mirror of https://github.com/torvalds/linux.git
1428812 Commits
| Author | SHA1 | Message | Date |
|---|---|---|---|
Vineeth Pillai (Google)
|
fa9ac2fdb6 |
i2c: Use trace_call__##name() at guarded tracepoint call sites
Replace trace_foo() with the new trace_call__foo() at sites already guarded by trace_foo_enabled(), avoiding a redundant static_branch_unlikely() re-evaluation inside the tracepoint. trace_call__foo() calls the tracepoint callbacks directly without utilizing the static branch again. Link: https://patch.msgid.link/20260323160052.17528-13-vineeth@bitbyteword.org Suggested-by: Steven Rostedt <rostedt@goodmis.org> Suggested-by: Peter Zijlstra <peterz@infradead.org> Signed-off-by: Vineeth Pillai (Google) <vineeth@bitbyteword.org> Assisted-by: Claude:claude-sonnet-4-6 Acked-by: Wolfram Sang <wsa+renesas@sang-engineering.com> Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org> |
|
|
Vineeth Pillai (Google)
|
7b1c2d7547 |
kernel: Use trace_call__##name() at guarded tracepoint call sites
Replace trace_foo() with the new trace_call__foo() at sites already guarded by trace_foo_enabled(), avoiding a redundant static_branch_unlikely() re-evaluation inside the tracepoint. trace_call__foo() calls the tracepoint callbacks directly without utilizing the static branch again. Cc: David Vernet <void@manifault.com> Cc: Andrea Righi <arighi@nvidia.com> Cc: Changwoo Min <changwoo@igalia.com> Cc: Ingo Molnar <mingo@redhat.com> Cc: Juri Lelli <juri.lelli@redhat.com> Cc: Vincent Guittot <vincent.guittot@linaro.org> Cc: Dietmar Eggemann <dietmar.eggemann@arm.com> Cc: Ben Segall <bsegall@google.com> Cc: Mel Gorman <mgorman@suse.de> Cc: Valentin Schneider <vschneid@redhat.com> Cc: Thomas Gleixner <tglx@kernel.org> Cc: "Yury Norov [NVIDIA]" <yury.norov@gmail.com> Cc: "Paul E. McKenney" <paulmck@kernel.org> Cc: Rik van Riel <riel@surriel.com> Cc: Roman Kisel <romank@linux.microsoft.com> Cc: Joel Fernandes <joelagnelf@nvidia.com> Cc: "Rafael J. Wysocki" <rafael.j.wysocki@intel.com> Cc: Ulf Hansson <ulf.hansson@linaro.org> Link: https://patch.msgid.link/20260323160052.17528-3-vineeth@bitbyteword.org Suggested-by: Steven Rostedt <rostedt@goodmis.org> Suggested-by: Peter Zijlstra <peterz@infradead.org> Signed-off-by: Vineeth Pillai (Google) <vineeth@bitbyteword.org> Assisted-by: Claude:claude-sonnet-4-6 Acked-by: Tejun Heo <tj@kernel.org> Acked-by: Thomas Gleixner <tglx@kernel.org> Acked-by: Masami Hiramatsu (Google) <mhiramat@kernel.org> Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org> |
|
|
Vineeth Pillai (Google)
|
677a3d82b6 |
tracepoint: Add trace_call__##name() API
Add trace_call__##name() as a companion to trace_##name(). When a
caller already guards a tracepoint with an explicit enabled check:
if (trace_foo_enabled() && cond)
trace_foo(args);
trace_foo() internally repeats the static_branch_unlikely() test, which
the compiler cannot fold since static branches are patched binary
instructions. This results in two static-branch evaluations for every
guarded call site.
trace_call__##name() calls __do_trace_##name() directly, skipping the
redundant static-branch re-check. This avoids leaking the internal
__do_trace_##name() symbol into call sites while still eliminating the
double evaluation:
if (trace_foo_enabled() && cond)
trace_invoke_foo(args); /* calls __do_trace_foo() directly */
Three locations are updated:
- __DECLARE_TRACE: invoke form omits static_branch_unlikely, retains
the LOCKDEP RCU-watching assertion.
- __DECLARE_TRACE_SYSCALL: same, plus retains might_fault().
- !TRACEPOINTS_ENABLED stub: empty no-op so callers compile cleanly
when tracepoints are compiled out.
Cc: Dmitry Ilvokhin <d@ilvokhin.com>
Cc: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Jens Axboe <axboe@kernel.dk>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: Eric Dumazet <edumazet@google.com>
Cc: Jakub Kicinski <kuba@kernel.org>
Cc: Paolo Abeni <pabeni@redhat.com>
Cc: Alexei Starovoitov <ast@kernel.org>
Cc: Daniel Borkmann <daniel@iogearbox.net>
Cc: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
Cc: Xin Long <lucien.xin@gmail.com>
Cc: Jon Maloy <jmaloy@redhat.com>
Cc: Aaron Conole <aconole@redhat.com>
Cc: Eelco Chaudron <echaudro@redhat.com>
Cc: Ilya Maximets <i.maximets@ovn.org>
Cc: Jiri Pirko <jiri@resnulli.us>
Cc: Oded Gabbay <ogabbay@kernel.org>
Cc: Koby Elbaz <koby.elbaz@intel.com>
Cc: "Rafael J. Wysocki" <rafael@kernel.org>
Cc: Viresh Kumar <viresh.kumar@linaro.org>
Cc: "Gautham R. Shenoy" <gautham.shenoy@amd.com>
Cc: Huang Rui <ray.huang@amd.com>
Cc: Mario Limonciello <mario.limonciello@amd.com>
Cc: Len Brown <lenb@kernel.org>
Cc: Srinivas Pandruvada <srinivas.pandruvada@linux.intel.com>
Cc: MyungJoo Ham <myungjoo.ham@samsung.com>
Cc: Kyungmin Park <kyungmin.park@samsung.com>
Cc: Chanwoo Choi <cw00.choi@samsung.com>
Cc: Christian König <christian.koenig@amd.com>
Cc: Sumit Semwal <sumit.semwal@linaro.org>
Cc: Eddie James <eajames@linux.ibm.com>
Cc: Andrew Jeffery <andrew@codeconstruct.com.au>
Cc: Joel Stanley <joel@jms.id.au>
Cc: David Airlie <airlied@gmail.com>
Cc: Simona Vetter <simona@ffwll.ch>
Cc: Alex Deucher <alexander.deucher@amd.com>
Cc: Danilo Krummrich <dakr@kernel.org>
Cc: Matthew Brost <matthew.brost@intel.com>
Cc: Philipp Stanner <phasta@kernel.org>
Cc: Harry Wentland <harry.wentland@amd.com>
Cc: Leo Li <sunpeng.li@amd.com>
Cc: Jiri Kosina <jikos@kernel.org>
Cc: Benjamin Tissoires <bentiss@kernel.org>
Cc: Wolfram Sang <wsa+renesas@sang-engineering.com>
Cc: Mark Brown <broonie@kernel.org>
Cc: Michael Hennerich <michael.hennerich@analog.com>
Cc: Nuno Sá <nuno.sa@analog.com>
Cc: "James E.J. Bottomley" <James.Bottomley@HansenPartnership.com>
Cc: "Martin K. Petersen" <martin.petersen@oracle.com>
Cc: Chris Mason <clm@fb.com>
Cc: David Sterba <dsterba@suse.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: SeongJae Park <sj@kernel.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Link: https://patch.msgid.link/20260323160052.17528-2-vineeth@bitbyteword.org
Suggested-by: Steven Rostedt <rostedt@goodmis.org>
Suggested-by: Peter Zijlstra <peterz@infradead.org>
Acked-by: Masami Hiramatsu (Google) <mhiramat@kernel.org>
Signed-off-by: Vineeth Pillai (Google) <vineeth@bitbyteword.org>
Assisted-by: Claude:claude-sonnet-4-6
Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
|
|
Randy Dunlap
|
fd4cb4511b |
tracing: trace_mmap.h: fix a kernel-doc warning
Add a description of struct reader to resolve a kernel-doc warning: Warning: include/uapi/linux/trace_mmap.h:43 struct member 'reader' not described in 'trace_buffer_meta' Signed-off-by: Randy Dunlap <rdunlap@infradead.org> Acked-by: Masami Hiramatsu (Google) <mhiramat@kernel.org> Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org> |
|
Donglin Peng
|
6b0c7c28f7 |
tracing: Pretty-print enum parameters in function arguments
Currently, print_function_args() prints enum parameter values in decimal format, reducing trace log readability. Use BTF information to resolve enum parameters and print their symbolic names (where available). This improves readability by showing meaningful identifiers instead of raw numbers. Before: mod_memcg_lruvec_state(lruvec=0xffff..., idx=5, val=320) After: mod_memcg_lruvec_state(lruvec=0xffff..., idx=5 [NR_SLAB_RECLAIMABLE_B], val=320) Cc: Steven Rostedt <rostedt@goodmis.org> Cc: Masami Hiramatsu <mhiramat@kernel.org> Link: https://patch.msgid.link/20260209071949.4040193-1-dolinux.peng@gmail.com Signed-off-by: Donglin Peng <pengdonglin@xiaomi.com> Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org> |
|
Petr Pavlu
|
f54f08b1b8 |
tracing: Free up file->private_data for use by individual events
The tracing_open_file_tr() function currently copies the trace_event_file pointer from inode->i_private to file->private_data when the file is successfully opened. This duplication is not particularly useful, as all event code should utilize event_file_file() or event_file_data() to retrieve a trace_event_file pointer from a file struct and these access functions read file->f_inode->i_private. Moreover, this setup requires the code for opening hist files to explicitly clear file->private_data before calling single_open(), since this function expects the private_data member to be set to NULL and uses it to store a pointer to a seq_file. Remove the unnecessary setting of file->private_data in tracing_open_file_tr() and simplify the hist code. Cc: Masami Hiramatsu <mhiramat@kernel.org> Cc: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> Cc: Tom Zanussi <zanussi@kernel.org> Link: https://patch.msgid.link/20260219162737.314231-6-petr.pavlu@suse.com Signed-off-by: Petr Pavlu <petr.pavlu@suse.com> Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org> |
|
|
Petr Pavlu
|
f0eaed2723 |
tracing: Clean up access to trace_event_file from a file pointer
The tracing code provides two functions event_file_file() and event_file_data() to obtain a trace_event_file pointer from a file struct. The primary method to use is event_file_file(), as it checks for the EVENT_FILE_FL_FREED flag to determine whether the event is being removed. The second function event_file_data() is an optimization for retrieving the same data when the event_mutex is still held. In the past, when removing an event directory in remove_event_file_dir(), the code set i_private to NULL for all event files and readers were expected to check for this state to recognize that the event is being removed. In the case of event_id_read(), the value was read using event_file_data() without acquiring the event_mutex. This required event_file_data() to use READ_ONCE() when retrieving the i_private data. With the introduction of eventfs, i_private is assigned when an eventfs inode is allocated and remains set throughout its lifetime. Remove the now unnecessary READ_ONCE() access to i_private in both event_file_file() and event_file_data(). Inline the access to i_private in remove_event_file_dir(), which allows event_file_data() to handle i_private solely as a trace_event_file pointer. Add a check in event_file_data() to ensure that the event_mutex is held and that file->flags doesn't have the EVENT_FILE_FL_FREED flag set. Finally, move event_file_data() immediately after event_file_code() since the latter provides a comment explaining how both functions should be used together. Cc: Masami Hiramatsu <mhiramat@kernel.org> Cc: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> Cc: Tom Zanussi <zanussi@kernel.org> Link: https://patch.msgid.link/20260219162737.314231-5-petr.pavlu@suse.com Signed-off-by: Petr Pavlu <petr.pavlu@suse.com> Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org> |
|
|
Petr Pavlu
|
f55c09dabb |
tracing: Remove unnecessary check for EVENT_FILE_FL_FREED
The event_filter_write() function calls event_file_file() to retrieve a trace_event_file associated with a given file struct. If a non-NULL pointer is returned, the function then checks whether the trace_event_file instance has the EVENT_FILE_FL_FREED flag set. This check is redundant because event_file_file() already performs this validation and returns NULL if the flag is set. The err value is also already initialized to -ENODEV. Remove the unnecessary check for EVENT_FILE_FL_FREED in event_filter_write(). Cc: Masami Hiramatsu <mhiramat@kernel.org> Cc: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> Cc: Tom Zanussi <zanussi@kernel.org> Link: https://patch.msgid.link/20260219162737.314231-4-petr.pavlu@suse.com Signed-off-by: Petr Pavlu <petr.pavlu@suse.com> Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org> |
|
Arnd Bergmann
|
473e470f16 |
tracing: move __printf() attribute on __ftrace_vbprintk()
The sunrpc change to use trace_printk() for debugging caused
a new warning for every instance of dprintk() in some configurations,
when -Wformat-security is enabled:
fs/nfs/getroot.c: In function 'nfs_get_root':
fs/nfs/getroot.c:90:17: error: format not a string literal and no format arguments [-Werror=format-security]
90 | nfs_errorf(fc, "NFS: Couldn't getattr on root");
I've been slowly chipping away at those warnings over time with the
intention of enabling them by default in the future. While I could not
figure out why this only happens for this one instance, I see that the
__trace_bprintk() function is always called with a local variable as
the format string, rather than a literal.
Move the __printf(2,3) annotation on this function from the declaration
to the caller. As this is can only be validated for literals, the
attribute on the declaration causes the warnings every time, but
removing it entirely introduces a new warning on the __ftrace_vbprintk()
definition.
The format strings still get checked because the underlying literal keeps
getting passed into __trace_printk() in the "else" branch, which is not
taken but still evaluated for compile-time warnings.
Cc: Masami Hiramatsu <mhiramat@kernel.org>
Cc: Anna Schumaker <anna.schumaker@oracle.com>
Cc: Chuck Lever <chuck.lever@oracle.com>
Cc: Simon Horman <horms@kernel.org>
Cc: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Yury Norov <ynorov@nvidia.com>
Cc: Randy Dunlap <rdunlap@infradead.org>
Link: https://patch.msgid.link/20260203164545.3174910-1-arnd@kernel.org
Fixes:
|
|
Linus Torvalds
|
c369299895 | Linux 7.0-rc5 | |
Mikko Perttunen
|
ec69c9e883 |
i2c: tegra: Don't mark devices with pins as IRQ safe
I2C devices with associated pinctrl states (DPAUX I2C controllers) will change pinctrl state during runtime PM. This requires taking a mutex, so these devices cannot be marked as IRQ safe. Add PINCTRL as dependency to avoid build errors. Signed-off-by: Mikko Perttunen <mperttunen@nvidia.com> Reported-by: Russell King <rmk+kernel@armlinux.org.uk> Link: https://lore.kernel.org/all/E1vsNBv-00000009nfA-27ZK@rmk-PC.armlinux.org.uk/ Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
|
|
Linus Torvalds
|
d5273fd3ca |
bpf-fixes
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEE+soXsSLHKoYyzcli6rmadz2vbToFAmnAGisACgkQ6rmadz2v bTqjsw/9GfHT/fdnjfA/q27TQH28ZdrZfq90BpI3m5BfTO8/l+Kt+g1HDGpku+C/ iWh66rg9t/P9nMvtdzvPsdT833UbwbY6fPEK3r7ANgf7SBb1DNvaGHBM6XNefvZV j+VcykKUaEo8U1GeG+gI4TyAALSqvvMeBPYpAPZDUYguYLyE+YIl2Pl6tWt+A7yf 9V3JjCSz63t75qqnhY2SIBZv2pqWiMaCI8uPgaF7drhQM5Xc0l/R75CMPGeF9BrT GRtTVJhY+6UyI2Q0ZRSRSVHZ1j2kYHI/eK3Kamxwal5hNh37BYHm3pT5TSHbZTe1 xO7c1AB0vds8kznRkclQfsMdjVwuBQj03ukLVNqnnaaE4Ir7JlXlXYgeG0KJbbfW kQG8UyDD7tMWZkvaA0Z51FC88WJNLJoNAku519alcMtgAf1CrxzG9aUAYEWE4erh E/FKKvFqQ6T0mOFSXlk1NFeMjNXcg5Tu2KKKKOjAWT6goUc4hw80IWydTyxMy32m 8/eLmdTZpAQovc2rS+5LSTigQ3DT082J950sxdQ3yRaLTWBGNC06gkA/WcRq2ZI+ hBdW6GI1XFwkXGw5+F9fN9Bt5FmE42v44i+RrlNZV1R5bVr0Za/ofkWP3dm1/SOg QRSJk30hx9JveR9gD/xWawycYFuwmha/BL0tur2T32M67MneJpo= =Ye1S -----END PGP SIGNATURE----- Merge tag 'bpf-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf Pull bpf fixes from Alexei Starovoitov: - Fix how linked registers track zero extension of subregisters (Daniel Borkmann) - Fix unsound scalar fork for OR instructions (Daniel Wade) - Fix exception exit lock check for subprogs (Ihor Solodrai) - Fix undefined behavior in interpreter for SDIV/SMOD instructions (Jenny Guanni Qu) - Release module's BTF when module is unloaded (Kumar Kartikeya Dwivedi) - Fix constant blinding for PROBE_MEM32 instructions (Sachin Kumar) - Reset register ID for END instructions to prevent incorrect value tracking (Yazhou Tang) * tag 'bpf-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf: selftests/bpf: Add a test cases for sync_linked_regs regarding zext propagation bpf: Fix sync_linked_regs regarding BPF_ADD_CONST32 zext propagation selftests/bpf: Add tests for maybe_fork_scalars() OR vs AND handling bpf: Fix unsound scalar forking in maybe_fork_scalars() for BPF_OR selftests/bpf: Add tests for sdiv32/smod32 with INT_MIN dividend bpf: Fix undefined behavior in interpreter sdiv/smod for INT_MIN selftests/bpf: Add tests for bpf_throw lock leak from subprogs bpf: Fix exception exit lock checking for subprogs bpf: Release module BTF IDR before module unload selftests/bpf: Fix pkg-config call on static builds bpf: Fix constant blinding for PROBE_MEM32 stores selftests/bpf: Add test for BPF_END register ID reset bpf: Reset register ID for BPF_END value tracking |
|
|
Linus Torvalds
|
ac57fa9faf |
tracing fixes for 7.0:
- Revert "tracing: Remove pid in task_rename tracing output" A change was made to remove the pid field from the task_rename event because it was thought that it was always done for the current task and recording the pid would be redundant. This turned out to be incorrect and there are a few corner case where this is not true and caused some regressions in tooling. - Fix the reading from user space for migration The reading of user space uses a seq lock type of logic where it uses a per-cpu temporary buffer and disables migration, then enables preemption, does the copy from user space, disables preemption, enables migration and checks if there was any schedule switches while preemption was enabled. If there was a context switch, then it is considered that the per-cpu buffer could be corrupted and it tries again. There's a protection check that tests if it takes a hundred tries, it issues a warning and exits out to prevent a live lock. This was triggered because the task was selected by the load balancer to be migrated to another CPU, every time preemption is enabled the migration task would schedule in try to migrate the task but can't because migration is disabled and let it run again. This caused the scheduler to schedule out the task every time it enabled preemption and made the loop never exit (until the 100 iteration test triggered). Fix this by enabling and disabling preemption and keeping migration enabled if the reading from user space needs to be done again. This will let the migration thread migrate the task and the copy from user space will likely pass on the next iteration. - Fix trace_marker copy option freeing The "copy_trace_marker" option allows a tracing instance to get a copy of a write to the trace_marker file of the top level instance. This is managed by a link list protected by RCU. When an instance is removed, a check is made if the option is set, and if so synchronized_rcu() is called. The problem is that an iteration is made to reset all the flags to what they were when the instance was created (to perform clean ups) was done before the check of the copy_trace_marker option and that option was cleared, so the synchronize_rcu() was never called. Move the clearing of all the flags after the check of copy_trace_marker to do synchronize_rcu() so that the option is still set if it was before and the synchronization is performed. - Fix entries setting when validating the persistent ring buffer When validating the persistent ring buffer on boot up, the number of events per sub-buffer is added to the sub-buffer meta page. The validator was updating cpu_buffer->head_page (the first sub-buffer of the per-cpu buffer) and not the "head_page" variable that was iterating the sub-buffers. This was causing the first sub-buffer to be assigned the entries for each sub-buffer and not the sub-buffer that was supposed to be updated. - Use "hash" value to update the direct callers When updating the ftrace direct callers, it assigned a temporary callback to all the callback functions of the ftrace ops and not just the functions represented by the passed in hash. This causes an unnecessary slow down of the functions of the ftrace_ops that is not being modified. Only update the functions that are going to be modified to call the ftrace loop function so that the update can be made on those functions. -----BEGIN PGP SIGNATURE----- iIoEABYKADIWIQRRSw7ePDh/lE+zeZMp5XQQmuv6qgUCacAMahQccm9zdGVkdEBn b29kbWlzLm9yZwAKCRAp5XQQmuv6qr0sAQCoI4L3iAR5HU1z8dw2GWhOz9fTnzfw 9VPRZAsga9J5xgEA1Y0bvKBM0UPHFAL2POkaILYV1aT00lZ7aIVHPqfdYgA= =OoGW -----END PGP SIGNATURE----- Merge tag 'trace-v7.0-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace Pull tracing fixes from Steven Rostedt: - Revert "tracing: Remove pid in task_rename tracing output" A change was made to remove the pid field from the task_rename event because it was thought that it was always done for the current task and recording the pid would be redundant. This turned out to be incorrect and there are a few corner case where this is not true and caused some regressions in tooling. - Fix the reading from user space for migration The reading of user space uses a seq lock type of logic where it uses a per-cpu temporary buffer and disables migration, then enables preemption, does the copy from user space, disables preemption, enables migration and checks if there was any schedule switches while preemption was enabled. If there was a context switch, then it is considered that the per-cpu buffer could be corrupted and it tries again. There's a protection check that tests if it takes a hundred tries, it issues a warning and exits out to prevent a live lock. This was triggered because the task was selected by the load balancer to be migrated to another CPU, every time preemption is enabled the migration task would schedule in try to migrate the task but can't because migration is disabled and let it run again. This caused the scheduler to schedule out the task every time it enabled preemption and made the loop never exit (until the 100 iteration test triggered). Fix this by enabling and disabling preemption and keeping migration enabled if the reading from user space needs to be done again. This will let the migration thread migrate the task and the copy from user space will likely pass on the next iteration. - Fix trace_marker copy option freeing The "copy_trace_marker" option allows a tracing instance to get a copy of a write to the trace_marker file of the top level instance. This is managed by a link list protected by RCU. When an instance is removed, a check is made if the option is set, and if so synchronized_rcu() is called. The problem is that an iteration is made to reset all the flags to what they were when the instance was created (to perform clean ups) was done before the check of the copy_trace_marker option and that option was cleared, so the synchronize_rcu() was never called. Move the clearing of all the flags after the check of copy_trace_marker to do synchronize_rcu() so that the option is still set if it was before and the synchronization is performed. - Fix entries setting when validating the persistent ring buffer When validating the persistent ring buffer on boot up, the number of events per sub-buffer is added to the sub-buffer meta page. The validator was updating cpu_buffer->head_page (the first sub-buffer of the per-cpu buffer) and not the "head_page" variable that was iterating the sub-buffers. This was causing the first sub-buffer to be assigned the entries for each sub-buffer and not the sub-buffer that was supposed to be updated. - Use "hash" value to update the direct callers When updating the ftrace direct callers, it assigned a temporary callback to all the callback functions of the ftrace ops and not just the functions represented by the passed in hash. This causes an unnecessary slow down of the functions of the ftrace_ops that is not being modified. Only update the functions that are going to be modified to call the ftrace loop function so that the update can be made on those functions. * tag 'trace-v7.0-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace: ftrace: Use hash argument for tmp_ops in update_ftrace_direct_mod ring-buffer: Fix to update per-subbuf entries of persistent ring buffer tracing: Fix trace_marker copy link list updates tracing: Fix failure to read user space from system call trace events tracing: Revert "tracing: Remove pid in task_rename tracing output" |
|
|
Linus Torvalds
|
11ac4ce3f7 |
i2c-for-7.0-rc5
pxa: fix broken I2C communication on Armada 3700 with recovery fsi: fix device_node reference leak in probe cp2615: fix NULL-deref when serial string is missing -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEOZGx6rniZ1Gk92RdFA3kzBSgKbYFAmm/trAACgkQFA3kzBSg KbaRxQ//a6yPhI6jQ8NDNnaO3c/RwvLbJsOyh7y7Q3cXl1IVbb6bPEY/PWJBGGeK XbmtqdT8vR7sh/OoxwSJYH70ZtRi0aWpL5adabiOl8VJhnW3rABrWS5WIBgm9djL k6p+lnTGNJHWw3PzwVb7lzkgkmyolc2g6qzpTJJd+it39G/ChPTt6vOU6wNgWSMK auRY59FBRwMkKymMt1co77bmvi/ehFm/Ohsjs4/bGkPr/Ngq6wVtm7tcdu5drShR VcexM+yu92pLBr7zR/p89E36W7aqWPGl8K7aYyDJjYXDHcOcRJAHjKi4lf+boCNa ze4dg66Hj6ONVgxOF5lTFGP3ITPg/JP02kskRlVqzJsZdm8hIQraq5eJEUBF0rWZ WsA/E8SuGeNe3hDck5YyoaNbpww0Ph1y+MgNglMXS/hKedEZL7ku5mU66wA1gjjm ek18V0rAFiBP3Ch7vTK4Se1CE1TUUSNoPdEwdPU5/3T8ZZLbgRewr4z5FPL2+Yb+ NdGy6ZPV7rRYXxQVVbNTQ9c4h4cuBYZgnrRGfYXyXXyQ77m5mZlMBa4emPoNExtO 9U2fxbfHU2QBTG0lMOWkbEtMc1bVSvYtDwv1X2gFsdkOy+tmyCDkDHsp0hqao0oo C5rlOYTl/9U6byrpBe8GiCrKHNNmtiuSDJzRUhdXHb8JqqPqp+c= =m7EX -----END PGP SIGNATURE----- Merge tag 'i2c-for-7.0-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux Pull i2c fixes from Wolfram Sang: - fix broken I2C communication on Armada 3700 with recovery - fix device_node reference leak in probe (fsi) - fix NULL-deref when serial string is missing (cp2615) * tag 'i2c-for-7.0-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux: i2c: pxa: defer reset on Armada 3700 when recovery is used i2c: fsi: Fix a potential leak in fsi_i2c_probe() i2c: cp2615: fix serial string NULL-deref at probe |
|
|
Linus Torvalds
|
8d8bd2a5aa |
Miscellaneous x86 fixes:
- Improve Qemu MCE-injection behavior by only using
AMD SMCA MSRs if the feature bit is set.
- Fix the relative path of gettimeofday.c inclusion
in vclock_gettime.c
- Fix a boot crash on UV clusters when a socket is
marked as 'deconfigured' which are mapped to the
SOCK_EMPTY (0xffff [short -1]) node ID by the UV firmware,
while Linux APIs expect NUMA_NO_NODE (0xffffffff [int -1]).
Signed-off-by: Ingo Molnar <mingo@kernel.org>
-----BEGIN PGP SIGNATURE-----
iQJFBAABCgAvFiEEBpT5eoXrXCwVQwEKEnMQ0APhK1gFAmm/qYwRHG1pbmdvQGtl
cm5lbC5vcmcACgkQEnMQ0APhK1imUBAAmL2xQCgOZCeLPWFZ28S5EiKf5xvyC9R4
uIm/WncXYQDJZN0JaTABdjmLiaBQnlyULpmqN47Xuiy8avMO532S92yreFpWR2OB
5TEE/v9+wcbSQOJBELhch3XNzUu7cNPQ+HbOuhot4rpK/MlyJ8rHaHLYVSVhRBYG
ynM3iTDvD6ENtyAOGT1Afkxg/sqMOZG8jdwrN1z8BH3AMU8BJ6OgfguqKuEi99Vp
Lz31a3bR0LcRPZ4ECKH0ModcKgjkqcgnVccOYCDtq8XReciGQo1Zg0diiV6VRn2a
hAqoSvdd9e1XUGoU8dEi0KwR5YXYJh3uOmjSH56rbceXr5XxPcKRJ4mOOX0GX+KC
KZl5KdwJo4veHodxWTYFe+67hi84BwKoB4gM36nRhDmzLS/XHoI4RUOjZVXSPVzJ
dwBBZDKd9tP6aaFruSa+v5sH7EbVartwLuEkQx6SDydS/4htGbESKTxgdqr63gUZ
jwmFRVaPo3FUWkOhS9GExt6XewhBVaJ9/cHZkcpW0vrm9RBlFoyTX9YLfkF4x9O1
h3wxXsULyZuYn5/tunIFfDsLpcmgsz85NXnW+0A1URAAWFNRYfVIKxaO7tUUF2OA
asnOe0NrztvKoZfKzCi7s14HVCPT34aEp3Vf2Am/QRMy5JYLhS3xAwApiZ/hrZ4R
Kb+4dVfh12Q=
=uIqH
-----END PGP SIGNATURE-----
Merge tag 'x86-urgent-2026-03-22' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull x86 fixes from Ingo Molnar:
- Improve Qemu MCE-injection behavior by only using AMD SMCA MSRs if
the feature bit is set
- Fix the relative path of gettimeofday.c inclusion in vclock_gettime.c
- Fix a boot crash on UV clusters when a socket is marked as
'deconfigured' which are mapped to the SOCK_EMPTY node ID by
the UV firmware, while Linux APIs expect NUMA_NO_NODE.
The difference being (0xffff [unsigned short ~0]) vs [int -1]
* tag 'x86-urgent-2026-03-22' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
x86/platform/uv: Handle deconfigured sockets
x86/entry/vdso: Fix path of included gettimeofday.c
x86/mce/amd: Check SMCA feature bit before accessing SMCA MSRs
|
|
|
Linus Torvalds
|
ebfd9b7af2 |
Miscellaneous perf fixes:
- Fix a PMU driver crash on AMD EPYC systems, caused by
a race condition in x86_pmu_enable()
- Fix a possible counter-initialization bug in x86_pmu_enable()
- Fix a counter inheritance bug in inherit_event() and
__perf_event_read()
- Fix an Intel PMU driver branch constraints handling bug
found by UBSAN
- Fix the Intel PMU driver's new Off-Module Response (OMR)
support code for Diamond Rapids / Nova lake, to fix a snoop
information parsing bug
Signed-off-by: Ingo Molnar <mingo@kernel.org>
-----BEGIN PGP SIGNATURE-----
iQJFBAABCgAvFiEEBpT5eoXrXCwVQwEKEnMQ0APhK1gFAmm/ptcRHG1pbmdvQGtl
cm5lbC5vcmcACgkQEnMQ0APhK1i8yBAAsbAbTzyJOxiE29beCiW3r9V4ELtrSlpG
syUtZ4Y1cozK1w6/8S2oWHJkuWa+ToO6bn9rKxNemWIrnsxe5B4iKfeNWRFTz24g
41xTXaxUB9c7vBgv4BDvr/ykkYGQybkn0Bf/U5rufzvIlst9bx7zKVAnIT9Qws37
UTMY96XGYY5HNzGSZbQkpQ4cs8n72U+00OBHMTWtH8NJT+fRmaM312Q8F6wNKgH2
YtaAjwb55BU5+hQUz5YN96xQGYaoj0s8UtOk4a3tS/t0F8mOodDVTxzMdHKToQmD
SbscGvfC+bg5zjoYGFEU+cXoBMkkZlBPqZdLVQAGEy3YZT+JIdmyJhn9FD6HVuVw
OzyG9VuY+TxOFrFQdMs3Xfa0vZ7AO1c90HB08P4T7nWaMioR1iFAF31MSVEMXuzd
ZROHplWNIqDeOzmerXgZq4JWy3Bpaam8fH1B5/qN450oAxaym3lCOoCZidJYgy3g
CVBF/6BO7DlpKiy9lXknRscItwIiRmZ9Xr+sOmOMQRGqQkC6Ykk/Hj2sA1qKPuQ5
ruRqqaL9cznttAoJR2jZ0Ijyu7usgxB/y066nR1zXKdvEdNcntaic+QybHxbQoYx
kyYNoR1dg+AWLb5juT68abkP4trZ8EUa7Q29OX1SzTk+0U7M0fO3/rq9gt71HiHR
WSjRDQPfWrI=
=jp5H
-----END PGP SIGNATURE-----
Merge tag 'perf-urgent-2026-03-22' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull perf fixes from Ingo Molnar:
- Fix a PMU driver crash on AMD EPYC systems, caused by
a race condition in x86_pmu_enable()
- Fix a possible counter-initialization bug in x86_pmu_enable()
- Fix a counter inheritance bug in inherit_event() and
__perf_event_read()
- Fix an Intel PMU driver branch constraints handling bug
found by UBSAN
- Fix the Intel PMU driver's new Off-Module Response (OMR)
support code for Diamond Rapids / Nova lake, to fix a snoop
information parsing bug
* tag 'perf-urgent-2026-03-22' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
perf/x86/intel: Fix OMR snoop information parsing issues
perf/x86/intel: Add missing branch counters constraint apply
perf: Make sure to use pmu_ctx->pmu for groups
x86/perf: Make sure to program the counter value for stopped events on migration
perf/x86: Move event pointer setup earlier in x86_pmu_enable()
|
|
|
Linus Torvalds
|
dea622e183 |
Fix 3 more livepatching related build environment bugs,
and fix a false positive warning with Clang jump tables. Signed-off-by: Ingo Molnar <mingo@kernel.org> -----BEGIN PGP SIGNATURE----- iQJFBAABCgAvFiEEBpT5eoXrXCwVQwEKEnMQ0APhK1gFAmm/o/YRHG1pbmdvQGtl cm5lbC5vcmcACgkQEnMQ0APhK1i7Lw/8DSESHczzmJVAteyX1Di5zUTWl1+bvO0M gRcDN/7Mycs2LGwCXpjCEDOBUmG9kfQyDbwxQgMc9K59VWyDvhPmxiy2tF8JE6F0 2LYjq7uW9Tno2OENGXglDOiExLg6v8g1ERn6q8Xdq3VYMuIb6aRdlOWwTv6TQ22m DdO9BQwCTd07KQsKlSfIUPKM/+zfoPMLbO2dsGfO64BhPxUkvzyR1gaNlhnDYfYy xbC3RkQsnA1OO9+bFK5zRimSjKxK/kDt1UH3HAJutP/kArWEZ84lv2faDfW8xHIQ cYgIzNL1Vq1nPb0mDuApff4i8DSGE4GdTphKmsqJeXOqaFCnYOKfr09D3H5bP8+S Vg7AqEaDUQIIMzZsZIh3zb2WKyf5oC/ZbcP5D+ryCCq9/TCrEeysj/4NmlrX/Vfg X4yqo5uJR4gqtBg1Vut9SNzEWMstxtUX5VT+e9S58Cy8UZcOvEE66laXPN1am5u9 mNXMHnLJglrbIOISf3W74bcJOrVy5MI8z7TzTu2uL7qctw/pg1Sd4wut7MZ3cBv3 Jg4qfIUKVDq06pnKDLxMT5Nv70Dh+TwWIITA331LBgFeipaAHblPKEpmv0lc/Rx1 p85buVOVxonAxEGgLYvbt4KmuO8iV5ikSFkgrx93qBFPKFYXIfbXXPK9Uq2Dxbyl gb69W40BjwE= =W/aM -----END PGP SIGNATURE----- Merge tag 'objtool-urgent-2026-03-22' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull objtool fixes from Ingo Molnar: "Fix three more livepatching related build environment bugs, and a false positive warning with Clang jump tables" * tag 'objtool-urgent-2026-03-22' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: objtool: Fix Clang jump table detection livepatch/klp-build: Fix inconsistent kernel version objtool/klp: fix mkstemp() failure with long paths objtool/klp: fix data alignment in __clone_symbol() |
|
|
Linus Torvalds
|
d56d4a110f |
Fix a Sparse build errors regression in <linux/local_lock_internal.h>
caused by the locking context-analysis changes. Signed-off-by: Ingo Molnar <mingo@kernel.org> -----BEGIN PGP SIGNATURE----- iQJFBAABCgAvFiEEBpT5eoXrXCwVQwEKEnMQ0APhK1gFAmm/ovMRHG1pbmdvQGtl cm5lbC5vcmcACgkQEnMQ0APhK1hiMA/+MiNrnVNtbLBib1HOeYeli7MLFZ4VqTj5 MPHvRPXX/RyfFYa1pr9tQZUOMa7xTL8Dk5qiyQ1gDvCKrT16LR8/7sNelK395csz WJIzb4Ec4ugIQXtS3hUhNLc4yffGmLd2aSV66OomSEQ7wDD5+yXtyq7rXeX2bYAt kTQ6OR0WanHIgrBRJWrFazYhBt0ZNNDfEczjbbDY/816qG/6Q46G+NiTDKWV0G83 8Ll7FrIVBj8q+8XlzUDmmbDP9eCMGK2Nj++l7AlUqxPO0qNo+8PpQseOp7qoOerx IAE6fOHPuY/VnAJYHc/hnCVN92Dzs4UQjpYXCL7bME7TdiIVVDfE4mACa/47O6K1 ifyWxM8RM4UWEeb1QRb73VgLvl8v9biul0twBjnRXW0bFCHCm8s7qR/1HSU7y/wf 3C55EtjV3uKyNAqHlwrtLQv+RdYjgxzKWTjcNp0kz5eoE1Bs1KLX3xwZR5xN6/jO EYVZCp480wphYc0rs7+FNerYDQW3RXDhZMTei19De8OPDeQPYxAGkscyyCgwguyR ks8FEFAYJgT9c9tLU44ziZG56zeOqJcj2mq95er6XpOzVyn2txLD2YDpoyE3mB55 pTwzLT3I4I75eB6l5IQObqliQkxK3i9LNELWZiHVP97LPsukTSbiFvCBso7mmi+2 Eg2Vcp/RqD8= =o1hi -----END PGP SIGNATURE----- Merge tag 'locking-urgent-2026-03-22' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull locking fix from Ingo Molnar: "Fix a sparse build error regression in <linux/local_lock_internal.h> caused by the locking context-analysis changes" * tag 'locking-urgent-2026-03-22' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: include/linux/local_lock_internal.h: Make this header file again compatible with sparse |
|
|
Linus Torvalds
|
b5fddfad34 |
Fix a mailbox channel leak in the riscv-rpmi-sysmsi irqchip
driver. Signed-off-by: Ingo Molnar <mingo@kernel.org> -----BEGIN PGP SIGNATURE----- iQJFBAABCgAvFiEEBpT5eoXrXCwVQwEKEnMQ0APhK1gFAmm/og4RHG1pbmdvQGtl cm5lbC5vcmcACgkQEnMQ0APhK1i7sA//Qxn4k58utBtxIZlEo0vlVUB3kBTPOyRN Y73LrkP8RUA0MTIfMlK8W5TABDr7c1yIYT7qA5f8BRWUaovex1zQUcDJqW8GM8if A9mnu2BkXf9prj95RrDjujhcA1Xef9ZrrgcpLYkVR1jtlDD9Y25pvL1Dn567kqL+ IogsHqIFPG9oigEcQwciFo54WE2gkqJwer2oK+f0CWv5AobWZYPoCJjLD0+3FJ5z Ghf75Hd9yHHbNQn/z000/ljr6GSE4V5iPEN0b00FlLYNUwSJENBLEP5pMQVSyB7z eFK8fd36TDYH9bcyDn4N/5ATiiM03/obaG8NYAJi8yxVL8CQ6dwUcRWqRcEN0kIy zN/B+NS8TgDURIUWzbHWXavOv1UvyBk/rxi0KlbL82GWHhyjAsCuT4UJZlS79CSN 3/LW+zg1lHOyB+IIjLVWj28K3wLsFSLMxh6hjHuJKHovnxyn7V0iJk3NMxtTjCMz MN6FqMNS9Dzdix9/fZwMJBgkUw9qG4keUBH7XY0reJ4yZRcy84VYzPIMaLNSC/sw RGzC7cbx9bYxFCgxJ7Dk947gmZK2CFSneiFsrcNcBDY2777I9/Yzm5tYQ2CpGQRA QxZWh2maq6RZ74Sgzv1RK2KSh5cUbAxbv1tDuTBmg7Nh7ymyRLIf+zNdCiyqyJV8 FNuv8/se+wo= =sc8B -----END PGP SIGNATURE----- Merge tag 'irq-urgent-2026-03-22' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull irq fix from Ingo Molnar: "Fix a mailbox channel leak in the riscv-rpmi-sysmsi irqchip driver" * tag 'irq-urgent-2026-03-22' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: irqchip/riscv-rpmi-sysmsi: Fix mailbox channel leak in rpmi_sysmsi_probe() |
|
|
Linus Torvalds
|
d723091c8c |
Driver core fixes for 7.0-rc5
- Generalize driver_override in the driver core, providing a common sysfs implementation and concurrency-safe accessors for bus implementations - Do not use driver_override as IRQ name in the hwmon axi-fan driver - Remove an unnecessary driver_override check in sh platform_early - Migrate the platform bus to use the generic driver_override infrastructure, fixing a UAF condition caused by accessing the driver_override field without proper locking in the platform_match() callback -----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQS2q/xV6QjXAdC7k+1FlHeO1qrKLgUCab6dRwAKCRBFlHeO1qrK LnELAP9MkP5mnaIbAM5/kYWaG+nQhsBTdzSbLSqv0vca7bljlwD/RFzAXOaCKvNz 8GrnY7FHzGSMPQhT+L86idGRCPmujgI= =dxv9 -----END PGP SIGNATURE----- Merge tag 'driver-core-7.0-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/driver-core/driver-core Pull driver core fixes from Danilo Krummrich: - Generalize driver_override in the driver core, providing a common sysfs implementation and concurrency-safe accessors for bus implementations - Do not use driver_override as IRQ name in the hwmon axi-fan driver - Remove an unnecessary driver_override check in sh platform_early - Migrate the platform bus to use the generic driver_override infrastructure, fixing a UAF condition caused by accessing the driver_override field without proper locking in the platform_match() callback * tag 'driver-core-7.0-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/driver-core/driver-core: driver core: platform: use generic driver_override infrastructure sh: platform_early: remove pdev->driver_override check hwmon: axi-fan: don't use driver_override as IRQ name docs: driver-model: document driver_override driver core: generalize driver_override in struct device |
|
Jiri Olsa
|
50b35c9e50 |
ftrace: Use hash argument for tmp_ops in update_ftrace_direct_mod
The modify logic registers temporary ftrace_ops object (tmp_ops) to trigger
the slow path for all direct callers to be able to safely modify attached
addresses.
At the moment we use ops->func_hash for tmp_ops filter, which represents all
the systems attachments. It's faster to use just the passed hash filter, which
contains only the modified sites and is always a subset of the ops->func_hash.
Cc: Alexei Starovoitov <ast@kernel.org>
Cc: Daniel Borkmann <daniel@iogearbox.net>
Cc: Andrii Nakryiko <andrii@kernel.org>
Cc: Menglong Dong <menglong8.dong@gmail.com>
Cc: Song Liu <song@kernel.org>
Link: https://patch.msgid.link/20260312123738.129926-1-jolsa@kernel.org
Fixes:
|
|
Masami Hiramatsu (Google)
|
f35dbac694 |
ring-buffer: Fix to update per-subbuf entries of persistent ring buffer
Since the validation loop in rb_meta_validate_events() updates the same
cpu_buffer->head_page->entries, the other subbuf entries are not updated.
Fix to use head_page to update the entries field, since it is the cursor
in this loop.
Cc: stable@vger.kernel.org
Cc: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Cc: Ian Rogers <irogers@google.com>
Fixes:
|
|
Steven Rostedt
|
07183aac4a |
tracing: Fix trace_marker copy link list updates
When the "copy_trace_marker" option is enabled for an instance, anything
written into /sys/kernel/tracing/trace_marker is also copied into that
instances buffer. When the option is set, that instance's trace_array
descriptor is added to the marker_copies link list. This list is protected
by RCU, as all iterations uses an RCU protected list traversal.
When the instance is deleted, all the flags that were enabled are cleared.
This also clears the copy_trace_marker flag and removes the trace_array
descriptor from the list.
The issue is after the flags are called, a direct call to
update_marker_trace() is performed to clear the flag. This function
returns true if the state of the flag changed and false otherwise. If it
returns true here, synchronize_rcu() is called to make sure all readers
see that its removed from the list.
But since the flag was already cleared, the state does not change and the
synchronization is never called, leaving a possible UAF bug.
Move the clearing of all flags below the updating of the copy_trace_marker
option which then makes sure the synchronization is performed.
Also use the flag for checking the state in update_marker_trace() instead
of looking at if the list is empty.
Cc: stable@vger.kernel.org
Cc: Masami Hiramatsu <mhiramat@kernel.org>
Cc: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Link: https://patch.msgid.link/20260318185512.1b6c7db4@gandalf.local.home
Fixes:
|
|
|
Steven Rostedt
|
edca33a562 |
tracing: Fix failure to read user space from system call trace events
The system call trace events call trace_user_fault_read() to read the user
space part of some system calls. This is done by grabbing a per-cpu
buffer, disabling migration, enabling preemption, calling
copy_from_user(), disabling preemption, enabling migration and checking if
the task was preempted while preemption was enabled. If it was, the buffer
is considered corrupted and it tries again.
There's a safety mechanism that will fail out of this loop if it fails 100
times (with a warning). That warning message was triggered in some
pi_futex stress tests. Enabling the sched_switch trace event and
traceoff_on_warning, showed the problem:
pi_mutex_hammer-1375 [006] d..21 138.981648: sched_switch: prev_comm=pi_mutex_hammer prev_pid=1375 prev_prio=95 prev_state=R+ ==> next_comm=migration/6 next_pid=47 next_prio=0
migration/6-47 [006] d..2. 138.981651: sched_switch: prev_comm=migration/6 prev_pid=47 prev_prio=0 prev_state=S ==> next_comm=pi_mutex_hammer next_pid=1375 next_prio=95
pi_mutex_hammer-1375 [006] d..21 138.981656: sched_switch: prev_comm=pi_mutex_hammer prev_pid=1375 prev_prio=95 prev_state=R+ ==> next_comm=migration/6 next_pid=47 next_prio=0
migration/6-47 [006] d..2. 138.981659: sched_switch: prev_comm=migration/6 prev_pid=47 prev_prio=0 prev_state=S ==> next_comm=pi_mutex_hammer next_pid=1375 next_prio=95
pi_mutex_hammer-1375 [006] d..21 138.981664: sched_switch: prev_comm=pi_mutex_hammer prev_pid=1375 prev_prio=95 prev_state=R+ ==> next_comm=migration/6 next_pid=47 next_prio=0
migration/6-47 [006] d..2. 138.981667: sched_switch: prev_comm=migration/6 prev_pid=47 prev_prio=0 prev_state=S ==> next_comm=pi_mutex_hammer next_pid=1375 next_prio=95
pi_mutex_hammer-1375 [006] d..21 138.981671: sched_switch: prev_comm=pi_mutex_hammer prev_pid=1375 prev_prio=95 prev_state=R+ ==> next_comm=migration/6 next_pid=47 next_prio=0
migration/6-47 [006] d..2. 138.981675: sched_switch: prev_comm=migration/6 prev_pid=47 prev_prio=0 prev_state=S ==> next_comm=pi_mutex_hammer next_pid=1375 next_prio=95
pi_mutex_hammer-1375 [006] d..21 138.981679: sched_switch: prev_comm=pi_mutex_hammer prev_pid=1375 prev_prio=95 prev_state=R+ ==> next_comm=migration/6 next_pid=47 next_prio=0
migration/6-47 [006] d..2. 138.981682: sched_switch: prev_comm=migration/6 prev_pid=47 prev_prio=0 prev_state=S ==> next_comm=pi_mutex_hammer next_pid=1375 next_prio=95
pi_mutex_hammer-1375 [006] d..21 138.981687: sched_switch: prev_comm=pi_mutex_hammer prev_pid=1375 prev_prio=95 prev_state=R+ ==> next_comm=migration/6 next_pid=47 next_prio=0
migration/6-47 [006] d..2. 138.981690: sched_switch: prev_comm=migration/6 prev_pid=47 prev_prio=0 prev_state=S ==> next_comm=pi_mutex_hammer next_pid=1375 next_prio=95
pi_mutex_hammer-1375 [006] d..21 138.981695: sched_switch: prev_comm=pi_mutex_hammer prev_pid=1375 prev_prio=95 prev_state=R+ ==> next_comm=migration/6 next_pid=47 next_prio=0
migration/6-47 [006] d..2. 138.981698: sched_switch: prev_comm=migration/6 prev_pid=47 prev_prio=0 prev_state=S ==> next_comm=pi_mutex_hammer next_pid=1375 next_prio=95
pi_mutex_hammer-1375 [006] d..21 138.981703: sched_switch: prev_comm=pi_mutex_hammer prev_pid=1375 prev_prio=95 prev_state=R+ ==> next_comm=migration/6 next_pid=47 next_prio=0
migration/6-47 [006] d..2. 138.981706: sched_switch: prev_comm=migration/6 prev_pid=47 prev_prio=0 prev_state=S ==> next_comm=pi_mutex_hammer next_pid=1375 next_prio=95
pi_mutex_hammer-1375 [006] d..21 138.981711: sched_switch: prev_comm=pi_mutex_hammer prev_pid=1375 prev_prio=95 prev_state=R+ ==> next_comm=migration/6 next_pid=47 next_prio=0
migration/6-47 [006] d..2. 138.981714: sched_switch: prev_comm=migration/6 prev_pid=47 prev_prio=0 prev_state=S ==> next_comm=pi_mutex_hammer next_pid=1375 next_prio=95
pi_mutex_hammer-1375 [006] d..21 138.981719: sched_switch: prev_comm=pi_mutex_hammer prev_pid=1375 prev_prio=95 prev_state=R+ ==> next_comm=migration/6 next_pid=47 next_prio=0
migration/6-47 [006] d..2. 138.981722: sched_switch: prev_comm=migration/6 prev_pid=47 prev_prio=0 prev_state=S ==> next_comm=pi_mutex_hammer next_pid=1375 next_prio=95
pi_mutex_hammer-1375 [006] d..21 138.981727: sched_switch: prev_comm=pi_mutex_hammer prev_pid=1375 prev_prio=95 prev_state=R+ ==> next_comm=migration/6 next_pid=47 next_prio=0
migration/6-47 [006] d..2. 138.981730: sched_switch: prev_comm=migration/6 prev_pid=47 prev_prio=0 prev_state=S ==> next_comm=pi_mutex_hammer next_pid=1375 next_prio=95
pi_mutex_hammer-1375 [006] d..21 138.981735: sched_switch: prev_comm=pi_mutex_hammer prev_pid=1375 prev_prio=95 prev_state=R+ ==> next_comm=migration/6 next_pid=47 next_prio=0
migration/6-47 [006] d..2. 138.981738: sched_switch: prev_comm=migration/6 prev_pid=47 prev_prio=0 prev_state=S ==> next_comm=pi_mutex_hammer next_pid=1375 next_prio=95
What happened was the task 1375 was flagged to be migrated. When
preemption was enabled, the migration thread woke up to migrate that task,
but failed because migration for that task was disabled. This caused the
loop to fail to exit because the task scheduled out while trying to read
user space.
Every time the task enabled preemption the migration thread would schedule
in, try to migrate the task, fail and let the task continue. But because
the loop would only enable preemption with migration disabled, it would
always fail because each time it enabled preemption to read user space,
the migration thread would try to migrate it.
To solve this, when the loop fails to read user space without being
scheduled out, enabled and disable preemption with migration enabled. This
will allow the migration task to successfully migrate the task and the
next loop should succeed to read user space without being scheduled out.
Cc: stable@vger.kernel.org
Cc: Masami Hiramatsu <mhiramat@kernel.org>
Cc: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Link: https://patch.msgid.link/20260316130734.1858a998@gandalf.local.home
Fixes:
|
|
Xuewen Yan
|
a6f22e50c7 |
tracing: Revert "tracing: Remove pid in task_rename tracing output"
This reverts commit |
|
Daniel Borkmann
|
4a04d13576 |
selftests/bpf: Add a test cases for sync_linked_regs regarding zext propagation
Add multiple test cases for linked register tracking with alu32 ops:
- Add a test that checks sync_linked_regs() regarding reg->id (the linked
target register) for BPF_ADD_CONST32 rather than known_reg->id (the
branch register).
- Add a test case for linked register tracking that exposes the cross-type
sync_linked_regs() bug. One register uses alu32 (w7 += 1, BPF_ADD_CONST32)
and another uses alu64 (r8 += 2, BPF_ADD_CONST64), both linked to the
same base register.
- Add a test case that exercises regsafe() path pruning when two execution
paths reach the same program point with linked registers carrying
different ADD_CONST flags (BPF_ADD_CONST32 from alu32 vs BPF_ADD_CONST64
from alu64). This particular test passes with and without the fix since
the pruning will fail due to different ranges, but it would still be
useful to carry this one as a regression test for the unreachable div
by zero.
With the fix applied all the tests pass:
# LDLIBS=-static PKG_CONFIG='pkg-config --static' ./vmtest.sh -- ./test_progs -t verifier_linked_scalars
[...]
./test_progs -t verifier_linked_scalars
#602/1 verifier_linked_scalars/scalars: find linked scalars:OK
#602/2 verifier_linked_scalars/sync_linked_regs_preserves_id:OK
#602/3 verifier_linked_scalars/scalars_neg:OK
#602/4 verifier_linked_scalars/scalars_neg_sub:OK
#602/5 verifier_linked_scalars/scalars_neg_alu32_add:OK
#602/6 verifier_linked_scalars/scalars_neg_alu32_sub:OK
#602/7 verifier_linked_scalars/scalars_pos:OK
#602/8 verifier_linked_scalars/scalars_sub_neg_imm:OK
#602/9 verifier_linked_scalars/scalars_double_add:OK
#602/10 verifier_linked_scalars/scalars_sync_delta_overflow:OK
#602/11 verifier_linked_scalars/scalars_sync_delta_overflow_large_range:OK
#602/12 verifier_linked_scalars/scalars_alu32_big_offset:OK
#602/13 verifier_linked_scalars/scalars_alu32_basic:OK
#602/14 verifier_linked_scalars/scalars_alu32_wrap:OK
#602/15 verifier_linked_scalars/scalars_alu32_zext_linked_reg:OK
#602/16 verifier_linked_scalars/scalars_alu32_alu64_cross_type:OK
#602/17 verifier_linked_scalars/scalars_alu32_alu64_regsafe_pruning:OK
#602/18 verifier_linked_scalars/alu32_negative_offset:OK
#602/19 verifier_linked_scalars/spurious_precision_marks:OK
#602 verifier_linked_scalars:OK
Summary: 1/19 PASSED, 0 SKIPPED, 0 FAILED
Co-developed-by: Puranjay Mohan <puranjay@kernel.org>
Signed-off-by: Puranjay Mohan <puranjay@kernel.org>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Eduard Zingerman <eddyz87@gmail.com>
Link: https://lore.kernel.org/r/20260319211507.213816-2-daniel@iogearbox.net
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
|
|
|
Daniel Borkmann
|
bc308be380 |
bpf: Fix sync_linked_regs regarding BPF_ADD_CONST32 zext propagation
Jenny reported that in sync_linked_regs() the BPF_ADD_CONST32 flag is
checked on known_reg (the register narrowed by a conditional branch)
instead of reg (the linked target register created by an alu32 operation).
Example case with reg:
1. r6 = bpf_get_prandom_u32()
2. r7 = r6 (linked, same id)
3. w7 += 5 (alu32 -- r7 gets BPF_ADD_CONST32, zero-extended by CPU)
4. if w6 < 0xFFFFFFFC goto safe (narrows r6 to [0xFFFFFFFC, 0xFFFFFFFF])
5. sync_linked_regs() propagates to r7 but does NOT call zext_32_to_64()
6. Verifier thinks r7 is [0x100000001, 0x100000004] instead of [1, 4]
Since known_reg above does not have BPF_ADD_CONST32 set above, zext_32_to_64()
is never called on alu32-derived linked registers. This causes the verifier
to track incorrect 64-bit bounds, while the CPU correctly zero-extends the
32-bit result.
The code checking known_reg->id was correct however (see scalars_alu32_wrap
selftest case), but the real fix needs to handle both directions - zext
propagation should be done when either register has BPF_ADD_CONST32, since
the linked relationship involves a 32-bit operation regardless of which
side has the flag.
Example case with known_reg (exercised also by scalars_alu32_wrap):
1. r1 = r0; w1 += 0x100 (alu32 -- r1 gets BPF_ADD_CONST32)
2. if r1 > 0x80 - known_reg = r1 (has BPF_ADD_CONST32), reg = r0 (doesn't)
Hence, fix it by checking for (reg->id | known_reg->id) & BPF_ADD_CONST32.
Moreover, sync_linked_regs() also has a soundness issue when two linked
registers used different ALU widths: one with BPF_ADD_CONST32 and the
other with BPF_ADD_CONST64. The delta relationship between linked registers
assumes the same arithmetic width though. When one register went through
alu32 (CPU zero-extends the 32-bit result) and the other went through
alu64 (no zero-extension), the propagation produces incorrect bounds.
Example:
r6 = bpf_get_prandom_u32() // fully unknown
if r6 >= 0x100000000 goto out // constrain r6 to [0, U32_MAX]
r7 = r6
w7 += 1 // alu32: r7.id = N | BPF_ADD_CONST32
r8 = r6
r8 += 2 // alu64: r8.id = N | BPF_ADD_CONST64
if r7 < 0xFFFFFFFF goto out // narrows r7 to [0xFFFFFFFF, 0xFFFFFFFF]
At the branch on r7, sync_linked_regs() runs with known_reg=r7
(BPF_ADD_CONST32) and reg=r8 (BPF_ADD_CONST64). The delta path
computes:
r8 = r7 + (delta_r8 - delta_r7) = 0xFFFFFFFF + (2 - 1) = 0x100000000
Then, because known_reg->id has BPF_ADD_CONST32, zext_32_to_64(r8) is
called, truncating r8 to [0, 0]. But r8 used a 64-bit ALU op -- the
CPU does NOT zero-extend it. The actual CPU value of r8 is
0xFFFFFFFE + 2 = 0x100000000, not 0. The verifier now underestimates
r8's 64-bit bounds, which is a soundness violation.
Fix sync_linked_regs() by skipping propagation when the two registers
have mixed ALU widths (one BPF_ADD_CONST32, the other BPF_ADD_CONST64).
Lastly, fix regsafe() used for path pruning: the existing checks used
"& BPF_ADD_CONST" to test for offset linkage, which treated
BPF_ADD_CONST32 and BPF_ADD_CONST64 as equivalent.
Fixes:
|
|
Alexei Starovoitov
|
06880982c6 |
Merge branch 'bpf-fix-unsound-scalar-forking-for-bpf_or'
Daniel Wade says:
====================
bpf: Fix unsound scalar forking for BPF_OR
maybe_fork_scalars() unconditionally sets the pushed path dst register
to 0 for both BPF_AND and BPF_OR. For AND this is correct (0 & K == 0),
but for OR it is wrong (0 | K == K, not 0). This causes the verifier to
track an incorrect value on the pushed path, leading to a verifier/runtime
divergence that allows out-of-bounds map value access.
v4: Use block comment style for multi-line comments in selftests (Amery Hung)
Add Reviewed-by/Acked-by tags
v3: Use single-line comment style in selftests (Alexei Starovoitov)
v2: Use push_stack(env, env->insn_idx, ...) to re-execute the insn
on the pushed path (Eduard Zingerman)
====================
Link: https://patch.msgid.link/20260314021521.128361-1-danjwade95@gmail.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
|
|
Daniel Wade
|
0ad1734cc5 |
selftests/bpf: Add tests for maybe_fork_scalars() OR vs AND handling
Add three test cases to verifier_bounds.c to verify that maybe_fork_scalars() correctly tracks register values for BPF_OR operations with constant source operands: 1. or_scalar_fork_rejects_oob: After ARSH 63 + OR 8, the pushed path should have dst = 8. With value_size = 8, accessing map_value + 8 is out of bounds and must be rejected. 2. and_scalar_fork_still_works: Regression test ensuring AND forking continues to work. ARSH 63 + AND 4 produces pushed dst = 0 and current dst = 4, both within value_size = 8. 3. or_scalar_fork_allows_inbounds: After ARSH 63 + OR 4, the pushed path has dst = 4, which is within value_size = 8 and should be accepted. These tests exercise the fix in the previous patch, which makes the pushed path re-execute the ALU instruction so it computes the correct result for BPF_OR. Signed-off-by: Daniel Wade <danjwade95@gmail.com> Reviewed-by: Amery Hung <ameryhung@gmail.com> Acked-by: Eduard Zingerman <eddyz87@gmail.com> Link: https://lore.kernel.org/r/20260314021521.128361-3-danjwade95@gmail.com Signed-off-by: Alexei Starovoitov <ast@kernel.org> |
|
|
Daniel Wade
|
c845894ebd |
bpf: Fix unsound scalar forking in maybe_fork_scalars() for BPF_OR
maybe_fork_scalars() is called for both BPF_AND and BPF_OR when the
source operand is a constant. When dst has signed range [-1, 0], it
forks the verifier state: the pushed path gets dst = 0, the current
path gets dst = -1.
For BPF_AND this is correct: 0 & K == 0.
For BPF_OR this is wrong: 0 | K == K, not 0.
The pushed path therefore tracks dst as 0 when the runtime value is K,
producing an exploitable verifier/runtime divergence that allows
out-of-bounds map access.
Fix this by passing env->insn_idx (instead of env->insn_idx + 1) to
push_stack(), so the pushed path re-executes the ALU instruction with
dst = 0 and naturally computes the correct result for any opcode.
Fixes:
|
|
|
Alexei Starovoitov
|
1abd3feb36 |
Merge branch 'bpf-fix-abs-int_min-undefined-behavior-in-interpreter-sdiv-smod'
Jenny Guanni Qu says:
====================
bpf: Fix abs(INT_MIN) undefined behavior in interpreter sdiv/smod
The BPF interpreter's signed 32-bit division and modulo handlers use
abs() on s32 operands, which is undefined for S32_MIN. This causes
the interpreter to compute wrong results, creating a mismatch with
the verifier's range tracking.
For example, INT_MIN / 2 returns 0x40000000 instead of the correct
0xC0000000. The verifier tracks the correct range, so a crafted BPF
program can exploit the mismatch for out-of-bounds map value access
(confirmed by KASAN).
Patch 1 introduces abs_s32() which handles S32_MIN correctly and
replaces all 8 abs((s32)...) call sites. s32 is the only affected
case -- the s64 handlers do not use abs().
Patch 2 adds selftests covering sdiv32 and smod32 with INT_MIN
dividend to prevent regression.
Changes since v4:
- Renamed __safe_abs32() to abs_s32() and dropped inline keyword
per Alexei Starovoitov's feedback
Changes since v3:
- Fixed stray blank line deletion in the file header
- Improved comment per Yonghong Song's suggestion
- Added JIT vs interpreter context to selftest commit message
Changes since v2:
- Simplified to use -(u32)x per Mykyta Yatsenko's suggestion
Changes since v1:
- Moved helper above kerneldoc comment block to fix build warnings
====================
Link: https://patch.msgid.link/20260311011116.2108005-1-qguanni@gmail.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
|
|
Jenny Guanni Qu
|
4ac95c65ef |
selftests/bpf: Add tests for sdiv32/smod32 with INT_MIN dividend
Add tests to verify that signed 32-bit division and modulo operations produce correct results when the dividend is INT_MIN (0x80000000). The bug fixed in the previous commit only affects the BPF interpreter path. When JIT is enabled (the default on most architectures), the native CPU division instruction produces the correct result and these tests pass regardless. With bpf_jit_enable=0, the interpreter is used and without the previous fix, INT_MIN / 2 incorrectly returns 0x40000000 instead of 0xC0000000 due to abs(S32_MIN) undefined behavior, causing these tests to fail. Test cases: - SDIV32 INT_MIN / 2 = -1073741824 (imm and reg divisor) - SMOD32 INT_MIN % 2 = 0 (positive and negative divisor) Reviewed-by: Jiayuan Chen <jiayuan.chen@linux.dev> Acked-by: Yonghong Song <yonghong.song@linux.dev> Signed-off-by: Jenny Guanni Qu <qguanni@gmail.com> Link: https://lore.kernel.org/r/20260311011116.2108005-3-qguanni@gmail.com Signed-off-by: Alexei Starovoitov <ast@kernel.org> |
|
|
Jenny Guanni Qu
|
c77b30bd1d |
bpf: Fix undefined behavior in interpreter sdiv/smod for INT_MIN
The BPF interpreter's signed 32-bit division and modulo handlers use
the kernel abs() macro on s32 operands. The abs() macro documentation
(include/linux/math.h) explicitly states the result is undefined when
the input is the type minimum. When DST contains S32_MIN (0x80000000),
abs((s32)DST) triggers undefined behavior and returns S32_MIN unchanged
on arm64/x86. This value is then sign-extended to u64 as
0xFFFFFFFF80000000, causing do_div() to compute the wrong result.
The verifier's abstract interpretation (scalar32_min_max_sdiv) computes
the mathematically correct result for range tracking, creating a
verifier/interpreter mismatch that can be exploited for out-of-bounds
map value access.
Introduce abs_s32() which handles S32_MIN correctly by casting to u32
before negating, avoiding signed overflow entirely. Replace all 8
abs((s32)...) call sites in the interpreter's sdiv32/smod32 handlers.
s32 is the only affected case -- the s64 division/modulo handlers do
not use abs().
Fixes:
|
|
Ihor Solodrai
|
a1e5c46eae |
selftests/bpf: Add tests for bpf_throw lock leak from subprogs
Add test cases to ensure the verifier correctly rejects bpf_throw from
subprogs when RCU, preempt, or IRQ locks are held:
* reject_subprog_rcu_lock_throw: subprog acquires bpf_rcu_read_lock and
then calls bpf_throw
* reject_subprog_throw_preempt_lock: always-throwing subprog called while
caller holds bpf_preempt_disable
* reject_subprog_throw_irq_lock: always-throwing subprog called while
caller holds bpf_local_irq_save
Assisted-by: Claude:claude-opus-4-6
Signed-off-by: Ihor Solodrai <ihor.solodrai@linux.dev>
Acked-by: Yonghong Song <yonghong.song@linux.dev>
Acked-by: Kumar Kartikeya Dwivedi <memxor@gmail.com>
Link: https://lore.kernel.org/r/20260320000809.643798-2-ihor.solodrai@linux.dev
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
|
|
|
Ihor Solodrai
|
6c2128505f |
bpf: Fix exception exit lock checking for subprogs
process_bpf_exit_full() passes check_lock = !curframe to
check_resource_leak(), which is false in cases when bpf_throw() is
called from a static subprog. This makes check_resource_leak() to skip
validation of active_rcu_locks, active_preempt_locks, and
active_irq_id on exception exits from subprogs.
At runtime bpf_throw() unwinds the stack via ORC without releasing any
user-acquired locks, which may cause various issues as the result.
Fix by setting check_lock = true for exception exits regardless of
curframe, since exceptions bypass all intermediate frame
cleanup. Update the error message prefix to "bpf_throw" for exception
exits to distinguish them from normal BPF_EXIT.
Fix reject_subprog_with_rcu_read_lock test which was previously
passing for the wrong reason. Test program returned directly from the
subprog call without closing the RCU section, so the error was
triggered by the unclosed RCU lock on normal exit, not by
bpf_throw. Update __msg annotations for affected tests to match the
new "bpf_throw" error prefix.
The spin_lock case is not affected because they are already checked [1]
at the call site in do_check_insn() before bpf_throw can run.
[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/kernel/bpf/verifier.c?h=v7.0-rc4#n21098
Assisted-by: Claude:claude-opus-4-6
Fixes:
|
|
Wolfram Sang
|
2f42e85622 |
i2c-fixes for v7.0-rc5
pxa: fix broken I2C communication on Armada 3700 with recovery fsi: fix device_node reference leak in probe cp2615: fix NULL-deref when serial string is missing -----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQScDfrjQa34uOld1VLaeAVmJtMtbgUCab49cQAKCRDaeAVmJtMt bjNKAP9ea6+Zln+AbQBqb4UD57U4VgwYWC8DWAJAys7h9by7VwEA8jNoBBO0TDnL /TdTF5y/4cr1OFey6sBhBw4dIhV5AAc= =KkcB -----END PGP SIGNATURE----- Merge tag 'i2c-host-fixes-7.0-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/andi.shyti/linux into i2c/for-current i2c-fixes for v7.0-rc5 pxa: fix broken I2C communication on Armada 3700 with recovery fsi: fix device_node reference leak in probe cp2615: fix NULL-deref when serial string is missing |
|
|
Linus Torvalds
|
113ae7b4de |
hwmon fixes for v7.0-rc5
- max6639: Fix pulses-per-revolution implementation - Several PMBus drivers: Add missing error checks -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEiHPvMQj9QTOCiqgVyx8mb86fmYEFAmm+sisACgkQyx8mb86f mYEqDg//ff19321ZzTRKq989qs2zqsUe3m8RzCPopLo7EIgWy79e5CdYh4KVs5jG BHjrSTVodx3yvtkgB6nIdC7SwEbrENmv94cOwujd/TuoWjDWJUQ+fA5KQeU8R1gu drv/oI3KGSEZVIjl7jsaVZdJfadSzBxUjTga1fPt1/Me5F2bbJxq/B7sr3iyW6qe C7oZMjXu8P7l5jgVnZ37zFIh8lMsrb2Sys0EWv7o1161/8u1WqeKydjBcwQ6dEQJ laqxMkE22xQE/faXD8fXQSsZc1V2upPUC2NdWOY41Kw7mZSdeUfbC3ZDnSPEun2m 2qkwtm0Yvr9Cdrl6GFjFK8cKsQ/fKIfgAtKmbG5Bm3G1vw4RcDa3aOs9Lkq6vf7m 57VxQ4fx8q03fakopbe8GYaQYMo4B3CkcGduFOEuffKQfH7+oK39cJxqq9e4m0FI OCdrIRG1WbUrF1Iupvq6kvGkJOpeiDjB1CTjkQZPV0R/vXgDk+3pRqbhLoR+V8Pf S1dd9TMRTJPizCV2/zrTuC8fpM1GVJqyiBS3Bj2qr+UrkSWT3aPoU6pUBQAEeFgs /qUhyt5nj5675xxGd5jDSYvyUObp+/Ic49ZRpCgmV8bBhLK8gY3r3MFZEcOijaW6 3GIUrQfFP7vYboVLUEvWoxvJT7S2ip5dAgxMtegN/gHrRAmKkvI= =213h -----END PGP SIGNATURE----- Merge tag 'hwmon-for-v7.0-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging Pull hwmon fixes from Guenter Roeck: - max6639: Fix pulses-per-revolution implementation - Several PMBus drivers: Add missing error checks * tag 'hwmon-for-v7.0-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging: hwmon: (max6639) Fix pulses-per-revolution implementation hwmon: (pmbus/isl68137) Fix unchecked return value and use sysfs_emit() hwmon: (pmbus/ina233) Add error check for pmbus_read_word_data() return value hwmon: (pmbus/mp2869) Check pmbus_read_byte_data() before using its return value hwmon: (pmbus/mp2975) Add error check for pmbus_read_word_data() return value hwmon: (pmbus/hac300s) Add error check for pmbus_read_word_data() return value |
|
|
Linus Torvalds
|
55d55b97c7 |
Bootconfig fixes for v7.0-rc4
- lib/bootconfig: check xbc_init_node() return in override path Fix to check error code of xbc_init_node() in override value path in xbc_parse_kv(). - tools/bootconfig: fix fd leak in load_xbc_file() on fstat failure Fix to close fd in fstat() failure path. -----BEGIN PGP SIGNATURE----- iQFPBAABCgA5FiEEh7BulGwFlgAOi5DV2/sHvwUrPxsFAmm+VJEbHG1hc2FtaS5o aXJhbWF0c3VAZ21haWwuY29tAAoJENv7B78FKz8buc4IAKJ+0JqUXHPomk/2RrlR 5eoyTJeMV1kKcejM1l0Y+D1z783XzcGsd0G0EHtGAMp7k76D/Fi4p25v1n2GVOlW xBs/9aRLCbemrG2gDjoVKzRQz25W+fURZT8pghlf+s2isWCBtleXdeV8i5rZY/z/ 7q7dvM6iHhP2Dv2hJ0S6fM+diruhAx4GhXBpVRnrEaM/+1ejjAplbg2r1SEkPOIl PMeIffO9wyQr7arpWfGEHjEuKBg3fkzitH2cpfmFNZ/XmWtEjn1vlHEsgqZlB8fG NoHhCLu0Sx/JxKdyd2FewfHay+heEz8TCkta9Cvep1QdFK9WrqxnJ9eA7PUsQqfy ECo= =6okO -----END PGP SIGNATURE----- Merge tag 'bootconfig-fixes-v7.0-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace Pull bootconfig fixes from Masami Hiramatsu: - Check error code of xbc_init_node() in override value path in xbc_parse_kv() - Fix fd leak in load_xbc_file() on fstat failure * tag 'bootconfig-fixes-v7.0-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace: tools/bootconfig: fix fd leak in load_xbc_file() on fstat failure lib/bootconfig: check xbc_init_node() return in override path |
|
|
Linus Torvalds
|
8991448e56 |
for-7.0-rc4-tag
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEE8rQSAMVO+zA4DBdWxWXV+ddtWDsFAmm+kPQACgkQxWXV+ddt
WDt5lw/+P36nlsFO1XoEuMCtE4nxibGpejg1h8OA9Huv3GtC2x7G2yjkaHqXEw32
A98BoEYI1nvieOHfhcD3685384xlH/dcItdxDIJJmbDWFM2n3H1ayXLDcsYQRg5Q
3oExe87r+MfYzYCzpV1xePz/0OAcwdn+KGav6ASs/PPhVfdN9kjgZwVsCfQAIGuk
cASPAx9SDUXjmD0f9OtBZqtOQt5eEF4Xvv3qvd/7/N5SpFyUMe3AeYE+2ttjrTUt
sw0KE0XTLMJuUVZY1dUyUSpOIADcdoHBcpkPCCwh9JnK7OIcx+vM0VAbxjFsgKFi
0kBRS1YdOeww6pQ88SCSLHk5xKbCsW1zGfF9lMKT7kUrLIFG01ddefmRXf4qQAni
w1cowxp2LrcdXgL8AMsAQ4DJVMy1wJ1IFThaL8ZBBdX2CphViYt0gChZwTpchMhz
GAtqcKSURGOADCvdAgkwERuaSSesdvjfsJ3IBF3ZjLSGTN8Wasj8FV7zOyjbOoEe
4SZa36X+MEkIQ4Nn3MoEHvK2wuox/rDxTWp96NADSUVvRBCqijVPRZFapw6H9rlO
zQorO1CAMIqxMC4dYxUDxMl8j2P/VwoaIsib6pVFidRzubI6vxk1dcZn82HKkh8a
ghIm8XlfsQNTZDS+ominlbxPCsyPIInS5tfgC69FcV4ktrnZz3k=
=MYi5
-----END PGP SIGNATURE-----
Merge tag 'for-7.0-rc4-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux
Pull btrfs fixes from David Sterba:
"Another batch of fixes for problems that have been identified by tools
analyzing code or by fuzzing. Most of them are short, two patches fix
the same thing in many places so the diffs are bigger.
- handle potential NULL pointer errors after attempting to read
extent and checksum trees
- prevent ENOSPC when creating many qgroups by ioctls in the same
transaction
- encoded write ioctl fixes (with 64K page and 4K block size):
- fix unexpected bio length
- do not let compressed bios and pages interfere with page cache
- compression fixes on setups with 64K page and 4K block size: fix
folio length assertions (zstd and lzo)
- remap tree fixes:
- make sure to hold block group reference while moving it
- handle early exit when moving block group to unused list
- handle deleted subvolumes with inconsistent state of deletion
progress"
* tag 'for-7.0-rc4-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux:
btrfs: reject root items with drop_progress and zero drop_level
btrfs: check block group before marking it unused in balance_remap_chunks()
btrfs: hold block group reference during entire move_existing_remap()
btrfs: fix an incorrect ASSERT() condition inside lzo_decompress_bio()
btrfs: fix an incorrect ASSERT() condition inside zstd_decompress_bio()
btrfs: do not touch page cache for encoded writes
btrfs: fix a bug that makes encoded write bio larger than expected
btrfs: reserve enough transaction items for qgroup ioctls
btrfs: check for NULL root after calls to btrfs_csum_root()
btrfs: check for NULL root after calls to btrfs_extent_root()
|
|
|
Linus Torvalds
|
a0c8317773 |
drm fixes for 7.0-rc5
core: - drm_dev_unplug UAF fix pagemap: - lock handling fix xe: - A number of teardown fixes - Skip over non-leaf PTE for PRL generation - Fix an unitialized variable - Fix a missing runtime PM reference i915/display: - Fix #15771: Screen corruption and stuttering on P14s w/ 3K display - Fix for PSR entry setup frames count on rejected commit - Fix OOPS if firmware is not loaded and suspend is attempted - Fix unlikely NULL deref due to DC6 on probe amdgpu: - Fix gamma 2.2 colorop TFs - BO list fix - LTO fix - DC FP fix - DisplayID handling fix - DCN 2.01 fix - MMHUB boundary fixes - ISP fix - TLB fence fix - Hainan pm fix radeon: - Hainan pm fix vmwgfx: - memory leak fix - doc warning fix imagination: - deadlock fix - interrupt handling fixes dw-hdmi-qp: - multi channel audio fix -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEEKbZHaGwW9KfbeusDHTzWXnEhr4FAmm95coACgkQDHTzWXnE hr4FIhAAnlsZwyEOv8yDMfYo45cMSL6/YWR2yKuCiOYLLM1gUBwgLwfvXnBVtjey 5yMrsZDLFTrGLfP+E4dUnwlcRQV6kPF0h5VnmIwwQIXQGVMHrsHEfvpGnhwZstx4 BtV0qsn2ESfFItgId2KffzJqFkCC5G1KrDbxYVLpwaLlNKJGINyiakeTsTYI9XtH mt1iARjX+74v/7Q2mkQ9UmYWXJrSqIeRkqxf9DcYIvLkAU00BiY8yJ6pagxDbTnf dzw6Qvn58gKphg9O6WQxi4pJCATA5eP/mXkLrUpF9KtLuNHntedyDymCuSH3K7xL K7AcflW6Rz2XSKZE9+IosWjlvZo6Dfx69vn00V7zqFFNyF8iya12+t9WIjJ2il/b WRCBxccCPCBpEAPm+07rrc9QtAv/ck6LlJBbeLANmMjX/K6nakY5puvrrblaLge2 u3fH9Y40kSYmEdx0HLik1wa7RGqcxBO7GnRI1bndU0T5ICrl90JJx16fuYpqmTxV b87rjNW995EFVEUZppazEln6zuFvj0vScs55y8zQswQaXu89ZOEC5Y8yM7/OO3Yq /Ki7q/1WMK2/t6Y2flJWfcJt7RAXUUXohcd4+GinwCEaydUoK8TWoYF2N0HLvCHZ zIk6C7O3FNUBskw7BzPLmBMvm4+OVBXRNH6ZvCZheNUjEekwFoI= =U8gh -----END PGP SIGNATURE----- Merge tag 'drm-fixes-2026-03-21' of https://gitlab.freedesktop.org/drm/kernel Pull drm fixes from Dave Airlie: "Regular weekly pull request, from sunny San Diego. Usual suspects in xe/i915/amdgpu with small fixes all over, then some minor fixes across a few other drivers. It's probably a bit on the heavy side, but most of the fix seem well contained, core: - drm_dev_unplug UAF fix pagemap: - lock handling fix xe: - A number of teardown fixes - Skip over non-leaf PTE for PRL generation - Fix an uninitialized variable - Fix a missing runtime PM reference i915/display: - Fix #15771: Screen corruption and stuttering on P14s w/ 3K display - Fix for PSR entry setup frames count on rejected commit - Fix OOPS if firmware is not loaded and suspend is attempted - Fix unlikely NULL deref due to DC6 on probe amdgpu: - Fix gamma 2.2 colorop TFs - BO list fix - LTO fix - DC FP fix - DisplayID handling fix - DCN 2.01 fix - MMHUB boundary fixes - ISP fix - TLB fence fix - Hainan pm fix radeon: - Hainan pm fix vmwgfx: - memory leak fix - doc warning fix imagination: - deadlock fix - interrupt handling fixes dw-hdmi-qp: - multi channel audio fix" * tag 'drm-fixes-2026-03-21' of https://gitlab.freedesktop.org/drm/kernel: (40 commits) drm/xe: Fix missing runtime PM reference in ccs_mode_store drm/xe: Open-code GGTT MMIO access protection drm/xe/lrc: Fix uninitialized new_ts when capturing context timestamp drm/xe/oa: Allow reading after disabling OA stream drm/xe: Skip over non leaf pte for PRL generation drm/xe/guc: Ensure CT state transitions via STOP before DISABLED drm/xe: Trigger queue cleanup if not in wedged mode 2 drm/xe: Forcefully tear down exec queues in GuC submit fini drm/xe: Always kill exec queues in xe_guc_submit_pause_abort drm/xe/guc: Fail immediately on GuC load error drm/i915/gt: Check set_default_submission() before deferencing drm/radeon: apply state adjust rules to some additional HAINAN vairants drm/amdgpu: apply state adjust rules to some additional HAINAN vairants drm/amdgpu: rework how we handle TLB fences drm/bridge: dw-hdmi-qp: fix multi-channel audio output drm: Fix use-after-free on framebuffers and property blobs when calling drm_dev_unplug drm/amdgpu: Fix ISP segfault issue in kernel v7.0 drm/amdgpu/gmc9.0: add bounds checking for cid drm/amdgpu/mmhub4.2.0: add bounds checking for cid drm/amdgpu/mmhub4.1.0: add bounds checking for cid ... |
|
Guenter Roeck
|
e7bae9a7a5 |
hwmon: (max6639) Fix pulses-per-revolution implementation
The valid range for the pulses-per-revolution devicetree property is
1..4. The current code checks for a range of 1..5. Fix it.
Declare the variable used to retrieve pulses per revolution from
devicetree as u32 (unsigned) to match the of_property_read_u32() API.
The current code uses a postfix decrement when writing the pulses per
resolution into the chip. This has no effect since the value is evaluated
before it is decremented. Fix it by decrementing before evaluating the
value.
Fixes:
|
|
|
Linus Torvalds
|
42bddab056 |
execve fixes for v7.0-rc5
- binfmt_elf_fdpic: fix AUXV size calculation (Andrei Vagin) - fs/tests: exec: Remove bad test vector -----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQRSPkdeREjth1dHnSE2KwveOeQkuwUCab2QFAAKCRA2KwveOeQk u3HZAP9zyjDeIYZoszNMEjkbkX6BpAFfNE/OvPKCKGqnwAqJhwD/WBpgsY1ThUnG yS9rv2hbxXBoVHcdG7hCRON+lu/AsQE= =ksko -----END PGP SIGNATURE----- Merge tag 'execve-v7.0-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux Pull execve fixes from Kees Cook: - binfmt_elf_fdpic: fix AUXV size calculation (Andrei Vagin) - fs/tests: exec: Remove bad test vector * tag 'execve-v7.0-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: fs/tests: exec: Remove bad test vector binfmt_elf_fdpic: fix AUXV size calculation for ELF_HWCAP3 and ELF_HWCAP4 |
|
|
Linus Torvalds
|
d46d5c8383 |
TTY/Serial fixes for 7.0-rc5
Here are some small tty/vt and serial driver fixes for 7.0-rc5. Included in here are: - 8250 driver fixes for reported problems - serial core lockup fix - uartlite driver bugfix - vt save/restore bugfix All of these have been in linux-next for over a week with no reported problems. Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> -----BEGIN PGP SIGNATURE----- iG0EABECAC0WIQT0tgzFv3jCIUoxPcsxR9QN2y37KQUCab2Cvw8cZ3JlZ0Brcm9h aC5jb20ACgkQMUfUDdst+ymT9ACeOSlIKi+7583DFXnaH5yYUWv62pIAn2YGM1+I ARhW4c21Fy1po3m3DFTv =gXlW -----END PGP SIGNATURE----- Merge tag 'tty-7.0-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty Pull tty/serial fixes from Greg KH: "Here are some small tty/vt and serial driver fixes for 7.0-rc5. Included in here are: - 8250 driver fixes for reported problems - serial core lockup fix - uartlite driver bugfix - vt save/restore bugfix All of these have been in linux-next for over a week with no reported problems" * tag 'tty-7.0-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty: vt: save/restore unicode screen buffer for alternate screen serial: 8250_dw: Ensure BUSY is deasserted serial: 8250: Add late synchronize_irq() to shutdown to handle DW UART BUSY serial: 8250_dw: Rework IIR_NO_INT handling to stop interrupt storm serial: 8250_dw: Rework dw8250_handle_irq() locking and IIR handling serial: 8250: Add serial8250_handle_irq_locked() serial: 8250_dw: Avoid unnecessary LCR writes serial: 8250: Protect LCR write in shutdown serial: 8250_pci: add support for the AX99100 serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN serial: uartlite: fix PM runtime usage count underflow on probe serial: 8250: always disable IRQ during THRE test serial: 8250: Fix TX deadlock when using DMA |
|
Kyle Meyer
|
1f6aa5bbf1 |
x86/platform/uv: Handle deconfigured sockets
When a socket is deconfigured, it's mapped to SOCK_EMPTY (0xffff). This causes
a panic while allocating UV hub info structures.
Fix this by using NUMA_NO_NODE, allowing UV hub info structures to be
allocated on valid nodes.
Fixes:
|
|
|
Linus Torvalds
|
c612261bed |
io_uring-7.0-20260320
-----BEGIN PGP SIGNATURE----- iQJEBAABCAAuFiEEwPw5LcreJtl1+l5K99NY+ylx4KYFAmm9O2oQHGF4Ym9lQGtl cm5lbC5kawAKCRD301j7KXHgprb2D/9EM91W+zo0M+6Xjs+A/YaHETDdSUUQwyuT B8ZNHEHwkB3TdLHxPvFDopf8bC8IFy1T3GhGkHgq/Uvh7hx9oYTvVrV1xjXCqW/W mpP5bgguJYlOTwFW2lYFWQTI5CZDletOeWbng00ecAZPoVVSjJx+KNVFm3DntYSR WeO20Y/OWXZ6vFu4b7825lHFYgVVPdO1iy2X5HYx4XHlWOjj7LK7KW2UDai4lPIF w1IjsOk8Cv7Wj38qYB2d3dMlgryER0dF1Hf2N+1awh1FFjlsiZ+YbLnrTiFyKwa0 zip6ejDXwpevS6/FmCa6u19/DHxQ0WgvEZOwQlMyggCrIdaqN01LMGhCkleTev72 demfEKA71avcG1gWmJLX9aNGfkY0rXT0Q9ArLk8FTPXnImnXQdJDfeLuql0ExMrL 2MWkhJS4Dvp4MDERq0WwOdPrAMiDrG9O6DnHQBZYZjJuuqljF2LWb6Dbj7V9gO+M ePADlnKhR4o0MKvTcFqeM33kKIkdwSNzDvcLO+gnAeDxNFQsCyDSm8erGj+LEMfN LA2668ZWF24plKmWbEq1IZaw8P9CM5AqD6+QCIB+XPge9JNxzpeUuAfTkwuNp+bz V5vDw3RQ8p65cxhhD34rqor/KGN5WlSOYTrp9aU4BNIse9S/o8XAyPcR3ywZChYJ OHvT3W4O3g== =xEWR -----END PGP SIGNATURE----- Merge tag 'io_uring-7.0-20260320' of git://git.kernel.org/pub/scm/linux/kernel/git/axboe/linux Pull io_uring fixes from Jens Axboe: - A bit of a work-around for AF_UNIX recv multishot, as the in-kernel implementation doesn't properly signal EOF. We'll likely rework this one going forward, but the fix is sufficient for now - Two fixes for incrementally consumed buffers, for non-pollable files and for 0 byte reads * tag 'io_uring-7.0-20260320' of git://git.kernel.org/pub/scm/linux/kernel/git/axboe/linux: io_uring/kbuf: propagate BUF_MORE through early buffer commit path io_uring/kbuf: fix missing BUF_MORE for incremental buffers at EOF io_uring/poll: fix multishot recv missing EOF on wakeup race |
|
Vladimir Oltean
|
63f8b60151 |
x86/entry/vdso: Fix path of included gettimeofday.c
Commit in Fixes forgot to convert one include path to be relative to the
kernel source directory after adding latter to flags-y.
Fix it.
[ bp: Rewrite commit message. ]
Fixes:
|
|
|
Linus Torvalds
|
9f582e3971 |
spi: Fixes for v7.0
There's a couple of core fixes here from Johan, fixing a race condition and an error handling path, plus a bunch of driver specific fixups. The Qualcomm issues could be nasty if you ran into them, especially the DMA ordering one. -----BEGIN PGP SIGNATURE----- iQEzBAABCgAdFiEEreZoqmdXGLWf4p/qJNaLcl1Uh9AFAmm9XnoACgkQJNaLcl1U h9ASGAf+KTVWK/fSs+ncmlYaPfyhcms1hBri21XmuN1mYV5UFoCqEo4tUgy3HtHi tZsWM+rPNYbbUk8GiR2G9NJeUIlo6nvna8/v2gt5zVo/+M9nx37ZpkZrIohonpCr qwyMZIbgHSBQRJMnt6sIDiWtcibVN1CZsm9E9FK9ubIyN22SXcBNIW6mzG2Z9kuc 8BB5ls+pXh12X3z1eoBWoHX7a0kFcjDwSHhZqfgU0/DQxcKCi3TnLtRfiCG8AFsE z91XODOZ9CHLWIvu/FREE7zFgiUI35dBPX552L5IAmTCPQpZEX/stBJCJzXjerrK mhCGCFnS/hhzo2oE86BWmo0OWProXQ== =ipO+ -----END PGP SIGNATURE----- Merge tag 'spi-fix-v7.0-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi Pull spi fixes from Mark Brown: "There's a couple of core fixes here from Johan, fixing a race condition and an error handling path, plus a bunch of driver specific fixups. The Qualcomm issues could be nasty if you ran into them, especially the DMA ordering one" * tag 'spi-fix-v7.0-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi: spi: geni-qcom: Check DMA interrupts early in ISR spi: fix statistics allocation spi: fix use-after-free on controller registration failure spi: geni-qcom: Fix CPHA and CPOL mode change detection spi: axiado: Fix double-free in ax_spi_probe() spi: amlogic-spisg: Fix memory leak in aml_spisg_probe() spi: amlogic: spifc-a4: Remove redundant clock cleanup |
|
|
Linus Torvalds
|
007fe23215 |
regulator: Fix for v7.0
Just one fix here from Hugo Villeneuve, the documentation for some of the regulator DT properties had been cut'n'pasted so that if anyone actually read it they'd be informed that those properties had completely incorrect meanings. -----BEGIN PGP SIGNATURE----- iQEzBAABCgAdFiEEreZoqmdXGLWf4p/qJNaLcl1Uh9AFAmm9XwcACgkQJNaLcl1U h9B8DAf8C5ZYj4Y8/nXzZG2ddJI5EmI1v+aGYGV1m9wA/c/AzxGTxXHOdETDmm4d PR0zHf8EgOQDPXRdwbJXn2ikKfq3gnZJZJZ28I+mG9sXHDshCPcHeZi8oivcs3iE HEYfu3DOyGiJBDTM/rlSH5ABzphQiJPNOX/3cyuDn34BMZ6XHCmRMIw3UWulZOj+ g6D5/zPqG0PvqocZ+/pBEZXty8Qag8I8pEZrTkjRvJZwTCI+QZsa8IubFCDHyuzF pGtK/lc0Dkz4tjUORohaY8sOX8wrNZS83GUkbtR2xJaHrQr+GoQDk7kkBsHkTKTR ZTAxwUlDNB7cZ3V5Zs5l10PpOWPPJQ== =6Zn8 -----END PGP SIGNATURE----- Merge tag 'regulator-fix-v7.0-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator Pull regulator fix from Mark Brown: "Just one fix here from Hugo Villeneuve, the documentation for some of the regulator DT properties had been cut'n'pasted so that if anyone actually read it they'd be informed that those properties had completely incorrect meanings" * tag 'regulator-fix-v7.0-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator: regulator: dt-bindings: fix typos in regulator-uv-* descriptions |
|
|
Linus Torvalds
|
c715f13bb3 |
pmdomain providers:
- bcm: Increase ASB control timeout for bcm2835 - mediatek: Fix power domain count -----BEGIN PGP SIGNATURE----- iQJLBAABCgA1FiEEugLDXPmKSktSkQsV/iaEJXNYjCkFAmm9KSkXHHVsZi5oYW5z c29uQGxpbmFyby5vcmcACgkQ/iaEJXNYjCmNvQ//YrJVq4giZeGSGQJ9LjPWN4gp YFkwTSWBpav751hx5xp9d7ua7pPZ+Z+FoKVYIHQvgsHqQv4eQqYa3kpeHLiUYBIW oLbRXIj2kyEOXAMUqhtHLN0E3dCM14sB6lsRi7yGJEXo8CD1hML1G6g2zxzwKpCC 2zBTKbU4T30/eL+3/X45+uN46oREpx32oeiHpKF6UBLWScjmDuSXllt64cTPCTMr LX2X67DEL72tlGeVNYZLxMpV4M0BY0v1AMO64cbTpiJDo/AmmTnWROOqHLb0m8I1 HqnHq8fWu7qXPwDM7zsxi9GY4kdBk4hCZouVA69SL+/9AVFI9Xx4TK99jqsZq7tM IePRE+5aCHgtcGiP290yxFfpSqzuCBil8xFm97FDdrMfMczO9B2Djf4jYNm+0vuy ZKuLw7TX6EsNrEwMILlb704T9xOUPfj2vVht7SnCWLigRL5ovZAMYgJUAfyyN3Q6 G3ilm6QwNgxV/epoA9XzBUhdV5AMxCbtCbM14zaaoq4bxFZeRO2G8L+7RVQZDpLW i5TdUDRO9U169BvosKB48UE22XBH3R+0ktbXB6y2+BjDLtTt9bpGcWVC9YTMrDHs uX62v0jLjmzCECV1KjJ61xQeL2uiTtrTVasSlfazJmYGoFoEjJh2heIizaXfuXqX gAsC+WMyQYKE8jR2JKQ= =JfPZ -----END PGP SIGNATURE----- Merge tag 'pmdomain-v7.0-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/linux-pm Pull pmdomain fixes from Ulf Hansson: - bcm: increase ASB control timeout for bcm2835 - mediatek: fix power domain count * tag 'pmdomain-v7.0-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/linux-pm: pmdomain: bcm: bcm2835-power: Increase ASB control timeout pmdomain: mediatek: Fix power domain count |
|
|
Linus Torvalds
|
d07252736a |
MMC host:
- sdhci: Fix timing selection for 1-bit bus width - sdhci-pci-gli: Fix DMA write corruption for GL9750 -----BEGIN PGP SIGNATURE----- iQJLBAABCgA1FiEEugLDXPmKSktSkQsV/iaEJXNYjCkFAmm9JO8XHHVsZi5oYW5z c29uQGxpbmFyby5vcmcACgkQ/iaEJXNYjCkTARAAozLbnfAFn/pRWI9HerC9+d+1 9ouMW9DPjBOCzRCaT2/Soj4ppphQ8InXOuXT1i0xFVFp5Aw/uX4hpLTcPeF/MP/h +8lcDGOxeM9CcyiiP53Z3/wpsi0Alx/UERTtxolJ9l0SMj0JsSNhGA7F5Kl3QxCh 8y5e6UZpme1RuG8/ftaHjGx423F5591dSUt5ihd5VSW+Or7MJ+SgXcIXtgh23e3w dSt7ccEaDqH0BBD/dqA7AIKDv2+WI9CWjJvGiSMDmNR7T7KBi7oj7Gm4lqvTAp+D 2t05S+ywARAvzgzS06DmjNKUti+Zx3k1HevhwADA3LObYC92JLxXd5NLzpuY4upU sHBEJiSDz3kV9fJJKG84OuHMaNmpuA+9q4LW4bgxk8j3hZTipICpQmnXcpOqLDI4 XHNDrQoMfZ7f6JtoeOVxvP+z7v6mtNNbuMnPaqdlJ5pLzFitbz/yB8Qcjb3WbuP6 XNT/lkF3JbMbQ+4TnMYFtSheD4fqOWO1m8yIcA9OeMwphhL50ISNSH9mj5njOByw 3sA2gOuFgHdeA1Mysn0flcbEXHr3Ecp6xdHtlCBbLOVgCwxF1yXFiF7AQsUXiPYZ re1E5FH/srXSeAeLSezBysZdu6ej1evjFfjjZCHkJBVLYDc2vs0iDjF0kXoyEwF7 QxjpsdvCthw4eCHZ1sA= =Aa4Z -----END PGP SIGNATURE----- Merge tag 'mmc-v7.0-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc Pull MMC fixes from Ulf Hansson: - sdhci: Fix timing selection for 1-bit bus width - sdhci-pci-gli: Fix DMA write corruption for GL9750 * tag 'mmc-v7.0-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc: mmc: sdhci: fix timing selection for 1-bit bus width mmc: sdhci-pci-gli: fix GL9750 DMA write corruption |