mirror of https://github.com/torvalds/linux.git
1427871 Commits
| Author | SHA1 | Message | Date |
|---|---|---|---|
Namjae Jeon
|
1dfd062caa |
ksmbd: fix use-after-free by using call_rcu() for oplock_info
ksmbd currently frees oplock_info immediately using kfree(), even
though it is accessed under RCU read-side critical sections in places
like opinfo_get() and proc_show_files().
Since there is no RCU grace period delay between nullifying the pointer
and freeing the memory, a reader can still access oplock_info
structure after it has been freed. This can leads to a use-after-free
especially in opinfo_get() where atomic_inc_not_zero() is called on
already freed memory.
Fix this by switching to deferred freeing using call_rcu().
Fixes:
|
|
Ali Khaledi
|
40955015fa |
ksmbd: fix use-after-free in proc_show_files due to early rcu_read_unlock
The opinfo pointer obtained via rcu_dereference(fp->f_opinfo) is
dereferenced after rcu_read_unlock(), creating a use-after-free
window. A concurrent opinfo_put() can free the opinfo between the
unlock and the subsequent access to opinfo->is_lease,
opinfo->o_lease->state, and opinfo->level.
Fix this by deferring rcu_read_unlock() until after all opinfo
field accesses are complete. The values needed (const_names, count,
level) are copied into local variables under the RCU read lock,
and the potentially-sleeping seq_printf calls happen after the
lock is released.
Found by AI-assisted code review (Claude Opus 4.6, Anthropic)
in collaboration with Ali Khaledi.
Cc: stable@vger.kernel.org
Fixes:
|
|
Guenter Roeck
|
c15e7c62fe |
smb/server: Fix another refcount leak in smb2_open()
If ksmbd_override_fsids() fails, we jump to err_out2. At that point, fp is
NULL because it hasn't been assigned dh_info.fp yet, so ksmbd_fd_put(work,
fp) will not be called. However, dh_info.fp was already inserted into the
session file table by ksmbd_reopen_durable_fd(), so it will leak in the
session file table until the session is closed.
Move fp = dh_info.fp; ahead of the ksmbd_override_fsids() check to fix the
problem.
Found by an experimental AI code review agent at Google.
Fixes:
|
|
Linus Torvalds
|
1f318b96cc | Linux 7.0-rc3 | |
|
Linus Torvalds
|
fc9f248d8c |
EFI fixes for v7.0 #2
Fix for the x86 EFI workaround keeping boot services code and data regions reserved until after SetVirtualAddressMap() completes: deferred struct page initialization may result in some of this memory to be lost permanently. -----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQQQm/3uucuRGn1Dmh0wbglWLn0tXAUCaaxHtgAKCRAwbglWLn0t XIbNAPwNjw/TSgVD+Ur//yqY7TxZSBari8aheEkXNaYHFCPImwD6A1CzNGn6rcka JzeP+6HeOO9c0xCBudcR0aRfSma3cQI= =a+XF -----END PGP SIGNATURE----- Merge tag 'efi-fixes-for-v7.0-2' of git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi Pull EFI fix from Ard Biesheuvel: "Fix for the x86 EFI workaround keeping boot services code and data regions reserved until after SetVirtualAddressMap() completes: deferred struct page initialization may result in some of this memory being lost permanently" * tag 'efi-fixes-for-v7.0-2' of git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi: x86/efi: defer freeing of boot services memory |
|
|
Linus Torvalds
|
014441d1e4 |
i2c-for-7.0-rc3
A revert for the i801 driver restoring old locking behaviour. -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEOZGx6rniZ1Gk92RdFA3kzBSgKbYFAmmtKb8ACgkQFA3kzBSg Kba5dRAAnoNtQC2qd3PneEUZs/pVK3kE+wEJ57iWPyxnSUEW0O7RcbQHoETb039N O0aSyAL/x2pI4+nMYnLOkJUwwaDjcpSdCFPpeUsmIhzZo/k19hyPaW3VmdpIF+uR K6snCwNzH4AbCh0ka9XOUH4YXINse4C2n7ZP9r5z5WZ6ANK3x8oKGC/QRM6UPaZw jXPl962lb9LQARqvG6YnUHjn+x3teHW/sD3/48IHfNeuvhKstzG9Bc+XDZD+Uc7X EGNAwI7/4tkm/0vRZXDWkuupJleqZSIUXVlb5awv0p50IqREjEnl2fdQdoR90vux oooTKv4inWw0W79VBwQeScGCHKFPV00HQkexiyePmtCGwSU3/k3BWalD+jY9CF8s W6yDR7M3gmIeNbQQXGZx6/04KVFugtQEQm9v9O7bmB7oEW01K4tAAGhfcFgmwOeN qKsmF1Dt+KefYQdtWPCZpMT/zdUTjFJs69J8omxtyo5SdU8RWaLGMegYfEwUrakH r9pt/nASAPcMTb31KAlgro2QmvHWzRVx6+Sir41tLFB5Ls4jxC/a/cH3DWIqgq8V PqZF5dvfxsa/KoXrotpQHnS9Nma3KqEJnjLwg/7LhSPxjCqhKvlTjIqDv1IP5R0e N56KYy2MRRfdWUCovnXmTViFc5fsmJk1agjjXtxHHdp8GO/njAg= =Nc8b -----END PGP SIGNATURE----- Merge tag 'i2c-for-7.0-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux Pull i2c fix from Wolfram Sang: "A revert for the i801 driver restoring old locking behaviour" * tag 'i2c-for-7.0-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux: i2c: i801: Revert "i2c: i801: replace acpi_lock with I2C bus lock" |
|
|
Linus Torvalds
|
c23719abc3 |
Miscellaneous x86 fixes:
- Fix SEV guest boot failures in certain circumstances, due
to very early code relying on a BSS-zeroed variable that
isn't actually zeroed yet an may contain non-zero bootup
values. Move the variable into the .data section go gain
even earlier zeroing.
- Expose & allow the IBPB-on-Entry feature on SNP guests,
which was not properly exposed to guests due to initial
implementational caution.
- Fix O= build failure when CONFIG_EFI_SBAT_FILE is using
relative file paths.
- 4 commits to fix the various SNC (Sub-NUMA Clustering)
topology enumeration bugs/artifacts (sched-domain build
errors mostly). SNC enumeration data got more complicated
with Granite Rapids X (GNR) and Clearwater Forest X (CWF),
which exposed these bugs and made their effects more
serious.
- Also use the now sane(r) SNC code to fix resctrl SNC
detection bugs.
- Work around a historic libgcc unwinder bug in the vdso32
sigreturn code (again), which regressed during an overly
aggressive recent cleanup of DWARF annotations.
Signed-off-by: Ingo Molnar <mingo@kernel.org>
-----BEGIN PGP SIGNATURE-----
iQJFBAABCgAvFiEEBpT5eoXrXCwVQwEKEnMQ0APhK1gFAmmsy9wRHG1pbmdvQGtl
cm5lbC5vcmcACgkQEnMQ0APhK1ieiQ/7B2Rfm5vR5rQLlAv26iEMypIwoCiCMgzA
YD3nOMFl6aGhphKryiU0b4MDhAIASN9X6mZloryUKyol1oKP0evkWXSk/0J+k+V9
lS7uIVL+8nPTSl3gQE7ARzJ9jakFN49VzDheZjsjIHC0+n+yvCJU6xSx8IKeiTSW
axpX8R33M3Fj+u5anF3m37OdFTgiYxFO0t5VNFgWP4H9367yC/wnHPuDyidAdJ/N
B7PL1L3rG3+w/4np81Xwi/rThwgsSWarVLNuMJuGM5wujMr8mQGhuWaeLiPgTx7G
wze1iarWvp5uqamGztpy/4WMD1x0yBX9CCSocnwF48Fh1yTww5+uwOZn5e5fZxYr
vDhCH6+DB8Rt3Wj+/3RBzHSFe7rNq+f86U84uxTwyOs5eC5sGUuyH15lCt4dP9ZO
uQfW0dQRwvUXCGXJxxZdIR0nq/vEJUmQ+DLLL6zkCj24t9ND5IPAkBLVn7P5PO5s
qv8dPpldSq57V4comqW8oDAqLL0OeS1qgggxlHzqAdrMmt+IVKWvteRXrkgy1m9Y
Bt0EbdghUTZkn9+FcUTorVA/pZHL5sYCiuGQxNbaaLmMWrcX4I3XnEtpzgukHh8e
BL1blJWAm/4cuhGXb4RF7AZMQgTU56greOU385Afc1Qz2lzohGO4lqgGOH8L0ZEh
KqEX1IS0ZbI=
=KlDX
-----END PGP SIGNATURE-----
Merge tag 'x86-urgent-2026-03-08' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull x86 fixes from Ingo Molnar:
- Fix SEV guest boot failures in certain circumstances, due to
very early code relying on a BSS-zeroed variable that isn't
actually zeroed yet an may contain non-zero bootup values
Move the variable into the .data section go gain even earlier
zeroing
- Expose & allow the IBPB-on-Entry feature on SNP guests, which
was not properly exposed to guests due to initial implementational
caution
- Fix O= build failure when CONFIG_EFI_SBAT_FILE is using relative
file paths
- Fix the various SNC (Sub-NUMA Clustering) topology enumeration
bugs/artifacts (sched-domain build errors mostly).
SNC enumeration data got more complicated with Granite Rapids X
(GNR) and Clearwater Forest X (CWF), which exposed these bugs
and made their effects more serious
- Also use the now sane(r) SNC code to fix resctrl SNC detection bugs
- Work around a historic libgcc unwinder bug in the vdso32 sigreturn
code (again), which regressed during an overly aggressive recent
cleanup of DWARF annotations
* tag 'x86-urgent-2026-03-08' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
x86/entry/vdso32: Work around libgcc unwinder bug
x86/resctrl: Fix SNC detection
x86/topo: Fix SNC topology mess
x86/topo: Replace x86_has_numa_in_package
x86/topo: Add topology_num_nodes_per_package()
x86/numa: Store extra copy of numa_nodes_parsed
x86/boot: Handle relative CONFIG_EFI_SBAT_FILE file paths
x86/sev: Allow IBPB-on-Entry feature for SNP guests
x86/boot/sev: Move SEV decompressor variables into the .data section
|
|
|
Linus Torvalds
|
6ff1020c2f |
Make clock_adjtime() syscall timex validation slightly more
permissive for auxiliary clocks, to not reject syscalls based on the status field that do not try to modify the status field. This makes ABI behavior in clock_adjtime() consistent with CLOCK_REALTIME. Signed-off-by: Ingo Molnar <mingo@kernel.org> -----BEGIN PGP SIGNATURE----- iQJFBAABCgAvFiEEBpT5eoXrXCwVQwEKEnMQ0APhK1gFAmmsxzkRHG1pbmdvQGtl cm5lbC5vcmcACgkQEnMQ0APhK1hq8g//fRTp9p2pVfmRWUoxWELrT/bMK1r+D6F3 6BYkwp68peRhchVrFxkI/Y37rjAIC8CXZSPuvkubqIROrH3gA7SCCQYCcZKdss+t i3lbpQF8IbagPIS5btpOAN2KRCu2S7aqjDdH0rWb9VhQdlW7fI71Z72Uz07YEA+q TWpy3gE531P/dgAqcvIAyMHnFZDCb1S6z8wZvT3SV4r4GkczfXpTFyNHHtETSu0V 7isuOBfloM4HpDU50oUotlqBiwigH27J2Ad6aIrnCA7iaQPrzREysG+8E96ShhaB g6+qaQS5gTgFryA1bggA6LzGveLOI8bjy2kZ2SnZWuFPj46OReGIuwK4kyY07jz2 xk0sd37alN16ETKhGVLfAgjmzVGoKVNnp4ak9J3VmMbxWEmXeObuOC8SmF9VImc1 4bRaG9+Tlfd4DtOOz2+E4VcPE1D9A2tMw4esgUaXRrrp4GlEcKOJ5PRlWj0uGvrh xLPLbL0XIiWsjMsHdVs4Gq9Z0MvfRHc4VLOviIqLFtHox2DscZypPkyjKAv5inp0 /VWyUYJkkr07RMQQ3nqHnP+lzAfO2aSeZ72D9NnHStL3RPbGC4jYvpoi8dnH0/TT PKJgj2jb7u3h+1cxKBi1RM0JbxUYD5+4N8zfJISa9uqkHZ3XY3VyuuT+2RHO6CQp d1BdX0V4oDA= =zjov -----END PGP SIGNATURE----- Merge tag 'timers-urgent-2026-03-08' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull timer fix from Ingo Molnar: "Make clock_adjtime() syscall timex validation slightly more permissive for auxiliary clocks, to not reject syscalls based on the status field that do not try to modify the status field. This makes the ABI behavior in clock_adjtime() consistent with CLOCK_REALTIME" * tag 'timers-urgent-2026-03-08' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: timekeeping: Fix timex status validation for auxiliary clocks |
|
|
Linus Torvalds
|
b1b9a9d0b5 |
Fix a DL scheduler bug that may corrupt internal metrics during
PI and setscheduler() syscalls, resulting in kernel warnings and misbehavior. Found during stress-testing. Signed-off-by: Ingo Molnar <mingo@kernel.org> -----BEGIN PGP SIGNATURE----- iQJFBAABCgAvFiEEBpT5eoXrXCwVQwEKEnMQ0APhK1gFAmmsxW0RHG1pbmdvQGtl cm5lbC5vcmcACgkQEnMQ0APhK1jzXRAAjqcTwaC72cd+6cnh+tE9/fcjXf1JtK5e TxdTygsgBAbXh63rD4y4cRPueqBR1ne52TAV0lI8Z1pBM/XthnaF4MJBue6B8EdX SQIE7hpOh6R81I6hnuhNoNsAy95jQvYXN5SFaKMuNacWNVX8k3vPzN5XPxa7yHLN MVUL+O9c7Xwg4v30Nz/QIv0mFoPosbh4PIdeVpD/ghJAXtXhsCg7EYOivEk9UsSy TAcq3qRnfDyroIOc5/dnSglEwX12LQqVFBba97nI/TCjaH23PsUIt2Dg2rpJbJ+k bLh4hGpOoyQvgE/PSEdoMl1F9pXw3XiUOzAGrFJdqn0iKL+7WzuTEQH+vAToGZQv 4hF5BtMjLrAYY/MVsD8qJGm/pne5nTIo2gSsG7LZPwCmMj0rDUGXfO4G8N8LHhT7 ExQ/t2+z0BczsKdvF3VKX+RweT51AOYOWcmLIdA9h1jdAy858GVmTzSWDveAEJ0L yToPQ0UMCz985g9il6Rdb5cIphD7DjuUeFNnYTCm63cVpZdA4j8Da74r4KfP2jNY tRcbiUy+A7MwqW5aERgwBtI6XCz6QZqW3svJW9yYghf40lgNGAcDCTTdf2r7g0Ho Q0pQVxEk9mXD5N1otjzSS4piLbzoMaPH1L4W6ceHN1RzBjfSJED3tmfGUHZUDqNE w33GhhQAFpA= =vP5l -----END PGP SIGNATURE----- Merge tag 'sched-urgent-2026-03-08' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull scheduler fix from Ingo Molnar: "Fix a DL scheduler bug that may corrupt internal metrics during PI and setscheduler() syscalls, resulting in kernel warnings and misbehavior. Found during stress-testing" * tag 'sched-urgent-2026-03-08' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: sched/deadline: Fix missing ENQUEUE_REPLENISH during PI de-boosting |
|
Eric Dumazet
|
1954c4f012 |
eventpoll: Convert epoll_put_uevent() to scoped user access
Saves two function calls, and one stac/clac pair. stac/clac is rather expensive on older cpus like Zen 2. A synthetic network stress test gives a ~1.5% increase of pps on AMD Zen 2. Signed-off-by: Eric Dumazet <edumazet@google.com> Cc: Christophe Leroy <christophe.leroy@csgroup.eu> Cc: Dave Hansen <dave.hansen@intel.com> Cc: Kuniyuki Iwashima <kuniyu@google.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
|
|
Linus Torvalds
|
3b5d535c63 |
SCSI fixes on 20260307
Two core changes and the rest in drivers, one core change to quirk the behaviour of the Iomega Zip drive and one to fix a hang caused by tag reallocation problems, which has mostly been seen by the iscsi client. Note the latter fixes the problem but still has a slight sysfs memory leak, so will be amended in the next pull request (once we've run the fix for the fix through our testing). Signed-off-by: James E.J. Bottomley <James.Bottomley@HansenPartnership.com> -----BEGIN PGP SIGNATURE----- iLgEABMIAGAWIQTnYEDbdso9F2cI+arnQslM7pishQUCaaxT0hsUgAAAAAAEAA5t YW51MiwyLjUrMS4xMiwyLDImHGphbWVzLmJvdHRvbWxleUBoYW5zZW5wYXJ0bmVy c2hpcC5jb20ACgkQ50LJTO6YrIVmDwD+P17JCAk+Ju0aNSnjEmIjUC2oI1S+9GdO thbkK99vClABAOOkDvHopBBhfsilTpHBYjWFM34vC/iiaO/xfgd9YH2A =kIDx -----END PGP SIGNATURE----- Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi Pull SCSI fixes from James Bottomley: "Two core changes and the rest in drivers, one core change to quirk the behaviour of the Iomega Zip drive and one to fix a hang caused by tag reallocation problems, which has mostly been seen by the iscsi client. Note the latter fixes the problem but still has a slight sysfs memory leak, so will be amended in the next pull request (once we've run the fix for the fix through our testing)" * tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi: scsi: target: Fix recursive locking in __configfs_open_file() scsi: devinfo: Add BLIST_SKIP_IO_HINTS for Iomega ZIP scsi: mpi3mr: Clear reset history on ready and recheck state after timeout scsi: core: Fix refcount leak for tagset_refcnt |
|
|
Linus Torvalds
|
fb07430e6f |
fbdev fixes for kernel v7.0-rc3:
Silence build error in au1100fb driver found by kernel test robot -----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQS86RI+GtKfB8BJu973ErUQojoPXwUCaayLiwAKCRD3ErUQojoP X1pVAP4/j6LjBX862nFgtxS5XC4YBkpGRLYwO2WJMec+4sO5fQD/ThrowpuzZfPl FhD/6WtMS4zPCDfNeqIKAo/JySez+w8= =2Tha -----END PGP SIGNATURE----- Merge tag 'fbdev-for-7.0-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/linux-fbdev Pull fbdev fix from Helge Deller: "Silence build error in au1100fb driver found by kernel test robot" * tag 'fbdev-for-7.0-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/linux-fbdev: fbdev: au1100fb: Fix build on MIPS64 |
|
|
Linus Torvalds
|
6deccafcb4 |
parisc architecture fixes for kernel v7.0-rc3:
Three initial kernel mapping fixes -----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQS86RI+GtKfB8BJu973ErUQojoPXwUCaayE4AAKCRD3ErUQojoP X4U4AQDtHPc9nlM3areu5yTQnOcPTExuEoIpvBm9ktwNCdrwCgEAt4tqv3hhxCvG /lwb6XBCHfyw3d/AsTRbOIH1MGCnaQQ= =itGt -----END PGP SIGNATURE----- Merge tag 'parisc-for-7.0-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux Pull parisc fixes from Helge Deller: "While testing Sasha Levin's 'kallsyms: embed source file:line info in kernel stack traces' patch series, which increases the typical kernel image size, I found some issues with the parisc initial kernel mapping which may prevent the kernel to boot. The three small patches here fix this" * tag 'parisc-for-7.0-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux: parisc: Fix initial page table creation for boot parisc: Check kernel mapping earlier at bootup parisc: Increase initial mapping to 64 MB with KALLSYMS |
|
|
Linus Torvalds
|
8b7f4cd3ac |
bpf-fixes
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEE+soXsSLHKoYyzcli6rmadz2vbToFAmmsahoACgkQ6rmadz2v bToD4Q/9Hr2lAELsTRZIENBTYYTfk48Rzrr+rJbZWLfX4nOu9RwhVboTw0gvJr8r QEteYO8+gP5hrIuifcC+vdzW12CpgziBK7/Qj2NB7MGSX0ZCLK0ShQK6TAbNE8uZ xA4qMcJp0BWJpgfU51z4Ur5nMzG0Th2XlY+SGwHYZ/53qRMmP7Tr8R9wPltKuEll J+tS6BE6bFKMQe1CuIYlYfYj9kO3j4yx9S48j1e8x9LXc2/2arfsOIZQ6L11rnxZ YTa9jbcRL0YdLy7d4hMLyPQquF9hiHDrJLJih+YNmbyOCPGD3HP0ib2c2g0ip+qk WlNFLc2K9w0eS02uuAytaxwArdOpDUHG+skWe+dGt95Bk3Xld0hW/JSI5hrohM1E 0YKjuZeGGvTkI5FJ5kk+BWoApy+FveiN1w7VsHZgr1tix5NRZRgJP/5swM+0eSp/ neTzp08fC10gi+GOnUpdF/lI4wEayoGMpo68BTGiM/hP6Qh268wNWgTHaau3Sk/z wfJb90VTcDHk+N8mnbi4970RZ6OdqX2n7aBy8D7hBW31kHhP27zofzYX51CFD8Ln 5NQDU3wX/hUw9tNwoghCNe12//gfDBi6rO/GoEztNFfVVef4QuzsfwKKdxzUMc9a jZvyDyGh87rGLauDWylq4s23vgxgIG/p114uv+eFp3AMkOfT/Dk= =knWl -----END PGP SIGNATURE----- Merge tag 'bpf-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf Pull bpf fixes from Alexei Starovoitov: - Fix u32/s32 bounds when ranges cross min/max boundary (Eduard Zingerman) - Fix precision backtracking with linked registers (Eduard Zingerman) - Fix linker flags detection for resolve_btfids (Ihor Solodrai) - Fix race in update_ftrace_direct_add/del (Jiri Olsa) - Fix UAF in bpf_trampoline_link_cgroup_shim (Lang Xu) * tag 'bpf-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf: resolve_btfids: Fix linker flags detection selftests/bpf: add reproducer for spurious precision propagation through calls bpf: collect only live registers in linked regs Revert "selftests/bpf: Update reg_bound range refinement logic" selftests/bpf: test refining u32/s32 bounds when ranges cross min/max boundary bpf: Fix u32/s32 bounds when ranges cross min/max boundary bpf: Fix a UAF issue in bpf_trampoline_link_cgroup_shim ftrace: Add missing ftrace_lock to update_ftrace_direct_add/del |
|
|
Linus Torvalds
|
03dcad79ee |
RCU fixes for v7.0
Fix a regression in RCU torture test pre-defined scenarios caused by commit |
|
|
Linus Torvalds
|
aed0af05a8 |
tracing fixes for 7.0:
- Fix possible NULL pointer dereference in trace_data_alloc()
On the error path in trace_data_alloc(), it can call trigger_data_free()
with a NULL pointer. This use to be a kfree() but was changed to
trigger_data_free() to clean up any partial initialization. The issue is
that trigger_data_free() does not expect a NULL pointer. Have
trigger_data_free() return safely on NULL pointer.
- Fix multiple events on the command line and bootconfig
If multiple events are enabled on the command line separately and not
grouped, only the last event gets enabled. That is:
trace_event=sched_switch trace_event=sched_waking
Will only enable sched_waking where as:
trace_event=sched_switch,sched_waking
Will enable both.
The bootconfig makes it even worse as the second way is the more common
method.
The issue is that a temporary buffer is used to store the events to enable
later in boot. Each time the cmdline callback is called, it overwrites
what was previously there.
Have the callback append the next value (delimited by a comma) if the
temporary buffer already has content.
- Fix command line trace_buffer_size if >= 2G
The logic to allocate the trace buffer uses "int" for the size parameter
in the command line code causing overflow issues if more that 2G is
specified.
-----BEGIN PGP SIGNATURE-----
iIoEABYKADIWIQRRSw7ePDh/lE+zeZMp5XQQmuv6qgUCaaxEIRQccm9zdGVkdEBn
b29kbWlzLm9yZwAKCRAp5XQQmuv6qn+QAQCM6aJm0ZqDD2dM262M1mQpkU7sW3Dz
hZfBpo3YlH55fQEAklsaD96+yKN7PLl1Vh4c0zCelMHZA7kgck/3GqaFAgA=
=rn/Z
-----END PGP SIGNATURE-----
Merge tag 'trace-v7.0-rc2-2' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace
Pull tracing fixes from Steven Rostedt:
- Fix possible NULL pointer dereference in trace_data_alloc()
On the trace_data_alloc() error path, it can call trigger_data_free()
with a NULL pointer. This used to be a kfree() but was changed to
trigger_data_free() to clean up any partial initialization. The issue
is that trigger_data_free() does not expect a NULL pointer. Have
trigger_data_free() return safely on NULL pointer.
- Fix multiple events on the command line and bootconfig
If multiple events are enabled on the command line separately and not
grouped, only the last event gets enabled. That is:
trace_event=sched_switch trace_event=sched_waking
will only enable sched_waking whereas:
trace_event=sched_switch,sched_waking
will enable both.
The bootconfig makes it even worse as the second way is the more
common method.
The issue is that a temporary buffer is used to store the events to
enable later in boot. Each time the cmdline callback is called, it
overwrites what was previously there.
Have the callback append the next value (delimited by a comma) if the
temporary buffer already has content.
- Fix command line trace_buffer_size if >= 2G
The logic to allocate the trace buffer uses "int" for the size
parameter in the command line code causing overflow issues if more
that 2G is specified.
* tag 'trace-v7.0-rc2-2' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace:
tracing: Fix trace_buf_size= cmdline parameter with sizes >= 2G
tracing: Fix enabling multiple events on the kernel command line and bootconfig
tracing: Add NULL pointer check to trigger_data_free()
|
|
Ihor Solodrai
|
b0dcdcb9ae |
resolve_btfids: Fix linker flags detection
The "|| echo -lzstd" default makes zstd an unconditional link
dependency of resolve_btfids. On systems where libzstd-dev is not
installed and pkg-config fails, the linker fails:
ld: cannot find -lzstd: No such file or directory
libzstd is a transitive dependency of libelf, so the -lzstd flag is
strictly necessary only for static builds [1].
Remove ZSTD_LIBS variable, and instead set LIBELF_LIBS depending on
whether the build is static or not. Use $(HOSTPKG_CONFIG) as primary
source of the flags list.
Also add a default value for HOSTPKG_CONFIG in case it's not built via
the toplevel Makefile. Pass it from selftests/bpf too.
[1] https://lore.kernel.org/bpf/4ff82800-2daa-4b9f-95a9-6f512859ee70@linux.dev/
Reported-by: BPF CI Bot (Claude Opus 4.6) <bot+bpf-ci@kernel.org>
Reported-by: Vitaly Chikunov <vt@altlinux.org>
Closes: https://lore.kernel.org/bpf/aaWqMcK-2AQw5dx8@altlinux.org/
Fixes:
|
|
|
Linus Torvalds
|
7b6e48df88 |
hwmon fixes for v7.0-rc3
- aht10: Fix initialization commands for AHT20 - emc1403: correct a malformed email address - it87: Check the it87_lock() return value - max6639: fix inverted polarity - macsmc: Fix overflows, underflows, sign extension, and other problems - pmbus/q54sj108a2: fix stack overflow in debugfs read - Drop support for SMARC-sAM67 (discontinued and never released to market) -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEiHPvMQj9QTOCiqgVyx8mb86fmYEFAmmsDycACgkQyx8mb86f mYE5PhAAjn5II2E0aAJhuulPIEtMQekjZd33q//XUGL5tcz5PVakVtK6MBkGQA7P a3ryouTH4TUlmfjlwEWHu3Dde3bElStfUoFWAvvQc74rkiZdmSbo3fyU4LWNGnIu 2lxcOsjpMbIUC2xV0WUUmg/2r/v+Z8mFrLXbF0YEzhZfzpMin3kNxdCTjBqAa6p7 E6/Wayxh13W1o0UNJNnCJ6jdxKQPQ8GkVgB9EyivJqmyiJjrPhbFN4KWVhUCHhGF mvoMzuC6inVbMwDa2cjU8Ykx9NqVMte4xqZ92f8F8ObH6+dxoRJeszrAvY5PDwy0 p8OJcB9bZXzv7VYLBxIEsQg3Dm/VVk7YqRpPtChjrL7Z6VUtV170mq4r54YeLWfA 6xNwoNZpxylOjbG57F+Tv9S2ogQtxyGmg+J5r14tB2IQKJEZQfmsYAIXLeJwgcwu gPJWvQsUiB0sMe5Uoxck9EQou5QCKfdjX/XrlRfJm94aZHicajgM/wEXBFtn4a0E U3k1WSWq9aVTZrto6mMaVrXnAu2dWrXY2TkfxI/3/6Q8NDdg2ckDaTKFaPC3w9Xy S31SMjI98EviNKpZ9K9aP4RpYQTQk/K50fisZ4cZtT+trDvnEcc161+USB7tYE6j YdOjYM+Eqh3cEIDGjiP4lLS8Tnc8+IzpqljGru99TbgK9Ma4hXI= =+l89 -----END PGP SIGNATURE----- Merge tag 'hwmon-for-v7.0-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging Pull hwmon fixes from Guenter Roeck: - Fix initialization commands for AHT20 - Correct a malformed email address (emc1403) - Check the it87_lock() return value - Fix inverted polarity (max6639) - Fix overflows, underflows, sign extension, and other problems in macsmc - Fix stack overflow in debugfs read (pmbus/q54sj108a2) - Drop support for SMARC-sAM67 (discontinued and never released to market) * tag 'hwmon-for-v7.0-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging: hwmon: (pmbus/q54sj108a2) fix stack overflow in debugfs read hwmon: (max6639) fix inverted polarity dt-bindings: hwmon: sl28cpld: Drop sa67mcu compatible hwmon: (it87) Check the it87_lock() return value Revert "hwmon: add SMARC-sAM67 support" hwmon: (aht10) Fix initialization commands for AHT20 hwmon: (emc1403) correct a malformed email address hwmon: (macsmc) Fix overflows, underflows, and sign extension hwmon: (macsmc) Fix regressions in Apple Silicon SMC hwmon driver |
|
|
Linus Torvalds
|
e33aafac04 |
Driver core fixes for 7.0-rc3
- Revert "driver core: enforce device_lock for driver_match_device()": When a device is already present in the system and a driver is registered on the same bus, we iterate over all devices registered on this bus to see if one of them matches. If we come across an already bound one where the corresponding driver crashed while holding the device lock (e.g. in probe()) we can't make any progress anymore. Thus, revert and clarify that an implementer of struct bus_type must not expect match() to be called with the device lock held. -----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQS2q/xV6QjXAdC7k+1FlHeO1qrKLgUCaawGIAAKCRBFlHeO1qrK LmYsAP0XzV/dZVrEqU5AvchbcuZ7kfAKotj4wPUIAkoT3gzMcQEAqNm7Vaf2ulDs CS8XvRi0PX6inD1Oo3dqwb0rKjKfFwY= =GT+5 -----END PGP SIGNATURE----- Merge tag 'driver-core-7.0-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/driver-core/driver-core Pull driver core fix from Danilo Krummrich: - Revert "driver core: enforce device_lock for driver_match_device()": When a device is already present in the system and a driver is registered on the same bus, we iterate over all devices registered on this bus to see if one of them matches. If we come across an already bound one where the corresponding driver crashed while holding the device lock (e.g. in probe()) we can't make any progress anymore. Thus, revert and clarify that an implementer of struct bus_type must not expect match() to be called with the device lock held. * tag 'driver-core-7.0-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/driver-core/driver-core: Revert "driver core: enforce device_lock for driver_match_device()" |
|
|
Linus Torvalds
|
0f912c8917 |
xen: branch for v7.0-rc3
-----BEGIN PGP SIGNATURE----- iJEEABYKADkWIQRTLbB6QfY48x44uB6AXGG7T9hjvgUCaav3pBsUgAAAAAAEAA5t YW51MiwyLjUrMS4xMSwyLDIACgkQgFxhu0/YY75xWwD+NO/7WX01zcYSFMHTjHRx okbOkBwFzcZK+p/L4iTtVv0BAIYPUpa+RBLR2RtYN7mQEw8KO5yVgiLP2nlQYwIf wZcH =DrUe -----END PGP SIGNATURE----- Merge tag 'for-linus-7.0-rc3-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip Pull xen fixes from Juergen Gross: - a cleanup of arch/x86/kernel/head_64.S removing the pre-built page tables for Xen guests - a small comment update - another cleanup for Xen PVH guests mode - fix an issue with Xen PV-devices backed by driver domains * tag 'for-linus-7.0-rc3-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip: xen/xenbus: better handle backend crash xenbus: add xenbus_device parameter to xenbus_read_driver_state() x86/PVH: Use boot params to pass RSDP address in start_info page x86/xen: update outdated comment xen/acpi-processor: fix _CST detection using undersized evaluation buffer x86/xen: Build identity mapping page tables dynamically for XENPV |
|
Alexei Starovoitov
|
325d1ba3ca |
Merge branch 'bpf-fix-precision-backtracking-bug-with-linked-registers'
Eduard Zingerman says:
====================
bpf: Fix precision backtracking bug with linked registers
Emil Tsalapatis reported a verifier bug hit by the scx_lavd sched_ext
scheduler. The essential part of the verifier log looks as follows:
436: ...
// checkpoint hit for 438: (1d) if r7 == r8 goto ...
frame 3: propagating r2,r7,r8
frame 2: propagating r6
mark_precise: frame3: last_idx ...
mark_precise: frame3: regs=r2,r7,r8 stack= before 436: ...
mark_precise: frame3: regs=r2,r7 stack= before 435: ...
mark_precise: frame3: regs=r2,r7 stack= before 434: (85) call bpf_trace_vprintk#177
verifier bug: backtracking call unexpected regs 84
The log complains that registers r2 and r7 are tracked as precise
while processing the bpf_trace_vprintk() call in precision backtracking.
This can't be right, as r2 is reset by the call and there is nothing
to backtrack it to. The precision propagation is triggered when
a checkpoint is hit at instruction 438, r2 is dead at that instruction.
This happens because of the following sequence of events:
- Instruction 438 is first reached with registers r2 and r7 having
the same id via a path that does not call bpf_trace_vprintk():
- Checkpoint is created at 438.
- The jump at 438 is predicted, hence r7 and registers linked to it
(r2) are propagated as precise, marking r2 and r7 precise in the
checkpoint.
- Instruction 438 is reached a second time with r2 undefined and via
a path that calls bpf_trace_vprintk():
- Checkpoint is hit.
- propagate_precision() picks registers r2 and r7 and propagates
precision marks for those up to the helper call.
The root cause is the fact that states_equal() and
propagate_precision() assume that the precision flag can't be set for a
dead register (as computed by compute_live_registers()).
However, this is not the case when linked registers are at play.
Fix this by accounting for live register flags in
collect_linked_regs().
---
====================
Link: https://patch.msgid.link/20260306-linked-regs-and-propagate-precision-v1-0-18e859be570d@gmail.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
|
|
Eduard Zingerman
|
223ffb6a3d |
selftests/bpf: add reproducer for spurious precision propagation through calls
Add a test for the scenario described in the previous commit: an iterator loop with two paths where one ties r2/r7 via shared scalar id and skips a call, while the other goes through the call. Precision marks from the linked registers get spuriously propagated to the call path via propagate_precision(), hitting "backtracking call unexpected regs" in backtrack_insn(). Signed-off-by: Eduard Zingerman <eddyz87@gmail.com> Link: https://lore.kernel.org/r/20260306-linked-regs-and-propagate-precision-v1-2-18e859be570d@gmail.com Signed-off-by: Alexei Starovoitov <ast@kernel.org> |
|
|
Eduard Zingerman
|
2658a1720a |
bpf: collect only live registers in linked regs
Fix an inconsistency between func_states_equal() and
collect_linked_regs():
- regsafe() uses check_ids() to verify that cached and current states
have identical register id mapping.
- func_states_equal() calls regsafe() only for registers computed as
live by compute_live_registers().
- clean_live_states() is supposed to remove dead registers from cached
states, but it can skip states belonging to an iterator-based loop.
- collect_linked_regs() collects all registers sharing the same id,
ignoring the marks computed by compute_live_registers().
Linked registers are stored in the state's jump history.
- backtrack_insn() marks all linked registers for an instruction
as precise whenever one of the linked registers is precise.
The above might lead to a scenario:
- There is an instruction I with register rY known to be dead at I.
- Instruction I is reached via two paths: first A, then B.
- On path A:
- There is an id link between registers rX and rY.
- Checkpoint C is created at I.
- Linked register set {rX, rY} is saved to the jump history.
- rX is marked as precise at I, causing both rX and rY
to be marked precise at C.
- On path B:
- There is no id link between registers rX and rY,
otherwise register states are sub-states of those in C.
- Because rY is dead at I, check_ids() returns true.
- Current state is considered equal to checkpoint C,
propagate_precision() propagates spurious precision
mark for register rY along the path B.
- Depending on a program, this might hit verifier_bug()
in the backtrack_insn(), e.g. if rY ∈ [r1..r5]
and backtrack_insn() spots a function call.
The reproducer program is in the next patch.
This was hit by sched_ext scx_lavd scheduler code.
Changes in tests:
- verifier_scalar_ids.c selftests need modification to preserve
some registers as live for __msg() checks.
- exceptions_assert.c adjusted to match changes in the verifier log,
R0 is dead after conditional instruction and thus does not get
range.
- precise.c adjusted to match changes in the verifier log, register r9
is dead after comparison and it's range is not important for test.
Reported-by: Emil Tsalapatis <emil@etsalapatis.com>
Fixes:
|
|
|
Linus Torvalds
|
4ae12d8bd9 |
Second round of Kbuild fixes for 7.0
- Split out .modinfo section from ELF_DETAILS macro, as that macro may be used in other areas that expect to discard .modinfo, breaking certain image layouts - Adjust genksyms parser to handle optional attributes in certain declarations, necessary after commit |
|
|
Linus Torvalds
|
591d8796b2 |
s390 updates for 7.0-rc3
- Fix stackleak and xor lib inline asm, constraints and clobbers to prevent miscompilations and incomplete stack poisoning -----BEGIN PGP SIGNATURE----- iQEzBAABCgAdFiEE3QHqV+H2a8xAv27vjYWKoQLXFBgFAmmrahkACgkQjYWKoQLX FBjrwQgAjN8E5Qqt7vuFqYw4HLwyWfQ/O6QRhHGcpeQdh1zlHhKbxLcytl6rrpwJ Dzp5G1aalHcIaefCJnePpLasf64YO30cnDhLtOS6n9n+2CZEz8v7kb44CeZJD/r7 ytCu/PQjQr2LabfMtxjB3TfzuUfPxn65xmlHcx8LW+WjNyXKn0/gPRaBOmHxBxk7 wx8NpYVApdqHhZO7K32KDxPF2TAmUjMNd8dnof2BMH0vz6qPM8Ib/kt+uOPMPTmd D1yPrwJdoVeAHsbAVA0sgUCZmrx5ERs3ZYAjvzgaRSsUygX0KtS/2Fyghul2SKMh JtUP905RIIGugIZ8naKdQO9iAZfLPA== =jkZC -----END PGP SIGNATURE----- Merge tag 's390-7.0-4' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux Pull s390 fixes from Vasily Gorbik: - Fix stackleak and xor lib inline asm, constraints and clobbers to prevent miscompilations and incomplete stack poisoning * tag 's390-7.0-4' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux: s390/stackleak: Fix __stackleak_poison() inline assembly constraint s390/xor: Improve inline assembly constraints s390/xor: Fix xor_xc_2() inline assembly constraints s390/xor: Fix xor_xc_5() inline assembly |
|
|
Linus Torvalds
|
4660e168c6 |
arm64 fixes for -rc3
- Fix kexec/hibernation hang due to bogus read-only mappings.
- Fix sparse warnings in our cmpxchg() implementation.
- Prevent runtime-const being used in modules, just like x86.
- Fix broken elision of access flag modifications for contiguous entries
on systems without support for hardware updates.
- Fix a broken SVE selftest that was testing the wrong instruction.
-----BEGIN PGP SIGNATURE-----
iQFEBAABCgAuFiEEPxTL6PPUbjXGY88ct6xw3ITBYzQFAmmrH5wQHHdpbGxAa2Vy
bmVsLm9yZwAKCRC3rHDchMFjNLiWB/40+A3Q3gz9VB3obupFeC/s688TjGMwLbIO
m03Qu/ulGwBZaPRPZxsxnr8pFZKjSple5NJiHv5kQ/wR4Cfc4zwF2zOSdRvAI/c3
qPT2YL0CcVt0OgbWd2VCjiThTuFREewdCqRWbmkDaPYd27k0KWY14gHHpriRw7XM
QY0OOz8wrWi3lg2Wyvub9wWLkyjKtFlrkwZaACD5D90k/CwKVgncC1z4vh41hQxk
qjxdygNJt2sV+31+F7QMoY/rbyVnUkdSvWSwe9z2Bs9mwebaoGgx4c1l47Wq+oQD
NiVgHOZnPQkDgd2MWkUiCwzAr6C3B0aF2BCu+NTgILkbX7PyG792
=knFu
-----END PGP SIGNATURE-----
Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux
Pull arm64 fixes from Will Deacon:
"The main changes are a fix to the way in which we manage the access
flag setting for mappings using the contiguous bit and a fix for a
hang on the kexec/hibernation path.
Summary:
- Fix kexec/hibernation hang due to bogus read-only mappings
- Fix sparse warnings in our cmpxchg() implementation
- Prevent runtime-const being used in modules, just like x86
- Fix broken elision of access flag modifications for contiguous
entries on systems without support for hardware updates
- Fix a broken SVE selftest that was testing the wrong instruction"
* tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux:
selftest/arm64: Fix sve2p1_sigill() to hwcap test
arm64: contpte: fix set_access_flags() no-op check for SMMU/ATS faults
arm64: make runtime const not usable by modules
arm64: mm: Add PTE_DIRTY back to PAGE_KERNEL* to fix kexec/hibernation
arm64: Silence sparse warnings caused by the type casting in (cmp)xchg
|
|
Calvin Owens
|
d008ba8be8 |
tracing: Fix trace_buf_size= cmdline parameter with sizes >= 2G
Some of the sizing logic through tracer_alloc_buffers() uses int
internally, causing unexpected behavior if the user passes a value that
does not fit in an int (on my x86 machine, the result is uselessly tiny
buffers).
Fix by plumbing the parameter's real type (unsigned long) through to the
ring buffer allocation functions, which already use unsigned long.
It has always been possible to create larger ring buffers via the sysfs
interface: this only affects the cmdline parameter.
Cc: stable@vger.kernel.org
Cc: Masami Hiramatsu <mhiramat@kernel.org>
Cc: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Link: https://patch.msgid.link/bff42a4288aada08bdf74da3f5b67a2c28b761f8.1772852067.git.calvin@wbinvd.org
Fixes:
|
|
|
Alexei Starovoitov
|
6895e1d7c3 |
Merge branch 'bpf-fix-u32-s32-bounds-when-ranges-cross-min-max-boundary'
Eduard Zingerman says:
====================
bpf: Fix u32/s32 bounds when ranges cross min/max boundary
Cover the following cases in range refinement logic for 32-bit ranges:
- s32 range crosses U32_MAX/0 boundary, positive part of the s32 range
overlaps with u32 range.
- s32 range crosses U32_MAX/0 boundary, negative part of the s32 range
overlaps with u32 range.
These cases are already handled for 64-bit range refinement.
Without the fix the test in patch 2 is rejected by the verifier.
The test was reduced from sched-ext program.
Changelog:
- v2 -> v3:
- Reverted
|
|
|
Eduard Zingerman
|
d87c9305a8 |
Revert "selftests/bpf: Update reg_bound range refinement logic"
This reverts commit
|
|
|
Eduard Zingerman
|
f81fdfd167 |
selftests/bpf: test refining u32/s32 bounds when ranges cross min/max boundary
Two test cases for signed/unsigned 32-bit bounds refinement when s32 range crosses the sign boundary: - s32 range [S32_MIN..1] overlapping with u32 range [3..U32_MAX], s32 range tail before sign boundary overlaps with u32 range. - s32 range [-3..5] overlapping with u32 range [0..S32_MIN+3], s32 range head after the sign boundary overlaps with u32 range. This covers both branches added in the __reg32_deduce_bounds(). Also, crossing_32_bit_signed_boundary_2() no longer triggers invariant violations. Reviewed-by: Emil Tsalapatis <emil@etsalapatis.com> Reviewed-by: Paul Chaignon <paul.chaignon@gmail.com> Acked-by: Shung-Hsi Yu <shung-hsi.yu@suse.com> Signed-off-by: Eduard Zingerman <eddyz87@gmail.com> Link: https://lore.kernel.org/r/20260306-bpf-32-bit-range-overflow-v3-2-f7f67e060a6b@gmail.com Signed-off-by: Alexei Starovoitov <ast@kernel.org> |
|
|
Eduard Zingerman
|
fbc7aef517 |
bpf: Fix u32/s32 bounds when ranges cross min/max boundary
Same as in __reg64_deduce_bounds(), refine s32/u32 ranges in __reg32_deduce_bounds() in the following situations: - s32 range crosses U32_MAX/0 boundary, positive part of the s32 range overlaps with u32 range: 0 U32_MAX | [xxxxxxxxxxxxxx u32 range xxxxxxxxxxxxxx] | |----------------------------|----------------------------| |xxxxx s32 range xxxxxxxxx] [xxxxxxx| 0 S32_MAX S32_MIN -1 - s32 range crosses U32_MAX/0 boundary, negative part of the s32 range overlaps with u32 range: 0 U32_MAX | [xxxxxxxxxxxxxx u32 range xxxxxxxxxxxxxx] | |----------------------------|----------------------------| |xxxxxxxxx] [xxxxxxxxxxxx s32 range | 0 S32_MAX S32_MIN -1 - No refinement if ranges overlap in two intervals. This helps for e.g. consider the following program: call %[bpf_get_prandom_u32]; w0 &= 0xffffffff; if w0 < 0x3 goto 1f; // on fall-through u32 range [3..U32_MAX] if w0 s> 0x1 goto 1f; // on fall-through s32 range [S32_MIN..1] if w0 s< 0x0 goto 1f; // range can be narrowed to [S32_MIN..-1] r10 = 0; 1: ...; The reg_bounds.c selftest is updated to incorporate identical logic, refinement based on non-overflowing range halves: ((x ∩ [0, smax]) ∩ (y ∩ [0, smax])) ∪ ((x ∩ [smin,-1]) ∩ (y ∩ [smin,-1])) Reported-by: Andrea Righi <arighi@nvidia.com> Reported-by: Emil Tsalapatis <emil@etsalapatis.com> Closes: https://lore.kernel.org/bpf/aakqucg4vcujVwif@gpd4/T/ Reviewed-by: Emil Tsalapatis <emil@etsalapatis.com> Acked-by: Shung-Hsi Yu <shung-hsi.yu@suse.com> Signed-off-by: Eduard Zingerman <eddyz87@gmail.com> Link: https://lore.kernel.org/r/20260306-bpf-32-bit-range-overflow-v3-1-f7f67e060a6b@gmail.com Signed-off-by: Alexei Starovoitov <ast@kernel.org> |
|
|
Linus Torvalds
|
e0c505cb76 |
eight client fixes
-----BEGIN PGP SIGNATURE----- iQGzBAABCgAdFiEE6fsu8pdIjtWE/DpLiiy9cAdyT1EFAmmrTDwACgkQiiy9cAdy T1HHOAwAmGbU/6pbT09bNdSAdqfU41FLgKNQ2w6/cKliicpUON2uG9XEYkPi4NtP U34zJP2gdYByC+9cxw7sHgZJkT4FQko3HCzQUT/nSgGVjGI2zOywXroa4FOCCs07 sLRk7TerbjGceIB8Uw2OQsk8Bv2WxWn2MaVa27UffDF5DOuy85zFR4eLyAXI22mO Rg0aGjQYbAgXePYbsfPYUZr2E9HjZtr1u0w3zgzQxi+tIiZtYcvxea7xGd/S1ftj CGjpulyPK/pyteoFYtYJC5qZXDVaFfgrvH0mjCR2powlFx+HHjskPnj0fFqikksh W5ZkSxYlT+VcGJQFBmkJVBpaSPH10WO8mFTrEiPwwgrP8nese8CMFTtNM4f8tDjH LJMsM6VBpxWxd0donpM96ZshOXvoMSIss9nuvHkQrvgIbKQAs3NFQdGUCeGgYqMh ur25LZBmXUqz78uHRQHj7dnlSGxjLmHUUCKRoPR3Tm9yDE39ea9KlsVxxjXQaur8 JqG9I1ZF =Nnap -----END PGP SIGNATURE----- Merge tag 'v7.0-rc2-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6 Pull smb client fixes from Steve French: - Fix potential oops on open failure - Fix unmount to better free deferred closes - Use proper constant-time MAC comparison function - Two buffer allocation size fixes - Two minor cleanups - make SMB2 kunit tests a distinct module * tag 'v7.0-rc2-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6: smb: client: fix oops due to uninitialised var in smb2_unlink() cifs: open files should not hold ref on superblock smb: client: Compare MACs in constant time smb/client: remove unused SMB311_posix_query_info() smb/client: fix buffer size for smb311_posix_qinfo in SMB311_posix_query_info() smb/client: fix buffer size for smb311_posix_qinfo in smb2_compound_op() smb: update some doc references smb/client: make SMB2 maperror KUnit tests a separate module |
|
Andrei-Alexandru Tachici
|
3b1679e086 |
tracing: Fix enabling multiple events on the kernel command line and bootconfig
Multiple events can be enabled on the kernel command line via a comma separator. But if the are specified one at a time, then only the last event is enabled. This is because the event names are saved in a temporary buffer, and each call by the init cmdline code will reset that buffer. This also affects names in the boot config file, as it may call the callback multiple times with an example of: kernel.trace_event = ":mod:rproc_qcom_common", ":mod:qrtr", ":mod:qcom_aoss" Change the cmdline callback function to append a comma and the next value if the temporary buffer already has content. Cc: stable@vger.kernel.org Cc: Masami Hiramatsu <mhiramat@kernel.org> Cc: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> Link: https://patch.msgid.link/20260302-trace-events-allow-multiple-modules-v1-1-ce4436e37fb8@oss.qualcomm.com Signed-off-by: Andrei-Alexandru Tachici <andrei-alexandru.tachici@oss.qualcomm.com> Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org> |
|
|
Linus Torvalds
|
325a118c12 |
pci-v7.0-fixes-3
-----BEGIN PGP SIGNATURE----- iQJIBAABCgAyFiEEgMe7l+5h9hnxdsnuWYigwDrT+vwFAmmrQ+gUHGJoZWxnYWFz QGdvb2dsZS5jb20ACgkQWYigwDrT+vxvzw//W5JPKqnjNdH282/Mi7r6BuKImadB DFWzwXazNv/mXS44vMX5/3FxAUkHpj5+PrZeHKVX7hA5zjjY4kufAve5w2xadtGC HU/4rbw5sROFoFL4oK+r1I7hHZu1/wZhA7owC7G6GXUOK/hU95UFD4SuT0utEHCU Hv5K1Z7d0hy8B1lvgmE1lRIrL0bFxhBqYai7Rn7rS+Hv9LJfLFT+bnqx9A0LJo1t WVoYe+lBKN8rQgqgkSm5YOX/YWpl3lShj7xTK8Q26knU7bWVWy+lsi86O7Ui8jua EdkiUeh4sxWnufQCcHzhEKQgJpTTrDrGtGbtb0u2eyERSKIh+renl0cYPzHEjwRT kQPhZp1yB1zaLBEb6N6+PSnKZ3LL0Pabilx+ZcsdeIZcf4jaZgUzkA5NXCVHD96g rGqtBnvajwDYE+laSarLzIAx6NBih7Za7Mbo0LE9T0RBoG+B9GvZKvxr74nCUmwn wdFLsH8KiKOnHB6y7AZylDghXQxIXhUW79QWt3QLWLTgtTPW+8q6iEegKFmoTsAK PpzwuTNKwJXsKANIjZJ2KEffcJL/Z7nYxz/C8IQMZ/Pqn2QP9cbEJLcX2ZlvmiwE T8iI55EQ/4zhVDted1ecRs4A4DIx8E6Fn1JefqeI5zdJSfLqwwKWJjGhQmaQvkoy ovDaERG7LiJEsCk= =XZpg -----END PGP SIGNATURE----- Merge tag 'pci-v7.0-fixes-3' of git://git.kernel.org/pub/scm/linux/kernel/git/pci/pci Pull pci fixes from Bjorn Helgaas: - Initialize msi_addr_mask for OF-created PCI devices to fix sparc and powerpc probe regressions (Nilay Shroff) - Orphan the Altera PCIe controller driver (Dave Hansen) * tag 'pci-v7.0-fixes-3' of git://git.kernel.org/pub/scm/linux/kernel/git/pci/pci: MAINTAINERS: Orphan Altera PCIe controller driver sparc/PCI: Initialize msi_addr_mask for OF-created PCI devices powerpc/pci: Initialize msi_addr_mask for OF-created PCI devices |
|
|
Linus Torvalds
|
dfb3142844 |
drm fixes for 7.0-rc3
mm: - mm: Fix a hmm_range_fault() livelock / starvation problem pagemap: - Revert "drm/pagemap: Disable device-to-device migration" ttm: - fix function return breaking reclaim - fix build failure on PREEMPT_RT - fix bo->resource UAF dma-buf: - include ioctl.h in uapi header sched: - fix kernel doc warning amdgpu: - LUT fixes - VCN5 fix - Dispclk fix - SMU 13.x fix - Fix race in VM acquire - PSP 15.x fix - UserQ fix amdxdna: - fix invalid payload for failed command - fix NULL ptr dereference - fix major fw version check - avoid inconsistent fw state on error i915/display: - Fix for Lenovo T14 G7 display not refreshing xe: - Do not preempt fence signaling CS instructions - Some leak and finalization fixes - Workaround fix nouveau: - avoid runtime suspend oops when using dp aux panthor: - fix gem_sync argument ordering solomon: - fix incorrect display output renesas: - fix DSI divider programming ethosu: - fix job submit error clean-up refcount - fix NPU_OP_ELEMENTWISE validation - handle possible underflows in IFM size calcs -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEEKbZHaGwW9KfbeusDHTzWXnEhr4FAmmrODEACgkQDHTzWXnE hr6ENA/9E+ABsQPUSr1ZUR6MfS3FdDMfyNi34u9F0XE0vL/6J4DIN2MXHJN0yj4S YeR8RIH1uuteexRCVjK8gYrDFZm5GpdJ7tZsPBogKSjfr4P4zvSdcyP0DtubmHN8 k/Rbdr1m2BnAerviPUlQ09voG4VyM/IlnkOj/aUrAG4xHfNLWhQ/eY21HjvTaMEw eNPk75G32AkusybhYGLcfRKUqmZ9Sh/EAIOiqp5Gd61bSbNXFbXqU59AliRSW16D dRMjCenQbBtXnf1xzn9xmC95Mr5NhlId3BddY6nsmTvqnse50w1IBw4MbA5703iv teNAsRHNWBiyachtolylu63z8fjc3mqRgyB3qoYCIn4pGm6wej3SSuOr+WaKTPMr ucKNxvsluiXOIdUrkLYyl1LTU1Bqs2/mFTPzyHFykeB72swHGyCfYyh/RgL+dYIc nuOsY1n4JR1JCkg5p4Y8LZq0RXLE6PJfyxmpF9W2r9DVV4T52Yk5fiXEo+HJ9WaJ yaa3xBJJLP0z50JuaV7iEIiXQBwj482m0No+jG4+ZTatRm/4oz0cHpmoRkPuN6Og vc6UdFUtRysVqSetLfV1oBpLm3zkhumDxtrqb6GHB7n+ahY7mFCLc175wFXoGCqu DxCshK5FZchyPbOXaxOWyIVXDCYJtCJnK4vBCHwkJAkxLQCpv/k= =yGA4 -----END PGP SIGNATURE----- Merge tag 'drm-fixes-2026-03-07' of https://gitlab.freedesktop.org/drm/kernel Pull drm fixes from Dave Airlie: "Weekly fixes pull. There is one mm fix in here for a HMM livelock triggered by the xe driver tests. Otherwise it's a pretty wide range of fixes across the board, ttm UAF regression fix, amdgpu fixes, nouveau doesn't crash my laptop anymore fix, and a fair bit of misc. Seems about right for rc3. mm: - mm: Fix a hmm_range_fault() livelock / starvation problem pagemap: - Revert "drm/pagemap: Disable device-to-device migration" ttm: - fix function return breaking reclaim - fix build failure on PREEMPT_RT - fix bo->resource UAF dma-buf: - include ioctl.h in uapi header sched: - fix kernel doc warning amdgpu: - LUT fixes - VCN5 fix - Dispclk fix - SMU 13.x fix - Fix race in VM acquire - PSP 15.x fix - UserQ fix amdxdna: - fix invalid payload for failed command - fix NULL ptr dereference - fix major fw version check - avoid inconsistent fw state on error i915/display: - Fix for Lenovo T14 G7 display not refreshing xe: - Do not preempt fence signaling CS instructions - Some leak and finalization fixes - Workaround fix nouveau: - avoid runtime suspend oops when using dp aux panthor: - fix gem_sync argument ordering solomon: - fix incorrect display output renesas: - fix DSI divider programming ethosu: - fix job submit error clean-up refcount - fix NPU_OP_ELEMENTWISE validation - handle possible underflows in IFM size calcs" * tag 'drm-fixes-2026-03-07' of https://gitlab.freedesktop.org/drm/kernel: (38 commits) accel: ethosu: Handle possible underflow in IFM size calculations accel: ethosu: Fix NPU_OP_ELEMENTWISE validation with scalar accel: ethosu: Fix job submit error clean-up refcount underflows accel/amdxdna: Split mailbox channel create function drm/panthor: Correct the order of arguments passed to gem_sync Revert "drm/syncobj: Fix handle <-> fd ioctls with dirty stack" drm/ttm: Fix bo resource use-after-free nouveau/dpcd: return EBUSY for aux xfer if the device is asleep accel/amdxdna: Fix major version check on NPU1 platform drm/amdgpu/userq: refcount userqueues to avoid any race conditions drm/amdgpu/userq: Consolidate wait ioctl exit path drm/amdgpu/psp: Use Indirect access address for GFX to PSP mailbox drm/amdgpu: Fix use-after-free race in VM acquire drm/amd/pm: remove invalid gpu_metrics.energy_accumulator on smu v13.0.x drm/xe: Fix memory leak in xe_vm_madvise_ioctl drm/xe/reg_sr: Fix leak on xa_store failure drm/xe/xe2_hpg: Correct implementation of Wa_16025250150 drm/xe/gsc: Fix GSC proxy cleanup on early initialization failure Revert "drm/pagemap: Disable device-to-device migration" drm/i915/psr: Fix for Panel Replay X granularity DPCD register handling ... |
|
|
Linus Torvalds
|
3593e678f5 |
linux_kselftest-kunit-fixes-7.0-rc3
kunit: - Fixes rust warnings when CONFIG_PRINTK is disabled. - Reduces stack usage in kunit_run_tests() to fix warnings when CONFIG_FRAME_WARN is set to a relatively low value. - Updates email address for David Gow. kunit tool: - Copies caller args in run_kernel to prevent mutation. -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEPZKym/RZuOCGeA/kCwJExA0NQxwFAmmrNf4ACgkQCwJExA0N QxyVNxAAtemv6AH1pP/cR23teXd5uuBThTM8EASEAC9/VJmCuPjg9mb6df816EXx 2ZrTKGR5k/5basYDhNKIAJTGGjT3pcau7OKmD7Piy3bbhJEq5kb31rVbbmCV1STl vzJcBbSNP5Z+otz/flmewoeiL+xYarQvCrfFll5Y+gMer3HFevG0y0rCpEe0+7tH avgq01m7rHFg0DLYxJhjE3NFgFlgYaKdHyQPrGYOtZUXJDSNUO1cULJ8ZrMG3skc JWngB/5eS6hP/3QSaBm9coHKbrAYatpPWLfg9wtgfuj3be2oEAnWeynb/vWrdEV3 uid96CEs1UPG8Z/jTtRK86q1md+5I2QX6s7B74EXnzCo0bg150h1qtT2J/za1Kxu 7CP6Rq59VHCL6SMpQ4cks00zpWffCCtAphto2yk9ZphbisyVUGN8zEiCdd0FrLob putdMLeJVLXbnWFCnLA/8gFfx6Inp+PXNoVr+6LNZo/qB4W/EJOLDUvjaVJ7abpY yUxvJVj0+dwOlYUYnpldGCz9pfywgIyLI7ERtu4KIwJ5EMsVo8yJgykEd2MkQbZ+ 2Db3omyalnAn/vXP5p48vawI9oj6scMNxukBRTdqZsQGRma/jj6FnZCi77llQY+g V6pTQPjJRhRGLIwow+dCkJ4CucafNacp1RVuf61MM/I03XOQEwU= =j8w0 -----END PGP SIGNATURE----- Merge tag 'linux_kselftest-kunit-fixes-7.0-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest Pull kunit fixes from Shuah Khan: - Fix rust warnings when CONFIG_PRINTK is disabled - Reduce stack usage in kunit_run_tests() to fix warnings when CONFIG_FRAME_WARN is set to a relatively low value - Update email address for David Gow - Copy caller args in kunit tool in run_kernel to prevent mutation * tag 'linux_kselftest-kunit-fixes-7.0-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest: kunit: reduce stack usage in kunit_run_tests() kunit: tool: copy caller args in run_kernel to prevent mutation rust: kunit: fix warning when !CONFIG_PRINTK MAINTAINERS: Update email address for David Gow |
|
|
Linus Torvalds
|
651690480a |
spi: Fix for v7.0
One device specific fix here, it was possible we might end up trying to dereference an invalid pointer while reporting a transfer timeout on DesignWare controllers. -----BEGIN PGP SIGNATURE----- iQEzBAABCgAdFiEEreZoqmdXGLWf4p/qJNaLcl1Uh9AFAmmrBysACgkQJNaLcl1U h9Coswf+PNFoD6WmSL+IGUYqVG+Rq3B37caO+cL5OGK/Sf6/WOh31LFNAdRfx6DR LkiDjlX3EKf58v+Lkri4Fd64/6ZPV3FMdjK5myGpnn2uWhH8qN8xSIBRffRg0z9f DJErn8xl2NjAc78ypiMFKfVwnCgMZFVid4gTIwPMW8Fmz74d5fichplWLLhhZq0c DSXp37Uq+26J/jBwecQ8FdfBosN1t2z5jA0R3Y5iLiR01QuonTgw8+beMdw6GWq1 qoW9nP/mCNEARTL9fdmnPsko+gx8y0UjAjoqFBszX+BA1I4z1+XjjUE3eDfzDej1 duhpSkOHFt2p2sbkV7utYsnK4VZCDw== =CwFP -----END PGP SIGNATURE----- Merge tag 'spi-fix-v7.0-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi Pull spi fix from Mark Brown: "One device specific fix here, it was possible we might end up trying to dereference an invalid pointer while reporting a transfer timeout on DesignWare controllers" * tag 'spi-fix-v7.0-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi: spi: spi-dw-dma: fix print error log when wait finish transaction |
|
|
Linus Torvalds
|
5abeba615c |
regulator: Fixes for v7.0
A couple of small, driver specific fixes which might not even have much impact if you have the affected devices depending on your setup. -----BEGIN PGP SIGNATURE----- iQEzBAABCgAdFiEEreZoqmdXGLWf4p/qJNaLcl1Uh9AFAmmrBo0ACgkQJNaLcl1U h9Bf6gf9HpD980t31lKKUDEJXwQ+Cg2A4NnoZYRsDU0ZW9Z/f8SY4Ea2O3Jyj4Ce 0s76ebgbYEowxamdsPBqISvQTbS7VUiWV9Fsx8y2CcKiAf7qFZ4GarlL8pjvTnsy mcFFdIvQ/7yAREjRyZAyuv3B1SJT5kJ+IUhEtBzkBAQUkqcKpjIpNHJZ9QG2OCof 6fg/xABYDkEAoB3z26nRC63ilP7QUDdi+XQyhOi2hUUgbFW6f0ZUM9+IFuR04PYb 36LYmI5NffpVRsCxfkSSGck6Sp98/bNgdp6Z9UPk7B0j3ZxXX/GN1LqlmY7zKcho V5bUsqXQ6r2Fw5SYcf8C86N9WSKY4w== =F20s -----END PGP SIGNATURE----- Merge tag 'regulator-fix-v7.0-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator Pull regulator fixes from Mark Brown: "A couple of small, driver specific fixes which might not even have much impact if you have the affected devices depending on your setup" * tag 'regulator-fix-v7.0-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator: regulator: pf9453: Respect IRQ trigger settings from firmware regulator: mt6363: Fix incorrect and redundant IRQ disposal in probe |
|
|
Linus Torvalds
|
d249037ac4 |
sound fixes for 7.0-rc3
Again a collection of device-specific fixes. Most of changes are fairly small device-specific quirks of fixes for HD- and USB-audio, ASoC Intel, AMD, fsl, Cirrus and co. The only large LOC is for plumbing ASoC ACP driver to add the Cirrus Logic codec support, so this one is also just adding some tables. -----BEGIN PGP SIGNATURE----- iQJCBAABCAAsFiEEIXTw5fNLNI7mMiVaLtJE4w1nLE8FAmmqllkOHHRpd2FpQHN1 c2UuZGUACgkQLtJE4w1nLE+9Xg/8DTw0q54yrvKUulV/czdgjs3GevM0hn3D9FQs znHo8uYLGBeOFO2M+gTkASQM8j/HObhevcSPmhOqiLOXctmmqAm5nGkeL2mCUoW0 mBkIu0YDeoQq++A0l+prdJ9nweEyjNyyizi0wxqw+6Igj6ykm7V2TLS++I3YXxyP Om5+E4Rq0xLI4ywbc2MPVcTLGJU3rW9Ygg4bLTxz5dQb36v3+V4RtuyyIu+cdD52 m1tAw6NasN5OSB5fcCnP427zfUZ9kvv+d3Fh23jagXKDUarXUDJxS5i27/pocCyt lEeU3ukSaQ73FajyfdHpXbUYBUIN7vS91qITX2orqPAelhTDi1Iq2mt2B4dfM+U4 FguphGFz1wnqKvfCaXeA11EUGOeLUIbgxBLyphbDquVPSr4T19lscTSq0G+xwHoG s1CxkYqh4uvgavo5pSiMUADfXIZC2Fla8aiEtZIfqXfOw4oWERMPg0l7xMhGsnHP FpqXMGA/3u/ow6i/LLWCA5U8Xp946/OZIP6pzLyUbla9Aha4q9Uf7MzFeYdG73BX z8XCdG72oaiEnLHeYIxzYj1P8Ms6C7LhEPhjCMcoPyEwBDfdTI4olgRNF/6gKt+V kEd2sUZQCsSzaa8NcsMKGDEzXbzJfD0JYLG8/aF5coy9u+FFX8tuJsYuvaG2grcz W0r1kpw= =NRtj -----END PGP SIGNATURE----- Merge tag 'sound-7.0-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound Pull sound fixes from Takashi Iwai: "Again a collection of device-specific fixes. Most of changes are fairly small device-specific quirks of fixes for HD- and USB-audio, ASoC Intel, AMD, fsl, Cirrus and co. The only large LOC is for plumbing ASoC ACP driver to add the Cirrus Logic codec support, so this one is also just adding some tables" * tag 'sound-7.0-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound: (21 commits) ALSA: us122l: drop redundant interface references ASoC: amd: yc: Add DMI quirk for ASUS EXPERTBOOK PM1503CDA ASoC: dt-bindings: renesas,rz-ssi: Document RZ/G3L SoC ASoC: SDCA: Add allocation failure check for Entity name ALSA: hda/senary: Ensure EAPD is enabled during init ALSA: hda/senary: Use codec->core.afg for GPIO access ALSA: doc: usb-audio: Add doc for QUIRK_FLAG_SKIP_IFACE_SETUP ASoC: dt-bindings: tegra: Add compatible for Tegra238 sound card ALSA: hda/hdmi: Add Tegra238 HDA codec device ID ASoC: cs35l56: Suppress pointless warning about number of GPIO pulls ASoC: amd: acp: Add ACP6.3 match entries for Cirrus Logic parts ASoC: Intel: sof_sdw: Add quirk for Alienware Area 51 (2025) 0CCD SKU ASoC: rt1321: fix DMIC ch2/3 mask issue ASoC: cs35l56: Only patch ASP registers if the DAI is part of a DAIlink ASoC: fsl_easrc: Fix event generation in fsl_easrc_iec958_set_reg() ASoC: fsl_easrc: Fix event generation in fsl_easrc_iec958_put_bits() ALSA: firewire: dice: Fix printf warning with W=1 ALSA: hda/tas2781: A workaround solution to lower-vol issue among lower calibrated-impedance micro-speaker on TAS2781 ALSA: hda/realtek: Add quirk for HP Pavilion 15-eh1xxx to enable mute LED ALSA: usb-audio: Add iface reset and delay quirk for AB13X USB Audio ... |
|
|
Guenter Roeck
|
457965c13f |
tracing: Add NULL pointer check to trigger_data_free()
If trigger_data_alloc() fails and returns NULL, event_hist_trigger_parse()
jumps to the out_free error path. While kfree() safely handles a NULL
pointer, trigger_data_free() does not. This causes a NULL pointer
dereference in trigger_data_free() when evaluating
data->cmd_ops->set_filter.
Fix the problem by adding a NULL pointer check to trigger_data_free().
The problem was found by an experimental code review agent based on
gemini-3.1-pro while reviewing backports into v6.18.y.
Cc: Miaoqian Lin <linmq006@gmail.com>
Cc: Masami Hiramatsu <mhiramat@kernel.org>
Cc: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Cc: Steven Rostedt (Google) <rostedt@goodmis.org>
Link: https://patch.msgid.link/20260305193339.2810953-1-linux@roeck-us.net
Fixes:
|
|
|
Linus Torvalds
|
48976c0eba |
hid-for-linus-2026030601
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEoEVH9lhNrxiMPSyI7MXwXhnZSjYFAmmqkoIACgkQ7MXwXhnZ SjZg1xAAo8zWO1w8U99bYckAqgjWNEUbNiBo3370HbaNiOknW4B2Hzib4LIex4NE I/b1W1Wjq9ifgLLdHKP18eWVk4JgKupruTyoomfBrkHZSMbh8Y17GRdzpEj+4UEj HjmWTtNGKxJxpgVlSxPQuh1jNmkJm7FIYOMoSEM0CQJWHuUYERDrKsvJoHdZrX+p /C1Mn4+4o32CN2nUR7eRsvSisXjy/nTbNllLJNYZCCNBcvh3FaJNpEH5F+XMwg3n QKa5Ex0ZWMur1dN3y7xmJNdZszJoFFwb4UL1eWG3N0rIoHZpzbwdHDu2IXqJc0Jq HmdWqIceiScuhyjHNZ/DEes+GLMyIUUApO9Bs3Zmnde3yPtkbXc5TOvFeSL0ih+5 WZjcW0b3rDhwibilgZA9ZuZfD44ajZsAOeZWJrc/7mNYoploJCc6ZOo3Ze7MJqjA tNnx33eX4+FpZndXVBAdkmM8iNTVNIaJ2SGPwauAfOUADaskdg83NFVa/q3IMAo3 44Sw8Wk5E59J5vxGlceqvzySDgO5uB8v4J3kHnDKxOPtNivvV+38cnLAwnaI+/+h adGcCC9B67ekw02gAOOu+ExiijCCYLfKxIUckCKvGBiIXJELjzx98+H863/m+QwE gyvKdLM0EFu6qnAycma5IXtsM0aPlNz/WHOw/SQgGeMz2NePtLw= =fPAZ -----END PGP SIGNATURE----- Merge tag 'hid-for-linus-2026030601' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid Pull HID fixes from Benjamin Tissoires: - fix a few memory leaks (Günther Noack) - fix potential kernel crashes in cmedia, creative-sb0540 and zydacron (Greg Kroah-Hartman) - fix NULL pointer dereference in pidff (Tomasz Pakuła) - fix battery reporting for Apple Magic Trackpad 2 (Julius Lehmann) - mcp2221 proper handling of failed read operation (Romain Sioen) - various device quirks / device ID additions * tag 'hid-for-linus-2026030601' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid: HID: mcp2221: cancel last I2C command on read error HID: asus: add xg mobile 2023 external hardware support HID: multitouch: Keep latency normal on deactivate for reactivation gesture HID: apple: Add EPOMAKER TH87 to the non-apple keyboards list HID: intel-ish-hid: ipc: Add Nova Lake-H/S PCI device IDs selftests: hid: tests: test_wacom_generic: add tests for display devices and opaque devices HID: multitouch: new class MT_CLS_EGALAX_P80H84 HID: magicmouse: fix battery reporting for Apple Magic Trackpad 2 HID: pidff: Fix condition effect bit clearing HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them HID: asus: avoid memory leak in asus_report_fixup() HID: magicmouse: avoid memory leak in magicmouse_report_fixup() HID: apple: avoid memory leak in apple_report_fixup() HID: Document memory allocation properties of report_fixup() |
|
|
Linus Torvalds
|
54de8b835b |
platform-drivers-x86 for v7.0-2
Fixes and New HW Support
- alienware-wmi-wmax: Add G-Mode support to m18 laptops
- asus-armoury: Add support for FA401UM, G733QS, GX650RX
- dell-wmi-sysman: Don't hex dump plaintext password data
- hp-bioscfg: Support large number of enumeration attributes
- hp-wmi: Add support for Omen 14-fb1xxx, 16-xd0xxx and 16-wf0xxx,
Victus-d0xxx
- int3472: Handle GPIO type 0x10 (DOVDD)
- intel-hid:
- Add Dell 14 & 16 Plus 2-in-1 to dmi_vgbs_allow_list
- Enable 5-button array on ThinkPad X1 Fold 16 Gen 1
- mellanox: mlxreg: Fix kernel-doc warnings
- oxpec: Add support for OneXPlayer X1 Air, X1z, APEX, and Aokzoe A2 Pro
- redmi-wmi: Add more Fn hotkey mappings
- thinkpad_acpi: Fix errors reading battery thresholds
- touchscreen_dmi: Add quirk for y-inverted Goodix touchscreen on SUPI S10
- uniwill-laptop:
- FN lock/super key lock attributes rename
- Fix crash on unexpected battery event
- A special key combination can alter FN lock status so mark it volatile
- Handle FN lock event
The following is an automated shortlog grouped by driver:
alienware-wmi-wmax:
- Add G-Mode support to m18 laptops
asus-armoury:
- add support for FA401UM
- add support for G733QS
- add support for GX650RX
dell-wmi:
- Add audio/mic mute key codes
dell-wmi-sysman:
- Don't hex dump plaintext password data
hp-bioscfg:
- Support allocations of larger data
hp-wmi:
- add Omen 14-fb1xxx (board 8E41) support
- Add Omen 16-wf0xxx fan and thermal support
- Add Omen 16-xd0xxx fan and thermal support
- Add Victus 16-d0xxx support
int3472:
- Handle GPIO type 0x10 (DOVDD)
intel-hid:
- Add Dell 14 Plus 2-in-1 to dmi_vgbs_allow_list
- Add Dell 16 Plus 2-in-1 to dmi_vgbs_allow_list
- Enable 5-button array on ThinkPad X1 Fold 16 Gen 1
oxpec:
- Add support for Aokzoe A2 Pro
- Add support for OneXPlayer APEX
- Add support for OneXPlayer X1 Air
- Add support for OneXPlayer X1z
platform_data/mlxreg: mlxreg.h:
- fix all kernel-doc warnings
redmi-wmi:
- Add more hotkey mappings
thinkpad_acpi:
- Fix errors reading battery thresholds
touchscreen_dmi:
- Add quirk for y-inverted Goodix touchscreen on SUPI S10
uniwill-laptop:
- Fix crash on unexpected battery event
- Handle FN lock event
- Mark FN lock status as being volatile
- Rename FN lock and super key lock attrs
-----BEGIN PGP SIGNATURE-----
iHUEABYIAB0WIQSCSUwRdwTNL2MhaBlZrE9hU+XOMQUCaarJlgAKCRBZrE9hU+XO
MY05AQCR1izfLKgDn88+dlYyLvEaZ7CPTH+nhUddRxb/W5eF4wEAxgkiQaSMk7IV
7GBLuoazK+XDgCK3J1Coq1BiU+JpWgM=
=oUiT
-----END PGP SIGNATURE-----
Merge tag 'platform-drivers-x86-v7.0-2' of git://git.kernel.org/pub/scm/linux/kernel/git/pdx86/platform-drivers-x86
Pull x86 platform driver fixes from Ilpo Järvinen:
- alienware-wmi-wmax: Add G-Mode support to m18 laptops
- asus-armoury: Add support for FA401UM, G733QS, GX650RX
- dell-wmi-sysman: Don't hex dump plaintext password data
- hp-bioscfg: Support large number of enumeration attributes
- hp-wmi: Add support for Omen 14-fb1xxx, 16-xd0xxx, 16-wf0xxx, and
Victus-d0xxx
- int3472: Handle GPIO type 0x10 (DOVDD)
- intel-hid:
- Add Dell 14 & 16 Plus 2-in-1 to dmi_vgbs_allow_list
- Enable 5-button array on ThinkPad X1 Fold 16 Gen 1
- mellanox: mlxreg: Fix kernel-doc warnings
- oxpec: Add support for OneXPlayer X1 Air, X1z, APEX, and Aokzoe A2
Pro
- redmi-wmi: Add more Fn hotkey mappings
- thinkpad_acpi: Fix errors reading battery thresholds
- touchscreen_dmi: Add quirk for y-inverted Goodix touchscreen on SUPI
S10
- uniwill-laptop:
- FN lock/super key lock attributes rename
- Fix crash on unexpected battery event
- A special key combination can alter FN lock status so mark it
volatile
- Handle FN lock event
* tag 'platform-drivers-x86-v7.0-2' of git://git.kernel.org/pub/scm/linux/kernel/git/pdx86/platform-drivers-x86: (27 commits)
platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data
platform_data/mlxreg: mlxreg.h: fix all kernel-doc warnings
platform/x86: asus-armoury: add support for FA401UM
platform/x86: asus-armoury: add support for GX650RX
platform/x86: hp-bioscfg: Support allocations of larger data
platform/x86: oxpec: Add support for Aokzoe A2 Pro
platform/x86: oxpec: Add support for OneXPlayer X1 Air
platform/x86: oxpec: Add support for OneXPlayer X1z
platform/x86: oxpec: Add support for OneXPlayer APEX
platform/x86: uniwill-laptop: Handle FN lock event
platform/x86: uniwill-laptop: Mark FN lock status as being volatile
platform/x86: uniwill-laptop: Fix crash on unexpected battery event
platform/x86: uniwill-laptop: Rename FN lock and super key lock attrs
platform/x86: redmi-wmi: Add more hotkey mappings
platform/x86: alienware-wmi-wmax: Add G-Mode support to m18 laptops
platform/x86: hp-wmi: add Omen 14-fb1xxx (board 8E41) support
platform/x86: dell-wmi: Add audio/mic mute key codes
platform/x86: hp-wmi: Add Victus 16-d0xxx support
platform/x86: intel-hid: Enable 5-button array on ThinkPad X1 Fold 16 Gen 1
platform/x86: int3472: Handle GPIO type 0x10 (DOVDD)
...
|
|
|
Linus Torvalds
|
9a881ea3da |
slab fixes for 7.0-rc2
-----BEGIN PGP SIGNATURE----- iQFPBAABCAA5FiEEe7vIQRWZI0iWSE3xu+CwddJFiJoFAmmqujcbFIAAAAAABAAO bWFudTIsMi41KzEuMTIsMiwyAAoJELvgsHXSRYiakO0H/RtqrDjh7evZtXlOu5l2 7cg2HKYeytPwlKbyerIZb7bt0rgBOVIugZWNswluvCXFWf8ypioBPUEKnkxuXtXd 9+8pdt8GOdW6XwobvmnupEWeN7xXMygPtMABh9E5GX1flxha5DVlspL6m4RUadJ9 Or6uo33NB9s5CQGFadb3CjTUnj5tlcKt48hvDisaxzjr1UaYrE9pauwL+UUB58Zi Xd38HET0a6mpBOsdPuzgrvGmtXL8dhwnNVY6aSMvpqeHY4w03iUXM08XdHbaqOW9 X1RYzmZNOR1poxFTsnhVGPvRNuVTpktm7hqh0JnbdEHM8zF72ZmXS8OxciCGZE4H Zr4= =tIX2 -----END PGP SIGNATURE----- Merge tag 'slab-for-7.0-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/vbabka/slab Pull slab fixes from Vlastimil Babka: - Fix for slab->stride truncation on 64k page systems due to short type. It was not due to races and lack of barriers in the end. (Harry Yoo) - Fix for severe performance regression due to unnecessary sheaf refill restrictions exposed by mempool allocation strategy. (Vlastimil Babka) - Stable fix for potential silent percpu sheaf flushing failures on PREEMPT_RT. (Vlastimil Babka) * tag 'slab-for-7.0-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/vbabka/slab: mm/slab: change stride type from unsigned short to unsigned int mm/slab: allow sheaf refill if blocking is not allowed slab: distinguish lock and trylock for sheaf_flush_main() |
|
|
Linus Torvalds
|
345dfaaf9f |
pmdomain providers:
- rockchip: Fix PD_VCODEC for RK3588 - bcm: Fix broken reset status read for bcm2835 -----BEGIN PGP SIGNATURE----- iQJLBAABCgA1FiEEugLDXPmKSktSkQsV/iaEJXNYjCkFAmmqrwsXHHVsZi5oYW5z c29uQGxpbmFyby5vcmcACgkQ/iaEJXNYjCnsQBAAoXJi1Tp+uPbYh7DCC+tndEng gy/P4G98eKJNH+XVIQRbFJlEnrXF6Wwn3MlqJU+AeHIWONvC8VshFYHDn/m73QRk MxADvNZkseLllr09vx9l7NS9MDMEbBFUMOjDv1KCGwDoqtc7pvgg7GCGkL8rAgWi ATFv18L46OE/7tDmLm46wcdrF+85QXS1IGb+q42lhSAJ26Svm2vV3/SYvRp/4Q61 dcEu6aRSyLdqa1Uaz2h06LNJJUDsaUSc/rI3Y+ruidEOkjvsbKmM4wmKXu/e2E+A F882V8nMAxuBGO5r191DSS04663zi4LrlR+UGMrDcIjuSP/R0wXJ6REvF3Xivrp4 WsMs67QK7Qjy6Sg7w2EqFVaaX+n1rHYG9ereExTKmbG12tzLn52lmBJRSzFpJcyv mufbB2CLQvKSps7KEv7H4NoljEtYRhOLC64U7/czujewevyMR1ex+5snZChTv26g ln4MhHf/s8TZZAfUl+EcZy06rLPnrNcwdHgZwcUDpnrUBlFoFWyX8rfwXfmaKrKB KWZhRqDgQXfI2bcYIMRubREKc/TG2tV3FOte8cdkvY9CixwjNl7qmCOgTRH+7O/H PQac+/hWxiuviEPppWvsa7k2hmuTWM1XN7jbXe0zUIPu7t6IlVrByqycXzJ3cjOM BxJ65USqq1eBmXqksR0= =fNrn -----END PGP SIGNATURE----- Merge tag 'pmdomain-v7.0-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/linux-pm Pull pmdomain fixes from Ulf Hansson: - rockchip: Fix PD_VCODEC for RK3588 - bcm: Fix broken reset status read for bcm2835 * tag 'pmdomain-v7.0-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/linux-pm: pmdomain: rockchip: Fix PD_VCODEC for RK3588 pmdomain: bcm: bcm2835-power: Fix broken reset status read |
|
|
Linus Torvalds
|
0b2758f48f |
Require (reasonably) normal mappings for MADV_DOFORK
This came up as a result of the tracing fix pull request, and commit
|
|
|
Linus Torvalds
|
617f5e9fad |
This push contains the following changes:
- Fix use-after-free in ccp. - Fix bug when SEV is disabled in ccp. - Fix tfm_count leak in atmel-sha204a. -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEn51F/lCuNhUwmDeSxycdCkmxi6cFAmmqQ0cACgkQxycdCkmx i6eUzg/+PHIyLgwiTcFljyxlJo8g0jDkbaaA+U3E+QImkgCgh+LdhvWp9g1nU2m/ dTcSAue2Vkgvnht7QOm2rQ/CWX+yjs9QOlztpyl7imajFIoTxQ/wRbJ+YO1T07Vr ZQmEO6B/N/GqIlSGvUXVVy9TZN5DhgXol7jWZtmQU+EYjFrLsWUMZd2Q3fDT6eoF 3QdbJBymblv78WxJ0PtMkEpqCF2ikcDCrX4mokrrXZXyakp263pzH7pbWl1xLXR5 fUZoTsGcyh2Me2Fcsanip8SOqj8DK80UguDZZki8tcHjH4tbVPyjJ0TqQwq8cMMb rCkGCfbV1g1+YNRuZb4YbMUeSXDqwf7G2FaI/DaxWKPYPik9yUnRt0WXAUXAX9wK NQ4V+PTlihkT+r4WqjVH1E8EpWSoS0oCWOE+1NwsW1idpo7UHNZPoR5BVrzp5jJ/ iW/hO28djHFebzQ1DZmiDCWvMKAHdUVN9gAFB0uyOoYgdWn1TMbuk83glGhYqHHV mCP62GuFJrZov4MO4EpiwlJi5pN1uRS69ZOFkHrM9db/3xnBO9zE48d9ePPLu+VM ng5N1Nwh1VXeR5mwk/OBSvHHN3vI76NU2fcfgLOQy5Z0YD9kk6jyydcKhmZP+BBN zXiJrsOhxUOpe2/TLgYCL+RNqzGMpuAtftcdi817TwopEXkheE4= =P2SQ -----END PGP SIGNATURE----- Merge tag 'v7.0-p2' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 Pull crypto fixes from Herbert Xu: - Fix use-after-free in ccp - Fix bug when SEV is disabled in ccp - Fix tfm_count leak in atmel-sha204a * tag 'v7.0-p2' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: crypto: atmel-sha204a - Fix OOM ->tfm_count leak crypto: ccp - Fix use-after-free on error path crypto: ccp - allow callers to use HV-Fixed page API when SEV is disabled |
|
|
Linus Torvalds
|
723b5c93aa |
ata fixes for 7.0-rc3
- Fix a problem where the deferred non-NCQ command would incorrectly get
completed as a failed command, if there was another command that timed
out. Found by Gemini. (Guenter)
- The deferred non-NCQ command work is only supposed to run after the
last NCQ command finishes. However, because the work was never canceled
on error (e.g. a timeout), the work could incorrectly run when commands
were still in flight. Found by syzbot. (me)
- Add a quirk to make sure that QEMU harddrives can potentially use up to
32 MiB I/Os. (Pedro)
- Add a quirk to disable LPM on Seagate ST1000DM010-2EP102. (Maximilian)
-----BEGIN PGP SIGNATURE-----
iHUEABYKAB0WIQRN+ES/c4tHlMch3DzJZDGjmcZNcgUCaarKRAAKCRDJZDGjmcZN
cvqoAQCU9tcNQZcVRtR+QpWmk9ZDqPFpI0qde9TWxVxByx1lUQEAubgAkf0F0Dp3
4eBP43Tniv/7SlPCKjbhEWEq6rvX7gA=
=YBsd
-----END PGP SIGNATURE-----
Merge tag 'ata-7.0-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/libata/linux
Pull ata fixes from Niklas Cassel:
- Fix a problem where the deferred non-NCQ command would incorrectly
get completed as a failed command, if there was another command that
timed out. Found by Gemini (Guenter)
- The deferred non-NCQ command work is only supposed to run after the
last NCQ command finishes. However, because the work was never
canceled on error (e.g. a timeout), the work could incorrectly run
when commands were still in flight. Found by syzbot (me)
- Add a quirk to make sure that QEMU harddrives can potentially use up
to 32 MiB I/Os (Pedro)
- Add a quirk to disable LPM on Seagate ST1000DM010-2EP102 (Maximilian)
* tag 'ata-7.0-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/libata/linux:
ata: libata-eh: Fix detection of deferred qc timeouts
ata: libata-core: Add BRIDGE_OK quirk for QEMU drives
ata: libata: cancel pending work after clearing deferred_qc
ata: libata-core: Disable LPM on ST1000DM010-2EP102
|
|
|
Linus Torvalds
|
a028739a43 |
block-7.0-20260305
-----BEGIN PGP SIGNATURE-----
iQJEBAABCAAuFiEEwPw5LcreJtl1+l5K99NY+ylx4KYFAmmqPRMQHGF4Ym9lQGtl
cm5lbC5kawAKCRD301j7KXHgplf5D/9uOsBr+OGXtkLUJtD6MiwoJUsYgYF2dMIx
epcp+8RdMaOGtigtx69QXzTP5aPjA+AvBLAMYM+QDQDAPMWbRPsD7LaCYHy7ekwA
OL68R3QRTMYPPgpuf7pKyhif7olozAvoWAnRaoWlo67rbK+mTzZsTIsgTwF4zUu6
T0dL9thbWqtJMxKSuUk+DywggvGyNZWICJ3rAZ6os2htruH0fPhsJNGVFgNXMnpe
Cy2OvWxBWRQkZnpDEocZUdYyCRVhHr7hu311j6nSLNXufqpgFmWLGO4C3vetOlgx
ulEHfGNINcSLcw9R8pNWRxU14V6iw8Oy4nU9RtZhUpF32Iasvxb4H0w76Dp9Ukq1
/DuoSkWg/Ahn24xSYxJwwZpOEE8L92pn0M2ukCfC6h7ytmDjjEL1AQ2kyFHV4mR3
nc/3FkQ0abe3HHk8Rit6+txe3sSQo5no1z8kFlb9yp2MwAmonxCCQ9N1s7pxeeP+
iLaPbGMaZ7Ra1GswD/vzxFQtkglsxLuM5D0JkjHe99a54ZnF0vF3y9jeDVOQbV1C
H6/bU/2DI3SQ8xqv6tIXQ22reyRen3ao5VKLSrmrT/tDQVoEBV5SMnJFO1J8jBP4
QST03wiu8ShHSyZ98KefwlsndrTX02V9UVD4FVj+TZXwCWltulnIR4dVYFdySWwW
d613iUsWJw==
=NNcQ
-----END PGP SIGNATURE-----
Merge tag 'block-7.0-20260305' of git://git.kernel.org/pub/scm/linux/kernel/git/axboe/linux
Pull block fixes from Jens Axboe:
- NVMe pull request via Keith:
- Improve quirk visibility and configurability (Maurizio)
- Fix runtime user modification to queue setup (Keith)
- Fix multipath leak on try_module_get failure (Keith)
- Ignore ambiguous spec definitions for better atomics support
(John)
- Fix admin queue leak on controller reset (Ming)
- Fix large allocation in persistent reservation read keys
(Sungwoo Kim)
- Fix fcloop callback handling (Justin)
- Securely free DHCHAP secrets (Daniel)
- Various cleanups and typo fixes (John, Wilfred)
- Avoid a circular lock dependency issue in the sysfs nr_requests or
scheduler store handling
- Fix a circular lock dependency with the pcpu mutex and the queue
freeze lock
- Cleanup for bio_copy_kern(), using __bio_add_page() rather than the
bio_add_page(), as adding a page here cannot fail. The exiting code
had broken cleanup for the error condition, so make it clear that the
error condition cannot happen
- Fix for a __this_cpu_read() in preemptible context splat
* tag 'block-7.0-20260305' of git://git.kernel.org/pub/scm/linux/kernel/git/axboe/linux:
block: use trylock to avoid lockdep circular dependency in sysfs
nvme: fix memory allocation in nvme_pr_read_keys()
block: use __bio_add_page in bio_copy_kern
block: break pcpu_alloc_mutex dependency on freeze_lock
blktrace: fix __this_cpu_read/write in preemptible context
nvme-multipath: fix leak on try_module_get failure
nvmet-fcloop: Check remoteport port_state before calling done callback
nvme-pci: do not try to add queue maps at runtime
nvme-pci: cap queue creation to used queues
nvme-pci: ensure we're polling a polled queue
nvme: fix memory leak in quirks_param_set()
nvme: correct comment about nvme_ns_remove()
nvme: stop setting namespace gendisk device driver data
nvme: add support for dynamic quirk configuration via module parameter
nvme: fix admin queue leak on controller reset
nvme-fabrics: use kfree_sensitive() for DHCHAP secrets
nvme: stop using AWUPF
nvme: expose active quirks in sysfs
nvme/host: fixup some typos
|
|
|
Linus Torvalds
|
3ad66a34cc |
io_uring-7.0-20260305
-----BEGIN PGP SIGNATURE----- iQJEBAABCAAuFiEEwPw5LcreJtl1+l5K99NY+ylx4KYFAmmqPTAQHGF4Ym9lQGtl cm5lbC5kawAKCRD301j7KXHgpueIEACHF0uws+uZSEsy9LUyC9ha8+5YN9szIJ3K QUGxa9pmCnQG5K50KpxyEYP6buaJDy1smJGgD2obkeGncC4w6xKK2kQTQV1U+C1C YA+7B/3HLhz5AWS6GIbRy6VZ599I4evlF8W79dX8BTnF8Y1ddkSuUnKx//q0AoQZ hr3foglcFlchy8JuQ2/MpxzfOouvNMdMmeUN4O+t8iXDrmePFYIOgrLcT+ObgC5D SXWx2cc3hMJ35hcSzedMWEBFcXnkX9nfh8Hd/+uPRcKsIwS8kCo6z01GoT/BCPRA jdrxAfoYSL16HPfq6GU52n6iCaRd+5NK+tt/ECCzTxGL32Hadrr+nxw4O7g3Q96u 07zeaqHSoTGUchtlqrGjALQLP2yxdACEjxMh3rfdStRv3x3bbbVVDdioVEzPukCr EBA+AbqaaG3LIYXwcY+15zx5NrAfeBAP1RjLgoV0s2ch4ghEqvnZGY4NLBDkcQ2R 97tM9+OdecBrsnlQr5GBoDbwpqc2pDEqSjkYDwoXqvqXs0DrMRq2MQw1Hjjh7Z7G FZx1KNTiLB/YQ0sSyMcUKnH+qBA0FxwN/C6dDnRjj4dH5YsoeG/GhsS3B00a+0yE S3MKrsf+uN21OYLVPSTEN6qS+02ZvK6E/Aw7/fk2IV60JMeM5KvCccmxa53dKls8 iyEJ7nVLOg== =xyKA -----END PGP SIGNATURE----- Merge tag 'io_uring-7.0-20260305' of git://git.kernel.org/pub/scm/linux/kernel/git/axboe/linux Pull io_uring fixes from Jens Axboe: - Fix a typo in the mock_file help text - Fix a comment regarding IORING_SETUP_TASKRUN_FLAG in the io_uring.h UAPI header - Use READ_ONCE() for reading refill queue entries - Reject SEND_VECTORIZED for fixed buffer sends, as it isn't implemented. Currently this flag is silently ignored This is in preparation for making these work, but first we need a fixup so that older kernels will correctly reject them - Ensure "0" means default for the rx page size * tag 'io_uring-7.0-20260305' of git://git.kernel.org/pub/scm/linux/kernel/git/axboe/linux: io_uring/zcrx: use READ_ONCE with user shared RQEs io_uring/mock: Fix typo in help text io_uring/net: reject SEND_VECTORIZED when unsupported io_uring: correct comment for IORING_SETUP_TASKRUN_FLAG io_uring/zcrx: don't set rx_page_size when not requested |
|
Christian Loehle
|
7fe44c4388 |
bpf: drop kthread_exit from noreturn_deny
kthread_exit became a macro to do_exit in commit
|