mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2025-01-01 10:45:49 +00:00
ab8beb2047
1324546 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Linus Torvalds
|
35f301dd45 |
BPF fixes:
- Fix a bug in the BPF verifier to track changes to packet data property for global functions (Eduard Zingerman) - Fix a theoretical BPF prog_array use-after-free in RCU handling of __uprobe_perf_func (Jann Horn) - Fix BPF tracing to have an explicit list of tracepoints and their arguments which need to be annotated as PTR_MAYBE_NULL (Kumar Kartikeya Dwivedi) - Fix a logic bug in the bpf_remove_insns code where a potential error would have been wrongly propagated (Anton Protopopov) - Avoid deadlock scenarios caused by nested kprobe and fentry BPF programs (Priya Bala Govindasamy) - Fix a bug in BPF verifier which was missing a size check for BTF-based context access (Kumar Kartikeya Dwivedi) - Fix a crash found by syzbot through an invalid BPF prog_array access in perf_event_detach_bpf_prog (Jiri Olsa) - Fix several BPF sockmap bugs including a race causing a refcount imbalance upon element replace (Michal Luczaj) - Fix a use-after-free from mismatching BPF program/attachment RCU flavors (Jann Horn) Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> -----BEGIN PGP SIGNATURE----- iIsEABYKADMWIQTFp0I1jqZrAX+hPRXbK58LschIgwUCZ13rdhUcZGFuaWVsQGlv Z2VhcmJveC5uZXQACgkQ2yufC7HISINfqAD7B2vX6EgTFrgy7QDepQnZsmu2qjdW fFUzPatFXXp2S3MA/16vOEoHJ4rRhBkcUK/vw3gyY5j5bYZNUTTaam5l4BcM =gkfb -----END PGP SIGNATURE----- Merge tag 'bpf-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf Pull bpf fixes from Daniel Borkmann: - Fix a bug in the BPF verifier to track changes to packet data property for global functions (Eduard Zingerman) - Fix a theoretical BPF prog_array use-after-free in RCU handling of __uprobe_perf_func (Jann Horn) - Fix BPF tracing to have an explicit list of tracepoints and their arguments which need to be annotated as PTR_MAYBE_NULL (Kumar Kartikeya Dwivedi) - Fix a logic bug in the bpf_remove_insns code where a potential error would have been wrongly propagated (Anton Protopopov) - Avoid deadlock scenarios caused by nested kprobe and fentry BPF programs (Priya Bala Govindasamy) - Fix a bug in BPF verifier which was missing a size check for BTF-based context access (Kumar Kartikeya Dwivedi) - Fix a crash found by syzbot through an invalid BPF prog_array access in perf_event_detach_bpf_prog (Jiri Olsa) - Fix several BPF sockmap bugs including a race causing a refcount imbalance upon element replace (Michal Luczaj) - Fix a use-after-free from mismatching BPF program/attachment RCU flavors (Jann Horn) * tag 'bpf-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf: (23 commits) bpf: Avoid deadlock caused by nested kprobe and fentry bpf programs selftests/bpf: Add tests for raw_tp NULL args bpf: Augment raw_tp arguments with PTR_MAYBE_NULL bpf: Revert "bpf: Mark raw_tp arguments with PTR_MAYBE_NULL" selftests/bpf: Add test for narrow ctx load for pointer args bpf: Check size for BTF-based ctx access of pointer members selftests/bpf: extend changes_pkt_data with cases w/o subprograms bpf: fix null dereference when computing changes_pkt_data of prog w/o subprogs bpf: Fix theoretical prog_array UAF in __uprobe_perf_func() bpf: fix potential error return selftests/bpf: validate that tail call invalidates packet pointers bpf: consider that tail calls invalidate packet pointers selftests/bpf: freplace tests for tracking of changes_packet_data bpf: check changes_pkt_data property for extension programs selftests/bpf: test for changing packet data from global functions bpf: track changes_pkt_data property for global functions bpf: refactor bpf_helper_changes_pkt_data to use helper number bpf: add find_containing_subprog() utility function bpf,perf: Fix invalid prog_array access in perf_event_detach_bpf_prog bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors ... |
||
|
Priya Bala Govindasamy
|
c83508da56 |
bpf: Avoid deadlock caused by nested kprobe and fentry bpf programs
BPF program types like kprobe and fentry can cause deadlocks in certain situations. If a function takes a lock and one of these bpf programs is hooked to some point in the function's critical section, and if the bpf program tries to call the same function and take the same lock it will lead to deadlock. These situations have been reported in the following bug reports. In percpu_freelist - Link: https://lore.kernel.org/bpf/CAADnVQLAHwsa+2C6j9+UC6ScrDaN9Fjqv1WjB1pP9AzJLhKuLQ@mail.gmail.com/T/ Link: https://lore.kernel.org/bpf/CAPPBnEYm+9zduStsZaDnq93q1jPLqO-PiKX9jy0MuL8LCXmCrQ@mail.gmail.com/T/ In bpf_lru_list - Link: https://lore.kernel.org/bpf/CAPPBnEajj+DMfiR_WRWU5=6A7KKULdB5Rob_NJopFLWF+i9gCA@mail.gmail.com/T/ Link: https://lore.kernel.org/bpf/CAPPBnEZQDVN6VqnQXvVqGoB+ukOtHGZ9b9U0OLJJYvRoSsMY_g@mail.gmail.com/T/ Link: https://lore.kernel.org/bpf/CAPPBnEaCB1rFAYU7Wf8UxqcqOWKmRPU1Nuzk3_oLk6qXR7LBOA@mail.gmail.com/T/ Similar bugs have been reported by syzbot. In queue_stack_maps - Link: https://lore.kernel.org/lkml/0000000000004c3fc90615f37756@google.com/ Link: https://lore.kernel.org/all/20240418230932.2689-1-hdanton@sina.com/T/ In lpm_trie - Link: https://lore.kernel.org/linux-kernel/00000000000035168a061a47fa38@google.com/T/ In ringbuf - Link: https://lore.kernel.org/bpf/20240313121345.2292-1-hdanton@sina.com/T/ Prevent kprobe and fentry bpf programs from attaching to these critical sections by removing CC_FLAGS_FTRACE for percpu_freelist.o, bpf_lru_list.o, queue_stack_maps.o, lpm_trie.o, ringbuf.o files. The bugs reported by syzbot are due to tracepoint bpf programs being called in the critical sections. This patch does not aim to fix deadlocks caused by tracepoint programs. However, it does prevent deadlocks from occurring in similar situations due to kprobe and fentry programs. Signed-off-by: Priya Bala Govindasamy <pgovind2@uci.edu> Link: https://lore.kernel.org/r/CAPPBnEZpjGnsuA26Mf9kYibSaGLm=oF6=12L21X1GEQdqjLnzQ@mail.gmail.com Signed-off-by: Alexei Starovoitov <ast@kernel.org> |
||
|
Linus Torvalds
|
a0e3919a2d |
USB driver fixes for 6.13-rc3
Here are some small USB driver fixes for some reported issues. Included in here are: - typec driver bugfixes - u_serial gadget driver bugfix for much reported and discussed issue - dwc2 bugfixes - midi gadget driver bugfix - ehci-hcd driver bugfix - other small bugfixes All of these have been in linux-next for over a week with no reported issues. Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> -----BEGIN PGP SIGNATURE----- iG0EABECAC0WIQT0tgzFv3jCIUoxPcsxR9QN2y37KQUCZ12Wwg8cZ3JlZ0Brcm9h aC5jb20ACgkQMUfUDdst+ymbWgCeKUCeGFlUanDHY1nHq72FSMiHpcUAoIvzBTx1 yUEhvtuYYZ/NBzfKI+8h =WeQD -----END PGP SIGNATURE----- Merge tag 'usb-6.13-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb Pull USB driver fixes from Greg KH: "Here are some small USB driver fixes for some reported issues. Included in here are: - typec driver bugfixes - u_serial gadget driver bugfix for much reported and discussed issue - dwc2 bugfixes - midi gadget driver bugfix - ehci-hcd driver bugfix - other small bugfixes All of these have been in linux-next for over a week with no reported issues" * tag 'usb-6.13-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb: usb: typec: ucsi: Fix connector status writing past buffer size usb: typec: ucsi: Fix completion notifications usb: dwc2: Fix HCD port connection race usb: dwc2: hcd: Fix GetPortStatus & SetPortFeature usb: dwc2: Fix HCD resume usb: gadget: u_serial: Fix the issue that gs_start_io crashed due to accessing null pointer usb: misc: onboard_usb_dev: skip suspend/resume sequence for USB5744 SMBus support usb: dwc3: xilinx: make sure pipe clock is deselected in usb2 only mode usb: core: hcd: only check primary hcd skip_phy_initialization usb: gadget: midi2: Fix interpretation of is_midi1 bits usb: dwc3: imx8mp: fix software node kernel dump usb: typec: anx7411: fix OF node reference leaks in anx7411_typec_switch_probe() usb: typec: anx7411: fix fwnode_handle reference leak usb: host: max3421-hcd: Correctly abort a USB request. dt-bindings: phy: imx8mq-usb: correct reference to usb-switch.yaml usb: ehci-hcd: fix call balance of clocks handling routines |
||
|
Linus Torvalds
|
636110be62 |
Serial driver fixes for 6.13-rc3
Here are two small serial driver fixes for 6.13-rc3. They are:
- ioport build fallout fix for the 8250 port driver that should
resolve Guenter's runtime problems
- sh-sci driver bugfix for a reported problem
Both of these have been in linux-next for a while with no reported
issues.
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
iG0EABECAC0WIQT0tgzFv3jCIUoxPcsxR9QN2y37KQUCZ12XXg8cZ3JlZ0Brcm9h
aC5jb20ACgkQMUfUDdst+ymGXACfezq1bc3UAJeZqZcDhAQrhZKiLHsAoMx76hi1
Ol6uRsbGrVi5bITDnuhl
=wF8l
-----END PGP SIGNATURE-----
Merge tag 'tty-6.13-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty
Pull serial driver fixes from Greg KH:
"Here are two small serial driver fixes for 6.13-rc3. They are:
- ioport build fallout fix for the 8250 port driver that should
resolve Guenter's runtime problems
- sh-sci driver bugfix for a reported problem
Both of these have been in linux-next for a while with no reported
issues"
* tag 'tty-6.13-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty:
tty: serial: Work around warning backtrace in serial8250_set_defaults
serial: sh-sci: Check if TX data was written to device in .tx_empty()
|
||
|
Linus Torvalds
|
3de4f6d919 |
Staging driver fixes for 6.13-rc3
Here are some small staging gpib driver build and bugfixes for issues that have been much-reported (should finally fix Guenter's build issues). There are more of these coming in later -rc releases, but for now this should fix the majority of the reported problems. All of these have been in linux-next for a while with no reported issues. Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> -----BEGIN PGP SIGNATURE----- iG0EABECAC0WIQT0tgzFv3jCIUoxPcsxR9QN2y37KQUCZ12WPQ8cZ3JlZ0Brcm9h aC5jb20ACgkQMUfUDdst+ylfwACgrG5/ZnXk/itH5OF0nQtFN1qJ6MQAn3ukxI8D PcUjyRSWy+WhrvDP+bx5 =DrPI -----END PGP SIGNATURE----- Merge tag 'staging-6.13-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging Pull staging driver fixes from Greg KH: "Here are some small staging gpib driver build and bugfixes for issues that have been much-reported (should finally fix Guenter's build issues). There are more of these coming in later -rc releases, but for now this should fix the majority of the reported problems. All of these have been in linux-next for a while with no reported issues" * tag 'staging-6.13-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging: staging: gpib: Fix i386 build issue staging: gpib: Fix faulty workaround for assignment in if staging: gpib: Workaround for ppc build failure staging: gpib: Make GPIB_NI_PCI_ISA depend on HAS_IOPORT |
||
|
Linus Torvalds
|
ec2092915d |
This push fixes a regression in rsassa-pkcs1 as well as a buffer
overrun in hisilicon/debugfs. -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEn51F/lCuNhUwmDeSxycdCkmxi6cFAmdX1JgACgkQxycdCkmx i6dCsQ//efvOZLFy9NlV+GIu89EPTBEqLR4CjrJg7SD8WTAg/RKSCcRPlsMNETkH 5o1kF8VOtRnE7SylC2wzlgGWuWOyRpsHPiqlWgEKAdzTs4w4HcDBOwo5/xHevfQ/ VYC5aQ1crJuT7tPLFqPqTwjJZ6KvG54PZsn5nbQaNlTUzsFpLns7ci7s1MzkCNu8 xHZU3yDM8e7NmXntGDnCcE1xEkwtcxqmwi2+yVDv5d18ynpOqPjcKfWg6vgw9/h5 SmTGgQ6aT9pCrBL082R48/kRkZpFFX+hyItxFMLWeeJb9+XoJWtcUyc3iY2ax3Wc grRkfBuU3p04TzHj0HoGqP6wamUsyN1aNHLv7gZSpL/LMoHhVNfPBtIe6ZMAiIpj PBDJJuYIw3wssYui10WHf339tJoJg5sRgI1W7hWlqevxCMjFfi2/EjHkswiJN/Au K9Oi3bTY6VrRpJ8noPNTqvpZVV/uoRQsXHl6fY74ID/meufSyyqPIQCRdFpLv0gU 3KINKTmofT+5C8fqv0eDNA5Zqxd28II8EWnTjoNH3BvnW8NLnXzN0PBF0HDIlWmS NoptNNIvdTMHVFLhpU31lnp1WuizKHFkGFt9ktDFEfl2qGFhcaNKS7jyy6ozRoTy ++yXc5MmXLxetVVmFTvAah+loNPbVPsCB6ZrUJHn1UxDZJr6acc= =Eo9k -----END PGP SIGNATURE----- Merge tag 'v6.13-p2' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 Pull crypto fixes from Herbert Xu: "Fix a regression in rsassa-pkcs1 as well as a buffer overrun in hisilicon/debugfs" * tag 'v6.13-p2' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: crypto: hisilicon/debugfs - fix the struct pointer incorrectly offset problem crypto: rsassa-pkcs1 - Copy source data for SG list |
||
|
Linus Torvalds
|
7824850768 |
Rust fixes for v6.13
Toolchain and infrastructure:
- Set bindgen's Rust target version to prevent issues when pairing
older rustc releases with newer bindgen releases, such as
bindgen >= 0.71.0 and rustc < 1.82 due to unsafe_extern_blocks.
drm/panic:
- Remove spurious empty line detected by a new Clippy warning.
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEPjU5OPd5QIZ9jqqOGXyLc2htIW0FAmddIZEACgkQGXyLc2ht
IW1e3A/+MLzHnRocVo5LqCc9teBSHy4dWrllXC+/hRIbsy2Ap7kYma2oFOJjHnin
FBycwYjK76CopZpRDndhye/+rO8aNIkDiKNzrYlB8YYgyIvFeUtc9SN9PGN0Ph8f
GTE+cSKdcaLDyV923uZtCorOBN1HX3EJ+QOkXByZuUVv+XP1JJBp6FM+QI/h4ATW
tMzN2EQtbecBGZkClajFusPujmtBW3PDQhxITYnSc+m7rAs7MaUFYNojEbC6+1Ux
xFGd+2oXWk9z7mCrrITuzZG4g9HnpFEns3B45UMNEfO3taHnkX4t8DVmWeao+fRA
rZfH4xPFiowpl5DoJvemdti6RqVAs2sf+Rwcj1Nr9iHhysdvfuWBGdG3gb5+3src
wmSOAxTntpILffvGNeSOCgo0x4OVE8M+DFqAt9A0QmYHKlmLxnhmWApbFk2Uu50K
7MMC9pg4d2FFF0yrZm5R/fnd5F4sX9ePE0SgKFB+bNX8k3mB11zBREXCZBrnV9vh
/wGHs+NwJF3/luAyap4BmalgdGWMpJED4aOf0t4i5ItIN9r/fO7HjRCFnrimirtP
Ty5Ty8+SJMRkO/w/QKsGdyEfGLqhebSUi8n7F9AdiWEkz0KjFRAtiU1nCKEVrbDt
wIPcs59RxRHybiXVik8vYIujVd0yJ+5FfmSSHBOxhAAoPLnW3S8=
=PU27
-----END PGP SIGNATURE-----
Merge tag 'rust-fixes-6.13' of https://github.com/Rust-for-Linux/linux
Pull rust fixes from Miguel Ojeda:
"Toolchain and infrastructure:
- Set bindgen's Rust target version to prevent issues when
pairing older rustc releases with newer bindgen releases,
such as bindgen >= 0.71.0 and rustc < 1.82 due to
unsafe_extern_blocks.
drm/panic:
- Remove spurious empty line detected by a new Clippy warning"
* tag 'rust-fixes-6.13' of https://github.com/Rust-for-Linux/linux:
rust: kbuild: set `bindgen`'s Rust target version
drm/panic: remove spurious empty line to clean warning
|
||
|
Linus Torvalds
|
115c0cc251 |
IOMMU Fixes for Linux v6.13-rc2
Including:
- Per-domain device-list locking fixes for the AMD IOMMU
driver.
- Fix incorrect use of smp_processor_id() in the NVidia-specific part
of the ARM-SMMU-v3 driver.
- Intel IOMMU driver fixes:
- Remove cache tags before disabling ATS.
- Avoid draining PRQ in sva mm release path.
- Fix qi_batch NULL pointer with nested parent domain.
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEr9jSbILcajRFYWYyK/BELZcBGuMFAmddTjQACgkQK/BELZcB
GuPJUQ/9GPxzNkavRWH4J9eCwjoQBJsquRuabfdhvOFUVdWoNSeyyHWZInic/RV8
ssUE0Vzk7nsdw1mbrtgTdGqkia/VX6Y2EGnFPQG3m+BNYw1pL91eO4oqt7dc4qMX
tmR6EQeOBI9JbgszLXXK5UDSV/mP71eFLCvKiGco77+jnUJn4g8nlJoskeP7eX7S
pR1bzrgF0vSEeDAJ5PgWjddJsrO6CCbtOEogFovQjDIMCG5zz1pAEV+MK/wWwtVO
qFY8QxwyNK5PiS9/SZvN3PKxHvdD1QQEZVgLw1NfNbG3/G5SX7Wv0DPjK02o2gAI
QjjeyB3QrxZp1dl4ZY/BuQuZx3zGNoYXW9zEQHAtcp7mHYZMXsEUe31XQ59u/YhX
vUnP9dPKZLoH0gaBN3QVkj8Ajw6NNsEAt0qFFD6r4MFm8/weAvEZfjoNa3v7Mqqs
8XPQeJV1fiLTnMgboQ5nxEIozn4eI2MM4VxpzpfhcQmpy8gYBTQsv2qNPZZiXVOv
jrLp2HWKa+nTZlVqKEGgnHC4C3A1EDOSE5kB5UaexPaisoj7G5yshuNBGVRYfB2v
zdFshEeKFaH1I7Uh8B0yjlqNZFnRzPLF3GCa/slH5QthBNVGBKGSGcfVakminrDn
rmEioHmNUnyhLGNM+y3Xu3XwEMfSXeh+VAEhPBkrTrfMjINbF88=
=B8li
-----END PGP SIGNATURE-----
Merge tag 'iommu-fixes-v6.13-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/iommu/linux
Pull iommu fixes from Joerg Roedel:
- Per-domain device-list locking fixes for the AMD IOMMU driver
- Fix incorrect use of smp_processor_id() in the NVidia-specific part
of the ARM-SMMU-v3 driver
- Intel IOMMU driver fixes:
- Remove cache tags before disabling ATS
- Avoid draining PRQ in sva mm release path
- Fix qi_batch NULL pointer with nested parent domain
* tag 'iommu-fixes-v6.13-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/iommu/linux:
iommu/vt-d: Avoid draining PRQ in sva mm release path
iommu/vt-d: Fix qi_batch NULL pointer with nested parent domain
iommu/vt-d: Remove cache tags before disabling ATS
iommu/amd: Add lockdep asserts for domain->dev_list
iommu/amd: Put list_add/del(dev_data) back under the domain->lock
iommu/tegra241-cmdqv: do not use smp_processor_id in preemptible context
|
||
|
Linus Torvalds
|
5d97859e17 |
ata fixes for 6.13-rc3
- Fix an OF node reference leak in the sata_highbank driver. -----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQSRPv8tYSvhwAzJdzjdoc3SxdoYdgUCZ10ZiQAKCRDdoc3SxdoY donaAQC6YT8jgioZKFkxNy9JMhBXFJVyjt2rtdfjFDTFwW7L2wEAm8/8/yxH1tso p4NAilo/8QHpZoRz1Y4+DUJ0SY9CQQ8= =cpo/ -----END PGP SIGNATURE----- Merge tag 'ata-6.13-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/libata/linux Pull ata fix from Damien Le Moal: - Fix an OF node reference leak in the sata_highbank driver * tag 'ata-6.13-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/libata/linux: ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() |
||
|
Wolfram Sang
|
5b6b08af1f |
i2c-host-fixes for v6.13-rc3
- Replaced jiffies with msec for timeout calculations. - Added a sentinel to the 'of_device_id' array in Nomadik. - Rounded up bus period calculation in RIIC. -----BEGIN PGP SIGNATURE----- iIwEABYIADQWIQScDfrjQa34uOld1VLaeAVmJtMtbgUCZ1xeZRYcYW5kaS5zaHl0 aUBrZXJuZWwub3JnAAoJENp4BWYm0y1uTXUA/1CUef8dQCvpiWRYIQX9XW6Jkuz0 NiH2YSlUc8b/UzphAP0W/JVhU1zGYzLfITgb0q+Yc6rw9ADtBd3EHlK3TRUyAw== =lO8o -----END PGP SIGNATURE----- Merge tag 'i2c-host-fixes-6.13-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/andi.shyti/linux into i2c/for-current i2c-host-fixes for v6.13-rc3 - Replaced jiffies with msec for timeout calculations. - Added a sentinel to the 'of_device_id' array in Nomadik. - Rounded up bus period calculation in RIIC. |
||
|
Eric Dumazet
|
429fde2d81 |
net: tun: fix tun_napi_alloc_frags()
syzbot reported the following crash [1]
Issue came with the blamed commit. Instead of going through
all the iov components, we keep using the first one
and end up with a malformed skb.
[1]
kernel BUG at net/core/skbuff.c:2849 !
Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI
CPU: 0 UID: 0 PID: 6230 Comm: syz-executor132 Not tainted 6.13.0-rc1-syzkaller-00407-g96b6fcc0ee41 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
RIP: 0010:__pskb_pull_tail+0x1568/0x1570 net/core/skbuff.c:2848
Code: 38 c1 0f 8c 32 f1 ff ff 4c 89 f7 e8 92 96 74 f8 e9 25 f1 ff ff e8 e8 ae 09 f8 48 8b 5c 24 08 e9 eb fb ff ff e8 d9 ae 09 f8 90 <0f> 0b 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90
RSP: 0018:ffffc90004cbef30 EFLAGS: 00010293
RAX: ffffffff8995c347 RBX: 00000000fffffff2 RCX: ffff88802cf45a00
RDX: 0000000000000000 RSI: 00000000fffffff2 RDI: 0000000000000000
RBP: ffff88807df0c06a R08: ffffffff8995b084 R09: 1ffff1100fbe185c
R10: dffffc0000000000 R11: ffffed100fbe185d R12: ffff888076e85d50
R13: ffff888076e85c80 R14: ffff888076e85cf4 R15: ffff888076e85c80
FS: 00007f0dca6ea6c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f0dca6ead58 CR3: 00000000119da000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<TASK>
skb_cow_data+0x2da/0xcb0 net/core/skbuff.c:5284
tipc_aead_decrypt net/tipc/crypto.c:894 [inline]
tipc_crypto_rcv+0x402/0x24e0 net/tipc/crypto.c:1844
tipc_rcv+0x57e/0x12a0 net/tipc/node.c:2109
tipc_l2_rcv_msg+0x2bd/0x450 net/tipc/bearer.c:668
__netif_receive_skb_list_ptype net/core/dev.c:5720 [inline]
__netif_receive_skb_list_core+0x8b7/0x980 net/core/dev.c:5762
__netif_receive_skb_list net/core/dev.c:5814 [inline]
netif_receive_skb_list_internal+0xa51/0xe30 net/core/dev.c:5905
gro_normal_list include/net/gro.h:515 [inline]
napi_complete_done+0x2b5/0x870 net/core/dev.c:6256
napi_complete include/linux/netdevice.h:567 [inline]
tun_get_user+0x2ea0/0x4890 drivers/net/tun.c:1982
tun_chr_write_iter+0x10d/0x1f0 drivers/net/tun.c:2057
do_iter_readv_writev+0x600/0x880
vfs_writev+0x376/0xba0 fs/read_write.c:1050
do_writev+0x1b6/0x360 fs/read_write.c:1096
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
Fixes:
|
||
|
Linus Torvalds
|
a446e965a1 |
four SMB3 client fixes, most also for stable
-----BEGIN PGP SIGNATURE----- iQGzBAABCgAdFiEE6fsu8pdIjtWE/DpLiiy9cAdyT1EFAmdcyoMACgkQiiy9cAdy T1F7UQwAnMc2zmFboxx6yiVmGOyMmeBY0hvCktByu32i+7nDa/OduISJxyFpCjId xB2RxumAnm538Kf0tNAbhZgjvNzRucQIMy8ZEMBNEEnYNfGhP75xSkAEq1/1KxAJ 7TzqAYjFdYBR6uaq6dHFSAiLwD4aX3YdCwCLEWxQNDG2FI6DLdHDALxl70DdwLcr +xrfzXpqGPloMqVj0FtDCeZ3WIEiDWt5r3m7YA23fm2YkuozWhWXzdRb8n2grQGh 8bzy/dlx+JBS2BzfgP8UqKwrPtldlaPwK/SDK8/R5mW1hAWQ7OWz73f92d+4aFrd W1e1fKYv9wXwPDB3t2DpTFWZ659ZVKnk5kZOnlHdI8sUjH+h0BDpZ+8dEZIKeafN jJxQn8sPb23u0+eH//CcbwDyanLCRSPdHRyfCRdVIK9pYT2hOcT58rtlT8NuTePv +Tttce2H38FPHvi8NVkRRcuZQkKNDak1MSykX3F8kI7MWsVt+PDIeZ/P72/SCKIL Hyj7+I1V =SLxt -----END PGP SIGNATURE----- Merge tag '6.13-rc2-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6 Pull smb client fixes from Steve French: - fix rmmod leak - two minor cleanups - fix for unlink/rename with pending i/o * tag '6.13-rc2-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6: smb: client: destroy cfid_put_wq on module exit cifs: Use str_yes_no() helper in cifs_ses_add_channel() cifs: Fix rmdir failure due to ongoing I/O on deleted file smb3: fix compiler warning in reparse code |
||
|
Linus Torvalds
|
f86135613a |
spi: Fixes for v6.13
A few fairly small fixes for v6.13, the most substatial one being disabling STIG mode for Cadence QSPI controllers on Altera SoCFPGA platforms since it doesn't work. -----BEGIN PGP SIGNATURE----- iQEzBAABCgAdFiEEreZoqmdXGLWf4p/qJNaLcl1Uh9AFAmdc1aYACgkQJNaLcl1U h9DtdQf/bLHHCCI9iV05c1besuy7CAWupvAtb+/gO86rj4khPu9CZjf6jL6j9ZvM Eu80mfBmPJh4AU7I6MB/hllEs0+Xj+TAbm9A5nSmn5u273TL09bkqjS3N6QIMTJz OS/trS+Jc/bxpXbwGKrEkxq0j/qU6MYB3v6MIjH6Q4Zfdobi5JNArpZaB/vJ8K02 iS424YT+6UI0GHvMu8wSa5ScUvn0TgovbtX/xCDxZDUN/o4JKdTgkCDAsn53m2L+ bUNv8bg/vJVB9KmCTdSOMn2z8OYTOeUgfUpsB9PSBbiLEzyIDT9Vq9UFeCC9DfOC k+eY24koHeeRc/jEqMODCVMqTUnkaw== =n/go -----END PGP SIGNATURE----- Merge tag 'spi-fix-v6.13-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi Pull spi fixes from Mark Brown: "A few fairly small fixes for v6.13, the most substatial one being disabling STIG mode for Cadence QSPI controllers on Altera SoCFPGA platforms since it doesn't work" * tag 'spi-fix-v6.13-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi: spi: spi-cadence-qspi: Disable STIG mode for Altera SoCFPGA. spi: rockchip: Fix PM runtime count on no-op cs spi: aspeed: Fix an error handling path in aspeed_spi_[read|write]_user() |
||
|
Linus Torvalds
|
4e1b4861a2 |
regulator: Fixes for v6.13
A couple of additional changes, one ensuring we give AXP717 enough time to stabalise after changing voltages which fixes serious stability issues on some platforms and another documenting the DT support required for the Qualcomm WCN6750. -----BEGIN PGP SIGNATURE----- iQEzBAABCgAdFiEEreZoqmdXGLWf4p/qJNaLcl1Uh9AFAmdc1T0ACgkQJNaLcl1U h9CBpwf/WxAUzjsowzeNcnZ+gO71QCFSxHbX5mbbS+j/msUj1PDNPBmjZ8caT0V4 3w76E6xf4UZssTF/LvEZ4RVuNHHCsUQni/0840Z3lVujVVamXpXgDgk0DBX+XWVN Kpnjoz1uFfNvPlPT28UL87rWNRAntREmiV+vGiVtw6wQ0WiA0598k/rkz8yg/uG4 TYpqiQGpksWv2t4LtAyhOMKvL7UK0+uaeu1rA6d6PXtI2/PS7cileZuglSBDtSwU Z1aGQV4E7ccJFAVEeIAIkomf+/mo4XAcsPmtul0pyODCMI//NM5imbqMI/nD/5Og 2qUJkMqHNJOhq/cdDi2h6Q5Vq/JJgg== =TEA/ -----END PGP SIGNATURE----- Merge tag 'regulator-fix-v6.13-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator Pull regulator fixes from Mark Brown: "A couple of additional changes, one ensuring we give AXP717 enough time to stabilise after changing voltages which fixes serious stability issues on some platforms and another documenting the DT support required for the Qualcomm WCN6750" * tag 'regulator-fix-v6.13-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator: regulator: axp20x: AXP717: set ramp_delay regulator: dt-bindings: qcom,qca6390-pmu: document wcn6750-pmu |
||
|
Linus Torvalds
|
e72da82d5a |
drm fixes for 6.13-rc3
i915: - Don't use indexed register writes needlessly [dsb] - Stop using non-posted DSB writes for legacy LUT [color] - Fix NULL pointer dereference in capture_engine - Fix memory leak by correcting cache object name in error handler xe: - Fix a KUNIT test error message (Mirsad Todorovac) - Fix an invalidation fence PM ref leak (Daniele) - Fix a register pool UAF (Lucas) amdgpu: - ISP hw init fix - SR-IOV fixes - Fix contiguous VRAM mapping for UVD on older GPUs - Fix some regressions due to drm scheduler changes - Workload profile fixes - Cleaner shader fix amdkfd: - Fix DMA map direction for migration - Fix a potential null pointer dereference - Cacheline size fixes - Runtime PM fix -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEEKbZHaGwW9KfbeusDHTzWXnEhr4FAmdcpCsACgkQDHTzWXnE hr6RXg//Z3nd4gM4OU5AtSrfQitBa1WkLKzFzajkn3nCU2XOIWtikDaWXrUVcXIj s1FOaALnmyVW+BypxBQSGEzBxw1kzo5P4Xlvx9cmhNyDOe0PqupYVcDytdNyOrJF w6eh36T7KMT9fhFpp64mwPURtLWkb2BmsQ5ZRHeGJ1bbcV+NyPRu6UPT0CpRhR0L 1h+maVKMpanpPzjzoxDmt6cgKLjIYq8e6JHNyOY+sn+hf0UP7eYp2D3qreasV4yK XnvizDvxoy8jmlPLHfXd5meEluDrg3zMNS0TlNfHdIOesida3qXhHK9EubxqlCeP cgbrqvw7BR2fFYozCpbkQaZtFu4dcZIoo/QmXGzMVXR/HCox20ZsmNF1G0Pigjlr 21IGYv7QDxXp5+S6OUcZOvN8Z3U7OFMZzv2+kzNbm+Y7htdQG+uZ216o0X9HVJGe Fehs31QYVpmoYu38LbXUa/LmkgSVslGwwaxqNigRykE5Eia4WzdFAPED50m53wIE 6izNamXJI+xbbwea3xSI1pLbEf/9LKADY5OaXlMxzm5jWkLQKZWeasGyJPtBDAe3 4iEfcARRCrREI+WqWku9rxh8BupJmmiJrT4mFXpW6pFdDrtjZu5rkvmX4Hh4UTZf VrlnR4R+MfEn+IoKp3M6R/830HQcFuRkJnCn7ZmOTDrl07t7Fd4= =P9h4 -----END PGP SIGNATURE----- Merge tag 'drm-fixes-2024-12-14' of https://gitlab.freedesktop.org/drm/kernel Pull drm fixes from Dave Airlie: "This is the weekly fixes pull for drm. Just has i915, xe and amdgpu changes in it. Nothing too major in here: i915: - Don't use indexed register writes needlessly [dsb] - Stop using non-posted DSB writes for legacy LUT [color] - Fix NULL pointer dereference in capture_engine - Fix memory leak by correcting cache object name in error handler xe: - Fix a KUNIT test error message (Mirsad Todorovac) - Fix an invalidation fence PM ref leak (Daniele) - Fix a register pool UAF (Lucas) amdgpu: - ISP hw init fix - SR-IOV fixes - Fix contiguous VRAM mapping for UVD on older GPUs - Fix some regressions due to drm scheduler changes - Workload profile fixes - Cleaner shader fix amdkfd: - Fix DMA map direction for migration - Fix a potential null pointer dereference - Cacheline size fixes - Runtime PM fix" * tag 'drm-fixes-2024-12-14' of https://gitlab.freedesktop.org/drm/kernel: drm/xe/reg_sr: Remove register pool drm/xe: Call invalidation_fence_fini for PT inval fences in error state drm/xe: fix the ERR_PTR() returned on failure to allocate tiny pt drm/amdkfd: pause autosuspend when creating pdd drm/amdgpu: fix when the cleaner shader is emitted drm/amdgpu: Fix ISP HW init issue drm/amdkfd: hard-code MALL cacheline size for gfx11, gfx12 drm/amdkfd: hard-code cacheline size for gfx11 drm/amdkfd: Dereference null return value drm/i915: Fix memory leak by correcting cache object name in error handler drm/i915: Fix NULL pointer dereference in capture_engine drm/i915/color: Stop using non-posted DSB writes for legacy LUT drm/i915/dsb: Don't use indexed register writes needlessly drm/amdkfd: Correct the migration DMA map direction drm/amd/pm: Set SMU v13.0.7 default workload type drm/amd/pm: Initialize power profile mode amdgpu/uvd: get ring reference from rq scheduler drm/amdgpu: fix UVD contiguous CS mapping problem drm/amdgpu: use sjt mec fw on gfx943 for sriov Revert "drm/amdgpu: Fix ISP hw init issue" |
||
|
Linus Torvalds
|
974acf9974 |
Power management documentation fix for 6.13-rc3
Fix a runtime PM documentation mistake that may mislead someone into making a coding mistake (Paul Barker). -----BEGIN PGP SIGNATURE----- iQJGBAABCAAwFiEE4fcc61cGeeHD/fCwgsRv/nhiVHEFAmdcmoQSHHJqd0Byand5 c29ja2kubmV0AAoJEILEb/54YlRxlS4P/1kZOu4s9D2i+5AjP+A1MVr8l5wzO5E9 VGW5Nt9zPTj8T3V/xOnQPUsn8tUob8wYka5hSvMxxQ4WjiunAGV4KyJjF6ZqGhDM IkMXiR+qYzy9AIzbNc+ZHUuSnDnA4AkjjlC309XYNWdduy/VOHp/CsQBqauFhS91 Sws4EDohu6s7ZYa5AipbMlA7JsoUBkwpbp8A+lxuNePFH25mnFiTLtmN2wjGrVna yM6xV7U7hJb6yzlcxzi1dUfXzP5TQ5yAVIfyzwjr8tqmtvKq7Yk2p6cxL2tKH6ab J4D/DLzBDPz++gl/q/0GxvGY4Ww2ftCD53/tr0S+8rCZmXqqf8hChH5JAl6YpEgN 5dTwgW6dDc33Am8gcrRTV+yfIZ7t1rZWmSmfWX6M2NNeFkXG00SLxhqBwDTD5zDd FTk/+Iisy+DAUQ3Eq7Vdu9LDaDawGKILkGDdZKGDKM9UmAkYfbxwe69VE7ccXnFp O2qeY0187sYWfj61hjxRdhKGWhFMmvfgRAdikAHxZCEw/v4wWySc6NUi2LaYCTWt I5J6bnbnZSnwdQHCkOeTmugkPcsCz/3HASm4CaHvRf3xBvU/B+HQJdQuSIDkg2g/ XIm2Pa9KdfeN9wBWl/425vhuFXkTK9/NoLkRRdDqv8iy9yPZ2z2Vk93N6LYASHQQ cuYdD+YqcCbz =CGTz -----END PGP SIGNATURE----- Merge tag 'pm-6.13-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm Pull power management documentation fix from Rafael Wysocki: "Fix a runtime PM documentation mistake that may mislead someone into making a coding mistake (Paul Barker)" * tag 'pm-6.13-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm: Documentation: PM: Clarify pm_runtime_resume_and_get() return value |
||
|
Linus Torvalds
|
c810e8df96 |
ACPI fixes for 6.13-rc3
- Relocate the addr->info.mem.caching check in acpi_decode_space() to
only execute it if the resource is of the correct type (Ilpo Järvinen).
- Don't release a context_mutex that was never acquired in
acpi_remove_address_space_handler() (Daniil Tatianin).
-----BEGIN PGP SIGNATURE-----
iQJGBAABCAAwFiEE4fcc61cGeeHD/fCwgsRv/nhiVHEFAmdcmhUSHHJqd0Byand5
c29ja2kubmV0AAoJEILEb/54YlRx5dgQAJTs27Hx6AKPJrE4T8nzBzCEBT7DTDDp
NhGJZuhsycvVK7eBJrdp+uCVXI5Jk9Cl+FmgxMerBbNA2oWkcxkqGLYWmJZ4e87l
uzK/7E1QUmwrDhTGu8wdeq83Wq+wTn1ZVfipt8vT/Gl/6MD1fPlKacz0HDK79uiY
FNZAcExmoJBfcRr3nYiXeFx/sgs3wKeI87W/3gp+/qdMPO5R1QAB1LBx7vif3Kte
Ns+lxVYU7uPhsHgDpRHxMPc4w0wOiilmo3irZl1vacWG4QglYOG7huIGF0/sZnQf
DjsuMJN+si3eETi4dTuHcCWFa/c8aW5UvDH+gfLycSPfXpcqcwJEPPIga/m2LQ/2
Sp4461/9g0Qf/VjnO1kQaGROFkbbYUEFvu7aJDB2pvRZGPZwCXEi1I4ElJIAXS1n
mjwj2iUesKs3DyOmAtmjZr8auQRlnt4jxkW/f5E6vSw6evNODYVYpcKdx0po/ITk
32Nim0jneQG6qpc9AhvIh9lSZ/uq8mRIM5x9emEEVbwy69SmM9lDPepmtRYMnOeP
BJJz+4w2gYeJh9oTy7eD86Qk94PZ5nPb/molvZWgyx5m9CK6R/QFuZHA6q9/vTmG
OcRKqV25zAeTJnTi6Jqr8s1FB8vc8kBTZc+SmLD2z9bUAQ/AeftSuLif0Tovoix/
NEZ2k3Xo3B7U
=+2Vq
-----END PGP SIGNATURE-----
Merge tag 'acpi-6.13-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm
Pull ACPI fixes from Rafael Wysocki:
"These fix two coding mistakes, one in the ACPI resources handling code
and one in ACPICA:
- Relocate the addr->info.mem.caching check in acpi_decode_space() to
only execute it if the resource is of the correct type (Ilpo
Järvinen)
- Don't release a context_mutex that was never acquired in
acpi_remove_address_space_handler() (Daniil Tatianin)"
* tag 'acpi-6.13-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
ACPICA: events/evxfregn: don't release the ContextMutex that was never acquired
ACPI: resource: Fix memory resource type union access
|
||
|
Alexei Starovoitov
|
a8e1a3ddf7 |
Merge branch 'explicit-raw_tp-null-arguments'
Kumar Kartikeya Dwivedi says:
====================
Explicit raw_tp NULL arguments
This set reverts the raw_tp masking changes introduced in commit
|
||
|
Kumar Kartikeya Dwivedi
|
0da1955b5b |
selftests/bpf: Add tests for raw_tp NULL args
Add tests to ensure that arguments are correctly marked based on their specified positions, and whether they get marked correctly as maybe null. For modules, all tracepoint parameters should be marked PTR_MAYBE_NULL by default. Signed-off-by: Kumar Kartikeya Dwivedi <memxor@gmail.com> Link: https://lore.kernel.org/r/20241213221929.3495062-4-memxor@gmail.com Signed-off-by: Alexei Starovoitov <ast@kernel.org> |
||
|
Kumar Kartikeya Dwivedi
|
838a10bd2e |
bpf: Augment raw_tp arguments with PTR_MAYBE_NULL
Arguments to a raw tracepoint are tagged as trusted, which carries the semantics that the pointer will be non-NULL. However, in certain cases, a raw tracepoint argument may end up being NULL. More context about this issue is available in [0]. Thus, there is a discrepancy between the reality, that raw_tp arguments can actually be NULL, and the verifier's knowledge, that they are never NULL, causing explicit NULL check branch to be dead code eliminated. A previous attempt [1], i.e. the second fixed commit, was made to simulate symbolic execution as if in most accesses, the argument is a non-NULL raw_tp, except for conditional jumps. This tried to suppress branch prediction while preserving compatibility, but surfaced issues with production programs that were difficult to solve without increasing verifier complexity. A more complete discussion of issues and fixes is available at [2]. Fix this by maintaining an explicit list of tracepoints where the arguments are known to be NULL, and mark the positional arguments as PTR_MAYBE_NULL. Additionally, capture the tracepoints where arguments are known to be ERR_PTR, and mark these arguments as scalar values to prevent potential dereference. Each hex digit is used to encode NULL-ness (0x1) or ERR_PTR-ness (0x2), shifted by the zero-indexed argument number x 4. This can be represented as follows: 1st arg: 0x1 2nd arg: 0x10 3rd arg: 0x100 ... and so on (likewise for ERR_PTR case). In the future, an automated pass will be used to produce such a list, or insert __nullable annotations automatically for tracepoints. Each compilation unit will be analyzed and results will be collated to find whether a tracepoint pointer is definitely not null, maybe null, or an unknown state where verifier conservatively marks it PTR_MAYBE_NULL. A proof of concept of this tool from Eduard is available at [3]. Note that in case we don't find a specification in the raw_tp_null_args array and the tracepoint belongs to a kernel module, we will conservatively mark the arguments as PTR_MAYBE_NULL. This is because unlike for in-tree modules, out-of-tree module tracepoints may pass NULL freely to the tracepoint. We don't protect against such tracepoints passing ERR_PTR (which is uncommon anyway), lest we mark all such arguments as SCALAR_VALUE. While we are it, let's adjust the test raw_tp_null to not perform dereference of the skb->mark, as that won't be allowed anymore, and make it more robust by using inline assembly to test the dead code elimination behavior, which should still stay the same. [0]: https://lore.kernel.org/bpf/ZrCZS6nisraEqehw@jlelli-thinkpadt14gen4.remote.csb [1]: https://lore.kernel.org/all/20241104171959.2938862-1-memxor@gmail.com [2]: https://lore.kernel.org/bpf/20241206161053.809580-1-memxor@gmail.com [3]: https://github.com/eddyz87/llvm-project/tree/nullness-for-tracepoint-params Reported-by: Juri Lelli <juri.lelli@redhat.com> # original bug Reported-by: Manu Bretelle <chantra@meta.com> # bugs in masking fix Fixes: |
||
|
Kumar Kartikeya Dwivedi
|
c00d738e16 |
bpf: Revert "bpf: Mark raw_tp arguments with PTR_MAYBE_NULL"
This patch reverts commit |
||
|
Linus Torvalds
|
c30c65f3fe |
block-6.13-20241213
-----BEGIN PGP SIGNATURE----- iQJEBAABCAAuFiEEwPw5LcreJtl1+l5K99NY+ylx4KYFAmdckwAQHGF4Ym9lQGtl cm5lbC5kawAKCRD301j7KXHgppJmD/9uUPcPm51b5E7fzD5Hqvlb22uZMYbXs1vR 1NZWdPJhMoMPBXyQ0GN7wHThvwQ8VuTcZNs8pzSJWpZMMhgsdleViDL8hedPeblt TSDc6g2gEt7TtIGIhNqq7bQNW61a+KxZz55B/qKqlJOUsW7ALPuM4m34vSMTNKw8 c/RK3PtTxSvE5nmqLzeynw2Zo7IZ0PL2NSYZ0oID9ZcGtj4ItezhshXTPLuLNuRM ppvc9u3JGyAzVJI/I0GNNW2Xo2maFWtvcWznaegowoBzjQO4Qfo9WDtn3uJFl8Di N6M7H4GASo80l+Hd1eAal3YrM53Z1RW1Mj4xaA2+vtL+p7k5tfV3WAr00hNsK9TW 401KbBGqgvrVS7Y/Y0ADVqqoCePPhblZmWbJu36Jrz0/nDGi3lPOSigYSANlxGsC t0aeeD7lRTd5qJ5+pQnVQL9uaNTXZcUPizgGGG0y9/RcNPzot54ap0/cIEM3fXEQ nd2Tv7O1lSyE5O2JCaoBY/P5ytI7LgZHDH2/ZaUZyDxKFgXSj+2NufTUGj/YmZhr ZKU6U25cFhXEkMVDV4AUUh9Dq723dYkXE4xyl00eNiz6C0J9PQ8uvrlRgC9mPJeQ g4xvyIZxkqeRmzAvUIipKQSZ5Iia1/Jtwqs1RBcda8/7w3sOmQOA9xJGjevLI8G6 he9AQP63JQ== =trxL -----END PGP SIGNATURE----- Merge tag 'block-6.13-20241213' of git://git.kernel.dk/linux Pull block fixes from Jens Axboe: - Series from Damien fixing issues with the zoned write plugging - Fix for a potential UAF in block cgroups - Fix deadlock around queue freezing and the sysfs lock - Various little cleanups and fixes * tag 'block-6.13-20241213' of git://git.kernel.dk/linux: block: Fix potential deadlock while freezing queue and acquiring sysfs_lock block: Fix queue_iostats_passthrough_show() blk-mq: Clean up blk_mq_requeue_work() mq-deadline: Remove a local variable blk-iocost: Avoid using clamp() on inuse in __propagate_weights() block: Make bio_iov_bvec_set() accept pointer to const iov_iter block: get wp_offset by bdev_offset_from_zone_start blk-cgroup: Fix UAF in blkcg_unpin_online() MAINTAINERS: update Coly Li's email address block: Prevent potential deadlocks in zone write plug error recovery dm: Fix dm-zoned-reclaim zone write pointer alignment block: Ignore REQ_NOWAIT for zone reset and zone finish operations block: Use a zone write plug BIO work for REQ_NOWAIT BIOs |
||
|
Linus Torvalds
|
2a816e4f6a |
io_uring-6.13-20241213
-----BEGIN PGP SIGNATURE----- iQJEBAABCAAuFiEEwPw5LcreJtl1+l5K99NY+ylx4KYFAmdckxAQHGF4Ym9lQGtl cm5lbC5kawAKCRD301j7KXHgpq3LD/9oZzEBKsIvAl7tPeHsmVBTaQIC8kS93gQB 8RxCZ3YJmM1Ilu/sezKnkDEbl9aVEAtgwCh04Lep42ye4tBA4eMfQ8kPj2/HWYaY Vt4vM20Ls/diGGrjSK0958F8zwBeMKZsgSYeXhNf5IyOzXX1lY+JhCg2I+MLnYNi fw5IngQBB3yZwtMk4VN35Jf5M/PvE7pww8MMarSsfYsSAawf50Fs85K5xoJ4vTWE NxYcIU7MG6bqc6qrretNhgnXnw1OeZpjivXZAJv9+0WAJkMTxJ5QPLUpD7NJDi4b GUD/+SiLaxCmXs/jib/pafXPEbcuhX4a7c3yy0Ceq94OrE7F7H52Dz7PqQ4VxAAP wU5FaFjmytx+EqwDCAk1Cgvb3LX/gD793rA4A8FP64gBhlSmaW/yeMkffO9p9/Xb BIaX8BLb5iVER5I5/BpdpTa6TPy0mzGDDAD/+/DU+V65PLa7Qnt4bDLpSgUzw0OJ EIaqOxGZVF4xi4PqMFlOZqysI+rci3kOfHCrILWxuBlxOCaspRk8HFN0eypsgLu8 NenTlQBY+fKaKK32AQEfd21in5+tNBSy+E6H3HIWwUedNk2zihSuO12muXkOsfim BG0CgSfMUzIA6Pxgd87NaE62JXQBhZ2JZQW8swIqKc1m8/p/V//9yYeH97sbZasK 7cdiHV4anQ== =0uqv -----END PGP SIGNATURE----- Merge tag 'io_uring-6.13-20241213' of git://git.kernel.dk/linux Pull io_uring fix from Jens Axboe: "A single fix for a regression introduced in the 6.13 merge window" * tag 'io_uring-6.13-20241213' of git://git.kernel.dk/linux: io_uring/rsrc: don't put/free empty buffers |
||
|
Linus Torvalds
|
1c021e7908 |
libnvdimm fixes for 6.13-rc3
- sysbot fix for out of bounds access -----BEGIN PGP SIGNATURE----- iIoEABYKADIWIQSgX9xt+GwmrJEQ+euebuN7TNx1MQUCZ1x73BQcaXJhLndlaW55 QGludGVsLmNvbQAKCRCebuN7TNx1Md/JAQC1l9Fxu9FR4UW8nA+wgU0P8XYGKqmD EqRUb82LI13f5QD/WtBQEVgBTxD5sVlMBjEGIuYE9hMZbdN0LB8wnK0HfQ8= =87RX -----END PGP SIGNATURE----- Merge tag 'libnvdimm-fixes-6.13-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm Pull libnvdimm fix from Ira Weiny: - sysbot fix for out of bounds access * tag 'libnvdimm-fixes-6.13-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm: acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl |
||
|
Leon Romanovsky
|
824927e884 |
ARC: build: Try to guess GCC variant of cross compiler
ARC GCC compiler is packaged starting from Fedora 39i and the GCC variant of cross compile tools has arc-linux-gnu- prefix and not arc-linux-. This is causing that CROSS_COMPILE variable is left unset. This change allows builds without need to supply CROSS_COMPILE argument if distro package is used. Before this change: $ make -j 128 ARCH=arc W=1 drivers/infiniband/hw/mlx4/ gcc: warning: ‘-mcpu=’ is deprecated; use ‘-mtune=’ or ‘-march=’ instead gcc: error: unrecognized command-line option ‘-mmedium-calls’ gcc: error: unrecognized command-line option ‘-mlock’ gcc: error: unrecognized command-line option ‘-munaligned-access’ [1] https://packages.fedoraproject.org/pkgs/cross-gcc/gcc-arc-linux-gnu/index.html Signed-off-by: Leon Romanovsky <leonro@nvidia.com> Signed-off-by: Vineet Gupta <vgupta@kernel.org> |
||
|
Linus Torvalds
|
4800575d8c |
Bug fixes for 6.13-rc3
* Fixes for scrub subsystem
* Fix quota crashes
* Fix sb_spino_align checons on large fsblock sizes
* Fix discarded superblock updates
* fix stuck unmount due to a locked inode
Signed-off-by: Carlos Maiolino <cem@kernel.org>
-----BEGIN PGP SIGNATURE-----
iJUEABMJAB0WIQQMHYkcUKcy4GgPe2RGdaER5QtfpgUCZ1yHBQAKCRBGdaER5Qtf
pvogAX98nf8qE2Y2I6DvXVeX+LOPWNG+WTiRpF3d8NxjhCfGn79am71YrtkHf6qC
V0halh8Bfi+SWsVqYYuJK+7/SUjGS2MzNqG0NY32wNYqAIroQA/Xh9IaQXX0q8t2
FLGWIaxWOA==
=0g8J
-----END PGP SIGNATURE-----
Merge tag 'xfs-fixes-6.13-rc3' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux
Pull xfs fixes from Carlos Maiolino:
- Fixes for scrub subsystem
- Fix quota crashes
- Fix sb_spino_align checons on large fsblock sizes
- Fix discarded superblock updates
- Fix stuck unmount due to a locked inode
* tag 'xfs-fixes-6.13-rc3' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux: (28 commits)
xfs: port xfs_ioc_start_commit to multigrain timestamps
xfs: return from xfs_symlink_verify early on V4 filesystems
xfs: fix zero byte checking in the superblock scrubber
xfs: check pre-metadir fields correctly
xfs: don't crash on corrupt /quotas dirent
xfs: don't move nondir/nonreg temporary repair files to the metadir namespace
xfs: fix sb_spino_align checks for large fsblock sizes
xfs: convert quotacheck to attach dquot buffers
xfs: attach dquot buffer to dquot log item buffer
xfs: clean up log item accesses in xfs_qm_dqflush{,_done}
xfs: separate dquot buffer reads from xfs_dqflush
xfs: don't lose solo dquot update transactions
xfs: don't lose solo superblock counter update transactions
xfs: avoid nested calls to __xfs_trans_commit
xfs: only run precommits once per transaction object
xfs: unlock inodes when erroring out of xfs_trans_alloc_dir
xfs: fix scrub tracepoints when inode-rooted btrees are involved
xfs: update btree keys correctly when _insrec splits an inode root block
xfs: fix error bailout in xfs_rtginode_create
xfs: fix null bno_hint handling in xfs_rtallocate_rtg
...
|
||
|
Linus Torvalds
|
01af50af76 |
arm64 fixes for 6.13-rc3:
- arm64 stacktrace: address some fallout from the recent changes to unwinding across exception boundaries - Ensure the arm64 signal delivery failure is recoverable - only override the return registers after all the user accesses took place - Fix the arm64 kselftest access to SVCR - only when SME is detected -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE5RElWfyWxS+3PLO2a9axLQDIXvEFAmdccV0ACgkQa9axLQDI XvHC6Q//X7A2aziMs+FTYrDc0sqK09Ur53SNyQZuA6v1dXqxLH+SbzM75n6TMv9O a5lv/1Jxw0aQPOhTsRgg7wV+svMWyOx52ouUSjFVRPocBFgnxiyyxcxgC9TmPMTh MbZPa36R7qSpfUSPK6+uOTI/eQ6cD66az4fq7Y936cyY8J1/xg5pQXSE2WWGx4nz Ryci4iksNB8IXH37twDmPvE6446Q82eLcJR9zfh+lhf+Rgx5/rNEPdqtNJPR1a7N ftVDHTvcMTLmoMsjvOkhtfjbwsGBbz4Ezji0GW3+zPcZK5EYRjUZvOnG3HD2/mds iYfh0xux0GBEsjozkIshu7wg1JqMwJJ8zBXu62/TcKHG8LG3C/k6kCr+SN7IL8p8 qzxxkkD61AxAY0aHuJ56Ao9nCLbHkAFGOJXUiyDJQALzt2KKN4aoOt+0zj35yYFz PONt4FPy3ulX6fk0XrAcI5E64hjeW/ib5wluOxb79Wn07ZYZQ/Ff42kJEMVL6VA7 bFbbYKtbjFhQQPac/TLbqtwgMX0lA6bSZ5bPhoPZys3iReVbDiGvszRsWh4WQYgX X0sujmaSMkjU1IICfZs3yABLQ0aDJKeuaKHnri9WT3iuBOjiLlChVnXqd4VRgXfy DUE6bKQ3ohHVTrIxpNcBzWUYsSAeZMPyakuCY6pxuVwzBPrOR28= =s7gn -----END PGP SIGNATURE----- Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux Pull arm64 fixes from Catalin Marinas: - arm64 stacktrace: address some fallout from the recent changes to unwinding across exception boundaries - Ensure the arm64 signal delivery failure is recoverable - only override the return registers after all the user accesses took place - Fix the arm64 kselftest access to SVCR - only when SME is detected * tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux: kselftest/arm64: abi: fix SVCR detection arm64: signal: Ensure signal delivery failure is recoverable arm64: stacktrace: Don't WARN when unwinding other tasks arm64: stacktrace: Skip reporting LR at exception boundaries |
||
|
Linus Torvalds
|
a5b3d5dfce |
RISC-V Fixes for 6.13-rc3
* A fix to avoid taking a mutex while resolving jump_labels in the mutex implementation. * A fix to avoid trying to resolve the early boot DT pointer via the linear map. * A fix to avoid trying to IPI kfence TLB flushes, as kfence might flush with IRQs disabled. * A fix to avoid calling PMD destructors on PMDs that were never constructed. -----BEGIN PGP SIGNATURE----- iQJHBAABCAAxFiEEKzw3R0RoQ7JKlDp6LhMZ81+7GIkFAmdcYiETHHBhbG1lckBk YWJiZWx0LmNvbQAKCRAuExnzX7sYif8DD/4x/V+ZDInlTpQcPpKC7LtDaNBUyZ2r 4nENb4CcHkLTJjHHKUS9WFkH+woH0hx43yDkm5AKO3RttYj41fbybhBiomeEQdbE iA6d7zQD3EFTXP+Pg/fBfzEWgMUCl9GJjtJn8ZpwqsibMOcNrfog9i/6ErPnPOKi Q5+nx/Qyg2pxKI/9kTFsJ8W39iRaFZTVltrfZHc26i96ohx1b8J93KXT2dRFvkV8 doPcJkuEAP1l52B4y+Vo3T+01LS4bVWwv2Ye5r268lLB4DkYIwk/Hh6HG0DTeAID o0TWbCREuR4gvur8ge3C6P4v7lCT+gv2tSxW9vxd1y6vMhIgRnDHYMoloDDWw352 6hTDg6akqTC4jfMFwyOFo98qze/bghCG+ELgMxhbgQamrWO7qzVZCjkgKB2Wal3b rcY5eYMPFIR0YIBHa/kQ4J6mFVGhK4sBxpB9w3Z7BSYnMU+uCXChMmxo4kSXJelt N2Ny9rYlNxxhUg6OSDXAWQAoIUHo6O89gWZyXnFlBUfaI6cnVFDwd+2F6QoRhmhu XNTHl699qcV5Unb08qd2wnCXFv0X0WVVGTPO5rFH2/HlkPoPwZIGEv/kU+U42n5p OiIteste0TH5w20knrWYHZKEnNkaONcxNqmloTK89qQL+526s65pcgPk6W1hFqow 4WpJWIgwTRdd3A== =uaBB -----END PGP SIGNATURE----- Merge tag 'riscv-for-linus-6.13-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux Pull RISC-V fixes from Palmer Dabbelt: - avoid taking a mutex while resolving jump_labels in the mutex implementation - avoid trying to resolve the early boot DT pointer via the linear map - avoid trying to IPI kfence TLB flushes, as kfence might flush with IRQs disabled - avoid calling PMD destructors on PMDs that were never constructed * tag 'riscv-for-linus-6.13-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux: riscv: mm: Do not call pmd dtor on vmemmap page table teardown riscv: Fix IPIs usage in kfence_protect_page() riscv: Fix wrong usage of __pa() on a fixmap address riscv: Fixup boot failure when CONFIG_DEBUG_RT_MUTEXES=y |
||
|
Ville Syrjälä
|
9398332f23 |
drm/modes: Avoid divide by zero harder in drm_mode_vrefresh()
drm_mode_vrefresh() is trying to avoid divide by zero by checking whether htotal or vtotal are zero. But we may still end up with a div-by-zero of vtotal*htotal*... Cc: stable@vger.kernel.org Reported-by: syzbot+622bba18029bcde672e1@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=622bba18029bcde672e1 Signed-off-by: Ville Syrjälä <ville.syrjala@linux.intel.com> Link: https://patchwork.freedesktop.org/patch/msgid/20241129042629.18280-2-ville.syrjala@linux.intel.com Reviewed-by: Jani Nikula <jani.nikula@intel.com> |
||
|
Rafael J. Wysocki
|
e14d5ae28e |
Merge branch 'acpica'
Merge an ACPICA fix for 6.13-rc3: - Don't release a context_mutex that was never acquired in acpi_remove_address_space_handler() (Daniil Tatianin). * acpica: ACPICA: events/evxfregn: don't release the ContextMutex that was never acquired |
||
|
Paolo Bonzini
|
3522c41975 |
KVM/riscv fixes for 6.13, take #1
- Replace csr_write() with csr_set() for HVIEN PMU overflow bit -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEZdn75s5e6LHDQ+f/rUjsVaLHLAcFAmdcUn0ACgkQrUjsVaLH LAcoyg//RD70/kMg4ZvE9rjNSBE7c4TemvHaCPgSpI4qM/r1HeJSMUDj+AIHvhg2 S3jwgi32oJYaSXHEknvwwtaPN61JHn/mMeTcDlNSBG0vXacoAnprmfDMKzUoYNHc Ui9bkXhmkUUjLsbaW+lTOIHgUUCaLm4hh5m6W3adslCA/AfYn8v0XKiCHYVRSAXR qOgWvo2QSyowaGf9tU9ttvaigkV9FBUyIWJyOJcxwvkcvOg/fhvYF1CkQTxJh+m1 N7C7fh5CzvdugojlWtjMIm9kAGPnhLXnuNFLGZfAkgxltAlI+nzGALAS2tdq70/n DOBbf0J2zI1zPCCGYt0nPCIyqacduJHTxHLbS7gX+nIGdfoACVtS/ir/3gNIS4RW NnMgJi7OSvnAudlmOluJdp6K8Xavk/EVxgGY7ItUXpncH2g2lOe/2C7Ihsb6x/mF xbap8hTYOtUh9jUhmjcx47CzrmkufUKGwBJAk36PsLAwRkvVqS/gsQDVuHwqhpby 66cAj0xDqq8gSg2dJhQQzOB8bUvWhozUAjoaJMpWX1UjNph9ZkqwZPsKB1YXyLsx N5OhcmGCMdVIaJ2R/wmflWZCJI4U4ycZXO9VMdOFW882JoNya6uiNohJv/fosUjF 5JXFAgbM4tJ0M+UdDyAb3k85SQ/pTIKE/aoON8VtZBefku/DyNw= =/5Vc -----END PGP SIGNATURE----- Merge tag 'kvm-riscv-fixes-6.13-1' of https://github.com/kvm-riscv/linux into HEAD KVM/riscv fixes for 6.13, take #1 - Replace csr_write() with csr_set() for HVIEN PMU overflow bit |
||
|
Sean Christopherson
|
1201f226c8 |
KVM: x86: Cache CPUID.0xD XSTATE offsets+sizes during module init
Snapshot the output of CPUID.0xD.[1..n] during kvm.ko initiliaization to avoid the overead of CPUID during runtime. The offset, size, and metadata for CPUID.0xD.[1..n] sub-leaves does not depend on XCR0 or XSS values, i.e. is constant for a given CPU, and thus can be cached during module load. On Intel's Emerald Rapids, CPUID is *wildly* expensive, to the point where recomputing XSAVE offsets and sizes results in a 4x increase in latency of nested VM-Enter and VM-Exit (nested transitions can trigger xstate_required_size() multiple times per transition), relative to using cached values. The issue is easily visible by running `perf top` while triggering nested transitions: kvm_update_cpuid_runtime() shows up at a whopping 50%. As measured via RDTSC from L2 (using KVM-Unit-Test's CPUID VM-Exit test and a slightly modified L1 KVM to handle CPUID in the fastpath), a nested roundtrip to emulate CPUID on Skylake (SKX), Icelake (ICX), and Emerald Rapids (EMR) takes: SKX 11650 ICX 22350 EMR 28850 Using cached values, the latency drops to: SKX 6850 ICX 9000 EMR 7900 The underlying issue is that CPUID itself is slow on ICX, and comically slow on EMR. The problem is exacerbated on CPUs which support XSAVES and/or XSAVEC, as KVM invokes xstate_required_size() twice on each runtime CPUID update, and because there are more supported XSAVE features (CPUID for supported XSAVE feature sub-leafs is significantly slower). SKX: CPUID.0xD.2 = 348 cycles CPUID.0xD.3 = 400 cycles CPUID.0xD.4 = 276 cycles CPUID.0xD.5 = 236 cycles <other sub-leaves are similar> EMR: CPUID.0xD.2 = 1138 cycles CPUID.0xD.3 = 1362 cycles CPUID.0xD.4 = 1068 cycles CPUID.0xD.5 = 910 cycles CPUID.0xD.6 = 914 cycles CPUID.0xD.7 = 1350 cycles CPUID.0xD.8 = 734 cycles CPUID.0xD.9 = 766 cycles CPUID.0xD.10 = 732 cycles CPUID.0xD.11 = 718 cycles CPUID.0xD.12 = 734 cycles CPUID.0xD.13 = 1700 cycles CPUID.0xD.14 = 1126 cycles CPUID.0xD.15 = 898 cycles CPUID.0xD.16 = 716 cycles CPUID.0xD.17 = 748 cycles CPUID.0xD.18 = 776 cycles Note, updating runtime CPUID information multiple times per nested transition is itself a flaw, especially since CPUID is a mandotory intercept on both Intel and AMD. E.g. KVM doesn't need to ensure emulated CPUID state is up-to-date while running L2. That flaw will be fixed in a future patch, as deferring runtime CPUID updates is more subtle than it appears at first glance, the benefits aren't super critical to have once the XSAVE issue is resolved, and caching CPUID output is desirable even if KVM's updates are deferred. Cc: Jim Mattson <jmattson@google.com> Cc: stable@vger.kernel.org Signed-off-by: Sean Christopherson <seanjc@google.com> Message-ID: <20241211013302.1347853-2-seanjc@google.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> |
||
|
Linus Torvalds
|
243f750a2d |
gpio fixes for v6.13-rc3
- fix several low-level issues in gpio-graniterapids - fix an initialization order issue that manifests itself with __counted_by() checks in gpio-ljca - don't default to y for CONFIG_GPIO_MVEBU with COMPILE_TEST enabled - move the DEFAULT_SYMBOL_NAMESPACE define before the export.h include in gpio-idio-16 -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEFp3rbAvDxGAT0sefEacuoBRx13IFAmdcOcIACgkQEacuoBRx 13Ky3g/+JZawOniCmm5vBEH5SS4lhjEMts0i0WkaH5oIhESxsLgfZO8e0ucQt4td AmVk7ingHaoY1GYL1bmhkZEELHhqrSYb0uCMMtK1AxvXOeMUdGRj2QYpdKLGdWL3 dCrWemJi8sx0UDWs4LLvR5HcoKAACB5Mu2NmOMTtuYiBB8qIfCWQ0+0Q09/yhJM8 WNhGComnuKPvVgndHrGcd5H7CTUJobyacYu3dwvzPjPC+PvC6YTrkos5xonbyx1E GQQ3bxgU/ZvuGp6OKKeugaMxJcWOcrBm7emYiCyYwcasrh3GghUAcQ8UAP9CLYSx U1AzWI1lDqNdh7a+pr+HYR43aJ8RJ8lWFKA5wlUHSZv97G4aZyFRPBIC0AI4C9os OvW/sS4IvJ/snY7dyQ7972RLEMzmSSpEDWyYdrwOCDAtRt6KGpK7GH6yQrxQJCUN 6g30wry+zzlybki0gyyQB53b8X5pth6VuDtpaPSwFPQo1JL+Z0abbIPjqJKrVZBt UoVLKAev5Jo6U5/aiPvddBMw31RPeAN2dQTuYxKI8fv9xtWMYrpa9y9Hzgt4s1HX F+Pl2cVUnM+cKWYQbk7m1s07jHMjsnaH0RCxPX54RnXaQ7hevXfBn0HeNkETN426 uZmlQIPgIB7cP2zdBDnJ6Jzgzv5mu+azIuTb11PL6JmL+DOXzhw= =nunS -----END PGP SIGNATURE----- Merge tag 'gpio-fixes-for-v6.13-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux Pull gpio fixes from Bartosz Golaszewski: - fix several low-level issues in gpio-graniterapids - fix an initialization order issue that manifests itself with __counted_by() checks in gpio-ljca - don't default to y for CONFIG_GPIO_MVEBU with COMPILE_TEST enabled - move the DEFAULT_SYMBOL_NAMESPACE define before the export.h include in gpio-idio-16 * tag 'gpio-fixes-for-v6.13-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux: gpio: idio-16: Actually make use of the GPIO_IDIO_16 symbol namespace gpio: graniterapids: Fix GPIO Ack functionality gpio: graniterapids: Check if GPIO line can be used for IRQs gpio: graniterapids: Determine if GPIO pad can be used by driver gpio: graniterapids: Fix invalid RXEVCFG register bitmask gpio: graniterapids: Fix invalid GPI_IS register offset gpio: graniterapids: Fix incorrect BAR assignment gpio: graniterapids: Fix vGPIO driver crash gpio: ljca: Initialize num before accessing item in ljca_gpio_config gpio: GPIO_MVEBU should not default to y when compile-testing |
||
|
Nilay Shroff
|
be26ba9642 |
block: Fix potential deadlock while freezing queue and acquiring sysfs_lock
For storing a value to a queue attribute, the queue_attr_store function
first freezes the queue (->q_usage_counter(io)) and then acquire
->sysfs_lock. This seems not correct as the usual ordering should be to
acquire ->sysfs_lock before freezing the queue. This incorrect ordering
causes the following lockdep splat which we are able to reproduce always
simply by accessing /sys/kernel/debug file using ls command:
[ 57.597146] WARNING: possible circular locking dependency detected
[ 57.597154] 6.12.0-10553-gb86545e02e8c #20 Tainted: G W
[ 57.597162] ------------------------------------------------------
[ 57.597168] ls/4605 is trying to acquire lock:
[ 57.597176] c00000003eb56710 (&mm->mmap_lock){++++}-{4:4}, at: __might_fault+0x58/0xc0
[ 57.597200]
but task is already holding lock:
[ 57.597207] c0000018e27c6810 (&sb->s_type->i_mutex_key#3){++++}-{4:4}, at: iterate_dir+0x94/0x1d4
[ 57.597226]
which lock already depends on the new lock.
[ 57.597233]
the existing dependency chain (in reverse order) is:
[ 57.597241]
-> #5 (&sb->s_type->i_mutex_key#3){++++}-{4:4}:
[ 57.597255] down_write+0x6c/0x18c
[ 57.597264] start_creating+0xb4/0x24c
[ 57.597274] debugfs_create_dir+0x2c/0x1e8
[ 57.597283] blk_register_queue+0xec/0x294
[ 57.597292] add_disk_fwnode+0x2e4/0x548
[ 57.597302] brd_alloc+0x2c8/0x338
[ 57.597309] brd_init+0x100/0x178
[ 57.597317] do_one_initcall+0x88/0x3e4
[ 57.597326] kernel_init_freeable+0x3cc/0x6e0
[ 57.597334] kernel_init+0x34/0x1cc
[ 57.597342] ret_from_kernel_user_thread+0x14/0x1c
[ 57.597350]
-> #4 (&q->debugfs_mutex){+.+.}-{4:4}:
[ 57.597362] __mutex_lock+0xfc/0x12a0
[ 57.597370] blk_register_queue+0xd4/0x294
[ 57.597379] add_disk_fwnode+0x2e4/0x548
[ 57.597388] brd_alloc+0x2c8/0x338
[ 57.597395] brd_init+0x100/0x178
[ 57.597402] do_one_initcall+0x88/0x3e4
[ 57.597410] kernel_init_freeable+0x3cc/0x6e0
[ 57.597418] kernel_init+0x34/0x1cc
[ 57.597426] ret_from_kernel_user_thread+0x14/0x1c
[ 57.597434]
-> #3 (&q->sysfs_lock){+.+.}-{4:4}:
[ 57.597446] __mutex_lock+0xfc/0x12a0
[ 57.597454] queue_attr_store+0x9c/0x110
[ 57.597462] sysfs_kf_write+0x70/0xb0
[ 57.597471] kernfs_fop_write_iter+0x1b0/0x2ac
[ 57.597480] vfs_write+0x3dc/0x6e8
[ 57.597488] ksys_write+0x84/0x140
[ 57.597495] system_call_exception+0x130/0x360
[ 57.597504] system_call_common+0x160/0x2c4
[ 57.597516]
-> #2 (&q->q_usage_counter(io)#21){++++}-{0:0}:
[ 57.597530] __submit_bio+0x5ec/0x828
[ 57.597538] submit_bio_noacct_nocheck+0x1e4/0x4f0
[ 57.597547] iomap_readahead+0x2a0/0x448
[ 57.597556] xfs_vm_readahead+0x28/0x3c
[ 57.597564] read_pages+0x88/0x41c
[ 57.597571] page_cache_ra_unbounded+0x1ac/0x2d8
[ 57.597580] filemap_get_pages+0x188/0x984
[ 57.597588] filemap_read+0x13c/0x4bc
[ 57.597596] xfs_file_buffered_read+0x88/0x17c
[ 57.597605] xfs_file_read_iter+0xac/0x158
[ 57.597614] vfs_read+0x2d4/0x3b4
[ 57.597622] ksys_read+0x84/0x144
[ 57.597629] system_call_exception+0x130/0x360
[ 57.597637] system_call_common+0x160/0x2c4
[ 57.597647]
-> #1 (mapping.invalidate_lock#2){++++}-{4:4}:
[ 57.597661] down_read+0x6c/0x220
[ 57.597669] filemap_fault+0x870/0x100c
[ 57.597677] xfs_filemap_fault+0xc4/0x18c
[ 57.597684] __do_fault+0x64/0x164
[ 57.597693] __handle_mm_fault+0x1274/0x1dac
[ 57.597702] handle_mm_fault+0x248/0x484
[ 57.597711] ___do_page_fault+0x428/0xc0c
[ 57.597719] hash__do_page_fault+0x30/0x68
[ 57.597727] do_hash_fault+0x90/0x35c
[ 57.597736] data_access_common_virt+0x210/0x220
[ 57.597745] _copy_from_user+0xf8/0x19c
[ 57.597754] sel_write_load+0x178/0xd54
[ 57.597762] vfs_write+0x108/0x6e8
[ 57.597769] ksys_write+0x84/0x140
[ 57.597777] system_call_exception+0x130/0x360
[ 57.597785] system_call_common+0x160/0x2c4
[ 57.597794]
-> #0 (&mm->mmap_lock){++++}-{4:4}:
[ 57.597806] __lock_acquire+0x17cc/0x2330
[ 57.597814] lock_acquire+0x138/0x400
[ 57.597822] __might_fault+0x7c/0xc0
[ 57.597830] filldir64+0xe8/0x390
[ 57.597839] dcache_readdir+0x80/0x2d4
[ 57.597846] iterate_dir+0xd8/0x1d4
[ 57.597855] sys_getdents64+0x88/0x2d4
[ 57.597864] system_call_exception+0x130/0x360
[ 57.597872] system_call_common+0x160/0x2c4
[ 57.597881]
other info that might help us debug this:
[ 57.597888] Chain exists of:
&mm->mmap_lock --> &q->debugfs_mutex --> &sb->s_type->i_mutex_key#3
[ 57.597905] Possible unsafe locking scenario:
[ 57.597911] CPU0 CPU1
[ 57.597917] ---- ----
[ 57.597922] rlock(&sb->s_type->i_mutex_key#3);
[ 57.597932] lock(&q->debugfs_mutex);
[ 57.597940] lock(&sb->s_type->i_mutex_key#3);
[ 57.597950] rlock(&mm->mmap_lock);
[ 57.597958]
*** DEADLOCK ***
[ 57.597965] 2 locks held by ls/4605:
[ 57.597971] #0: c0000000137c12f8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0xcc/0x154
[ 57.597989] #1: c0000018e27c6810 (&sb->s_type->i_mutex_key#3){++++}-{4:4}, at: iterate_dir+0x94/0x1d4
Prevent the above lockdep warning by acquiring ->sysfs_lock before
freezing the queue while storing a queue attribute in queue_attr_store
function. Later, we also found[1] another function __blk_mq_update_nr_
hw_queues where we first freeze queue and then acquire the ->sysfs_lock.
So we've also updated lock ordering in __blk_mq_update_nr_hw_queues
function and ensured that in all code paths we follow the correct lock
ordering i.e. acquire ->sysfs_lock before freezing the queue.
[1] https://lore.kernel.org/all/CAFj5m9Ke8+EHKQBs_Nk6hqd=LGXtk4mUxZUN5==ZcCjnZSBwHw@mail.gmail.com/
Reported-by: kjain@linux.ibm.com
Fixes:
|
||
|
Linus Torvalds
|
de20dc2b96 |
sound fixes for 6.13-rc3
A collection of fixes; all look small, device-specific and boring. -----BEGIN PGP SIGNATURE----- iQJCBAABCAAsFiEEIXTw5fNLNI7mMiVaLtJE4w1nLE8FAmda9xkOHHRpd2FpQHN1 c2UuZGUACgkQLtJE4w1nLE/kUA/+Jx7jW36zxRhPqRydtpmkRXGPOcsV1y6NZyD8 i0vjlW6oNHZZeOtdU4ap2CL8x6YMYnCzQhtFbZD1Lob2O2G2aUYi9tWtYWeetws1 OIB/Nj7xebJDtPl7yIrE5I9TRYGQKMT33LVopnFdihcVlQhSGmxIhJSm1C+n1Nsf gFGt2smUnaJ3dzaRXcUDaAcwoc4+DGJ4owpWJfnQae+klI+A6iiVSEoOcfoFL++q yp200Zb9Q49OUnDkqe2Nwjsqj3rSMulEtuF6S/NOiFqDR/Q6TDQfv+a1jaTPx58v OVtyeByMFV+usvq8qRPEgaAsQuWX+IukHoHEkLH3uUEt3DXAi5p2USl33bnabNv/ le+du0O1vJmYkZD72jPBtkKwDElnRs8w1BlMcrenAdjHtwfB+Wy+cW6bzugiV53K ykQV3jGEThPerXomR9etYrumsvBNW7SsaZpy+8T7WjTAS1IPHaOkitlHAI16Ejv4 F8o2SDm8pf2lBc9pGPZmOk3wJWLeLk1dn2q62wtRCD5RHFbC/Eh4JFn7hKq2rfyl am9c9fmfs+3BMHNuue8UJgsO4BV8+pUwRy5ZrG1sbUQ0ZOxqczSw+/+ehHozahBC i7DtlpJNBuOhRrZukAp3sGE0Mx6muoslZXo0CVqvFIJFgXR0BXx4Ymt8LLqOTBTl 1w0FBoE= =u9jP -----END PGP SIGNATURE----- Merge tag 'sound-6.13-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound Pull sound fixes from Takashi Iwai: "A collection of fixes; all look small, device-specific and boring" * tag 'sound-6.13-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound: ASoC: Intel: sof_sdw: Add space for a terminator into DAIs array ASoC: fsl_spdif: change IFACE_PCM to IFACE_MIXER ASoC: fsl_xcvr: change IFACE_PCM to IFACE_MIXER ASoC: tas2781: Fix calibration issue in stress test ASoC: audio-graph-card: Call of_node_put() on correct node ASoC: amd: yc: Fix the wrong return value ALSA: control: Avoid WARN() for symlink errors sound: usb: format: don't warn that raw DSD is unsupported sound: usb: enable DSD output for ddHiFi TC44C ALSA: hda/realtek: Add new alc2xx-fixup-headset-mic model ALSA: hda/ca0132: Use standard HD-audio quirk matching helpers ALSA: usb-audio: Add implicit feedback quirk for Yamaha THR5 ALSA: hda/realtek - Add support for ASUS Zen AIO 27 Z272SD_A272SD audio ALSA: hda/realtek: Fix headset mic on Acer Nitro 5 ALSA: hda: cs35l56: Remove calls to cs35l56_force_sync_asp1_registers_from_cache() |
||
|
Linus Torvalds
|
a3170b7d93 |
A single fix for a docs-build regression caused by the EXPORT_SYMBOL_NS()
mass change. -----BEGIN PGP SIGNATURE----- iQFDBAABCAAtFiEEIw+MvkEiF49krdp9F0NaE2wMflgFAmdcUaMPHGNvcmJldEBs d24ubmV0AAoJEBdDWhNsDH5YHocH+gJMedy9MoAzDORi1D22qRBYdYcjSkE1vFcu lNNoxDckzu1OnycWFfdkKG4dZct8G9JoSec3sxoofqRlHCvayrfeRanLveY7kLMv p5KK1HZSe9G7C8HXnJGoiRzmTiBzYFI8NWtCb/S1XplwzoTUeorbKSiV4EmyGdcS Dm4Hx0PK9HIij8klL9KN1QKWhpWFk5qs8Js8fJIIUZiV0T1B9VDMYAK8LjPdH7lG gKPTHT21OGF7AuIgLQBrqHwutBKSbnrfHqfoRFY/dyZQS8PXtqmMuNepCqsPAQQ0 vNuAbdAihsaFSof69Sdx8s4uw7PoTDZIf/GoWrB+B9Q9MLh75G8= =HZYa -----END PGP SIGNATURE----- Merge tag 'docs-6.13-fix' of git://git.lwn.net/linux Pull documentation fix from Jonathan Corbet: "A single fix for a docs-build regression caused by the EXPORT_SYMBOL_NS() mass change" * tag 'docs-6.13-fix' of git://git.lwn.net/linux: scripts/kernel-doc: Get -export option working again |
||
|
Linus Torvalds
|
266facde83 |
slab fixes for 6.13-rc3
-----BEGIN PGP SIGNATURE----- iQEzBAABCAAdFiEEe7vIQRWZI0iWSE3xu+CwddJFiJoFAmdb/84ACgkQu+CwddJF iJqEhQf+KHXQfZ/m7ma6bUEisjVOkUsxnpSj/DM1CP03+czqXoSEr+CHX2g1v0Os pZSOGGPTtvDgSBO0UZgo1P+sXyl0hrs2A/XrVQfKPmTfc9mPoxFTkbhI7Rv9hZfi 9OVh9kg3OE2hixD9ussGmxtFTXE3vXeu9zASa2sEdpakc3gxgeNhIklGK9r3oQuF 4aa33JpRV/oF80XAAUch5ltAO0tqQWtN50CbnoKc5cGRDuFRRdzXMMiL7gGiCctI te3sVMc6mnusdJqvp+AE10aT0iQpRWwL1lzGrgp3PuZ7DN8UQHxBIf8u8VIjyPML D2JZEYmqykKSvXbDzYBdOAF8XLEYCw== =PpHb -----END PGP SIGNATURE----- Merge tag 'slab-for-6.13-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/vbabka/slab Pull slab fix from Vlastimil Babka: - Fix for memcg unreclaimable slab stats drift when post-charging large kmalloc allocations (Shakeel Butt) * tag 'slab-for-6.13-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/vbabka/slab: memcg: slub: fix SUnreclaim for post charged objects |
||
|
Marc Zyngier
|
773c05f417 |
irqchip/gic-v3: Work around insecure GIC integrations
It appears that the relatively popular RK3399 SoC has been put together using a large amount of illicit substances, as experiments reveal that its integration of GIC500 exposes the *secure* programming interface to non-secure. This has some pretty bad effects on the way priorities are handled, and results in a dead machine if booting with pseudo-NMI enabled (irqchip.gicv3_pseudo_nmi=1) if the kernel contains |
||
|
Uros Bizjak
|
a1855f1b7c |
irqchip/gic: Correct declaration of *percpu_base pointer in union gic_base
percpu_base is used in various percpu functions that expect variable in __percpu address space. Correct the declaration of percpu_base to void __iomem * __percpu *percpu_base; to declare the variable as __percpu pointer. The patch fixes several sparse warnings: irq-gic.c:1172:44: warning: incorrect type in assignment (different address spaces) irq-gic.c:1172:44: expected void [noderef] __percpu *[noderef] __iomem *percpu_base irq-gic.c:1172:44: got void [noderef] __iomem *[noderef] __percpu * ... irq-gic.c:1231:43: warning: incorrect type in argument 1 (different address spaces) irq-gic.c:1231:43: expected void [noderef] __percpu *__pdata irq-gic.c:1231:43: got void [noderef] __percpu *[noderef] __iomem *percpu_base There were no changes in the resulting object files. Signed-off-by: Uros Bizjak <ubizjak@gmail.com> Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Acked-by: Marc Zyngier <maz@kernel.org> Link: https://lore.kernel.org/all/20241213145809.2918-2-ubizjak@gmail.com |
||
|
Krzysztof Karas
|
080b2e7b5e |
drm/display: use ERR_PTR on DP tunnel manager creation fail
Instead of returning a generic NULL on error from
drm_dp_tunnel_mgr_create(), use error pointers with informative codes
to align the function with stub that is executed when
CONFIG_DRM_DISPLAY_DP_TUNNEL is unset. This will also trigger IS_ERR()
in current caller (intel_dp_tunnerl_mgr_init()) instead of bypassing it
via NULL pointer.
v2: use error codes inside drm_dp_tunnel_mgr_create() instead of handling
on caller's side (Michal, Imre)
v3: fixup commit message and add "CC"/"Fixes" lines (Andi),
mention aligning function code with stub
Fixes:
|
||
|
Arnd Bergmann
|
8b55f88189 |
media: mediatek: vcodec: mark vdec_vp9_slice_map_counts_eob_coef noinline
With KASAN enabled, clang fails to optimize the inline version of vdec_vp9_slice_map_counts_eob_coef() properly, leading to kilobytes of temporary values spilled to the stack: drivers/media/platform/mediatek/vcodec/decoder/vdec/vdec_vp9_req_lat_if.c:1526:12: error: stack frame size (2160) exceeds limit (2048) in 'vdec_vp9_slice_update_prob' [-Werror,-Wframe-larger-than] This seems to affect all versions of clang including the latest (clang-20), but the degree of stack overhead is different per release. Marking the function as noinline_for_stack is harmless here and avoids the problem completely. Signed-off-by: Arnd Bergmann <arnd@arndb.de> Reviewed-by: Nathan Chancellor <nathan@kernel.org> Signed-off-by: Sebastian Fricke <sebastian.fricke@collabora.com> Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei@kernel.org> |
||
|
Bart Van Assche
|
a6fe7b7051 |
block: Fix queue_iostats_passthrough_show()
Make queue_iostats_passthrough_show() report 0/1 in sysfs instead of 0/4.
This patch fixes the following sparse warning:
block/blk-sysfs.c:266:31: warning: incorrect type in argument 1 (different base types)
block/blk-sysfs.c:266:31: expected unsigned long var
block/blk-sysfs.c:266:31: got restricted blk_flags_t
Cc: Keith Busch <kbusch@kernel.org>
Cc: Christoph Hellwig <hch@lst.de>
Fixes:
|
||
|
Bart Van Assche
|
312ccd4b75 |
blk-mq: Clean up blk_mq_requeue_work()
Move a statement that occurs in both branches of an if-statement in front of the if-statement. Fix a typo in a source code comment. No functionality has been changed. Reviewed-by: Damien Le Moal <dlemoal@kernel.org> Cc: Christoph Hellwig <hch@lst.de> Signed-off-by: Bart Van Assche <bvanassche@acm.org> Reviewed-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Nitesh Shetty <nj.shetty@samsung.com> Reviewed-by: Johannes Thumshirn <johannes.thumshirn@wdc.com> Link: https://lore.kernel.org/r/20241212212941.1268662-3-bvanassche@acm.org Signed-off-by: Jens Axboe <axboe@kernel.dk> |
||
|
Bart Van Assche
|
e01424fab3 |
mq-deadline: Remove a local variable
Since commit
|
||
|
Weizhao Ouyang
|
ce03573a19 |
kselftest/arm64: abi: fix SVCR detection
When using svcr_in to check ZA and Streaming Mode, we should make sure
that the value in x2 is correct, otherwise it may trigger an Illegal
instruction if FEAT_SVE and !FEAT_SME.
Fixes:
|
||
|
Lu Baolu
|
dda2b8c3c6 |
iommu/vt-d: Avoid draining PRQ in sva mm release path
When a PASID is used for SVA by a device, it's possible that the PASID entry is cleared before the device flushes all ongoing DMA requests and removes the SVA domain. This can occur when an exception happens and the process terminates before the device driver stops DMA and calls the iommu driver to unbind the PASID. There's no need to drain the PRQ in the mm release path. Instead, the PRQ will be drained in the SVA unbind path. Unfortunately, commit |
||
|
Yi Liu
|
74536f9196 |
iommu/vt-d: Fix qi_batch NULL pointer with nested parent domain
The qi_batch is allocated when assigning cache tag for a domain. While
for nested parent domain, it is missed. Hence, when trying to map pages
to the nested parent, NULL dereference occurred. Also, there is potential
memleak since there is no lock around domain->qi_batch allocation.
To solve it, add a helper for qi_batch allocation, and call it in both
the __cache_tag_assign_domain() and __cache_tag_assign_parent_domain().
BUG: kernel NULL pointer dereference, address: 0000000000000200
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD 8104795067 P4D 0
Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI
CPU: 223 UID: 0 PID: 4357 Comm: qemu-system-x86 Not tainted 6.13.0-rc1-00028-g4b50c3c3b998-dirty #2632
Call Trace:
? __die+0x24/0x70
? page_fault_oops+0x80/0x150
? do_user_addr_fault+0x63/0x7b0
? exc_page_fault+0x7c/0x220
? asm_exc_page_fault+0x26/0x30
? cache_tag_flush_range_np+0x13c/0x260
intel_iommu_iotlb_sync_map+0x1a/0x30
iommu_map+0x61/0xf0
batch_to_domain+0x188/0x250
iopt_area_fill_domains+0x125/0x320
? rcu_is_watching+0x11/0x50
iopt_map_pages+0x63/0x100
iopt_map_common.isra.0+0xa7/0x190
iopt_map_user_pages+0x6a/0x80
iommufd_ioas_map+0xcd/0x1d0
iommufd_fops_ioctl+0x118/0x1c0
__x64_sys_ioctl+0x93/0xc0
do_syscall_64+0x71/0x140
entry_SYSCALL_64_after_hwframe+0x76/0x7e
Fixes:
|
||
|
Lu Baolu
|
1f2557e08a |
iommu/vt-d: Remove cache tags before disabling ATS
The current implementation removes cache tags after disabling ATS,
leading to potential memory leaks and kernel crashes. Specifically,
CACHE_TAG_DEVTLB type cache tags may still remain in the list even
after the domain is freed, causing a use-after-free condition.
This issue really shows up when multiple VFs from different PFs
passed through to a single user-space process via vfio-pci. In such
cases, the kernel may crash with kernel messages like:
BUG: kernel NULL pointer dereference, address: 0000000000000014
PGD 19036a067 P4D 1940a3067 PUD 136c9b067 PMD 0
Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI
CPU: 74 UID: 0 PID: 3183 Comm: testCli Not tainted 6.11.9 #2
RIP: 0010:cache_tag_flush_range+0x9b/0x250
Call Trace:
<TASK>
? __die+0x1f/0x60
? page_fault_oops+0x163/0x590
? exc_page_fault+0x72/0x190
? asm_exc_page_fault+0x22/0x30
? cache_tag_flush_range+0x9b/0x250
? cache_tag_flush_range+0x5d/0x250
intel_iommu_tlb_sync+0x29/0x40
intel_iommu_unmap_pages+0xfe/0x160
__iommu_unmap+0xd8/0x1a0
vfio_unmap_unpin+0x182/0x340 [vfio_iommu_type1]
vfio_remove_dma+0x2a/0xb0 [vfio_iommu_type1]
vfio_iommu_type1_ioctl+0xafa/0x18e0 [vfio_iommu_type1]
Move cache_tag_unassign_domain() before iommu_disable_pci_caps() to fix
it.
Fixes:
|
||
|
Kevin Brodsky
|
a3b4647e2f |
arm64: signal: Ensure signal delivery failure is recoverable
Commit |
||
|
Arnd Bergmann
|
f578281000 |
Arm FF-A fix for v6.13
A single fix to address a possible race around setting ffa_dev->properties in ffa_device_register() by updating ffa_device_register() to take all the partition information received from the firmware and updating the struct ffa_device accordingly before registering the device to the bus/driver model in the kernel. -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEunHlEgbzHrJD3ZPhAEG6vDF+4pgFAmdYDl0ACgkQAEG6vDF+ 4phJ0xAAmFDEmR1DXV8lZpAt+rNzdSgeVy5PhYYfMy4flc9iK2Ei5fguQmlwPNH5 L7qTS83jtwHu70S74bSySK9PoUhRGFmhTapPhJOZAn3tfyMXxU05CKxryBx5HQLZ loAr9GdQZUQJg36+naL//+1vs+SQsDA56ZXPKyAfxXnebEq2CYTqXG0aUgwIBypS 4qaihEhqUxz5hY1GKxr0o2cPqkuT9y/x2GvJpy6TT+W9WTo+Caz/oAUDuTEYjUxb ZH89ibtEB9+lH0SdR5crgRMQECnZFIJpKSh3PTXaFjfA7N3ajoc5EkZ7clREAnUB EQ4zxIUMYl1GxveOXxHHcKg+I92COdN5qEgtsgbFE8HkIzYUE5RmDRmUPZjT6RkG dTZJx4oiiHlHciCjmiZifiwXWVSmGo41tkuNdlSqEnUCEI05v0O11biffsoT7AcD Ya4J9cIClVrEQZRNCxgW3KloKyhMwplWjsaDr9b6wjfpQocDvPG1p5E5w4blbZKz /StWuVQwWoUjis7N6WZR7eq+1nBef6nUlb6y56okwmuleGJcS1GlOs5RWgmYiOZf Wx0MAKLZsvhZJ9j1P4/dbSV2P+VyD2cvsNY9T6QHTqQ1szxjDX0JTqz/37Fk5/Ns J4BxCMgzi58YUE0Eu1YbavUuUbNpbLAuEjNFJAXBiLAmAXTX1uI= =MYqY -----END PGP SIGNATURE----- gpgsig -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEiK/NIGsWEZVxh/FrYKtH/8kJUicFAmdcNgkACgkQYKtH/8kJ Uicrxg//X9jyjwlv5ow0c3qQw0zlipVnRKyLARVt7et+6k9j1EKM1qI/3K0tAJuI Lm8eOFclU3rNazkWXHt1LKnUgutre9XAKxrQyBMRF9yNSsKxjjIekVvnaWGFZ2TF eSz5DL4fEQy1j6EDxM6wCpw84s/Sc2ApAWLQ75tZy+FU39pevFedlQdQ2nEAOdU0 gUkuUBvhIe+2P+br9rVPpzW+8njJHiM0Cal9sBAxjWSeHHVy2TlUkVpGdMfo5wzV 3B7zQ++ocfew2DbmEOYhHJi2pWbkidHkasM4I3B2fRAHrOAQ4G3aBsATXkvin+6G pf40ZiXNd8CKER306yZ7y1Ii1BtwoFbrx6Qomll+IzIrSFlijffyleCtxxXK5nHr 9zQoJJjD+P8ks7BZvrCb/xesBFNe+bc1p9U+H216pUxL1MJgSctgZL6pSx6XFSZz K/qFS0S1YWuFmt0TEa7dYf+c3g5nRlN4iNHigm/t0S2ZRsVLUoK50tPZE87h/LXl Hizu/ajQMIQvXaYG5SaXnbCRE047+bCVnpyJ/1iUZe0vbWJYxQw8M0MemYF4jLvY LXvfFutSfRrzDF7k/dEOAkutDKi7RoCPe3qk0gyUb7Y9ydhTTR7aN17ParrjFkNa lVyZWFcpr0he8xjLx7/7M48GdxHfIawQMpTVgv3DeZE2F3jA5lI= =Gaz7 -----END PGP SIGNATURE----- Merge tag 'ffa-fix-6.13' of https://git.kernel.org/pub/scm/linux/kernel/git/sudeep.holla/linux into arm/fixes Arm FF-A fix for v6.13 A single fix to address a possible race around setting ffa_dev->properties in ffa_device_register() by updating ffa_device_register() to take all the partition information received from the firmware and updating the struct ffa_device accordingly before registering the device to the bus/driver model in the kernel. * tag 'ffa-fix-6.13' of https://git.kernel.org/pub/scm/linux/kernel/git/sudeep.holla/linux: firmware: arm_ffa: Fix the race around setting ffa_dev->properties Link: https://lore.kernel.org/r/20241210101113.3232602-1-sudeep.holla@arm.com Signed-off-by: Arnd Bergmann <arnd@arndb.de> |