: correct format problem
drm/amd/display: Set hvm_enabled flag for S/G mode
habanalabs: extend fatal messages to contain PCI info
habanalabs: fix bug in timestamps registration code
docs/scripts/gdb: add necessary make scripts_gdb step
drm/msm/dpu: Add DSC hardware blocks to register snapshot
ASoC: soc-compress: Reposition and add pcm_mutex
ASoC: kirkwood: Iterate over array indexes instead of using pointer math
regulator: max77802: Bounds check regulator id against opmode
regulator: s5m8767: Bounds check id indexing into arrays
Revert "drm/amdgpu: TA unload messages are not actually sent to psp when amdgpu is uninstalled"
drm/amd/display: fix FCLK pstate change underflow
gfs2: Improve gfs2_make_fs_rw error handling
hwmon: (coretemp) Simplify platform device handling
hwmon: (nct6775) Directly call ASUS ACPI WMI method
hwmon: (nct6775) B650/B660/X670 ASUS boards support
pinctrl: at91: use devm_kasprintf() to avoid potential leaks
drm/amd/display: Do not commit pipe when updating DRR
scsi: snic: Fix memory leak with using debugfs_lookup()
scsi: ufs: core: Fix device management cmd timeout flow
HID: logitech-hidpp: Don't restart communication if not necessary
drm/amd/display: Enable P-state validation checks for DCN314
drm: panel-orientation-quirks: Add quirk for Lenovo IdeaPad Duet 3 10IGL5
drm/amd/display: Disable HUBP/DPP PG on DCN314 for now
dm thin: add cond_resched() to various workqueue loops
dm cache: add cond_resched() to various workqueue loops
nfsd: zero out pointers after putting nfsd_files on COPY setup error
nfsd: don't hand out delegation on setuid files being opened for write
cifs: prevent data race in smb2_reconnect()
drm/shmem-helper: Revert accidental non-GPL export
driver core: fw_devlink: Avoid spurious error message
wifi: rtl8xxxu: fixing transmisison failure for rtl8192eu
scsi: mpt3sas: Remove usage of dma_get_required_mask() API
firmware: coreboot: framebuffer: Ignore reserved pixel color bits
block: don't allow multiple bios for IOCB_NOWAIT issue
block: clear bio->bi_bdev when putting a bio back in the cache
block: be a bit more careful in checking for NULL bdev while polling
rtc: pm8xxx: fix set-alarm race
ipmi: ipmb: Fix the MODULE_PARM_DESC associated to 'retry_time_ms'
ipmi:ssif: resend_msg() cannot fail
ipmi_ssif: Rename idle state and check
io_uring: Replace 0-length array with flexible array
io_uring: use user visible tail in io_uring_poll()
io_uring: handle TIF_NOTIFY_RESUME when checking for task_work
io_uring: add a conditional reschedule to the IOPOLL cancelation loop
io_uring: add reschedule point to handle_tw_list()
io_uring/rsrc: disallow multi-source reg buffers
io_uring: remove MSG_NOSIGNAL from recvmsg
io_uring: fix fget leak when fs don't support nowait buffered read
s390/extmem: return correct segment type in __segment_load()
s390: discard .interp section
s390/kprobes: fix irq mask clobbering on kprobe reenter from post_handler
s390/kprobes: fix current_kprobe never cleared after kprobes reenter
KVM: s390: disable migration mode when dirty tracking is disabled
cifs: Fix uninitialized memory read in smb3_qfs_tcon()
cifs: Fix uninitialized memory reads for oparms.mode
cifs: fix mount on old smb servers
cifs: introduce cifs_io_parms in smb2_async_writev()
cifs: split out smb3_use_rdma_offload() helper
cifs: don't try to use rdma offload on encrypted connections
cifs: Check the lease context if we actually got a lease
cifs: return a single-use cfid if we did not get a lease
scsi: mpi3mr: Fix missing mrioc->evtack_cmds initialization
scsi: mpi3mr: Fix issues in mpi3mr_get_all_tgt_info()
scsi: mpi3mr: Remove unnecessary memcpy() to alltgt_info->dmi
btrfs: hold block group refcount during async discard
locking/rwsem: Prevent non-first waiter from spinning in down_write() slowpath
ksmbd: fix wrong data area length for smb2 lock request
ksmbd: do not allow the actual frame length to be smaller than the rfc1002 length
ksmbd: fix possible memory leak in smb2_lock()
torture: Fix hang during kthread shutdown phase
ARM: dts: exynos: correct HDMI phy compatible in Exynos4
io_uring: mark task TASK_RUNNING before handling resume/task work
hfs: fix missing hfs_bnode_get() in __hfs_bnode_create
fs: hfsplus: fix UAF issue in hfsplus_put_super
exfat: fix reporting fs error when reading dir beyond EOF
exfat: fix unexpected EOF while reading dir
exfat: redefine DIR_DELETED as the bad cluster number
exfat: fix inode->i_blocks for non-512 byte sector size device
fs: dlm: don't set stop rx flag after node reset
fs: dlm: move sending fin message into state change handling
fs: dlm: send FIN ack back in right cases
f2fs: fix information leak in f2fs_move_inline_dirents()
f2fs: retry to update the inode page given data corruption
f2fs: fix cgroup writeback accounting with fs-layer encryption
f2fs: fix kernel crash due to null io->bio
ocfs2: fix defrag path triggering jbd2 ASSERT
ocfs2: fix non-auto defrag path not working issue
fs/cramfs/inode.c: initialize file_ra_state
selftests/landlock: Skip overlayfs tests when not supported
selftests/landlock: Test ptrace as much as possible with Yama
udf: Truncate added extents on failed expansion
udf: Do not bother merging very long extents
udf: Do not update file length for failed writes to inline files
udf: Preserve link count of system files
udf: Detect system inodes linked into directory hierarchy
udf: Fix file corruption when appending just after end of preallocated extent
md: don't update recovery_cp when curr_resync is ACTIVE
RDMA/siw: Fix user page pinning accounting
KVM: Destroy target device if coalesced MMIO unregistration fails
KVM: VMX: Fix crash due to uninitialized current_vmcs
KVM: Register /dev/kvm as the _very_ last thing during initialization
KVM: x86: Purge "highest ISR" cache when updating APICv state
KVM: x86: Blindly get current x2APIC reg value on "nodecode write" traps
KVM: x86: Don't inhibit APICv/AVIC on xAPIC ID "change" if APIC is disabled
KVM: x86: Don't inhibit APICv/AVIC if xAPIC ID mismatch is due to 32-bit ID
KVM: SVM: Flush the "current" TLB when activating AVIC
KVM: SVM: Process ICR on AVIC IPI delivery failure due to invalid target
KVM: SVM: Don't put/load AVIC when setting virtual APIC mode
KVM: x86: Inject #GP if WRMSR sets reserved bits in APIC Self-IPI
KVM: x86: Inject #GP on x2APIC WRMSR that sets reserved bits 63:32
KVM: SVM: Fix potential overflow in SEV's send|receive_update_data()
KVM: SVM: hyper-v: placate modpost section mismatch error
selftests: x86: Fix incorrect kernel headers search path
x86/virt: Force GIF=1 prior to disabling SVM (for reboot flows)
x86/crash: Disable virt in core NMI crash handler to avoid double shootdown
x86/reboot: Disable virtualization in an emergency if SVM is supported
x86/reboot: Disable SVM, not just VMX, when stopping CPUs
x86/kprobes: Fix __recover_optprobed_insn check optimizing logic
x86/kprobes: Fix arch_check_optimized_kprobe check within optimized_kprobe range
x86/microcode/amd: Remove load_microcode_amd()'s bsp parameter
x86/microcode/AMD: Add a @cpu parameter to the reloading functions
x86/microcode/AMD: Fix mixed steppings support
x86/speculation: Allow enabling STIBP with legacy IBRS
Documentation/hw-vuln: Document the interaction between IBRS and STIBP
virt/sev-guest: Return -EIO if certificate buffer is not large enough
brd: mark as nowait compatible
brd: return 0/-error from brd_insert_page()
brd: check for REQ_NOWAIT and set correct page allocation mask
ima: fix error handling logic when file measurement failed
ima: Align ima_file_mmap() parameters with mmap_file LSM hook
selftests/powerpc: Fix incorrect kernel headers search path
selftests/ftrace: Fix eprobe syntax test case to check filter support
selftests: sched: Fix incorrect kernel headers search path
selftests: core: Fix incorrect kernel headers search path
selftests: pid_namespace: Fix incorrect kernel headers search path
selftests: arm64: Fix incorrect kernel headers search path
selftests: clone3: Fix incorrect kernel headers search path
selftests: pidfd: Fix incorrect kernel headers search path
selftests: membarrier: Fix incorrect kernel headers search path
selftests: kcmp: Fix incorrect kernel headers search path
selftests: media_tests: Fix incorrect kernel headers search path
selftests: gpio: Fix incorrect kernel headers search path
selftests: filesystems: Fix incorrect kernel headers search path
selftests: user_events: Fix incorrect kernel headers search path
selftests: ptp: Fix incorrect kernel headers search path
selftests: sync: Fix incorrect kernel headers search path
selftests: rseq: Fix incorrect kernel headers search path
selftests: move_mount_set_group: Fix incorrect kernel headers search path
selftests: mount_setattr: Fix incorrect kernel headers search path
selftests: perf_events: Fix incorrect kernel headers search path
selftests: ipc: Fix incorrect kernel headers search path
selftests: futex: Fix incorrect kernel headers search path
selftests: drivers: Fix incorrect kernel headers search path
selftests: dmabuf-heaps: Fix incorrect kernel headers search path
selftests: vm: Fix incorrect kernel headers search path
selftests: seccomp: Fix incorrect kernel headers search path
irqdomain: Fix association race
irqdomain: Fix disassociation race
irqdomain: Look for existing mapping only once
irqdomain: Drop bogus fwspec-mapping error handling
irqdomain: Refactor __irq_domain_alloc_irqs()
irqdomain: Fix mapping-creation race
irqdomain: Fix domain registration race
crypto: qat - fix out-of-bounds read
mm/damon/paddr: fix missing folio_put()
ALSA: ice1712: Do not left ice->gpio_mutex locked in aureon_add_controls()
ALSA: hda/realtek: Add quirk for HP EliteDesk 800 G6 Tower PC
jbd2: fix data missing when reusing bh which is ready to be checkpointed
ext4: optimize ea_inode block expansion
ext4: refuse to create ea block when umounted
cxl/pmem: Fix nvdimm registration races
mtd: spi-nor: sfdp: Fix index value for SCCR dwords
mtd: spi-nor: spansion: Consider reserved bits in CFR5 register
mtd: spi-nor: Fix shift-out-of-bounds in spi_nor_set_erase_type
dm: send just one event on resize, not two
dm: add cond_resched() to dm_wq_work()
dm: add cond_resched() to dm_wq_requeue_work()
wifi: rtw88: use RTW_FLAG_POWERON flag to prevent to power on/off twice
wifi: rtl8xxxu: Use a longer retry limit of 48
wifi: ath11k: allow system suspend to survive ath11k
wifi: cfg80211: Fix use after free for wext
wifi: cfg80211: Set SSID if it is not already set
cpuidle: add ARCH_SUSPEND_POSSIBLE dependencies
qede: fix interrupt coalescing configuration
thermal: intel: powerclamp: Fix cur_state for multi package system
dm flakey: fix logic when corrupting a bio
dm cache: free background tracker's queued work in btracker_destroy
dm flakey: don't corrupt the zero page
dm flakey: fix a bug with 32-bit highmem systems
hwmon: (peci/cputemp) Fix off-by-one in coretemp_label allocation
hwmon: (nct6775) Fix incorrect parenthesization in nct6775_write_fan_div()
ARM: dts: qcom: sdx65: Add Qcom SMMU-500 as the fallback for IOMMU node
ARM: dts: qcom: sdx55: Add Qcom SMMU-500 as the fallback for IOMMU node
ARM: dts: exynos: correct TMU phandle in Exynos4210
ARM: dts: exynos: correct TMU phandle in Exynos4
ARM: dts: exynos: correct TMU phandle in Odroid XU3 family
ARM: dts: exynos: correct TMU phandle in Exynos5250
ARM: dts: exynos: correct TMU phandle in Odroid XU
ARM: dts: exynos: correct TMU phandle in Odroid HC1
arm64: mm: hugetlb: Disable HUGETLB_PAGE_OPTIMIZE_VMEMMAP
fuse: add inode/permission checks to fileattr_get/fileattr_set
rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails
ceph: update the time stamps and try to drop the suid/sgid
regulator: core: Use ktime_get_boottime() to determine how long a regulator was off
panic: fix the panic_print NMI backtrace setting
mm/hwpoison: convert TTU_IGNORE_HWPOISON to TTU_HWPOISON
alpha: fix FEN fault handling
dax/kmem: Fix leak of memory-hotplug resources
mips: fix syscall_get_nr
media: ipu3-cio2: Fix PM runtime usage_count in driver unbind
remoteproc/mtk_scp: Move clk ops outside send_lock
docs: gdbmacros: print newest record
mm: memcontrol: deprecate charge moving
mm/thp: check and bail out if page in deferred queue already
ktest.pl: Give back console on Ctrt^C on monitor
kprobes: Fix to handle forcibly unoptimized kprobes on freeing_list
ktest.pl: Fix missing "end_monitor" when machine check fails
ktest.pl: Add RUN_TIMEOUT option with default unlimited
memory tier: release the new_memtier in find_create_memory_tier()
ring-buffer: Handle race between rb_move_tail and rb_check_pages
tools/bootconfig: fix single & used for logical condition
tracing/eprobe: Fix to add filter on eprobe description in README file
iommu/amd: Add a length limitation for the ivrs_acpihid command-line parameter
iommu/amd: Improve page fault error reporting
scsi: aacraid: Allocate cmd_priv with scsicmd
scsi: qla2xxx: Fix link failure in NPIV environment
scsi: qla2xxx: Check if port is online before sending ELS
scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests
scsi: qla2xxx: Remove unintended flag clearing
scsi: qla2xxx: Fix erroneous link down
scsi: qla2xxx: Remove increment of interface err cnt
scsi: ses: Don't attach if enclosure has no components
scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process()
scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses
scsi: ses: Fix possible desc_ptr out-of-bounds accesses
scsi: ses: Fix slab-out-of-bounds in ses_intf_remove()
RISC-V: add a spin_shadow_stack declaration
riscv: Avoid enabling interrupts in die()
riscv: mm: fix regression due to update_mmu_cache change
riscv: jump_label: Fixup unaligned arch_static_branch function
riscv, mm: Perform BPF exhandler fixup on page fault
riscv: ftrace: Remove wasted nops for !RISCV_ISA_C
riscv: ftrace: Reduce the detour code size to half
MIPS: DTS: CI20: fix otg power gpio
PCI/PM: Observe reset delay irrespective of bridge_d3
PCI: Unify delay handling for reset and resume
PCI: hotplug: Allow marking devices as disconnected during bind/unbind
PCI: Avoid FLR for AMD FCH AHCI adapters
PCI/DPC: Await readiness of secondary bus after reset
bus: mhi: ep: Only send -ENOTCONN status if client driver is available
bus: mhi: ep: Move chan->lock to the start of processing queued ch ring
bus: mhi: ep: Save channel state locally during suspend and resume
iommu/vt-d: Avoid superfluous IOTLB tracking in lazy mode
iommu/vt-d: Fix PASID directory pointer coherency
vfio/type1: exclude mdevs from VFIO_UPDATE_VADDR
vfio/type1: prevent underflow of locked_vm via exec()
vfio/type1: track locked_vm per dma
vfio/type1: restore locked_vm
drm/amd: Fix initialization for nbio 7.5.1
drm/i915/quirks: Add inverted backlight quirk for HP 14-r206nv
drm/radeon: Fix eDP for single-display iMac11,2
drm/i915: Don't use stolen memory for ring buffers with LLC
drm/i915: Don't use BAR mappings for ring buffers with LLC
drm/gud: Fix UBSAN warning
drm/edid: fix AVI infoframe aspect ratio handling
drm/edid: fix parsing of 3D modes from HDMI VSDB
qede: avoid uninitialized entries in coal_entry array
brd: use radix_tree_maybe_preload instead of radix_tree_preload
sbitmap: Advance the queue index before waking up a queue
wait: Return number of exclusive waiters awaken
sbitmap: Try each queue to wake up at least one waiter
kbuild: Port silent mode detection to future gnu make.
net: avoid double iput when sock_alloc_file fails
Linux 6.1.16
Change-Id: I705caf70ee547e6d55f38d133bdcd50713aed745
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Will Deacon
|
9c6dd2c51d |
ANDROID: KVM: arm64: Rename nVHE hyp event ELF sections
The ELF sections and delimiters used by the hyp events were not following the convention used by other hyp sections. Align them all. Bug: 249050813 Change-Id: I7b3ee4915c8904cd531911df59c1fd1853bbbe9f Signed-off-by: Will Deacon <willdeacon@google.com> Signed-off-by: Vincent Donnefort <vdonnefort@google.com> |
||
Catalin Marinas
|
96122e776f |
arm64: mte: Fix/clarify the PG_mte_tagged semantics
commit e059853d14ca4ed0f6a190d7109487918a22a976 upstream. Currently the PG_mte_tagged page flag mostly means the page contains valid tags and it should be set after the tags have been cleared or restored. However, in mte_sync_tags() it is set before setting the tags to avoid, in theory, a race with concurrent mprotect(PROT_MTE) for shared pages. However, a concurrent mprotect(PROT_MTE) with a copy on write in another thread can cause the new page to have stale tags. Similarly, tag reading via ptrace() can read stale tags if the PG_mte_tagged flag is set before actually clearing/restoring the tags. Fix the PG_mte_tagged semantics so that it is only set after the tags have been cleared or restored. This is safe for swap restoring into a MAP_SHARED or CoW page since the core code takes the page lock. Add two functions to test and set the PG_mte_tagged flag with acquire and release semantics. The downside is that concurrent mprotect(PROT_MTE) on a MAP_SHARED page may cause tag loss. This is already the case for KVM guests if a VMM changes the page protection while the guest triggers a user_mem_abort(). Signed-off-by: Catalin Marinas <catalin.marinas@arm.com> [pcc@google.com: fix build with CONFIG_ARM64_MTE disabled] Signed-off-by: Peter Collingbourne <pcc@google.com> Reviewed-by: Cornelia Huck <cohuck@redhat.com> Reviewed-by: Steven Price <steven.price@arm.com> Cc: Will Deacon <will@kernel.org> Cc: Marc Zyngier <maz@kernel.org> Cc: Peter Collingbourne <pcc@google.com> Signed-off-by: Marc Zyngier <maz@kernel.org> Link: https://lore.kernel.org/r/20221104011041.290951-3-pcc@google.com Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Pierre Gondois
|
8b38969fa0 |
arm64: efi: Make efi_rt_lock a raw_spinlock
commit 0e68b5517d3767562889f1d83fdb828c26adb24f upstream. Running a rt-kernel base on 6.2.0-rc3-rt1 on an Ampere Altra outputs the following: BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:46 in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 9, name: kworker/u320:0 preempt_count: 2, expected: 0 RCU nest depth: 0, expected: 0 3 locks held by kworker/u320:0/9: #0: ffff3fff8c27d128 ((wq_completion)efi_rts_wq){+.+.}-{0:0}, at: process_one_work (./include/linux/atomic/atomic-long.h:41) #1: ffff80000861bdd0 ((work_completion)(&efi_rts_work.work)){+.+.}-{0:0}, at: process_one_work (./include/linux/atomic/atomic-long.h:41) #2: ffffdf7e1ed3e460 (efi_rt_lock){+.+.}-{3:3}, at: efi_call_rts (drivers/firmware/efi/runtime-wrappers.c:101) Preemption disabled at: efi_virtmap_load (./arch/arm64/include/asm/mmu_context.h:248) CPU: 0 PID: 9 Comm: kworker/u320:0 Tainted: G W 6.2.0-rc3-rt1 Hardware name: WIWYNN Mt.Jade Server System B81.03001.0005/Mt.Jade Motherboard, BIOS 1.08.20220218 (SCP: 1.08.20220218) 2022/02/18 Workqueue: efi_rts_wq efi_call_rts Call trace: dump_backtrace (arch/arm64/kernel/stacktrace.c:158) show_stack (arch/arm64/kernel/stacktrace.c:165) dump_stack_lvl (lib/dump_stack.c:107 (discriminator 4)) dump_stack (lib/dump_stack.c:114) __might_resched (kernel/sched/core.c:10134) rt_spin_lock (kernel/locking/rtmutex.c:1769 (discriminator 4)) efi_call_rts (drivers/firmware/efi/runtime-wrappers.c:101) [...] This seems to come from commit ff7a167961d1 ("arm64: efi: Execute runtime services from a dedicated stack") which adds a spinlock. This spinlock is taken through: efi_call_rts() \-efi_call_virt() \-efi_call_virt_pointer() \-arch_efi_call_virt_setup() Make 'efi_rt_lock' a raw_spinlock to avoid being preempted. [ardb: The EFI runtime services are called with a different set of translation tables, and are permitted to use the SIMD registers. The context switch code preserves/restores neither, and so EFI calls must be made with preemption disabled, rather than only disabling migration.] Fixes: ff7a167961d1 ("arm64: efi: Execute runtime services from a dedicated stack") Signed-off-by: Pierre Gondois <pierre.gondois@arm.com> Cc: <stable@vger.kernel.org> # v6.1+ Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Mark Brown
|
c5721ba0f2 |
arm64/cpufeature: Fix field sign for DIT hwcap detection
[ Upstream commit 50daf5b7c4ec4efcaf49a4128930f872bec7dbc0 ]
Since it was added our hwcap for DIT has specified that DIT is a signed
field but this appears to be incorrect, the two values for the enumeration
are:
0b0000 NI
0b0001 IMP
which look like a normal unsigned enumeration and the in-kernel DIT usage
added by 01ab991fc0ee ("arm64: Enable data independent timing (DIT) in the
kernel") detects the feature with an unsigned enum. Fix the hwcap to specify
the field as unsigned.
Fixes:
|
||
Vincent Donnefort
|
f88336fa4a |
ANDROID: KVM: arm64: Support missing pKVM module sections
pKVM modules being rather small, it is expected for some basic sections to be missing or empty (especially rodata and data). Make those optional in the loader. Bug: 269245057 Change-Id: I874050230de5cb4b3b29d316663400bb221e2021 Signed-off-by: Vincent Donnefort <vdonnefort@google.com> |
||
|
Greg Kroah-Hartman
|
936f394ef7 |
This is the 6.1.9 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmPaFzoACgkQONu9yGCS aT6Y7Q//bOQ+QfUsJ9oi0hCQpC4L4REaM/WpqyWFn+/75KB4KDZ7IGaHAZ8UZSPQ DwZ0aoIAapQyAL7Q5WUDnG51Q07Xi4NfWPHNlz1FqAKdJu2D8uAmYP9I6M0JpEbg nV5ki8UXETkIu7EnfS7+5MjHLt99DaA+W0Z1J+qqXONRoszELUNfMdTZMoqVX5Vx gqmSpHmySt2mhSr8k4Inx5OvhF6pZ9mQVq0baUEieAcyaRXSRBBLTtOgntcYyq+R aAoCV5E+lLDZVkjntc6wKtTECD6zegfXCBqZdxQ1RUt5SBTn7K2XnGqQt+V3UbeH 5kFwUngvnpGDQeS8VuzWo+yGBLu0cp6PShP329SbO5o0bY8qRxiWfr37sxfMq/yh F947AjG2wWouCK4xle68/O6GvZNLtKJI1Z0MihpFKmeLbvL0S88rkSnhwjPQ5qBe kK8RfUATLKkl6XoTyJT/v/o+/tlAuHj3txrH3zsB0MQWuuxBkZ1JAAnmDnBCcvIJ BAr6HFRFr6kTfcREnMKkWr2EXO98DGrk0Eg9FTedm1F4RSL8iGQenTXNmRMhSxFv /MtF0sRwkstI+v7EINmmK+wNJeye03WjmWDjJVxIqOwfmGC5EfCGhGV4CfmdnBsE N18DZMZ5oc9ft/zmH9Pi/vJUlwRHDS52uQ3r7K3TYXHHveT62FE= =8rzU -----END PGP SIGNATURE----- Merge 6.1.9 into android14-6.1 Changes in 6.1.9 memory: tegra: Remove clients SID override programming memory: atmel-sdramc: Fix missing clk_disable_unprepare in atmel_ramc_probe() memory: mvebu-devbus: Fix missing clk_disable_unprepare in mvebu_devbus_probe() arm64: dts: qcom: sc8280xp: fix primary USB-DP PHY reset dmaengine: qcom: gpi: Set link_rx bit on GO TRE for rx operation dmaengine: ti: k3-udma: Do conditional decrement of UDMA_CHAN_RT_PEER_BCNT_REG soc: imx: imx8mp-blk-ctrl: enable global pixclk with HDMI_TX_PHY PD arm64: dts: imx8mp-phycore-som: Remove invalid PMIC property ARM: dts: imx6ul-pico-dwarf: Use 'clock-frequency' ARM: dts: imx7d-pico: Use 'clock-frequency' ARM: dts: imx6qdl-gw560x: Remove incorrect 'uart-has-rtscts' arm64: dts: verdin-imx8mm: fix dahlia audio playback arm64: dts: imx8mm-beacon: Fix ecspi2 pinmux arm64: dts: verdin-imx8mm: fix dev board audio playback arm64: dts: imx93-11x11-evk: correct clock and strobe pad setting ARM: imx: add missing of_node_put() soc: imx: imx8mp-blk-ctrl: don't set power device name arm64: dts: imx8mp: Fix missing GPC Interrupt arm64: dts: imx8mp: Fix power-domain typo arm64: dts: imx8mp-evk: pcie0-refclk cosmetic cleanup HID: intel_ish-hid: Add check for ishtp_dma_tx_map arm64: dts: imx8mm-venice-gw7901: fix USB2 controller OC polarity soc: imx8m: Fix incorrect check for of_clk_get_by_name() reset: ti-sci: honor TI_SCI_PROTOCOL setting when not COMPILE_TEST reset: uniphier-glue: Fix possible null-ptr-deref EDAC/highbank: Fix memory leak in highbank_mc_probe() firmware: arm_scmi: Harden shared memory access in fetch_response firmware: arm_scmi: Harden shared memory access in fetch_notification firmware: arm_scmi: Fix virtio channels cleanup on shutdown interconnect: qcom: msm8996: Provide UFS clocks to A2NoC interconnect: qcom: msm8996: Fix regmap max_register values HID: amd_sfh: Fix warning unwind goto tomoyo: fix broken dependency on *.conf.default RDMA/rxe: Fix inaccurate constants in rxe_type_info RDMA/rxe: Prevent faulty rkey generation erofs: fix kvcalloc() misuse with __GFP_NOFAIL arm64: dts: marvell: AC5/AC5X: Fix address for UART1 RDMA/core: Fix ib block iterator counter overflow IB/hfi1: Reject a zero-length user expected buffer IB/hfi1: Reserve user expected TIDs IB/hfi1: Fix expected receive setup error exit issues IB/hfi1: Immediately remove invalid memory from hardware IB/hfi1: Remove user expected buffer invalidate race affs: initialize fsdata in affs_truncate() PM: AVS: qcom-cpr: Fix an error handling path in cpr_probe() arm64: dts: qcom: msm8992: Don't use sfpb mutex arm64: dts: qcom: msm8992-libra: Fix the memory map kbuild: export top-level LDFLAGS_vmlinux only to scripts/Makefile.vmlinux kbuild: fix 'make modules' error when CONFIG_DEBUG_INFO_BTF_MODULES=y phy: ti: fix Kconfig warning and operator precedence drm/msm/gpu: Fix potential double-free NFSD: fix use-after-free in nfsd4_ssc_setup_dul() ARM: dts: at91: sam9x60: fix the ddr clock for sam9x60 drm/vc4: bo: Fix drmm_mutex_init memory hog phy: usb: sunplus: Fix potential null-ptr-deref in sp_usb_phy_probe() bpf: hash map, avoid deadlock with suitable hash mask amd-xgbe: TX Flow Ctrl Registers are h/w ver dependent amd-xgbe: Delay AN timeout during KR training bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation drm/vc4: bo: Fix unused variable warning phy: rockchip-inno-usb2: Fix missing clk_disable_unprepare() in rockchip_usb2phy_power_on() net: nfc: Fix use-after-free in local_cleanup() net: wan: Add checks for NULL for utdm in undo_uhdlc_init and unmap_si_regs net: enetc: avoid deadlock in enetc_tx_onestep_tstamp() net: lan966x: add missing fwnode_handle_put() for ports node sch_htb: Avoid grafting on htb_destroy_class_offload when destroying htb gpio: mxc: Protect GPIO irqchip RMW with bgpio spinlock gpio: mxc: Always set GPIOs used as interrupt source to INPUT mode wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid pinctrl: rockchip: fix reading pull type on rk3568 net: stmmac: Fix queue statistics reading net/sched: sch_taprio: fix possible use-after-free l2tp: convert l2tp_tunnel_list to idr l2tp: close all race conditions in l2tp_tunnel_register() net: usb: sr9700: Handle negative len net: mdio: validate parameter addr in mdiobus_get_phy() HID: check empty report_list in hid_validate_values() HID: check empty report_list in bigben_probe() net: stmmac: fix invalid call to mdiobus_get_phy() pinctrl: rockchip: fix mux route data for rk3568 ARM: dts: stm32: Fix qspi pinctrl phandle for stm32mp15xx-dhcor-som ARM: dts: stm32: Fix qspi pinctrl phandle for stm32mp15xx-dhcom-som ARM: dts: stm32: Fix qspi pinctrl phandle for stm32mp157c-emstamp-argon ARM: dts: stm32: Fix qspi pinctrl phandle for stm32mp151a-prtt1l HID: revert CHERRY_MOUSE_000C quirk block/rnbd-clt: fix wrong max ID in ida_alloc_max usb: ucsi: Ensure connector delayed work items are flushed usb: gadget: f_fs: Prevent race during ffs_ep0_queue_wait usb: gadget: f_fs: Ensure ep0req is dequeued before free_request netfilter: conntrack: handle tcp challenge acks during connection reuse Bluetooth: Fix a buffer overflow in mgmt_mesh_add() Bluetooth: hci_conn: Fix memory leaks Bluetooth: hci_sync: fix memory leak in hci_update_adv_data() Bluetooth: ISO: Avoid circular locking dependency Bluetooth: ISO: Fix possible circular locking dependency Bluetooth: hci_event: Fix Invalid wait context Bluetooth: Fix possible deadlock in rfcomm_sk_state_change net: ipa: disable ipa interrupt during suspend net/mlx5e: Avoid false lock dependency warning on tc_ht even more net/mlx5: E-switch, Fix setting of reserved fields on MODIFY_SCHEDULING_ELEMENT net/mlx5e: QoS, Fix wrongfully setting parent_element_id on MODIFY_SCHEDULING_ELEMENT net/mlx5e: Set decap action based on attr for sample net/mlx5: E-switch, Fix switchdev mode after devlink reload net: mlx5: eliminate anonymous module_init & module_exit drm/panfrost: fix GENERIC_ATOMIC64 dependency dmaengine: Fix double increment of client_count in dma_chan_get() net: macb: fix PTP TX timestamp failure due to packet padding virtio-net: correctly enable callback during start_xmit l2tp: prevent lockdep issue in l2tp_tunnel_register() HID: betop: check shape of output reports drm/i915/selftests: Unwind hugepages to drop wakeref on error cifs: fix potential deadlock in cache_refresh_path() dmaengine: xilinx_dma: call of_node_put() when breaking out of for_each_child_of_node() dmaengine: tegra: Fix memory leak in terminate_all() phy: phy-can-transceiver: Skip warning if no "max-bitrate" drm/amd/display: fix issues with driver unload net: sched: gred: prevent races when adding offloads to stats nvme-pci: fix timeout request state check tcp: avoid the lookup process failing to get sk in ehash table usb: dwc3: fix extcon dependency ptdma: pt_core_execute_cmd() should use spinlock device property: fix of node refcount leak in fwnode_graph_get_next_endpoint() w1: fix deadloop in __w1_remove_master_device() w1: fix WARNING after calling w1_process() driver core: Fix test_async_probe_init saves device in wrong array selftests/net: toeplitz: fix race on tpacket_v3 block close net: dsa: microchip: ksz9477: port map correction in ALU table entry register thermal: Validate new state in cur_state_store() thermal/core: fix error code in __thermal_cooling_device_register() thermal: core: call put_device() only after device_register() fails net: stmmac: enable all safety features by default bnxt: Do not read past the end of test names tcp: fix rate_app_limited to default to 1 scsi: iscsi: Fix multiple iSCSI session unbind events sent to userspace ASoC: SOF: pm: Set target state earlier ASoC: SOF: pm: Always tear down pipelines before DSP suspend ASoC: SOF: Add FW state to debugfs ASoC: amd: yc: Add Razer Blade 14 2022 into DMI table spi: cadence: Fix busy cycles calculation cpufreq: CPPC: Add u64 casts to avoid overflowing cpufreq: Add Tegra234 to cpufreq-dt-platdev blocklist ASoC: mediatek: mt8186: support rt5682s_max98360 ASoC: mediatek: mt8186: Add machine support for max98357a ASoC: amd: yc: Add ASUS M5402RA into DMI table ASoC: support machine driver with max98360 kcsan: test: don't put the expect array on the stack cpufreq: Add SM6375 to cpufreq-dt-platdev blocklist ASoC: fsl_micfil: Correct the number of steps on SX controls drm/msm/a6xx: Avoid gx gbit halt during rpm suspend net: usb: cdc_ether: add support for Thales Cinterion PLS62-W modem drm: Add orientation quirk for Lenovo ideapad D330-10IGL s390/debug: add _ASM_S390_ prefix to header guard s390: expicitly align _edata and _end symbols on page boundary xen/pvcalls: free active map buffer on pvcalls_front_free_map perf/x86/cstate: Add Meteor Lake support perf/x86/msr: Add Meteor Lake support perf/x86/msr: Add Emerald Rapids perf/x86/intel/uncore: Add Emerald Rapids nolibc: fix fd_set type tools/nolibc: Fix S_ISxxx macros tools/nolibc: fix missing includes causing build issues at -O0 tools/nolibc: prevent gcc from making memset() loop over itself cpufreq: armada-37xx: stop using 0 as NULL pointer ASoC: fsl_ssi: Rename AC'97 streams to avoid collisions with AC'97 CODEC ASoC: fsl-asoc-card: Fix naming of AC'97 CODEC widgets ACPI: resource: Skip IRQ override on Asus Expertbook B2402CBA drm/amdkfd: Add sync after creating vram bo drm/amdkfd: Fix NULL pointer error for GC 11.0.1 on mGPU cifs: fix potential memory leaks in session setup spi: spidev: remove debug messages that access spidev->spi without locking KVM: s390: interrupt: use READ_ONCE() before cmpxchg() scsi: hisi_sas: Use abort task set to reset SAS disks when discovered scsi: hisi_sas: Set a port invalid only if there are no devices attached when refreshing port id r8152: add vendor/device ID pair for Microsoft Devkit platform/x86: touchscreen_dmi: Add info for the CSL Panther Tab HD platform/x86: asus-nb-wmi: Add alternate mapping for KEY_CAMERA platform/x86: asus-nb-wmi: Add alternate mapping for KEY_SCREENLOCK platform/x86: asus-wmi: Add quirk wmi_ignore_fan platform/x86: asus-wmi: Ignore fan on E410MA platform/x86: simatic-ipc: correct name of a model platform/x86: simatic-ipc: add another model lockref: stop doing cpu_relax in the cmpxchg loop ata: pata_cs5535: Don't build on UML firmware: coreboot: Check size of table entry and use flex-array btrfs: zoned: enable metadata over-commit for non-ZNS setup Revert "selftests/bpf: check null propagation only neither reg is PTR_TO_BTF_ID" arm64: efi: Recover from synchronous exceptions occurring in firmware arm64: efi: Avoid workqueue to check whether EFI runtime is live arm64: efi: Account for the EFI runtime stack in stack unwinder Bluetooth: hci_sync: cancel cmd_timer if hci_open failed drm/i915: Allow panel fixed modes to have differing sync polarities drm/i915: Allow alternate fixed modes always for eDP drm/amdgpu: complete gfxoff allow signal during suspend without delay io_uring/msg_ring: fix remote queue to disabled ring wifi: mac80211: Proper mark iTXQs for resumption wifi: mac80211: Fix iTXQ AMPDU fragmentation handling sched/fair: Check if prev_cpu has highest spare cap in feec() sched/uclamp: Fix a uninitialized variable warnings vfio/type1: Respect IOMMU reserved regions in vfio_test_domain_fgsp() scsi: hpsa: Fix allocation size for scsi_host_alloc() kvm/vfio: Fix potential deadlock on vfio group_lock nfsd: don't free files unconditionally in __nfsd_file_cache_purge module: Don't wait for GOING modules ftrace: Export ftrace_free_filter() to modules tracing: Make sure trace_printk() can output as soon as it can be used trace_events_hist: add check for return value of 'create_hist_field' ftrace/scripts: Update the instructions for ftrace-bisect.sh cifs: Fix oops due to uncleared server->smbd_conn in reconnect ksmbd: add max connections parameter ksmbd: do not sign response to session request for guest login ksmbd: downgrade ndr version error message to debug ksmbd: limit pdu length size according to connection status ovl: fix tmpfile leak ovl: fail on invalid uid/gid mapping at copy up io_uring/net: cache provided buffer group value for multishot receives KVM: x86/vmx: Do not skip segment attributes if unusable bit is set KVM: arm64: GICv4.1: Fix race with doorbell on VPE activation/deactivation scsi: ufs: core: Fix devfreq deadlocks riscv: fix -Wundef warning for CONFIG_RISCV_BOOT_SPINWAIT thermal: intel: int340x: Protect trip temperature from concurrent updates regulator: dt-bindings: samsung,s2mps14: add lost samsung,ext-control-gpios ipv6: fix reachability confirmation with proxy_ndp ARM: 9280/1: mm: fix warning on phys_addr_t to void pointer assignment EDAC/device: Respect any driver-supplied workqueue polling value EDAC/qcom: Do not pass llcc_driv_data as edac_device_ctl_info's pvt_info platform/x86: thinkpad_acpi: Fix profile modes on Intel platforms drm/display/dp_mst: Correct the kref of port. drm/amd/pm: add missing AllowIHInterrupt message mapping for SMU13.0.0 drm/amdgpu: remove unconditional trap enable on add gfx11 queues drm/amdgpu/display/mst: Fix mst_state->pbn_div and slot count assignments drm/amdgpu/display/mst: limit payload to be updated one by one drm/amdgpu/display/mst: update mst_mgr relevant variable when long HPD io_uring: inline io_req_task_work_add() io_uring: inline __io_req_complete_post() io_uring: hold locks for io_req_complete_failed io_uring: use io_req_task_complete() in timeout io_uring: remove io_req_tw_post_queue io_uring: inline __io_req_complete_put() net: mana: Fix IRQ name - add PCI and queue number io_uring: always prep_async for drain requests i2c: designware: use casting of u64 in clock multiplication to avoid overflow i2c: designware: Fix unbalanced suspended flag drm/drm_vma_manager: Add drm_vma_node_allow_once() drm/i915: Fix a memory leak with reused mmap_offset iavf: fix temporary deadlock and failure to set MAC address iavf: schedule watchdog immediately when changing primary MAC netlink: prevent potential spectre v1 gadgets net: fix UaF in netns ops registration error path net: fec: Use page_pool_put_full_page when freeing rx buffers nvme: simplify transport specific device attribute handling nvme: consolidate setting the tagset flags nvme-fc: fix initialization order drm/i915/selftest: fix intel_selftest_modify_policy argument types ACPI: video: Add backlight=native DMI quirk for HP Pavilion g6-1d80nr ACPI: video: Add backlight=native DMI quirk for HP EliteBook 8460p ACPI: video: Add backlight=native DMI quirk for Asus U46E netfilter: nft_set_rbtree: Switch to node list walk for overlap detection netfilter: nft_set_rbtree: skip elements in transaction from garbage collection netlink: annotate data races around nlk->portid netlink: annotate data races around dst_portid and dst_group netlink: annotate data races around sk_state ipv4: prevent potential spectre v1 gadget in ip_metrics_convert() ipv4: prevent potential spectre v1 gadget in fib_metrics_match() net: dsa: microchip: fix probe of I2C-connected KSZ8563 net: ethernet: adi: adin1110: Fix multicast offloading netfilter: conntrack: fix vtag checks for ABORT/SHUTDOWN_COMPLETE netrom: Fix use-after-free of a listening socket. platform/x86: asus-wmi: Fix kbd_dock_devid tablet-switch reporting platform/x86: apple-gmux: Move port defines to apple-gmux.h platform/x86: apple-gmux: Add apple_gmux_detect() helper ACPI: video: Fix apple gmux detection tracing/osnoise: Use built-in RCU list checking net/sched: sch_taprio: do not schedule in taprio_reset() sctp: fail if no bound addresses can be used for a given scope riscv/kprobe: Fix instruction simulation of JALR nvme: fix passthrough csi check gpio: mxc: Unlock on error path in mxc_flip_edge() gpio: ep93xx: Fix port F hwirq numbers in handler net: ravb: Fix lack of register setting after system resumed for Gen3 net: ravb: Fix possible hang if RIS2_QFF1 happen net: mctp: add an explicit reference from a mctp_sk_key to sock net: mctp: move expiry timer delete to unhash net: mctp: hold key reference when looking up a general key net: mctp: mark socks as dead on unhash, prevent re-add thermal: intel: int340x: Add locking to int340x_thermal_get_trip_type() riscv: Move call to init_cpu_topology() to later initialization stage net/tg3: resolve deadlock in tg3_reset_task() during EEH tsnep: Fix TX queue stop/wake for multiple queues net: mdio-mux-meson-g12a: force internal PHY off on mux switch Partially revert "perf/arm-cmn: Optimise DTC counter accesses" block: ublk: move ublk_chr_class destroying after devices are removed treewide: fix up files incorrectly marked executable tools: gpio: fix -c option of gpio-event-mon Fix up more non-executable files marked executable Revert "mm/compaction: fix set skip in fast_find_migrateblock" Revert "Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI mode" Input: i8042 - add Clevo PCX0DX to i8042 quirk table x86/sev: Add SEV-SNP guest feature negotiation support acpi: Fix suspend with Xen PV dt-bindings: riscv: fix underscore requirement for multi-letter extensions dt-bindings: riscv: fix single letter canonical order x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL dt-bindings: i2c: renesas,rzv2m: Fix SoC specific string netfilter: conntrack: unify established states for SCTP paths perf/x86/amd: fix potential integer overflow on shift of a int amdgpu: fix build on non-DCN platforms. Linux 6.1.9 Change-Id: I750dee519337922880b87841f6732565961c6b0a Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Ard Biesheuvel
|
cc2a13ec84 |
arm64: efi: Account for the EFI runtime stack in stack unwinder
[ Upstream commit 7ea55715c421d22c1b63f7129cae6a654091b695 ] The EFI runtime services run from a dedicated stack now, and so the stack unwinder needs to be informed about this. Acked-by: Mark Rutland <mark.rutland@arm.com> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Ard Biesheuvel
|
cf1f38ef95 |
arm64: efi: Avoid workqueue to check whether EFI runtime is live
[ Upstream commit 8a9a1a18731eb123e35f48176380a18b9782845e ] Comparing current_work() against efi_rts_work.work is sufficient to decide whether current is currently running EFI runtime services code at any level in its call stack. However, there are other potential users of the EFI runtime stack, such as the ACPI subsystem, which may invoke efi_call_virt_pointer() directly, and so any sync exceptions occurring in firmware during those calls are currently misidentified. So instead, let's check whether the stashed value of the thread stack pointer points into current's thread stack. This can only be the case if current was interrupted while running EFI runtime code. Note that this implies that we should clear the stashed value after switching back, to avoid false positives. Reviewed-by: Mark Rutland <mark.rutland@arm.com> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Ard Biesheuvel
|
119a34527e |
arm64: efi: Recover from synchronous exceptions occurring in firmware
[ Upstream commit e8dfdf3162eb549d064b8c10b1564f7e8ee82591 ]
Unlike x86, which has machinery to deal with page faults that occur
during the execution of EFI runtime services, arm64 has nothing like
that, and a synchronous exception raised by firmware code brings down
the whole system.
With more EFI based systems appearing that were not built to run Linux
(such as the Windows-on-ARM laptops based on Qualcomm SOCs), as well as
the introduction of PRM (platform specific firmware routines that are
callable just like EFI runtime services), we are more likely to run into
issues of this sort, and it is much more likely that we can identify and
work around such issues if they don't bring down the system entirely.
Since we already use a EFI runtime services call wrapper in assembler,
we can quite easily add some code that captures the execution state at
the point where the call is made, allowing us to revert to this state
and proceed execution if the call triggered a synchronous exception.
Given that the kernel and the firmware don't share any data structures
that could end up in an indeterminate state, we can happily continue
running, as long as we mark the EFI runtime services as unavailable from
that point on.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Acked-by: Catalin Marinas <catalin.marinas@arm.com>
Stable-dep-of: 8a9a1a18731e ("arm64: efi: Avoid workqueue to check whether EFI runtime is live")
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
|
Vincent Donnefort
|
09014fb1f2 |
ANDROID: KVM: arm64: Add support for nVHE hyp events
Following the introduction of tracing buffers for the nVHE hypervisor, add the support to declare in-hypervisor events. Hypervisor events are declared into kvm_hypevents.h and can be called with trace_<event_name>(). hyp_enter and hyp_exit events are provided as an example. Bug: 229972309 Co-authored-By: Nikita Ioffe <ioffe@google.com> Change-Id: I42d110fece793112d30530154aab49049b7fa520 Signed-off-by: Vincent Donnefort <vdonnefort@google.com> Signed-off-by: Nikita Ioffe <ioffe@google.com> |