mirror of https://github.com/torvalds/linux.git
1412793 Commits
| Author | SHA1 | Message | Date |
|---|---|---|---|
Yang Erkun
|
d250bdf531 |
ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref
The error branch for ext4_xattr_inode_update_ref forget to release the
refcount for iloc.bh. Find this when review code.
Fixes:
|
|
Julian Sun
|
0ef7ef4227 |
ext4: add missing down_write_data_sem in mext_move_extent().
Commit |
|
Arnd Bergmann
|
cd16edba1c |
ext4: fix ext4_tune_sb_params padding
The padding at the end of struct ext4_tune_sb_params is architecture
specific and in particular is different between x86-32 and x86-64,
since the __u64 member only enforces struct alignment on the latter.
This shows up as a new warning when test-building the headers with
-Wpadded:
include/linux/ext4.h:144:1: error: padding struct size to alignment boundary with 4 bytes [-Werror=padded]
All members inside the structure are naturally aligned, so the only
difference here is the amount of padding at the end. Make the padding
explicit, to have a consistent sizeof(struct ext4_tune_sb_params) of
232 on all architectures and avoid adding compat ioctl handling for
EXT4_IOC_GET_TUNE_SB_PARAM/EXT4_IOC_SET_TUNE_SB_PARAM.
This is an ABI break on x86-32 but hopefully this can go into 6.18.y early
enough as a fixup so no actual users will be affected. Alternatively, the
kernel could handle the ioctl commands for both sizes (232 and 228 bytes)
on all architectures.
Fixes:
|
|
Linus Torvalds
|
9ace4753a5 | Linux 6.19-rc4 | |
|
Linus Torvalds
|
54e82e93ca |
- Make sure clang inlines trivial local_irq_* helpers
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEzv7L6UO9uDPlPSfHEsHwGGHeVUoFAmlaAKYACgkQEsHwGGHe
VUpprw//ShFrVWAz9tqnDiwxmHU/4T8Mp9fLmu34t2R60QnMdScpcOBDSou7O+JD
bp4209DMPVkmVIz+7OtaIfukHrLi6syWObRFCfhH8takfqb+xttSY5AwU8PRF57R
uayAA5MMPsQxqYqwSc5iCUUMdgdfohzQJms8AEK6YWkd9eMcqc2pDZKFdEKJRUg6
REYa87oaV5f6MBraHwSUQlVB8XYWjBHagdkj5uuamaEosRF1LaRc0HeaSd5DGCtS
VhDa1/EfwJl0anVx408E1FixzqBFHKM5vzsC/z8Nf4h6AkrCXwHgVPaFSdb0xBWz
heyfE7MLYb8Knep96fAI9NsAcwYGNzpSNiNfB3FaukWFxCd+Fl1Qk4vAc5r468+b
NkmmPiks/IX/wtshNOdxt6HkHQi1tRHKLIhaq6yzQn8sWh9Q3AjMn80feZgfe4V/
p08C/SrAIRdHkD5FeDLbbzZbtF3cv10UBmnkT4qHIIE6QgzoIXJeVBmQ7zU/lnU+
pv4bxhlWZl6DBqZhi0gysDNn/a5oM+8pzTTo7swXtdujEjQVICNz9pXJr9kA/057
ONaqIVZUevxquRjv7wdmP9QLqRPd0Se+c1K903r0NvN8XIoPg9D2VT5vjF2iJKMu
kKQCoejj1szZVx+qIquGRTsvL9U4RludmPGuN51YOAE5MNgxNtk=
=QxcB
-----END PGP SIGNATURE-----
Merge tag 'core_urgent_for_v6.19_rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull core entry fix from Borislav Petkov:
- Make sure clang inlines trivial local_irq_* helpers
* tag 'core_urgent_for_v6.19_rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
entry: Always inline local_irq_{enable,disable}_exit_to_user()
|
|
|
Linus Torvalds
|
aacb0a6d60 |
pmdomain providers:
- mediatek: Fix spinlock recursion fix during probe - imx: Fix reference count leak during probe -----BEGIN PGP SIGNATURE----- iQJLBAABCgA1FiEEugLDXPmKSktSkQsV/iaEJXNYjCkFAmlY4tEXHHVsZi5oYW5z c29uQGxpbmFyby5vcmcACgkQ/iaEJXNYjCmMGw/+OeVTe98SuoLT01SHR46R50XN QCxuhVoWH0KYBI6+nmcRSKeY1jSnrBmKKX6LqMIfHXv1lXCU92dbfHuthfN3saaF zV0YskGlQHZ3+4B+lL3Ojf7PlRVBF28fuplGA7ci4j3P3sgAds5kly/kcsllXs2x IiVIyahfPwA8eu6x36aBnDs/IXn11EOdhBA4jqRy09XKgRtLG1qCDl27UmmguyB7 GGtivGZOihXSp7BciAIFenpNElsDUdkj7ftyoVkl25Ixt+VMP8yqVCLd6S512tqg uqprxPJKM3nUtVV5NRYK9l7DDUxCdNWsrX9aONiUmkZLj2gzTDuz7evoV3uwajJ+ 6vzJFldv52L2pm/ENc8SUbdtvTCM7Gv8JVwmud+i8mAHVaqmOf4mAIpvlChet3RX 2d8RsqrEPe/i8TPsgBymrkSjpBm595sM25zzZYG2+Dgx3Paid5pTEvtjvhk0JGRc UgKoARfHIkzWFoOdbyguvK84xpFG2hOGcc89qMAnej7pggRZmZCmFzbPDbp2+cvp U37lVp2C0D53yO/jHOJZ78/VZbQv2W2qgKJzL4CWN5CiaAXFnaH98tJ7Rm/bEECe vRG9xTgRaNhUOY6W+HHp2c8MZQNDKZ5T3uBhbzdZUN+NwzXqUdgsj19Fbh/1ZX0w RYSHgVXaOqhZRyXt8mM= =0il+ -----END PGP SIGNATURE----- Merge tag 'pmdomain-v6.19-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/linux-pm Pull pmdomain fixes from Ulf Hansson: - mediatek: Fix spinlock recursion fix during probe - imx: Fix reference count leak during probe * tag 'pmdomain-v6.19-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/linux-pm: pmdomain: imx: Fix reference count leak in imx_gpc_probe() pmdomain: mtk-pm-domains: Fix spinlock recursion fix in probe |
|
|
Linus Torvalds
|
805f9a0613 |
perf-tools fixes and updates for v6.19
A number of small updates: - skip building BPF skeletons if libopenssl is missing - a couple of test updates - handle error cases of filename__read_build_id() - support NVIDIA Olympus for ARM SPE profiling - update tool headers to sync with the kernel Signed-off-by: Namhyung Kim <namhyung@kernel.org> -----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQSo2x5BnqMqsoHtzsmMstVUGiXMgwUCaVg+TgAKCRCMstVUGiXM g1RGAQCdCKNbdPm45ALTQp6BNg5hLmglzwXG85KPsqwI2r+xIAEAnpYShUMfBCiw sigdkXJUkD3TFE1NdXenz92iNThV9Ag= =UT5P -----END PGP SIGNATURE----- Merge tag 'perf-tools-fixes-for-v6.19-2026-01-02' of git://git.kernel.org/pub/scm/linux/kernel/git/perf/perf-tools Pull perf tool fixes and from Namhyung Kim: - skip building BPF skeletons if libopenssl is missing - a couple of test updates - handle error cases of filename__read_build_id() - support NVIDIA Olympus for ARM SPE profiling - update tool headers to sync with the kernel * tag 'perf-tools-fixes-for-v6.19-2026-01-02' of git://git.kernel.org/pub/scm/linux/kernel/git/perf/perf-tools: tools build: Fix the common set of features test wrt libopenssl tools headers: Sync syscall table with kernel sources tools headers: Sync linux/socket.h with kernel sources tools headers: Sync linux/gfp_types.h with kernel sources tools headers: Sync arm64 headers with kernel sources tools headers: Sync x86 headers with kernel sources tools headers: Sync UAPI sound/asound.h with kernel sources tools headers: Sync UAPI linux/mount.h with kernel sources tools headers: Sync UAPI linux/fs.h with kernel sources tools headers: Sync UAPI linux/fcntl.h with kernel sources tools headers: Sync UAPI KVM headers with kernel sources tools headers: Sync UAPI drm/drm.h with kernel sources perf arm-spe: Add NVIDIA Olympus to neoverse list tools headers arm64: Add NVIDIA Olympus part perf tests top: Make the test exclusive perf tests kvm: Avoid leaving perf.data.guest file around perf symbol: Fix ENOENT case for filename__read_build_id perf tools: Disable BPF skeleton if no libopenssl found tools/build: Add a feature test for libopenssl |
|
|
Linus Torvalds
|
bbbc721033 |
Power management fix for 6.19-rc4
Fix a recent regression that affects system suspend testing at the "core" level (Rafael Wysocki) -----BEGIN PGP SIGNATURE----- iQFGBAABCAAwFiEEcM8Aw/RY0dgsiRUR7l+9nS/U47UFAmlYG/ISHHJqd0Byand5 c29ja2kubmV0AAoJEO5fvZ0v1OO1mK0IAIrCiY5dvp9+72DvEWqS2uHHFVs3sHKR SOpJR3koYehZEn/PvnM2PgvWNCLtru4nU/Q3EnWFfFCFuFuAMQ6Zl5U7YyKkW1Uc bcTMsnLOTJm/3AYu3O+4TGASq1VF1xqE+AB/ie5fNz5gDSlblGKrqh0se3m5m1Vu PsLsm27wkLyEHCd3AdXRNSU54GssjTaABkVTQ/Unk4PznbBiKsckaThLjbjQaiqB KzqU0B3Q3Zx9Qj1lVzXwXaYushehGbs3bqw8+q2DPrV/jwLVLYX/ofwEkCH+lQ47 tS+di//pFi/grWu/GtR4EQ0fCzgYPDaBfbQlOD2gA60EgplU4XY3804= =CK7L -----END PGP SIGNATURE----- Merge tag 'pm-6.19-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm Pull power management fix from Rafael Wysocki: "Fix a recent regression that affects system suspend testing at the 'core' level (Rafael Wysocki)" * tag 'pm-6.19-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm: PM: sleep: Fix suspend_test() at the TEST_CORE level |
|
|
Linus Torvalds
|
dec1ecf2c7 |
Crypto library fix for v6.19-rc4
Fix the kunit_run_irq_test() function (which I recently added for the
CRC and crypto tests) to be less timing-dependent. This fixes flakiness
in the polyval kunit test suite.
-----BEGIN PGP SIGNATURE-----
iIoEABYIADIWIQSacvsUNc7UX4ntmEPzXCl4vpKOKwUCaVgMCxQcZWJpZ2dlcnNA
a2VybmVsLm9yZwAKCRDzXCl4vpKOK46IAPwOtyn1r+t5tS4OWeyDYkCzNBamG4Xj
Rhxlf2BX0jtHYQD/WulHkAdfhT/WYZJeGb9UvFvdZMsgbq4liLKJGbFn1Q4=
=1kSJ
-----END PGP SIGNATURE-----
Merge tag 'libcrypto-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux
Pull crypto library fix from Eric Biggers:
"Fix the kunit_run_irq_test() function (which I recently added for the
CRC and crypto tests) to be less timing-dependent.
This fixes flakiness in the polyval kunit test suite"
* tag 'libcrypto-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux:
kunit: Enforce task execution in {soft,hard}irq contexts
|
|
|
Linus Torvalds
|
6ce4d44fb0 |
RDMA v6.19 first rc request
- Fix several syzkaller found bugs:
* Poor parsing of the RDMA_NL_LS_OP_IP_RESOLVE netlink
* GID entry refcount leaking when CM destruction races with multicast
establishment
* Missing refcount put in ib_del_sub_device_and_put()
- Fixup recently introduced uABI padding for 32 bit consistency
- Avoid user triggered math overflow in MANA and AFA
- Reading invalid netdev data during an event
- kdoc fixes
- Fix never-working gid copying in ib_get_gids_from_rdma_hdr
- Typo in bnxt when validating the BAR
- bnxt mis-parsed IB_SEND_IP_CSUM so it didn't work always
- bnxt out of bounds access in bnxt related to the counters on new devices
- Allocate the bnxt PDE table with the right sizing
- Use dma_free_coherent() correctly in bnxt
- Allow rxe to be unloadable when CONFIG_PROVE_LOCKING by adjusting the
tracking of the global sockets it uses
- Missing unlocking on error path in rxe
- Compute the right number of pages in a MR in rtrs
-----BEGIN PGP SIGNATURE-----
iHUEABYKAB0WIQRRRCHOFoQz/8F5bUaFwuHvBreFYQUCaVgCzAAKCRCFwuHvBreF
YT1LAPsGcDQjgD6efMrE6HsRA+QJHmds714yxEMFYKCdg17gVgEA4KQItAWHOhqg
gSfONZenWOQfTzXepId51rMt5fsSowU=
=BaGT
-----END PGP SIGNATURE-----
Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma
Pull rdma fixes from Jason Gunthorpe:
- Fix several syzkaller found bugs:
- Poor parsing of the RDMA_NL_LS_OP_IP_RESOLVE netlink
- GID entry refcount leaking when CM destruction races with
multicast establishment
- Missing refcount put in ib_del_sub_device_and_put()
- Fixup recently introduced uABI padding for 32 bit consistency
- Avoid user triggered math overflow in MANA and AFA
- Reading invalid netdev data during an event
- kdoc fixes
- Fix never-working gid copying in ib_get_gids_from_rdma_hdr
- Typo in bnxt when validating the BAR
- bnxt mis-parsed IB_SEND_IP_CSUM so it didn't work always
- bnxt out of bounds access in bnxt related to the counters on new
devices
- Allocate the bnxt PDE table with the right sizing
- Use dma_free_coherent() correctly in bnxt
- Allow rxe to be unloadable when CONFIG_PROVE_LOCKING by adjusting the
tracking of the global sockets it uses
- Missing unlocking on error path in rxe
- Compute the right number of pages in a MR in rtrs
* tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma:
RDMA/bnxt_re: fix dma_free_coherent() pointer
RDMA/rtrs: Fix clt_path::max_pages_per_mr calculation
IB/rxe: Fix missing umem_odp->umem_mutex unlock on error path
RDMA/bnxt_re: Fix to use correct page size for PDE table
RDMA/bnxt_re: Fix OOB write in bnxt_re_copy_err_stats()
RDMA/bnxt_re: Fix IB_SEND_IP_CSUM handling in post_send
RDMA/core: always drop device refcount in ib_del_sub_device_and_put()
RDMA/rxe: let rxe_reclassify_recv_socket() call sk_owner_put()
RDMA/bnxt_re: Fix incorrect BAR check in bnxt_qplib_map_creq_db()
RDMA/core: Fix logic error in ib_get_gids_from_rdma_hdr()
RDMA/efa: Remove possible negative shift
RTRS/rtrs: clean up rtrs headers kernel-doc
RDMA/irdma: avoid invalid read in irdma_net_event
RDMA/mana_ib: check cqe length for kernel CQs
RDMA/irdma: Fix irdma_alloc_ucontext_resp padding
RDMA/ucma: Fix rdma_ucm_query_ib_service_resp struct padding
RDMA/cm: Fix leaking the multicast GID table reference
RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly
|
|
|
Linus Torvalds
|
3d35fa1190 |
linux_kselftest-fixes-6.19-rc4
-- Fix for build failures in tests that use an empty FIXTURE() seen in
Android's build environment, which uses -D_FORTIFY_SOURCE=3), a build
failure occurs in tests that use an empty FIXTURE().
-- Fix func_traceonoff_triggers.tc sometimes failures on Kunpeng-920 board
resulting from including transient trace file name in checksum compare.
-- Fix to remove available_events requirement from toplevel-enable for
instance as it isn't a valid requirement for this test.
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEPZKym/RZuOCGeA/kCwJExA0NQxwFAmlX++YACgkQCwJExA0N
QxyWOQ/+M/BWTZxNKpTVfdy3ouQC96u540/Aeu8F0muP8dL2kEPVbcv9kPcEdMR6
uWoE5IRK1DYj1mKHU81VsW338IEbWWLQVDiPc+6fIoW2WoLAKbxj7IpOxopgk1tA
gtFkXGwxkKTioNLtdCVmsMAcb+DRuroIpKNngIs0vn/yrZyR0ovuw8YuAAzBdXFM
KaKMcDhEadbeRs9yLa3UTDHYS7y+7a+1ZvoUr5gM8L9rvNIGjnUpacXVNpdoscBw
zQnd9Y0dWEKvjsCW9HGJVlAhNHm5agyL2omF5gjQBd7GQ9c+8udKvRUZ4HSpLHMd
MGT5aQsvw4c+iDlkaI0oFitPN1HGkR5rDzrwrFnOEYZ+aZqs+5mCNpyS0vB4De77
uLh1/AoO0dZ+tINQoGT7T4nLz5YYTBZBdTuuTNU292nDtvzegD+N82J8K/qt+Rcp
+dYJQ5QUsJvhQXjgiO7EGXRt+p3Z+b4T9vyQbs0+jb0nXlLTfIZbpSAoKNFkVpIy
l0G4f9zQf7DhEWghPh2lfwMZVH9FyBlEe9JkQfVQ1765Bd4mt3CM48o2so6op8cU
N1SXSYKhwqXXH5HZBGIwDKsd+d3wB0JqsaGIt8NG0os/jpKzXtCVRZ+W9RZwukhx
egk/kt51p3Gg+4wzFn5l0Dg0q62zfbWNecmdnBkTQMFceKUc5Ls=
=UYYR
-----END PGP SIGNATURE-----
Merge tag 'linux_kselftest-fixes-6.19-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest
Pull kselftest fixes from Shuah Khan:
- Fix for build failures in tests that use an empty FIXTURE() seen in
Android's build environment, which uses -D_FORTIFY_SOURCE=3, a build
failure occurs in tests that use an empty FIXTURE()
- Fix func_traceonoff_triggers.tc sometimes failures on Kunpeng-920
board resulting from including transient trace file name in checksum
compare
- Fix to remove available_events requirement from toplevel-enable for
instance as it isn't a valid requirement for this test
* tag 'linux_kselftest-fixes-6.19-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest:
kselftest/harness: Use helper to avoid zero-size memset warning
selftests/ftrace: Test toplevel-enable for instance
selftests/ftrace: traceonoff_triggers: strip off names
|
|
|
Linus Torvalds
|
bea82c80a5 |
block-6.19-20260102
-----BEGIN PGP SIGNATURE-----
iQJEBAABCAAuFiEEwPw5LcreJtl1+l5K99NY+ylx4KYFAmlX7MMQHGF4Ym9lQGtl
cm5lbC5kawAKCRD301j7KXHgpvuYEACG0VFYmcqmB4JZygecJB3xaxhbVIrCbjFv
Vmc0XNTkcCpjYAv1jpkS5F3nkJhzZlFNn9xOaP/O8E+6tSctFIre7qjMRpxZM3yl
GA+MqPI+zNbpYMgsoAH/XTASTVfaTEPOlaoAPQeo8Ey3JRw3Ko1IDNU7zIYK94Xl
rSAeT65W7vJ+HBjctBoCZYMsE2x0Sn0yrVctkL1mMusQwIg6oMhJ1w1p36P17Mc1
YgLWQYtfK+eogdTM0Jh9RvDtVJL3WT1I2Ii3KBdCgryY7iSxFXvM0pm1lrOBH+kI
4bKHTylBnjfmxv7dlz3jHwRmahwdXDk7rpq1EMPygDSj835h3SgAFz3rm9nCUjNI
xWyEZeN6z4ykdOlqJ6ghTnZTroRdM/12HbSV46n69tczxepG3Mn1i3gBd4UQhn5T
z6aqa7akIsynlzOnLgrwQjxgVhtfAHptrgAg7g7Kz9hq9xTAEPc2f9Nq7glmLP6f
wPMoy2lla69vk4Tlzh8TZpTHRPLYLHTtL5OQPM6dnyQ6MzWm2/PHJ/MNfV7/o+VR
W61BYXUz6d2q81c/I16VWVQvJ0nUa3v7hUGCLUeimQUg+ulyIlMX4wrOI7iYTFTy
V/4c3DHKEh9y/ptmCgv0jDZdwSoUYvXkn0vFe0fcF3q/T7xea4dok8mcXLcKhMuc
xPFtx92dhQ==
=4NB3
-----END PGP SIGNATURE-----
Merge tag 'block-6.19-20260102' of git://git.kernel.org/pub/scm/linux/kernel/git/axboe/linux
Pull block fixes from Jens Axboe:
- Scan partition tables asynchronously for ublk, similarly to how nvme
does it. This avoids potential deadlocks, which is why nvme does it
that way too. Includes a set of selftests as well.
- MD pull request via Yu:
- Fix null-pointer dereference in raid5 sysfs group_thread_cnt
store (Tuo Li)
- Fix possible mempool corruption during raid1 raid_disks update
via sysfs (FengWei Shih)
- Fix logical_block_size configuration being overwritten during
super_1_validate() (Li Nan)
- Fix forward incompatibility with configurable logical block size:
arrays assembled on new kernels could not be assembled on older
kernels (v6.18 and before) due to non-zero reserved pad rejection
(Li Nan)
- Fix static checker warning about iterator not incremented (Li Nan)
- Skip CPU offlining notifications on unmapped hardware queues
- bfq-iosched block stats fix
- Fix outdated comment in bfq-iosched
* tag 'block-6.19-20260102' of git://git.kernel.org/pub/scm/linux/kernel/git/axboe/linux:
block, bfq: update outdated comment
blk-mq: skip CPU offline notify on unmapped hctx
selftests/ublk: fix Makefile to rebuild on header changes
selftests/ublk: add test for async partition scan
ublk: scan partition in async way
block,bfq: fix aux stat accumulation destination
md: Fix forward incompatibility from configurable logical block size
md: Fix logical_block_size configuration being overwritten
md: suspend array while updating raid_disks via sysfs
md/raid5: fix possible null-pointer dereferences in raid5_store_group_thread_cnt()
md: Fix static checker warning in analyze_sbs
|
|
|
Linus Torvalds
|
509b5b1152 |
io_uring-6.19-20260102
-----BEGIN PGP SIGNATURE----- iQJEBAABCAAuFiEEwPw5LcreJtl1+l5K99NY+ylx4KYFAmlX7O8QHGF4Ym9lQGtl cm5lbC5kawAKCRD301j7KXHgpkzbD/0SoEnTZ+jlbJojq6eAFtYAU3ial6sRdKC9 15+WqlsMN5MHoV/xLMqHGxofpxCyXMmZZSPholWaUIiGJDcf4Q4olFFDTAgZPZYk XxpN9KeE4/n17eFXe+TE/D172MVM0gt9QbJFoV+TLyayrGiB5QyocH6Vg4FoWvjr YvyicIRE3SLiBQ8zdfPC4SR28VBE3LKZxjZJxr2HQjJQw4O4/+gKkYz7upACc4Xk qN3JioIayuM3hrqcBSm7P0t4tlTCYHZvcGr7WI26CV6hcHD7j7N9jOVPZb4ce8et GIYwASYx4FTPrzAebQXXNL39RjoSeaRa/ppcdFHbT9ZZkI9yY9g3umg3kEml8RkF DFFwmPxlz2RuRLs+KdZ4UjLRf14W5qYlcThN7bgpTH4H0XUeDzT7HI9BiXBC7gjl p0Z1Y3NPAzMxil48ZPpopJxmQGcBIC8fMnDT0KVpvuILrN3ME0TMg82lQ2X/eTwf S/oPLebqqWy4N8Ff5x+GYmWxZvFEOxmO0AoSSiN3nlZ1skNqRlpMISTsFJXy+luq V31d0cLBfrWL9MNTE+yjLNT/5pc1l+HgVLxdoxCioEKWXXdB27YEDlh0CVNtjZ9j /ZVMJcZhzRBUvWLUvzQrtY65m0I8h6XYJAr7TXbbsL70yFAsgQmBUZPklqe6eijy HFYYO4vnJg== =KgoB -----END PGP SIGNATURE----- Merge tag 'io_uring-6.19-20260102' of git://git.kernel.org/pub/scm/linux/kernel/git/axboe/linux Pull io_uring fixes from Jens Axboe: - Removed dead argument length for io_uring_validate_mmap_request() - Use GFP_NOWAIT for overflow CQEs on legacy ring setups rather than GFP_ATOMIC, which makes it play nicer with memcg limits - Fix a potential circular locking issue with tctx node removal and exec based cancelations * tag 'io_uring-6.19-20260102' of git://git.kernel.org/pub/scm/linux/kernel/git/axboe/linux: io_uring/memmap: drop unused sz param in io_uring_validate_mmap_request() io_uring/tctx: add separate lock for list of tctx's in ctx io_uring: use GFP_NOWAIT for overflow CQEs on legacy rings |
|
|
Linus Torvalds
|
71b62ed6ce |
Fix the AMD microcode Entrysign signature checking code to include more
models. Signed-off-by: Ingo Molnar <mingo@kernel.org> -----BEGIN PGP SIGNATURE----- iQJFBAABCgAvFiEEBpT5eoXrXCwVQwEKEnMQ0APhK1gFAmlXyzsRHG1pbmdvQGtl cm5lbC5vcmcACgkQEnMQ0APhK1h/vxAAhHWSKqRwp/f7DFjWHuALhu7rpWUzkXGI rlyHyGkpYHMLkmNx2F9syhpO6shWT8Qe4ovAXQ/9eoMhnitb1ws/ypZR9Ys9n91L DpTmH0ZpgubGLDzEMdhF+xVUA6UIXn2CTN6IZHtI8sgfji5hT2386yxp4hQFELj/ HZwksYKihg5BpzbJdKle6CupGsx1JBFVCubwMpE8czUWrP/3QF5liHxLyx1Um9e4 JT2KyAGlCZtF9WsMEA7bfEcrMKUMiXiwa4d+XYMesC9eLr7LQlBe1DhajdnlSRsF S6+mbfJpjS5w8aEGV/x1/0SK3PeehavBjNHHnv50vnvVaAMRP4+b1kKxH4HZeKtm Q3AUi6JKgNUpS/YnD0Z6C3zo1rq5w7qtAKuz6sm7lQxQw/RVYIfS0N8KnhlYnOdH l+NtWWwk3/TaI2uywhpbYthQsSmUkQQjAlsWZvdDZlIICDJEu1n6H11sk6FyCGwQ u5rH12j/CwtoSK6qX/ON58ZrXzvAx5TJLXD0zI6QMhm7XPnKtpVdt6F+ymmJuiLD HWhHyaPhblAncavIDebPeHU9LKBC+b334MlgVdCHheR2wiZU+KgZDZXhk6cGqH2i w6LnrMJHkJMU9EIwWKgofxNvyUKmZdCHwzfjwrNGVEY6IRzjaODY6/2Xs78peIci vjKq1jGJSJM= =lb3E -----END PGP SIGNATURE----- Merge tag 'x86-urgent-2026-01-02' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 fix from Ingo Molnar: "Fix the AMD microcode Entrysign signature checking code to include more models" * tag 'x86-urgent-2026-01-02' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/microcode/AMD: Fix Entrysign revision check for Zen5/Strix Halo |
|
|
Linus Torvalds
|
b993744a97 |
LoongArch fixes for v6.19-rc4
-----BEGIN PGP SIGNATURE----- iQJKBAABCAA0FiEEzOlt8mkP+tbeiYy5AoYrw/LiJnoFAmlU53YWHGNoZW5odWFj YWlAa2VybmVsLm9yZwAKCRAChivD8uImeg+8EACKxo2A+3IrYtK6O77dq3aG7LlM i5hATMFF4nSWwOySNANkHvbPoHSYWV3TGUSy691YAFolLjblmlJm3glq5a38T7o/ R22OAMnxWG4U4iMLmEv3cyPFU74HuMGvOtXGVPCMrOYcAdwznhf4o5FKO+RPTqxy pnLh5bjOCfqC1EONf17Li/E/rL8N/63nl1pdNT44wpCx7FHDNj/+/pN0x8tJKC+L vUiAvaXO71+xHU+8DoKtC+98DL8ISgc8sPeRZGSDTPVxp2GgLioTHgcSDskawzSe XKmn3crSIatinXlbgzaW5Wsf4QiDfYa7fj0rusUjfB3MQ/BztJMxQwEXIZ7psuWx XEOgXcDDXT8xkpsCUEWAgV+p2FGawU1B2TtVQblEb5jt5SZAyVRm9jhV5IgG0+7G yoOZNN6PDShP8IeydQ7XJgYz0YkOyiSPqcnVen1/NDHMAuX9dLthp2k1ZNERMzVm +41x/9AFHt3ue6WbBltlIKJMbjCmFLll+DHxaA8zouqdf1d9J50R0fI1w7SDjPCZ AN0hpfzj1+5kCPWfDilz/xjgpwChKKCPstKeyzGjd9aQrE2rEfGxo2s18dZ70l6j CRBAIdSTEZyU1lgrvNvieuwC72Iquq00s8rCdCsRM3BcVyc/mLgLqUKsd4adscsD T3LjQJ5TUuq/ib/6xw== =SXUv -----END PGP SIGNATURE----- Merge tag 'loongarch-fixes-6.19-1' of git://git.kernel.org/pub/scm/linux/kernel/git/chenhuacai/linux-loongson Pull LoongArch fixes from Huacai Chen: "Complete CPUCFG registers definition, set correct protection_map[] for VM_NONE/VM_SHARED, fix some bugs in the orc stack unwinder, ftrace and BPF JIT" * tag 'loongarch-fixes-6.19-1' of git://git.kernel.org/pub/scm/linux/kernel/git/chenhuacai/linux-loongson: samples/ftrace: Adjust LoongArch register restore order in direct calls LoongArch: BPF: Enhance the bpf_arch_text_poke() function LoongArch: BPF: Enable trampoline-based tracing for module functions LoongArch: BPF: Adjust the jump offset of tail calls LoongArch: BPF: Save return address register ra to t0 before trampoline LoongArch: BPF: Zero-extend bpf_tail_call() index LoongArch: BPF: Sign extend kfunc call arguments LoongArch: Refactor register restoration in ftrace_common_return LoongArch: Enable exception fixup for specific ADE subcode LoongArch: Remove unnecessary checks for ORC unwinder LoongArch: Remove is_entry_func() and kernel_entry_end LoongArch: Use UNWIND_HINT_END_OF_STACK for entry points LoongArch: Set correct protection_map[] for VM_NONE/VM_SHARED LoongArch: Complete CPUCFG registers definition |
|
|
Linus Torvalds
|
9b04368044 |
drm fixes for 6.19-rc4
shmem: - docs and MODULE_LICENSE fix xe: - Ensure svm device memory is idle before migration completes - Fix a SVM debug printout - Use READ_ONCE() / WRITE_ONCE() for g2h_fence i915: - Fix eb_lookup_vmas() failure path nouveau: - fix prepare_fb warnings imagination: - prevent export of protected objects -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEEKbZHaGwW9KfbeusDHTzWXnEhr4FAmlXQY4ACgkQDHTzWXnE hr7LEQ//bl5D0Dk2AGef3J6ZdE5aj+BfPYhcZuxwREtcsoGFZ3yL3YyWqqYVDHQh V3La32pZaI6MdjUsWnRBJvDHYyXnnIDZDMi0pTqcFrYIOHgS1Rvp3ONF8sL1Pq5N Q09j6DniyD8o2S27qbRbiUD6jYrfxFBZ4l6HGpoz8bkODnzMk6am1LwPd22KjRta Ddti6Mhzj5ZmYsuWBKDCT8bBcQjQnlvEuxySakctaj4wX8WpCRPXLluPjkLrikDZ CyywAoZM6c8DesGOMO4gy2GWxtYdprk9oyl9oEL3NFSI6R65RW1ivgmyq08DADQ9 jgPr6FHvIwgfUOVsvyaLZrEt/hvdAX0nYYaMvwi1HsdoEke8wPkbV161/2AQtu9R TWMfh4zvGni7bu3GsSv6SvUjCqsXQZ1i/tCNU45kqlqAaHN4m6rK36TmMytenZik qinjHeelvYZhkxfo+xlCl5CestDHdWqfAWWvkJ0kNuedhyy+M+6aOhX1h45F1jJ4 F8I3ZXERLbLIvVm0IaXwZO9VEOiDJirF932of4PpcYHp9sp3YPJcB3SBCyfsFOtv rINN/h9wyp29H0UCCSW4k6WGPwmEV4oEtYkrkesqFnrJy97R3XrUC6/zqPtV4nnN d3F6cmuleLm+4VZsfQ7zknXb4cIt5kYCapd7YBtEn1BkU0Vk/+M= =bYco -----END PGP SIGNATURE----- Merge tag 'drm-fixes-2026-01-02' of https://gitlab.freedesktop.org/drm/kernel Pull drm fixes from Dave Airlie: "Happy New Year, jetlagged fixes from me, still pretty quiet, xe is most of this, with i915/nouveau/imagination fixes and some shmem cleanups. shmem: - docs and MODULE_LICENSE fix xe: - Ensure svm device memory is idle before migration completes - Fix a SVM debug printout - Use READ_ONCE() / WRITE_ONCE() for g2h_fence i915: - Fix eb_lookup_vmas() failure path nouveau: - fix prepare_fb warnings imagination: - prevent export of protected objects" * tag 'drm-fixes-2026-01-02' of https://gitlab.freedesktop.org/drm/kernel: drm/i915/gem: Zero-initialize the eb.vma array in i915_gem_do_execbuffer drm/xe/guc: READ/WRITE_ONCE g2h_fence->done drm/pagemap, drm/xe: Ensure that the devmem allocation is idle before use drm/xe/svm: Fix a debug printout drm/gem-shmem: Fix the MODULE_LICENSE() string drm/gem-shmem: Fix typos in documentation drm/nouveau/dispnv50: Don't call drm_atomic_get_crtc_state() in prepare_fb drm/imagination: Disallow exporting of PM/FW protected objects |
|
|
Linus Torvalds
|
e3a97ab1bb |
four smb3 server fixes
-----BEGIN PGP SIGNATURE----- iQGzBAABCgAdFiEE6fsu8pdIjtWE/DpLiiy9cAdyT1EFAmlXPlwACgkQiiy9cAdy T1E9IQwAweeZ0DcWbOsCL7LCeelWHV8ULCebqZUR1jOfW7CBJ9QHuOu3A78MoRUs FglFgHCwQ8oCCVH3AuQNK2lRulUCBcFIOUuFQSqZF+NFZ1eTzuFHfvZJYe4OXTbz QogxMIP85PegR0M4oZ6PGz/3iDXatPC11NhdbTUnMGtsNWA/cIG1A030g2pDVeEu MtMB2Et+hs4d2toYgnTmwM044yi3b71/bBDo7uSykIX4G1/MdYgtVd+kacD9PhwA irHPb/C/Rvla3sS/Z5/Hh0CLU1GUgscR5iHMTZG84uGds5fsYbtMv1wiG1eZvim/ /bgEqBxM73ahlb4cYhIyxoAUGIlkkswFr1IhNgfJneKbotLnwm7Fmm1xyhvzUzVy vAzh+dh8cm28G3iuobSsaJkvE6Ah5DbQwYp9CzSjgUASGaOHKZfAd7nB4DfkAT3u KWYQV7B4t37B5KZdYhngFjgX0SUDpggbkHeGIC26TYdb08ajWF5ejV+md/Zl/IuF XUl2Iqte =W8mw -----END PGP SIGNATURE----- Merge tag 'v6.19-rc3-smb3-server-fixes' of git://git.samba.org/ksmbd Pull smb server fixes from Steve French: - Fix memory leak - Fix two refcount leaks - Fix error path in create_smb2_pipe * tag 'v6.19-rc3-smb3-server-fixes' of git://git.samba.org/ksmbd: smb/server: fix refcount leak in smb2_open() smb/server: fix refcount leak in parse_durable_handle_context() smb/server: call ksmbd_session_rpc_close() on error path in create_smb2_pipe() ksmbd: Fix memory leak in get_file_all_info() |
|
|
Linus Torvalds
|
047b4e783c |
two smb3 client fixes
-----BEGIN PGP SIGNATURE----- iQGzBAABCgAdFiEE6fsu8pdIjtWE/DpLiiy9cAdyT1EFAmlXPiYACgkQiiy9cAdy T1EaiQv+Mx6aS5nVptTxeNbNM95lsTpL5NB5+p21i+VNsG+ZVANl7U4/qYDJdfQb I7NfvGYSn0o7PBv3BlaitBxMFoJSVZrIQ3wsGKN9Rv6N+KjyDYfp3J30Na7enP11 /+5/43TMok/yU936dLEwHh3YWvI120O/cWkjooQyHD9yLOXYBU8VkEfK0y4o8BVs JqOXhINus+5Bj2nLk01wF7HgUYDjL0R6GyGyoWcReVa1nYaxcaYEsbWU+KixPnGj x9FY5lz4CTtImttWDUEiPNEO8FaWJ866jbtN4FEerWYy7VBwIjAG6pLerZqTgXMp oGKdUG3/vSkyyuTeRJspYimKNZrWbMILM6oxk+Y0eDFEM1Z2p+KJaNJqL1bXF98K V+3if32md6i2t7h0QnxTXmVrs3acGDXJ9UNMELgtjRUS6w4vnS0Gf8HrPndaZvVO x9LUBm884svK4JWb4g3P8fBfnVrTdJw8tXyRibwxtct+iEqDbANacDGomzZPIxtB DYiZo0JM =3N8R -----END PGP SIGNATURE----- Merge tag 'v6.19-rc3-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6 Pull smb client fixes from Steve French: - Fix array out of bounds error in copy_file_range - Add tracepoint to help debug ioctl failures * tag 'v6.19-rc3-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6: smb: client: fix UBSAN array-index-out-of-bounds in smb2_copychunk_range smb3 client: add missing tracepoint for unsupported ioctls |
|
Julia Lawall
|
69153e8b97 |
block, bfq: update outdated comment
The function bfq_bfqq_may_idle() was renamed as bfq_better_to_idle()
in commit
|
|
Caleb Sander Mateos
|
70eafc7430 |
io_uring/memmap: drop unused sz param in io_uring_validate_mmap_request()
io_uring_validate_mmap_request() doesn't use its size_t sz argument, so remove it. Signed-off-by: Caleb Sander Mateos <csander@purestorage.com> Signed-off-by: Jens Axboe <axboe@kernel.dk> |
|
Jens Axboe
|
5623eb1ed0 |
io_uring/tctx: add separate lock for list of tctx's in ctx
ctx->tcxt_list holds the tasks using this ring, and it's currently protected by the normal ctx->uring_lock. However, this can cause a circular locking issue, as reported by syzbot, where cancelations off exec end up needing to remove an entry from this list: ====================================================== WARNING: possible circular locking dependency detected syzkaller #0 Tainted: G L ------------------------------------------------------ syz.0.9999/12287 is trying to acquire lock: ffff88805851c0a8 (&ctx->uring_lock){+.+.}-{4:4}, at: io_uring_del_tctx_node+0xf0/0x2c0 io_uring/tctx.c:179 but task is already holding lock: ffff88802db5a2e0 (&sig->cred_guard_mutex){+.+.}-{4:4}, at: prepare_bprm_creds fs/exec.c:1360 [inline] ffff88802db5a2e0 (&sig->cred_guard_mutex){+.+.}-{4:4}, at: bprm_execve+0xb9/0x1400 fs/exec.c:1733 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #2 (&sig->cred_guard_mutex){+.+.}-{4:4}: __mutex_lock_common kernel/locking/mutex.c:614 [inline] __mutex_lock+0x187/0x1350 kernel/locking/mutex.c:776 proc_pid_attr_write+0x547/0x630 fs/proc/base.c:2837 vfs_write+0x27e/0xb30 fs/read_write.c:684 ksys_write+0x145/0x250 fs/read_write.c:738 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xec/0xf80 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f -> #1 (sb_writers#3){.+.+}-{0:0}: percpu_down_read_internal include/linux/percpu-rwsem.h:53 [inline] percpu_down_read_freezable include/linux/percpu-rwsem.h:83 [inline] __sb_start_write include/linux/fs/super.h:19 [inline] sb_start_write+0x4d/0x1c0 include/linux/fs/super.h:125 mnt_want_write+0x41/0x90 fs/namespace.c:499 open_last_lookups fs/namei.c:4529 [inline] path_openat+0xadd/0x3dd0 fs/namei.c:4784 do_filp_open+0x1fa/0x410 fs/namei.c:4814 io_openat2+0x3e0/0x5c0 io_uring/openclose.c:143 __io_issue_sqe+0x181/0x4b0 io_uring/io_uring.c:1792 io_issue_sqe+0x165/0x1060 io_uring/io_uring.c:1815 io_queue_sqe io_uring/io_uring.c:2042 [inline] io_submit_sqe io_uring/io_uring.c:2320 [inline] io_submit_sqes+0xbf4/0x2140 io_uring/io_uring.c:2434 __do_sys_io_uring_enter io_uring/io_uring.c:3280 [inline] __se_sys_io_uring_enter+0x2e0/0x2b60 io_uring/io_uring.c:3219 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xec/0xf80 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f -> #0 (&ctx->uring_lock){+.+.}-{4:4}: check_prev_add kernel/locking/lockdep.c:3165 [inline] check_prevs_add kernel/locking/lockdep.c:3284 [inline] validate_chain kernel/locking/lockdep.c:3908 [inline] __lock_acquire+0x15a6/0x2cf0 kernel/locking/lockdep.c:5237 lock_acquire+0x107/0x340 kernel/locking/lockdep.c:5868 __mutex_lock_common kernel/locking/mutex.c:614 [inline] __mutex_lock+0x187/0x1350 kernel/locking/mutex.c:776 io_uring_del_tctx_node+0xf0/0x2c0 io_uring/tctx.c:179 io_uring_clean_tctx+0xd4/0x1a0 io_uring/tctx.c:195 io_uring_cancel_generic+0x6ca/0x7d0 io_uring/cancel.c:646 io_uring_task_cancel include/linux/io_uring.h:24 [inline] begin_new_exec+0x10ed/0x2440 fs/exec.c:1131 load_elf_binary+0x9f8/0x2d70 fs/binfmt_elf.c:1010 search_binary_handler fs/exec.c:1669 [inline] exec_binprm fs/exec.c:1701 [inline] bprm_execve+0x92e/0x1400 fs/exec.c:1753 do_execveat_common+0x510/0x6a0 fs/exec.c:1859 do_execve fs/exec.c:1933 [inline] __do_sys_execve fs/exec.c:2009 [inline] __se_sys_execve fs/exec.c:2004 [inline] __x64_sys_execve+0x94/0xb0 fs/exec.c:2004 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xec/0xf80 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f other info that might help us debug this: Chain exists of: &ctx->uring_lock --> sb_writers#3 --> &sig->cred_guard_mutex Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&sig->cred_guard_mutex); lock(sb_writers#3); lock(&sig->cred_guard_mutex); lock(&ctx->uring_lock); *** DEADLOCK *** 1 lock held by syz.0.9999/12287: #0: ffff88802db5a2e0 (&sig->cred_guard_mutex){+.+.}-{4:4}, at: prepare_bprm_creds fs/exec.c:1360 [inline] #0: ffff88802db5a2e0 (&sig->cred_guard_mutex){+.+.}-{4:4}, at: bprm_execve+0xb9/0x1400 fs/exec.c:1733 stack backtrace: CPU: 0 UID: 0 PID: 12287 Comm: syz.0.9999 Tainted: G L syzkaller #0 PREEMPT(full) Tainted: [L]=SOFTLOCKUP Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 Call Trace: <TASK> dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120 print_circular_bug+0x2e2/0x300 kernel/locking/lockdep.c:2043 check_noncircular+0x12e/0x150 kernel/locking/lockdep.c:2175 check_prev_add kernel/locking/lockdep.c:3165 [inline] check_prevs_add kernel/locking/lockdep.c:3284 [inline] validate_chain kernel/locking/lockdep.c:3908 [inline] __lock_acquire+0x15a6/0x2cf0 kernel/locking/lockdep.c:5237 lock_acquire+0x107/0x340 kernel/locking/lockdep.c:5868 __mutex_lock_common kernel/locking/mutex.c:614 [inline] __mutex_lock+0x187/0x1350 kernel/locking/mutex.c:776 io_uring_del_tctx_node+0xf0/0x2c0 io_uring/tctx.c:179 io_uring_clean_tctx+0xd4/0x1a0 io_uring/tctx.c:195 io_uring_cancel_generic+0x6ca/0x7d0 io_uring/cancel.c:646 io_uring_task_cancel include/linux/io_uring.h:24 [inline] begin_new_exec+0x10ed/0x2440 fs/exec.c:1131 load_elf_binary+0x9f8/0x2d70 fs/binfmt_elf.c:1010 search_binary_handler fs/exec.c:1669 [inline] exec_binprm fs/exec.c:1701 [inline] bprm_execve+0x92e/0x1400 fs/exec.c:1753 do_execveat_common+0x510/0x6a0 fs/exec.c:1859 do_execve fs/exec.c:1933 [inline] __do_sys_execve fs/exec.c:2009 [inline] __se_sys_execve fs/exec.c:2004 [inline] __x64_sys_execve+0x94/0xb0 fs/exec.c:2004 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xec/0xf80 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7ff3a8b8f749 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ff3a9a97038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b RAX: ffffffffffffffda RBX: 00007ff3a8de5fa0 RCX: 00007ff3a8b8f749 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000400 RBP: 00007ff3a8c13f91 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ff3a8de6038 R14: 00007ff3a8de5fa0 R15: 00007ff3a8f0fa28 </TASK> Add a separate lock just for the tctx_list, tctx_lock. This can nest under ->uring_lock, where necessary, and be used separately for list manipulation. For the cancelation off exec side, this removes the need to grab ->uring_lock, hence fixing the circular locking dependency. Reported-by: syzbot+b0e3b77ffaa8a4067ce5@syzkaller.appspotmail.com Signed-off-by: Jens Axboe <axboe@kernel.dk> |
|
Dave Airlie
|
7be19f9327 |
Merge tag 'drm-intel-fixes-2025-12-31' of https://gitlab.freedesktop.org/drm/i915/kernel into drm-fixes
drm/i915 fixes for v6.19-rc4: - Fix eb_lookup_vmas() failure path Signed-off-by: Dave Airlie <airlied@redhat.com> From: Jani Nikula <jani.nikula@intel.com> Link: https://patch.msgid.link/4e79f041395bb8bcc9b2a76bb98b5e3df1c1c3eb@intel.com |
|
|
Dave Airlie
|
9abfe0b2e0 |
Merge tag 'drm-misc-fixes-2025-12-29' of https://gitlab.freedesktop.org/drm/misc/kernel into drm-fixes
drm-misc-fixes for v6.19-rc4: - Documentation fixes and MODULE_LICENSE fix for shmem helper. - Fix warnings in nouveau prepare_fb(). - Prevent export of protected objects in imagination driver. Signed-off-by: Dave Airlie <airlied@redhat.com> From: Maarten Lankhorst <maarten.lankhorst@linux.intel.com> Link: https://patch.msgid.link/5506492b-02ca-47bc-8712-51e67f0e4b8b@linux.intel.com |
|
|
Dave Airlie
|
1054f19572 |
Core Changes:
- Ensure a SVM device memory allocation is idle before migration complete (Thomas) Driver Changes: - Fix a SVM debug printout (Thomas) - Use READ_ONCE() / WRITE_ONCE() for g2h_fence (Jonathan) -----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQRskUM7w1oG5rx2IZO4FpNVCsYGvwUCaVOSpQAKCRC4FpNVCsYG vzieAQDcnmnLhkKdszivNVA/sgd66GUphaM6cI03cpL10Y2cVgD9ExGHMxRVpI8S 0g9hZ06px4+ft1AGC+FZQHCuu+U+ngE= =DIeU -----END PGP SIGNATURE----- Merge tag 'drm-xe-fixes-2025-12-30' of https://gitlab.freedesktop.org/drm/xe/kernel into drm-fixes Core Changes: - Ensure a SVM device memory allocation is idle before migration complete (Thomas) Driver Changes: - Fix a SVM debug printout (Thomas) - Use READ_ONCE() / WRITE_ONCE() for g2h_fence (Jonathan) Signed-off-by: Dave Airlie <airlied@redhat.com> From: Thomas Hellstrom <thomas.hellstrom@linux.intel.com> Link: https://patch.msgid.link/aVOTf6-whmkgrUuq@fedora |
|
Shuah Khan
|
b69053dd3f |
wifi: mt76: Remove blank line after mt792x firmware version dmesg
An extra blank line gets printed after printing firmware version because the build date is null terminated. Remove the "\n" from dev_info() calls to print firmware version and build date to fix the problem. Reported-by: Mario Limonciello <superm1@gmail.com> Signed-off-by: Shuah Khan <skhan@linuxfoundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
|
|
Shuah Khan
|
af7809f037 |
Revert "wifi: mt76: Strip whitespace from build ddate"
This reverts commit
|
|
Wake Liu
|
19b8a76cd9 |
kselftest/harness: Use helper to avoid zero-size memset warning
When building kselftests with a toolchain that enables source fortification (e.g., Android's build environment, which uses -D_FORTIFY_SOURCE=3), a build failure occurs in tests that use an empty FIXTURE(). The root cause is that an empty fixture struct results in `sizeof(self_private)` evaluating to 0. The compiler's fortification checks then detect the `memset()` call with a compile-time constant size of 0, issuing a `-Wuser-defined-warnings` which is promoted to an error by `-Werror`. An initial attempt to guard the call with `if (sizeof(self_private) > 0)` was insufficient. The compiler's static analysis is aggressive enough to flag the `memset(..., 0)` pattern before evaluating the conditional, thus still triggering the error. To resolve this robustly, this change introduces a `static inline` helper function, `__kselftest_memset_safe()`. This function wraps the size check and the `memset()` call. By replacing the direct `memset()` in the `__TEST_F_IMPL` macro with a call to this helper, we create an abstraction boundary. This prevents the compiler's static analyzer from "seeing" the problematic pattern at the macro expansion site, resolving the build failure. Build Context: Compiler: Android (14488419, +pgo, +bolt, +lto, +mlgo, based on r584948) clang version 22.0.0 (https://android.googlesource.com/toolchain/llvm-project 2d65e4108033380e6fe8e08b1f1826cd2bfb0c99) Relevant Options: -O2 -Wall -Werror -D_FORTIFY_SOURCE=3 -target i686-linux-android10000 Test: m kselftest_futex_futex_requeue_pi Removed Gerrit Change-Id Shuah Khan <skhan@linuxfoundation.org> Link: https://lore.kernel.org/r/20251224084120.249417-1-wakel@google.com Signed-off-by: Wake Liu <wakel@google.com> Signed-off-by: Shuah Khan <skhan@linuxfoundation.org> |
|
|
Linus Torvalds
|
9528d5c091 |
platform-drivers-x86 for v6.19-2
Fixes and New HW Support
- alienware-wmi-wmax: Area-51, x16, and 16X Aurora laptops support
- asus-armoury:
- Fix FA507R PPT data
- Add TDP data for more laptop models
- asus-nb-wmi: Asus Zenbook 14 display toggle key support
- dell-lis3lv02d: Dell Latitude 5400 support
- hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing
- ibm_rtl: Fix EBDA signature search pointer arithmetic
- ideapad-laptop: Reassign KEY_CUT to KEY_SELECTIVE_SCREENSHOT
- intel/pmt:
- Fix kobject memory leak on init failure
- Use valid pointers on error handling path
- intel/vsec: Correct kernel doc comments
- mellanox: mlxbf-pmc: Fix event names
- msi-laptop: Add sysfs_remove_group()
- samsumg-galaxybook: Do not cast pointer to a shorter type
- think-lmi: WMI certificate thumbprint support for ThinkCenter
- uniwill: Tuxedo Book BA15 Gen10 support
The following is an automated shortlog grouped by driver:
alienware-wmi-wmax:
- Add AWCC support for Alienware x16
- Add support for Alienware 16X Aurora
- Add support for new Area-51 laptops
asus-armoury:
- add support for FA608UM
- add support for G615LR
- add support for G835LW
- add support for GA403WR
- add support for GU605CR
- fix ppt data for FA507R
asus-nb-wmi:
- Add keymap for display toggle
dell-lis3lv02d:
- Add Latitude 5400
hp-bioscfg:
- Fix out-of-bounds array access in ACPI package parsing
ibm_rtl:
- fix EBDA signature search pointer arithmetic
ideapad-laptop:
- Reassign KEY_CUT to KEY_SELECTIVE_SCREENSHOT
intel/pmt/discovery:
- use valid device pointer in dev_err_probe
intel/pmt:
- Fix kobject memory leak on init failure
intel/vsec:
- correct kernel-doc comments
mlxbf-pmc:
- Remove trailing whitespaces from event names
msi-laptop:
- add missing sysfs_remove_group()
samsung-galaxybook:
- Fix problematic pointer cast
think-lmi:
- Add WMI certificate thumbprint support for ThinkCenter
uniwill:
- Add TUXEDO Book BA15 Gen10
-----BEGIN PGP SIGNATURE-----
iHUEABYIAB0WIQSCSUwRdwTNL2MhaBlZrE9hU+XOMQUCaVT4igAKCRBZrE9hU+XO
MTB4AQCIWd1/VEyiHw7nLVraCvVcG25m+E61XkALpP3KHzuWsAD/ejev+eNcng9W
G+TnUShOsVJ3w++juDHX1PNG7CSNqQ4=
=tvjU
-----END PGP SIGNATURE-----
Merge tag 'platform-drivers-x86-v6.19-2' of git://git.kernel.org/pub/scm/linux/kernel/git/pdx86/platform-drivers-x86
Pull x86 platform driver fixes from Ilpo Järvinen:
- alienware-wmi-wmax: Area-51, x16, and 16X Aurora laptops support
- asus-armoury:
- Fix FA507R PPT data
- Add TDP data for more laptop models
- asus-nb-wmi: Asus Zenbook 14 display toggle key support
- dell-lis3lv02d: Dell Latitude 5400 support
- hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing
- ibm_rtl: Fix EBDA signature search pointer arithmetic
- ideapad-laptop: Reassign KEY_CUT to KEY_SELECTIVE_SCREENSHOT
- intel/pmt:
- Fix kobject memory leak on init failure
- Use valid pointers on error handling path
- intel/vsec: Correct kernel doc comments
- mellanox: mlxbf-pmc: Fix event names
- msi-laptop: Add sysfs_remove_group()
- samsumg-galaxybook: Do not cast pointer to a shorter type
- think-lmi: WMI certificate thumbprint support for ThinkCenter
- uniwill: Tuxedo Book BA15 Gen10 support
* tag 'platform-drivers-x86-v6.19-2' of git://git.kernel.org/pub/scm/linux/kernel/git/pdx86/platform-drivers-x86: (22 commits)
platform/x86: asus-armoury: add support for G835LW
platform/x86: asus-armoury: fix ppt data for FA507R
platform/x86/intel/pmt/discovery: use valid device pointer in dev_err_probe
platform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing
platform/x86: asus-armoury: add support for G615LR
platform/x86: asus-armoury: add support for FA608UM
platform/x86: asus-armoury: add support for GA403WR
platform/x86: asus-armoury: add support for GU605CR
platform/x86: ideapad-laptop: Reassign KEY_CUT to KEY_SELECTIVE_SCREENSHOT
platform/x86: samsung-galaxybook: Fix problematic pointer cast
platform/x86/intel/pmt: Fix kobject memory leak on init failure
platform/x86/intel/vsec: correct kernel-doc comments
platform/x86: ibm_rtl: fix EBDA signature search pointer arithmetic
platform/x86: msi-laptop: add missing sysfs_remove_group()
platform/x86: think-lmi: Add WMI certificate thumbprint support for ThinkCenter
platform/x86: dell-lis3lv02d: Add Latitude 5400
platform/mellanox: mlxbf-pmc: Remove trailing whitespaces from event names
platform/x86: asus-nb-wmi: Add keymap for display toggle
platform/x86/uniwill: Add TUXEDO Book BA15 Gen10
platform/x86: alienware-wmi-wmax: Add support for Alienware 16X Aurora
...
|
|
Zheng Yejian
|
0eccd4acd6 |
selftests/ftrace: Test toplevel-enable for instance
'available_events' is actually not required by 'test.d/event/toplevel-enable.tc' and its Existence has been tested in 'test.d/00basic/basic4.tc'. So the require of 'available_events' can be dropped and then we can add 'instance' flag to test 'test.d/event/toplevel-enable.tc' for instance. Test result show as below: # ./ftracetest test.d/event/toplevel-enable.tc === Ftrace unit tests === [1] event tracing - enable/disable with top level files [PASS] [2] (instance) event tracing - enable/disable with top level files [PASS] # of passed: 2 # of failed: 0 # of unresolved: 0 # of untested: 0 # of unsupported: 0 # of xfailed: 0 # of undefined(test bug): 0 Link: https://lore.kernel.org/r/20230509203659.1173917-1-zhengyejian1@huawei.com Signed-off-by: Zheng Yejian <zhengyejian1@huawei.com> Acked-by: Steven Rostedt (Google) <rostedt@goodmis.org> Signed-off-by: Shuah Khan <skhan@linuxfoundation.org> |
|
Yipeng Zou
|
b889b4fb4c |
selftests/ftrace: traceonoff_triggers: strip off names
The func_traceonoff_triggers.tc sometimes goes to fail
on my board, Kunpeng-920.
[root@localhost]# ./ftracetest ./test.d/ftrace/func_traceonoff_triggers.tc -l fail.log
=== Ftrace unit tests ===
[1] ftrace - test for function traceon/off triggers [FAIL]
[2] (instance) ftrace - test for function traceon/off triggers [UNSUPPORTED]
I look up the log, and it shows that the md5sum is different between csum1 and csum2.
++ cnt=611
++ sleep .1
+++ cnt_trace
+++ grep -v '^#' trace
+++ wc -l
++ cnt2=611
++ '[' 611 -ne 611 ']'
+++ cat tracing_on
++ on=0
++ '[' 0 '!=' 0 ']'
+++ md5sum trace
++ csum1='76896aa74362fff66a6a5f3cf8a8a500 trace'
++ sleep .1
+++ md5sum trace
++ csum2='ee8625a21c058818fc26e45c1ed3f6de trace'
++ '[' '76896aa74362fff66a6a5f3cf8a8a500 trace' '!=' 'ee8625a21c058818fc26e45c1ed3f6de trace' ']'
++ fail 'Tracing file is still changing'
++ echo Tracing file is still changing
Tracing file is still changing
++ exit_fail
++ exit 1
So I directly dump the trace file before md5sum, the diff shows that:
[root@localhost]# diff trace_1.log trace_2.log -y --suppress-common-lines
dockerd-12285 [036] d.... 18385.510290: sched_stat | <...>-12285 [036] d.... 18385.510290: sched_stat
dockerd-12285 [036] d.... 18385.510291: sched_swit | <...>-12285 [036] d.... 18385.510291: sched_swit
<...>-740 [044] d.... 18385.602859: sched_stat | kworker/44:1-740 [044] d.... 18385.602859: sched_stat
<...>-740 [044] d.... 18385.602860: sched_swit | kworker/44:1-740 [044] d.... 18385.602860: sched_swit
And we can see that <...> filed be filled with names.
We can strip off the names there to fix that.
After strip off the names:
kworker/u257:0-12 [019] d..2. 2528.758910: sched_stat | -12 [019] d..2. 2528.758910: sched_stat_runtime: comm=k
kworker/u257:0-12 [019] d..2. 2528.758912: sched_swit | -12 [019] d..2. 2528.758912: sched_switch: prev_comm=kw
<idle>-0 [000] d.s5. 2528.762318: sched_waki | -0 [000] d.s5. 2528.762318: sched_waking: comm=sshd pi
<idle>-0 [037] dNh2. 2528.762326: sched_wake | -0 [037] dNh2. 2528.762326: sched_wakeup: comm=sshd pi
<idle>-0 [037] d..2. 2528.762334: sched_swit | -0 [037] d..2. 2528.762334: sched_switch: prev_comm=sw
Link: https://lore.kernel.org/r/20230818013226.2182299-1-zouyipeng@huawei.com
Fixes:
|
|
|
Linus Torvalds
|
349bd28a86 |
VFIO fixes for v6.19-rc4
- Restrict ROM access to dword to resolve a regression introduced
with qword access seen on some Intel NICs. Update VGA region
access to the same given lack of precedent for 64-bit users.
(Kevin Tian)
- Fix missing .get_region_info_caps callback in the xe-vfio-pci
variant driver due to integration through the DRM tree.
(Michal Wajdeczko)
- Add aligned 64-bit access macros to tools/include/linux/types.h,
allowing removal of uapi/linux/type.h includes from various
vfio selftest, resolving redefinition warnings for integration
with KVM selftests. (David Matlack)
- Fix error path memory leak in pds-vfio-pci variant driver.
(Zilin Guan)
- Fix error path use-after-free in xe-vfio-pci variant driver.
(Alper Ak)
-----BEGIN PGP SIGNATURE-----
iQJFBAABCgAvFiEEQvbATlQL0amee4qQI5ubbjuwiyIFAmlUP2oRHGFsZXhAc2hh
emJvdC5vcmcACgkQI5ubbjuwiyKYsw//fEJ6vfn0TOP/ahfY9tRpw6suZJuEo5wx
SJj57kMF85/V64iaewRq1G1hbrEAEcOgDtpcR3y57lHAS8METKxyjxL5YZdqvgX4
kRvDwRJRcFz/kvmO0PZx6rn21ZxLv2d9RXahDwaqaQfw2pR2ZOtr/zaawMr6LPmw
Z1dl0UhQnHIhw4kG1QKUhdCozhAgSV3/pmGV2bOjgXRS0rVUZ3UQZ0RprLe6uIEl
hSWLmeWUtyrt30gVzoKPTWWuRvuIw2lnAH2PGhNtha70Djyx1EAUs7iqUA8XBsQh
7JG/T1yibh9CzE5OzI+JBmix5s8zxd4q0RHNa9T31EMHSdzCJhXQfLiZVeJVv9O6
EHsFVWHzE4CXgSMEpD+QjfCrEwBcF4n6W6N68BFAuAVN51+0DoFinFF0PaqpTivj
U/Yh1erkfFhy8IlO33Q2dAOxBfy1aIkszKS2Xkc1pwX3vReMlHiWDmyM5ciB0VKJ
GwslXQwGljSNuxE81e7EFI6g18FGGLGt5EkkYPhSS/hYAZQy0RpqPdRopcP85OiO
HtyfZZZ/Ph0y13f7c7rH5awGm9NOc9W+2xNKxuKNkjwvEmjO12lRmrzGkKPu/OTi
YluIWSFG7gBQfb8eFgcfJoM7vcrRCJ+JeSp5fa7u8QLUsTk+var+/WCxKs9BpX31
hDb8rHj0Bwo=
=a1By
-----END PGP SIGNATURE-----
Merge tag 'vfio-v6.19-rc4' of https://github.com/awilliam/linux-vfio
Pull VFIO fixes from Alex Williamson:
- Restrict ROM access to dword to resolve a regression introduced with
qword access seen on some Intel NICs. Update VGA region access to the
same given lack of precedent for 64-bit users (Kevin Tian)
- Fix missing .get_region_info_caps callback in the xe-vfio-pci variant
driver due to integration through the DRM tree (Michal Wajdeczko)
- Add aligned 64-bit access macros to tools/include/linux/types.h,
allowing removal of uapi/linux/type.h includes from various vfio
selftest, resolving redefinition warnings for integration with KVM
selftests (David Matlack)
- Fix error path memory leak in pds-vfio-pci variant driver (Zilin Guan)
- Fix error path use-after-free in xe-vfio-pci variant driver (Alper Ak)
* tag 'vfio-v6.19-rc4' of https://github.com/awilliam/linux-vfio:
vfio/xe: Fix use-after-free in xe_vfio_pci_alloc_file()
vfio/pds: Fix memory leak in pds_vfio_dirty_enable()
vfio: selftests: Drop <uapi/linux/types.h> includes
tools include: Add definitions for __aligned_{l,b}e64
vfio/xe: Add default handler for .get_region_info_caps
vfio/pci: Disable qword access to the VGA region
vfio/pci: Disable qword access to the PCI ROM bar
|
|
|
Jens Axboe
|
9e193a06e6 |
Merge tag 'md-6.19-20251231' of gitolite.kernel.org:pub/scm/linux/kernel/git/mdraid/linux into block-6.19
Pull MD fixes from Yu Kuai: "- Fix null-pointer dereference in raid5 sysfs group_thread_cnt store (Tuo Li) - Fix possible mempool corruption during raid1 raid_disks update via sysfs (FengWei Shih) - Fix logical_block_size configuration being overwritten during super_1_validate() (Li Nan) - Fix forward incompatibility with configurable logical block size: arrays assembled on new kernels could not be assembled on kernels <=6.18 due to non-zero reserved pad rejection (Li Nan) - Fix static checker warning about iterator not incremented (Li Nan)" * tag 'md-6.19-20251231' of gitolite.kernel.org:pub/scm/linux/kernel/git/mdraid/linux: md: Fix forward incompatibility from configurable logical block size md: Fix logical_block_size configuration being overwritten md: suspend array while updating raid_disks via sysfs md/raid5: fix possible null-pointer dereferences in raid5_store_group_thread_cnt() md: Fix static checker warning in analyze_sbs |
|
Krzysztof Niemiec
|
4fe2bd1954 |
drm/i915/gem: Zero-initialize the eb.vma array in i915_gem_do_execbuffer
Initialize the eb.vma array with values of 0 when the eb structure is first set up. In particular, this sets the eb->vma[i].vma pointers to NULL, simplifying cleanup and getting rid of the bug described below. During the execution of eb_lookup_vmas(), the eb->vma array is successively filled up with struct eb_vma objects. This process includes calling eb_add_vma(), which might fail; however, even in the event of failure, eb->vma[i].vma is set for the currently processed buffer. If eb_add_vma() fails, eb_lookup_vmas() returns with an error, which prompts a call to eb_release_vmas() to clean up the mess. Since eb_lookup_vmas() might fail during processing any (possibly not first) buffer, eb_release_vmas() checks whether a buffer's vma is NULL to know at what point did the lookup function fail. In eb_lookup_vmas(), eb->vma[i].vma is set to NULL if either the helper function eb_lookup_vma() or eb_validate_vma() fails. eb->vma[i+1].vma is set to NULL in case i915_gem_object_userptr_submit_init() fails; the current one needs to be cleaned up by eb_release_vmas() at this point, so the next one is set. If eb_add_vma() fails, neither the current nor the next vma is set to NULL, which is a source of a NULL deref bug described in the issue linked in the Closes tag. When entering eb_lookup_vmas(), the vma pointers are set to the slab poison value, instead of NULL. This doesn't matter for the actual lookup, since it gets overwritten anyway, however the eb_release_vmas() function only recognizes NULL as the stopping value, hence the pointers are being set to NULL as they go in case of intermediate failure. This patch changes the approach to filling them all with NULL at the start instead, rather than handling that manually during failure. Reported-by: Gangmin Kim <km.kim1503@gmail.com> Closes: https://gitlab.freedesktop.org/drm/i915/kernel/-/issues/15062 Fixes: |
|
Chenghao Duan
|
bb85d206be |
samples/ftrace: Adjust LoongArch register restore order in direct calls
Ensure that in the ftrace direct call logic, the CPU register state
(with ra = parent return address) is restored to the correct state after
the execution of the custom trampoline function and before returning to
the traced function. Additionally, guarantee the correctness of the jump
logic for jr t0 (traced function address).
Cc: stable@vger.kernel.org
Fixes:
|
|
|
Chenghao Duan
|
73721d8676 |
LoongArch: BPF: Enhance the bpf_arch_text_poke() function
Enhance the bpf_arch_text_poke() function to enable accurate location
of BPF program entry points.
When modifying the entry point of a BPF program, skip the "move t0, ra"
instruction to ensure the correct logic and copy of the jump address.
Cc: stable@vger.kernel.org
Fixes:
|
|
|
Chenghao Duan
|
26138762d9 |
LoongArch: BPF: Enable trampoline-based tracing for module functions
Remove the previous restrictions that blocked the tracing of kernel
module functions. Fix the issue that previously caused kernel lockups
when attempting to trace module functions.
Before entering the trampoline code, the return address register ra
shall store the address of the next assembly instruction after the
'bl trampoline' instruction, which is the traced function address, and
the register t0 shall store the parent function return address. Refine
the trampoline return logic to ensure that register data remains correct
when returning to both the traced function and the parent function.
Before this patch was applied, the module_attach test in selftests/bpf
encountered a deadlock issue. This was caused by an incorrect jump
address after the trampoline execution, which resulted in an infinite
loop within the module function.
Cc: stable@vger.kernel.org
Fixes:
|
|
|
Chenghao Duan
|
61319d15a5 |
LoongArch: BPF: Adjust the jump offset of tail calls
Call the next bpf prog and skip the first instruction of TCC
initialization.
A total of 7 instructions are skipped:
'move t0, ra' 1 inst
'move_imm + jirl' 5 inst
'addid REG_TCC, zero, 0' 1 inst
Relevant test cases: the tailcalls test item in selftests/bpf.
Cc: stable@vger.kernel.org
Fixes:
|
|
|
Chenghao Duan
|
d314e1f482 |
LoongArch: BPF: Save return address register ra to t0 before trampoline
Modify the build_prologue() function to ensure the return address
register ra is saved to t0 before entering trampoline operations.
This change ensures the accurate return address handling when a BPF
program calls another BPF program, preventing errors in the BPF-to-BPF
call chain.
Cc: stable@vger.kernel.org
Fixes:
|
|
Hengqi Chen
|
eb71f5c433 |
LoongArch: BPF: Zero-extend bpf_tail_call() index
The bpf_tail_call() index should be treated as a u32 value. Let's zero-extend it to avoid calling wrong BPF progs. See similar fixes for x86 [1]) and arm64 ([2]) for more details. [1]: |
|
|
Hengqi Chen
|
3f5a238f24 |
LoongArch: BPF: Sign extend kfunc call arguments
The kfunc calls are native calls so they should follow LoongArch calling
conventions. Sign extend its arguments properly to avoid kernel panic.
This is done by adding a new emit_abi_ext() helper. The emit_abi_ext()
helper performs extension in place meaning a value already store in the
target register (Note: this is different from the existing sign_extend()
helper and thus we can't reuse it).
Cc: stable@vger.kernel.org
Fixes:
|
|
|
Chenghao Duan
|
45cb47c628 |
LoongArch: Refactor register restoration in ftrace_common_return
Refactor the register restoration sequence in the ftrace_common_return
function to clearly distinguish between the logic of normal returns and
direct call returns in function tracing scenarios. The logic is as
follows:
1. In the case of a normal return, the execution flow returns to the
traced function, and ftrace must ensure that the register data is
consistent with the state when the function was entered.
ra = parent return address; t0 = traced function return address.
2. In the case of a direct call return, the execution flow jumps to the
custom trampoline function, and ftrace must ensure that the register
data is consistent with the state when ftrace was entered.
ra = traced function return address; t0 = parent return address.
Cc: stable@vger.kernel.org
Fixes:
|
|
|
Chenghao Duan
|
9bdc1ab5e4 |
LoongArch: Enable exception fixup for specific ADE subcode
This patch allows the LoongArch BPF JIT to handle recoverable memory access errors generated by BPF_PROBE_MEM* instructions. When a BPF program performs memory access operations, the instructions it executes may trigger ADEM exceptions. The kernel’s built-in BPF exception table mechanism (EX_TYPE_BPF) will generate corresponding exception fixup entries in the JIT compilation phase; however, the architecture-specific trap handling function needs to proactively call the common fixup routine to achieve exception recovery. do_ade(): fix EX_TYPE_BPF memory access exceptions for BPF programs, ensure safe execution. Relevant test cases: illegal address access tests in module_attach and subprogs_extable of selftests/bpf. Signed-off-by: Chenghao Duan <duanchenghao@kylinos.cn> Signed-off-by: Huacai Chen <chenhuacai@loongson.cn> |
|
Tiezhu Yang
|
4cd641a79e |
LoongArch: Remove unnecessary checks for ORC unwinder
According to the following function definitions, __kernel_text_address()
already checks __module_text_address(), so it should remove the check of
__module_text_address() in bt_address() at least.
int __kernel_text_address(unsigned long addr)
{
if (kernel_text_address(addr))
return 1;
...
return 0;
}
int kernel_text_address(unsigned long addr)
{
bool no_rcu;
int ret = 1;
...
if (is_module_text_address(addr))
goto out;
...
return ret;
}
bool is_module_text_address(unsigned long addr)
{
guard(rcu)();
return __module_text_address(addr) != NULL;
}
Furthermore, there are two checks of __kernel_text_address(), one is in
bt_address() and the other is after calling bt_address(), it looks like
redundant.
Handle the exception address first and then use __kernel_text_address()
to validate the calculated address for exception or the normal address
in bt_address(), then it can remove the check of __kernel_text_address()
after calling bt_address().
Just remove unnecessary checks, no functional changes intended.
Signed-off-by: Tiezhu Yang <yangtiezhu@loongson.cn>
Signed-off-by: Huacai Chen <chenhuacai@loongson.cn>
|
|
|
Tiezhu Yang
|
6e5416d63b |
LoongArch: Remove is_entry_func() and kernel_entry_end
For now, the related code of is_entry_func() is useless, so they can be removed. Then the symbol kernel_entry_end is not used any more, so it can be removed too. Link: https://lore.kernel.org/lkml/kjiyla6qj3l7ezspitulrdoc5laj2e6hoecvd254hssnpddczm@g6nkaombh6va/ Suggested-by: Josh Poimboeuf <jpoimboe@kernel.org> Signed-off-by: Tiezhu Yang <yangtiezhu@loongson.cn> |
|
|
Tiezhu Yang
|
1b2f4706c6 |
LoongArch: Use UNWIND_HINT_END_OF_STACK for entry points
kernel_entry() and smpboot_entry() are the last frames for ORC unwinder, so it is proper to use the annotation UNWIND_HINT_END_OF_STACK for them. Link: https://lore.kernel.org/lkml/ots6w2ntyudj5ucs5eowncta2vmfssatpcqwzpar3ekk577hxi@j45dd4dmwx6x/ Suggested-by: Josh Poimboeuf <jpoimboe@kernel.org> Signed-off-by: Tiezhu Yang <yangtiezhu@loongson.cn> Signed-off-by: Huacai Chen <chenhuacai@loongson.cn> |
|
Huacai Chen
|
d5be446948 |
LoongArch: Set correct protection_map[] for VM_NONE/VM_SHARED
For 32BIT platform _PAGE_PROTNONE is 0, so set a VMA to be VM_NONE or VM_SHARED will make pages non-present, then cause Oops with kernel page fault. Fix it by set correct protection_map[] for VM_NONE/VM_SHARED, replacing _PAGE_PROTNONE with _PAGE_PRESENT. Signed-off-by: Huacai Chen <chenhuacai@loongson.cn> |
|
|
Huacai Chen
|
807e5d383c |
LoongArch: Complete CPUCFG registers definition
According to the "LoongArch Reference Manual Volume 1: Basic Architecture", begin with LA664 CPU core there are more features supported which are indicated in CPUCFG2 and CPUCFG3. This patch completes the definitions of them so as to match the architecture specification. Signed-off-by: Bibo Mao <maobibo@loongson.cn> Signed-off-by: Huacai Chen <chenhuacai@loongson.cn> |
|
|
Linus Torvalds
|
c8ebd43345 |
nfsd-6.19 fixes:
A set of NFSD fixes that arrived just a bit late for the 6.19 merge window. Issues reported with v6.19-rc: - Avoid unnecessarily breaking a timestamp delegation Issues that need expedient stable backports: - Fix a crasher in nlm4svc_proc_test() - Fix nfsd_file reference leak during write delegation - Fix error flow in client_states_open() -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEKLLlsBKG3yQ88j7+M2qzM29mf5cFAmlSktAACgkQM2qzM29m f5caSRAAhgbXuw3O1Fo9l+FOnbwH58mbIOEcykp0IgsId0+07yMiY2x9Ll4oxAzs Y6qMOeEz5K/8rgk8DdBf6lOZ03HMXiUEPP6cUVMjbv4XdOFsGtpTAIycoMGf71v8 pk42uo/I437vYQHyC5UIdJ/kQ4nkxrfK9j0vRsS6LirIhZrfJohrgo80ou2FPw5L BQO3pd/Va5yzbVQ4cHHh1w5NCp4qEMJx1hQcwg2Ll/WJyk2zISHFPIusD+RLYLnP w4vwaCCZLbnYMbHcE9TfAWkkT7S5YftMYqkB8X/NkbiiSgw4V14CKUMaPEXYhLbq Us5C6cCMXKVunOlVrRfPISvkcDwkTjgAiSM8xur0d5NEgb8fXJx9KEoflstcXbNr iZ3UWg6FRHGMWx6HkXNKCIS5LF9xvY+APjO20VY+Q1A/+AxzNyfmmRsD5oL3SeKd EovR7QIZUycWUGkT7n69vB49x4QqpIaqgH5F0ZUu7dmKdPDnLB/PDI3Gxj9MjaBr zwt1BTcGnlGtrCR8x+GqV3RXiWNL3yQGrvIZDKBUww0QNJ9KBPrOAvP0AxRjoIvr WANMjVoK3bXULmiHejpcBuRi+h6kGzpE8wGPIkmcJRa3kAId2v1l7rbbWUhc1TnO /HomN/qQhZLoxijAonKl/KxL71/EMnzNfEdgwTyK3ZlVGwFhPSs= =QzWs -----END PGP SIGNATURE----- Merge tag 'nfsd-6.19-2' of git://git.kernel.org/pub/scm/linux/kernel/git/cel/linux Pull nfsd fixes from Chuck Lever: "A set of NFSD fixes that arrived just a bit late for the 6.19 merge window. Regression fix: - Avoid unnecessarily breaking a timestamp delegation Stable fixes: - Fix a crasher in nlm4svc_proc_test() - Fix nfsd_file reference leak during write delegation - Fix error flow in client_states_open()" * tag 'nfsd-6.19-2' of git://git.kernel.org/pub/scm/linux/kernel/git/cel/linux: nfsd: Drop the client reference in client_states_open() nfsd: use ATTR_DELEG in nfsd4_finalize_deleg_timestamps() nfsd: fix nfsd_file reference leak in nfsd4_add_rdaccess_to_wrdeleg() lockd: fix vfs_test_lock() calls |
|
Alexandre Negrel
|
fc5ff25009 |
io_uring: use GFP_NOWAIT for overflow CQEs on legacy rings
Allocate the overflowing CQE with GFP_NOWAIT instead of GFP_ATOMIC. This changes causes allocations to fail earlier in out-of-memory situations, rather than being deferred. Using GFP_ATOMIC allows a process to exceed memory limits. Closes: https://bugzilla.kernel.org/show_bug.cgi?id=220794 Signed-off-by: Alexandre Negrel <alexandre@negrel.dev> Link: https://lore.kernel.org/io-uring/20251229201933.515797-1-alexandre@negrel.dev/ Signed-off-by: Jens Axboe <axboe@kernel.dk> |
|
|
Linus Torvalds
|
dbf8fe85a1 |
Including fixes from Bluetooth and WiFi. Notably this includes the fix
for the iwlwifi issue you reported.
Current release - regressions:
- core: avoid prefetching NULL pointers
- wifi:
- iwlwifi: implement settime64 as stub for MVM/MLD PTP
- mac80211: fix list iteration in ieee80211_add_virtual_monitor()
- handshake: fix null-ptr-deref in handshake_complete()
- eth: mana: fix use-after-free in reset service rescan path
Previous releases - regressions:
- openvswitch: avoid needlessly taking the RTNL on vport destroy
- dsa: properly keep track of conduit reference
- ipv4:
- fix reference count leak when using error routes with nexthop objects
- fib: restore ECMP balance from loopback
- mptcp: ensure context reset on disconnect()
- bluetooth: fix potential UaF in btusb
- nfc: fix deadlock between nfc_unregister_device and rfkill_fop_write
- eth: gve: defer interrupt enabling until NAPI registration
- eth: i40e: fix scheduling in set_rx_mode
- eth: macb: relocate mog_init_rings() callback from macb_mac_link_up() to macb_open()
- eth: rtl8150: fix memory leak on usb_submit_urb() failure
- wifi: 8192cu: fix tid out of range in rtl92cu_tx_fill_desc()
Previous releases - always broken:
- ip6_gre: make ip6gre_header() robust
- ipv6: fix a BUG in rt6_get_pcpu_route() under PREEMPT_RT
- af_unix: don't post cmsg for SO_INQ unless explicitly asked for
- phy: mediatek: fix nvmem cell reference leak in mt798x_phy_calibration
- wifi: mac80211: discard beacon frames to non-broadcast address
- eth: iavf: fix off-by-one issues in iavf_config_rss_reg()
- eth: stmmac: fix the crash issue for zero copy XDP_TX action
- eth: team: fix check for port enabled in team_queue_override_port_prio_changed()
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
-----BEGIN PGP SIGNATURE-----
iQJGBAABCgAwFiEEg1AjqC77wbdLX2LbKSR5jcyPE6QFAmlT43wSHHBhYmVuaUBy
ZWRoYXQuY29tAAoJECkkeY3MjxOkHhMP/jF3B8c3djMgpYpEwPRgqJlzdpBGQvcO
UsN/8fYI/XowIcU6T/yC/KM5cABCWyfnj6yZe743wPrlj8DnWK7+Fezrfwx7l8e0
0LH9kVwOIaQXg/QthtXaDHNB/9OanDtgcpitI209gENRjF81bYWCehImil6jbVnn
DUnVmfZIQ6k3dFsAPC4W7uJdA2FORtQzEZ1dZ13Ivx9jmbazK81ptUbIMAAnyfIZ
rUhv+UqaDIlflYwuay58ZPdu8no4nQlJMPiPybXiizfTVStEne9SQKOacP8j7XL0
GSjEyDO8lJXCPVSVnGEyybBH50M0myGUSH73+56o2QRRLtrHLDfieOL/N8AarNDh
7U2g9pq0+IFPuJsm9SFR14dIpUAvpKohc57ZvsmworC8NuENzl6H3b6/U4n/1oNE
JCbcitl91GkyF0Bvyac5a9wfk8SsYEJEGLPrtNX8UwH0UJh8spkfoQq5oHkC3juQ
77n//eOFSz8oPDlV7ayNv+W3CEzOW09mSYFu8bdjBKC5HeyBJsm3HnJdaAhSqNEH
6duRvcMlUJQ0JPILJoS1Zoy166uIu8hs2mZtygcAzyacia8yckL+Oq2UCYMi2oKP
psOIzfd6G/+f203w37jdSY0OVlQSHvmCFSeaY6FHs2LEApDrNWK1cMLYO+lMU8EE
q0j2SmDNMHhM
=P1hX
-----END PGP SIGNATURE-----
Merge tag 'net-6.19-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
Pull networking fixes from Paolo Abeni:
"Including fixes from Bluetooth and WiFi. Notably this includes the fix
for the iwlwifi issue you reported.
Current release - regressions:
- core: avoid prefetching NULL pointers
- wifi:
- iwlwifi: implement settime64 as stub for MVM/MLD PTP
- mac80211: fix list iteration in ieee80211_add_virtual_monitor()
- handshake: fix null-ptr-deref in handshake_complete()
- eth: mana: fix use-after-free in reset service rescan path
Previous releases - regressions:
- openvswitch: avoid needlessly taking the RTNL on vport destroy
- dsa: properly keep track of conduit reference
- ipv4:
- fix error route reference count leak with nexthop objects
- fib: restore ECMP balance from loopback
- mptcp: ensure context reset on disconnect()
- bluetooth: fix potential UaF in btusb
- nfc: fix deadlock between nfc_unregister_device and
rfkill_fop_write
- eth:
- gve: defer interrupt enabling until NAPI registration
- i40e: fix scheduling in set_rx_mode
- macb: relocate mog_init_rings() callback from macb_mac_link_up()
to macb_open()
- rtl8150: fix memory leak on usb_submit_urb() failure
- wifi: 8192cu: fix tid out of range in rtl92cu_tx_fill_desc()
Previous releases - always broken:
- ip6_gre: make ip6gre_header() robust
- ipv6: fix a BUG in rt6_get_pcpu_route() under PREEMPT_RT
- af_unix: don't post cmsg for SO_INQ unless explicitly asked for
- phy: mediatek: fix nvmem cell reference leak in
mt798x_phy_calibration
- wifi: mac80211: discard beacon frames to non-broadcast address
- eth:
- iavf: fix off-by-one issues in iavf_config_rss_reg()
- stmmac: fix the crash issue for zero copy XDP_TX action
- team: fix check for port enabled when priority changes"
* tag 'net-6.19-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (64 commits)
ipv6: fix a BUG in rt6_get_pcpu_route() under PREEMPT_RT
net: rose: fix invalid array index in rose_kill_by_device()
net: enetc: do not print error log if addr is 0
net: macb: Relocate mog_init_rings() callback from macb_mac_link_up() to macb_open()
selftests: fib_test: Add test case for ipv4 multi nexthops
net: fib: restore ECMP balance from loopback
selftests: fib_nexthops: Add test cases for error routes deletion
ipv4: Fix reference count leak when using error routes with nexthop objects
net: usb: sr9700: fix incorrect command used to write single register
ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr()
usbnet: avoid a possible crash in dql_completed()
gve: defer interrupt enabling until NAPI registration
net: stmmac: fix the crash issue for zero copy XDP_TX action
octeontx2-pf: fix "UBSAN: shift-out-of-bounds error"
af_unix: don't post cmsg for SO_INQ unless explicitly asked for
net: mana: Fix use-after-free in reset service rescan path
net: avoid prefetching NULL pointers
net: bridge: Describe @tunnel_hash member in net_bridge_vlan_group struct
net: nfc: fix deadlock between nfc_unregister_device and rfkill_fop_write
net: usb: asix: validate PHY address before use
...
|