Commit Graph

1251027 Commits

Author SHA1 Message Date
Linus Torvalds
90d35da658 Linux 6.8-rc7 2024-03-03 13:02:52 -08:00
Linus Torvalds
58c806d867 phy second set of fixes for 6.8
- Driver fixes for
    - qcom: m31 pointer err fix, eusb2 fix redundant zero-out loop and v3
      offset fix on qmp-usb
    - freescale: fix for dphy alias
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEE+vs47OPLdNbVcHzyfBQHDyUjg0cFAmXkq3wACgkQfBQHDyUj
 g0fl7g//ZtyACrr3ngykyKoLfSP31lnye6fDgoo5h80Qx37hTTtn7a5JepiSyFj1
 UzeCE11MI9kpDgYL5hF2agNipb7K04jOgH8RQsAcBuUNGNWSdLnSXMU3yC6amdQM
 XiPuM8IARrHaWMP2KLXo/CC/qLFquq6M9GBY11wFE9gg4rt/HDeiYAin9lv2REdy
 C3yAoXxPTOEv8B8MvbVrZTciybFSWFONpBR/qCnXFKC5f+ieXGjKcjiQXGaKQBZJ
 mqHpl5Qg2RbTBqCfRAS9S7ldONzp317K4Hm3ehdVMJnY+VoqoNKg0nS+35OU0I+P
 EO62h7JEIBzVUu2HUJ6UZsBpu7GD/kG5s32Tlig3/i3YaP7pGaBXp18//t6F6ViV
 d9rLLaCLdMrVVFHJwHVwLinT/y5kydIKdGUQSWf1gisa+69dto806OqSQvl0YgAk
 XuvKBti0mTSXK8GbQCqYQtvjPNPFZLpdDgST6L81CawmudD/KbLK3KMUJHYiRaBi
 i6qlCpSfKcjb531tdNSytmX0GARcwYeMkGTUxjI4CjB0B4fXrlfIjd+ruu9GyiZx
 AxyChrMGqx0GWKq4cmjZ5H53n7a6cN4bHIiaEAtTWXfxAWrqb5r2brePy75m9UUx
 xuRMdzEzph/6fyT1OygRWh4jNuIkc0pyT0DcQiEySjAzNfQC1VA=
 =jXqZ
 -----END PGP SIGNATURE-----

Merge tag 'phy-fixes2-6.8' of git://git.kernel.org/pub/scm/linux/kernel/git/phy/linux-phy

Pull phy fixes from Vinod Koul:

  - qcom: m31 pointer err fix, eusb2 fix redundant zero-out loop and v3
    offset fix on qmp-usb

  - freescale: fix for dphy alias

* tag 'phy-fixes2-6.8' of git://git.kernel.org/pub/scm/linux/kernel/git/phy/linux-phy:
  phy: qcom-qmp-usb: fix v3 offsets data
  phy: qualcomm: eusb2-repeater: Rework init to drop redundant zero-out loop
  phy: qcom: phy-qcom-m31: fix wrong pointer pass to PTR_ERR()
  phy: freescale: phy-fsl-imx8-mipi-dphy: Fix alias name to use dashes
2024-03-03 09:56:49 -08:00
Linus Torvalds
d57dd2d24d dmaengine second set of fixes for v6.8
Driver fixes for:
  - dw-edma fixes to improve driver and remote HDMA setup
  - fsl-edma fixes for SoC hange, irq init and byte calculations
    and sparse fixes
  - idxd: safe user copy of completion record fix
  - ptdma: consistent DMA mask fix
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEE+vs47OPLdNbVcHzyfBQHDyUjg0cFAmXkqM4ACgkQfBQHDyUj
 g0flMg//bgnkYdt/Y4nDbJxPobQHSOLl86GbD9mIddeocwdsA/QQ4uz/WzN+rngY
 0M7/7Zfq+RMq6lfesLMJ5DXycYBGIMQYZ1ItpIL4Xw3sSo2i6qFn18dSqbesRpkB
 bsfdrbqCEHWwghkBszoTGXGx24XRdQzTUmMziL9jqdIvXXf5HCKeGSZnC5L6ssxs
 JfdCee7ZSPK6gOVlBlN8zjzG8ZI2bwH+B1okyZwWljorPInr8UQ3ysR3neEUab6O
 JMzVmp46LhTQmHEZxzBbfR18rbVhr0xRRs78UwJPhPrgp9PFOkxdLl9lGDh8Fa2x
 jApi9cl5rSrW2bEv5fe8k5EM64G9G5arJU9F6+Goqm39ftDTktKBPhwmIR/NqOZF
 AHmW2c+0trDMOg099oWd+ozgbMkdbrdjf6BA9vSLKsXLTFHDZEA1fEKifJP5NCSQ
 ZQJVpQn0wiBOQSJxpr4mbk/n5JeKzt/uyQSF8Qo8Kp9OWXiNrjWzJ0bZnVafkTlU
 E91WGiGjYQmh28DV432IM07IXVKLtIMa/BXuWMhOZY+/HUJK/AaRStxEB5kkLJDm
 EExDe23Rviu0lXDW4cH+R14d4L/9EJY87Ynm2p85rOj/rnwW9gWyu3BwD3aBXa2e
 yKlng355WCBISMl8wXpeMQe1/yaxf48YLdrmdLD95bT0w5Dc0gc=
 =mX0o
 -----END PGP SIGNATURE-----

Merge tag 'dmaengine-fix2-6.8' of git://git.kernel.org/pub/scm/linux/kernel/git/vkoul/dmaengine

Pull dmaengine fixes from Vinod Koul:

 - dw-edma fixes to improve driver and remote HDMA setup

 - fsl-edma fixes for SoC hange, irq init and byte calculations and
   sparse fixes

 - idxd: safe user copy of completion record fix

 - ptdma: consistent DMA mask fix

* tag 'dmaengine-fix2-6.8' of git://git.kernel.org/pub/scm/linux/kernel/git/vkoul/dmaengine:
  dmaengine: ptdma: use consistent DMA masks
  dmaengine: fsl-qdma: add __iomem and struct in union to fix sparse warning
  dmaengine: idxd: Ensure safe user copy of completion record
  dmaengine: fsl-edma: correct max_segment_size setting
  dmaengine: idxd: Remove shadow Event Log head stored in idxd
  dmaengine: fsl-edma: correct calculation of 'nbytes' in multi-fifo scenario
  dmaengine: fsl-qdma: init irq after reg initialization
  dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read
  dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup
  dmaengine: dw-edma: HDMA: Add sync read before starting the DMA transfer in remote setup
  dmaengine: dw-edma: Add HDMA remote interrupt configuration
  dmaengine: dw-edma: HDMA_V0_REMOTEL_STOP_INT_EN typo fix
  dmaengine: dw-edma: Fix wrong interrupt bit set for HDMA
  dmaengine: dw-edma: Fix the ch_count hdma callback
2024-03-03 09:54:03 -08:00
Linus Torvalds
e4f7900095 powerpc fixes for 6.8 #5
- Fix IOMMU table initialisation when doing kdump over SR-IOV.
 
  - Fix incorrect RTAS function name for resetting TCE tables.
 
  - Fix fpu_signal selftest failures since a recent change.
 
 Thanks to: Gaurav Batra, Nathan Lynch.
 -----BEGIN PGP SIGNATURE-----
 
 iQJHBAABCAAxFiEEJFGtCPCthwEv2Y/bUevqPMjhpYAFAmXkauwTHG1wZUBlbGxl
 cm1hbi5pZC5hdQAKCRBR6+o8yOGlgLTSD/4/boNe5MtrGgk6RtxnyWJv/p9KCMcC
 rRTa5pSR6HFVK3m89V17O0onL8aKyIljO5P3rDS8X4SUhr41Z9b9/FUoHv277E7a
 f7hgX4/901DYiMLJEt9jkfmM30IxTYkPmlft0Uus/NiesNdTcdQOO4UScSysnZac
 0HM1POp32KSC2HQRc/i+WIshRnaZcC+f0PPTU/qfS/u7/pwK4eekWdayLNvvvSvH
 TfjV5Hu4JVDF7hBLsoY4PdqVQGVD3t3d1D5+UrhHuYzPx+Afc8rIDfJx/+o339W6
 ZTXrRPOfiticfhHQvMX1AgsYr3/A0BbZj/wCvv+pPsCjZPfox9XsW6CgiMKUxVDf
 ifrBhvNx0fICMf+cEjH9q2dcGwMba7dZTX5HBlSXR4xLeNitUI8pt6bYCaqw7UjH
 ohwl9aAI7Rl1hcW6qBaviKaIDqhbmj3N4B4ZdgMAKj2gnovbF9gUSG3ARLwEjsqB
 qfd0c3x6UUThj4vYfGC/iI1z1LCXC8myqof6EGArLTc13R9vFv+ycx5FwERvAxtY
 ALNBh6LMIkKI5z8ZrGWULoXHoS2QrE1SXpQ5ooH2g9n+vLibd37JdJNcrEMf/TJZ
 PluhRCJcEWkw98aUSzIoRFIFpZ2wMg/uzg3KZePhRus3GhgttTqFTbrcKHhyONBO
 pq/EDB8FizZ9/A==
 =MSDF
 -----END PGP SIGNATURE-----

Merge tag 'powerpc-6.8-5' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux

Pull powerpc fixes from Michael Ellerman:

 - Fix IOMMU table initialisation when doing kdump over SR-IOV

 - Fix incorrect RTAS function name for resetting TCE tables

 - Fix fpu_signal selftest failures since a recent change

Thanks to Gaurav Batra and Nathan Lynch.

* tag 'powerpc-6.8-5' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux:
  selftests/powerpc: Fix fpu_signal failures
  powerpc/rtas: use correct function name for resetting TCE tables
  powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV
2024-03-03 09:47:19 -08:00
Linus Torvalds
73d35f8335 - Do not reserve SETUP_RNG_SEED setup data in the e820 map as it should
be used by kexec only
 
 - Make sure MKTME feature detection happens at an earlier time in the
   boot process so that the physical address size supported by the CPU is
   properly corrected and MTRR masks are programmed properly, leading to
   TDX systems booting without disable_mtrr_cleanup on the cmdline
 
 - Make sure the different address sizes supported by the CPU are read
   out as early as possible
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEEzv7L6UO9uDPlPSfHEsHwGGHeVUoFAmXkVjkACgkQEsHwGGHe
 VUqSfg//XGV970NhxR3kLW7I+MvQsQDwWA61u+XpyCFdTZDOWKo17ZndR2/exHXI
 fjnpnS8SP3Dgib0wrWfqBAqmcDkN5laBIpvceH+l57NXi0Jep1leSunRBFS22jxT
 1/FqKFlOka9SG4aMJRD4xhG2Y9TO2uLqjPam7gZkdLbI7TIfIACEm4JPqWu4wLQo
 JKeoYmlSkSC5kbHMOXpIKBSzUCm4cKSU39uZRxIhpZf50nXiJf25IAlDFlVZ5uBw
 p5S2Rm4jF4eekRMArG76c61AMsdIg9kcp2OZ4Kop/t1Ouo96pap+h1G6c6Xi73zi
 WX99roTuS5FoBCguDmkxi2Hx8HU8PQGbzIAuwoTtPc6u9XHDdmXQZEvhZxIn/by8
 fjhZd4DCfmqBoasR+AaX8YzK0j5ypp8BKcFCKmvWzqVR+aMB16lxGj62xyUsvbry
 gvd6GezMn8WODXjUOa27gmh+YhOJboX2hozf6FhqItBGEnvGpsWDdMfViO5/AZnk
 T0KZxwH5OpD/CrPG1TYSWynz5vLSHSIaj2Y7iXFHfYu9s6yW3E/jZsWt33Qaag96
 sBt8/YlFR82gU8mbpmg0epJ7s6OLtGmfuoujFMfl0fK+OoLLtzOA+VZPX6Ud0Vrg
 9NMY6Q8szKqDDH68DZuj7OSbf6i9NlZI/AiHpGzH3bT77iHknnI=
 =fmsi
 -----END PGP SIGNATURE-----

Merge tag 'x86_urgent_for_v6.8_rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip

Pull x86 fixes from Borislav Petkov:

 - Do not reserve SETUP_RNG_SEED setup data in the e820 map as it should
   be used by kexec only

 - Make sure MKTME feature detection happens at an earlier time in the
   boot process so that the physical address size supported by the CPU
   is properly corrected and MTRR masks are programmed properly, leading
   to TDX systems booting without disable_mtrr_cleanup on the cmdline

 - Make sure the different address sizes supported by the CPU are read
   out as early as possible

* tag 'x86_urgent_for_v6.8_rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  x86/e820: Don't reserve SETUP_RNG_SEED in e820
  x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers
  x86/cpu: Allow reducing x86_phys_bits during early_identify_cpu()
2024-03-03 09:43:03 -08:00
Linus Torvalds
04b8076df2 firewire-fixes-6.8-rc7
A workaround to suppress the continuous bus resets in the case that older
 devices are connected to the modern 1394 OHCI hardware and devices
 
 In IEEE 1394 Amendment (IEEE 1394a-2000), the short bus reset is added to
 resolve the shortcomings of the long bus reset in IEEE 1394-1995. However,
 it is well-known that the solution is not necessarily effective in the
 mixing environment that both IEEE 1394-1995 PHY and IEEE 1394a-2000 (or
 later) PHY exist, as described in section 8.4.6.2 of IEEE 1394a-2000.
 
 The current implementation of firewire stack schedules the short bus
 reset when attempting to resolve the mismatch of gap count in the certain
 generation of bus topology. It can cause the continuous bus reset in the
 issued environment.
 
 The workaround simply uses the long bus reset instead of the short bus
 reset. It is desirable to detect whether the issued environment or not.
 However, the way to access PHY registers from remote note is firstly
 defined in IEEE 1394a-2000, thus it is not available in the case.
 -----BEGIN PGP SIGNATURE-----
 
 iHUEABYKAB0WIQQE66IEYNDXNBPeGKSsLtaWM8LwEwUCZeOqLAAKCRCsLtaWM8Lw
 E2rLAQDJiYNXItCD0Q+RISEH7mtrfXmx/f4Tb1Uf9lBtKzOKIAD/Vn0H5WRrj5Qx
 fuTb70AD2zRb4zpTM65hOdYBEQ4TnAE=
 =T3IO
 -----END PGP SIGNATURE-----

Merge tag 'firewire-fixes-6.8-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394

Pull firewire fixes from Takashi Sakamoto:
 "A workaround to suppress the continuous bus resets in the case that
  older devices are connected to the modern 1394 OHCI hardware and
  devices

  In IEEE 1394 Amendment (IEEE 1394a-2000), the short bus reset is added
  to resolve the shortcomings of the long bus reset in IEEE 1394-1995.
  However, it is well-known that the solution is not necessarily
  effective in the mixing environment that both IEEE 1394-1995 PHY and
  IEEE 1394a-2000 (or later) PHY exist, as described in section 8.4.6.2
  of IEEE 1394a-2000.

  The current implementation of firewire stack schedules the short bus
  reset when attempting to resolve the mismatch of gap count in the
  certain generation of bus topology. It can cause the continuous bus
  reset in the issued environment.

  The workaround simply uses the long bus reset instead of the short bus
  reset. It is desirable to detect whether the issued environment or
  not. However, the way to access PHY registers from remote note is
  firstly defined in IEEE 1394a-2000, thus it is not available in the
  case"

* tag 'firewire-fixes-6.8-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394:
  firewire: core: use long bus reset on gap count error
2024-03-02 15:18:02 -08:00
Linus Torvalds
4640e2be39 Changes for 6.8-rc7:
* Drop experimental warning for FSDAX.
 
 Signed-off-by: Chandan Babu R <chandanbabu@kernel.org>
 -----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQQjMC4mbgVeU7MxEIYH7y4RirJu9AUCZd1uBAAKCRAH7y4RirJu
 9Io/AP9+wwQRMgBT4gmCtUytpYgjZaEs8D3pVN+B9cV2OGzBzwD+Oek5ax/rKFRr
 62gcdMwAIRX7AQMQTOdkcyp/q0UslgY=
 =6sb7
 -----END PGP SIGNATURE-----

Merge tag 'xfs-6.8-fixes-4' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux

Pull xfs fix from Chandan Babu:
 "Drop experimental warning message when mounting an xfs filesystem on
  an fsdax device. We now consider xfs on fsdax to be stable"

* tag 'xfs-6.8-fixes-4' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux:
  xfs: drop experimental warning for FSDAX
2024-03-02 09:38:03 -08:00
Linus Torvalds
705c72567b gpio fixes for v6.8-rc7
- fix resource freeing ordering in error path when adding a GPIO chip
 - only set pins to output after the reset is complete in gpio-74x164
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEEFp3rbAvDxGAT0sefEacuoBRx13IFAmXjAFQACgkQEacuoBRx
 13JQDhAAiRnE6kYITVWr4O581UpyC9v9yp0Yo6mVeUCHIGKkmZnKrBqcDjORo4Qg
 zmpeot5W7zmYQfMy/cjzyo/rSi55mKb3wAyA4/BHScz4SwUyWJrNjkx5WIQgJssW
 85ZA7x5G6qptf+4oGqSTVG8G6Q/7uR3s+VKgVVWETT31DomPv6DUXFJj1Eu6HNyG
 M25hZvBu8tWMTc6p/rPYcASMYYNrmHDpoETQwrBeESS2kvDIyvoTaTYAFttOOYUN
 aB9UyoW1e4KFQ/tppQwdpBEpGWLLHzR/dMnyV20pUW3OIuToSwQ2HdDRGx4Wnco4
 fImfVqeg4n8DHay43mlr/eSO65CrrngJdhwrB5415wSU6mMkRvd6A12mEWXU0Mjh
 UGiqBI3jxQBPW2tQlQa0zsQpsUyQPZhXt0SD0/DP8FV8GbJFHt90jH4TZauJvsiC
 rX0P50tVOFySBYOCdouVpoc/MVDUCK6Shey/Q0GodaSeH7tw/w+isaR2ftvr/bH3
 c9PQ27b5/s1VM+FIHQxY4J9xiW49GhPZaG4eIB506XDU13q0aZ4bfg6PR1YId5sR
 MdX4gtkkvvZG2Ufa1QCYePY7P6sA+Zxjrg/TBXntgAv759bYds1pLv0SNehLP1F+
 3pKwrN9tuuy/yAIRA783Pp6/0oVaEajEeAA+7xNx0U3qC6E1MAY=
 =i27Z
 -----END PGP SIGNATURE-----

Merge tag 'gpio-fixes-for-v6.8-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux

Pull gpio fixes from Bartosz Golaszewski:

 - fix resource freeing ordering in error path when adding a GPIO chip

 - only set pins to output after the reset is complete in gpio-74x164

* tag 'gpio-fixes-for-v6.8-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux:
  gpio: fix resource unwinding order in error path
  gpiolib: Fix the error path order in gpiochip_add_data_with_key()
  gpio: 74x164: Enable output pins after registers are reset
2024-03-02 09:25:12 -08:00
Ming Lei
7838b46561 block: define bvec_iter as __packed __aligned(4)
In commit 19416123ab ("block: define 'struct bvec_iter' as packed"),
what we need is to save the 4byte padding, and avoid `bio` to spread on
one extra cache line.

It is enough to define it as '__packed __aligned(4)', as '__packed'
alone means byte aligned, and can cause compiler to generate horrible
code on architectures that don't support unaligned access in case that
bvec_iter is embedded in other structures.

Cc: Mikulas Patocka <mpatocka@redhat.com>
Suggested-by: Linus Torvalds <torvalds@linux-foundation.org>
Fixes: 19416123ab ("block: define 'struct bvec_iter' as packed")
Signed-off-by: Ming Lei <ming.lei@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2024-03-02 09:15:01 -08:00
Linus Torvalds
7fd664466a SCSI fixes on 20240302
Two small fixes, all in drivers (the more obsolete mpt3sas and the
 newer mpi3mr).
 
 Signed-off-by: James E.J. Bottomley <jejb@linux.ibm.com>
 -----BEGIN PGP SIGNATURE-----
 
 iJwEABMIAEQWIQTnYEDbdso9F2cI+arnQslM7pishQUCZeLhxiYcamFtZXMuYm90
 dG9tbGV5QGhhbnNlbnBhcnRuZXJzaGlwLmNvbQAKCRDnQslM7pishe4aAQCe0pM9
 Ssol+/GThNmtpEMBshFYFPJTEMJlJ3Sf6Jgm7AD/ZSikfS6wbyRw8xNKRBz7H/x/
 Cpi/IMaJbyJgLb9+YKE=
 =wUnX
 -----END PGP SIGNATURE-----

Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi

Pull SCSI fixes from James Bottomley:
 "Two small fixes, all in drivers (the more obsolete mpt3sas and the
  newer mpi3mr)"

* tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi:
  scsi: mpt3sas: Prevent sending diag_reset when the controller is ready
  scsi: mpi3mr: Reduce stack usage in mpi3mr_refresh_sas_ports()
2024-03-02 09:10:00 -08:00
Linus Torvalds
5ad3cb0ed5 Power Supply Fixes for 6.8 cycle
* mm8013: select REGMAP_I2C
  * bq27xxx-i2c: do not free non-existing IRQ
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEE72YNB0Y/i3JqeVQT2O7X88g7+poFAmXidvkACgkQ2O7X88g7
 +pprPQ//fz6hk3kjikeJ1bzoMea3RcCPoXbDAQRw6n9ni67dwWRy3YNUW1rntMS3
 wiE2Yj8kJZmPc6vqdxfLkjvSSPtr4VGs1uvLGg/7gaNY7wBH4d72aXDR4BDLo4RN
 rg7D7oa9nckUGWeNh29iOhoKGcpohsmOEQINU6rQcyuIHi4RfTL4SML3cDclGTRZ
 B3OLvpDUQRXfrkB6IS9XSrwGjAS76tVEI9V6ZqROj6Nn1E/deZi4iheXXRwjHJIW
 Gelj6yDpxpsaXqm8Pt4dShsMM8oOf4NHlwJWDePISfclUMUxz5glSC3zuvOtB5Qr
 1LxckGAKFSpRHbHM3vUqmR2Ec8sxLkWetHeHwhlL/NmFWnhVtyCZi3bsHgtIysXI
 HdRHKH5INoDV4LTWR7cP/1S1jBangG35G2LOSIqUfi73NO07Xu/Wc715CmFbKXBQ
 KEw67xFA/hrVpZMOJsdE7uV/nBOT+88jSwvrO8m6lJkrIY5HGZM0AhaZjbF5tiLX
 iLju7uGvAEzbbgFXgAF0lvepYRFJGrp4m2+TsplLyQ3zzYsLiNsJ8oTeoEvikkT5
 XeCj4F/uCEH/l4bmPffMS9wl3nHtOfCwVUk5vgrnX0TQPsvlMWzEoSBsKE7NRdqB
 ieFTXHnKQUIVYFx7vleoLCe40fc1zmYVmmOtVeKQ3az2nyi0ot4=
 =iWgO
 -----END PGP SIGNATURE-----

Merge tag 'for-v6.8-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/sre/linux-power-supply

Pull power supply fixes from Sebastian Reichel:

 - Kconfig dependency fix

 - bq27xxx-i2c: do not free non-existing IRQ

* tag 'for-v6.8-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/sre/linux-power-supply:
  power: supply: bq27xxx-i2c: Do not free non existing IRQ
  power: supply: mm8013: select REGMAP_I2C
2024-03-01 17:25:31 -08:00
Linus Torvalds
e613c90dda iommufd for 6.8 rc
Four syzkaller found bugs:
 
 - Corruption during error unwind in iommufd_access_change_ioas()
 
 - Overlapping IDs in the test suite due to out of order destruction
 
 - Missing locking for access->ioas in the test suite
 
 - False failures in the test suite validation logic with huge pages
 -----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQRRRCHOFoQz/8F5bUaFwuHvBreFYQUCZeH0gQAKCRCFwuHvBreF
 YcC5AP91VuNxoExC6Zx9c8i1U2SR5IbvVAHT572qgdhaKoVzugEAtfKJA2ELheL8
 s1F+TDOo8fR/aawIAPzK5GCuHc5oIwg=
 =S44j
 -----END PGP SIGNATURE-----

Merge tag 'for-linus-iommufd' of git://git.kernel.org/pub/scm/linux/kernel/git/jgg/iommufd

Pull iommufd fixes from Jason Gunthorpe:
 "Four syzkaller found bugs:

   - Corruption during error unwind in iommufd_access_change_ioas()

   - Overlapping IDs in the test suite due to out of order destruction

   - Missing locking for access->ioas in the test suite

   - False failures in the test suite validation logic with huge pages"

* tag 'for-linus-iommufd' of git://git.kernel.org/pub/scm/linux/kernel/git/jgg/iommufd:
  iommufd/selftest: Don't check map/unmap pairing with HUGE_PAGES
  iommufd: Fix protection fault in iommufd_test_syz_conv_iova
  iommufd/selftest: Fix mock_dev_num bug
  iommufd: Fix iopt_access_list_id overwrite bug
2024-03-01 17:22:46 -08:00
Linus Torvalds
fb54efc293 Devicetree fix for v6.8, part 2:
One fix for a bug in fw_devlink handling of OF graph. This doesn't
 completely fix the reported problems, but it's with users adding out of
 tree code.
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEEktVUI4SxYhzZyEuo+vtdtY28YcMFAmXiViMACgkQ+vtdtY28
 YcN3yRAAixL7WT+8NDECMy+X25fNaSeUAWRdXRno0F8/EwyBPevXh3TkGEiz5RyT
 nCkwC3X3ykgVWWD9nPa214oay3Hg+NKrekBMD9GK9M4WnI/ZcsCqmcPKDB4OwNDL
 M/QBLY8o7juVh5RD7SAKKXmS9VRfrnzsdHMwKoyMC7uqSixq299kR85wc9KZW7co
 yh1MD+oY/5jymkN71ZZkyysBhybTHX2AlBAHKLD4biKU6J4JOpEju31Tlmw0xu4l
 xqNtfZalgfG9Rc6NUvBJQgIMD+he+fsowsxOShkd7/4JhgIiF5SqNl6IPEq6Uwhk
 9AHsa6KOal3aiLcbDMIum44P2Bvb1GYTPmGXfvqSZp4O1K8OXZ0EOxFlddwDtCqG
 MBnhdN7iTymNLS0ojwz6za4IS6VDfmjofB5uEjjHyTam/b/uLogPXrRWU68hYDAS
 DdujcZ0a7Fyw9Ltz6EzuYyNlcumLaNnF97RJG0+6FTn+NF2slUMjjeKE2yvAuFpy
 bAFs5iF1z5mXrJArZFf3ioRHSCJrVJ8lnKHmOwrAkdc23V9CYZjRywwokqH7xA2/
 Qudo0O3ZFp6M9hhGq+DruM2nNvrLVTRYKCD4Oxe6geIAMmPJaD+gaTDnZPTcY/0t
 VkQnu8aXGLH+5T2dGALhk3JzZQ7JYwkyXhKvO283IXhKY+XV0rg=
 =9QKD
 -----END PGP SIGNATURE-----

Merge tag 'devicetree-fixes-for-6.8-2' of git://git.kernel.org/pub/scm/linux/kernel/git/robh/linux

Pull devicetree fix from Rob Herring:
 "One fix for a bug in fw_devlink handling of OF graph. This doesn't
  completely fix the reported problems, but it's with users adding out
  of tree code"

* tag 'devicetree-fixes-for-6.8-2' of git://git.kernel.org/pub/scm/linux/kernel/git/robh/linux:
  of: property: fw_devlink: Fix stupid bug in remote-endpoint parsing
2024-03-01 17:18:35 -08:00
Saravana Kannan
7cb50f6c9f of: property: fw_devlink: Fix stupid bug in remote-endpoint parsing
Introduced a stupid bug in commit 782bfd03c3 ("of: property: Improve
finding the supplier of a remote-endpoint property") due to a last minute
incorrect edit of "index !=0" into "!index". This patch fixes it to be
"index > 0" to match the comment right next to it.

Reported-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Link: https://lore.kernel.org/lkml/20240223171849.10f9901d@booty/
Fixes: 782bfd03c3 ("of: property: Improve finding the supplier of a remote-endpoint property")
Signed-off-by: Saravana Kannan <saravanak@google.com>
Reviewed-by: Herve Codina <herve.codina@bootlin.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Tested-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Link: https://lore.kernel.org/r/20240224052436.3552333-1-saravanak@google.com
Signed-off-by: Rob Herring <robh@kernel.org>
2024-03-01 15:28:17 -06:00
Linus Torvalds
d17468c6f1 RISC-V Fixes for 6.8-rc7
* A fix for detecting ".option arch" support on not-yet-released LLVM
   builds.
 * A fix for a missing TLB flush when modifying non-leaf PTEs.
 * A handufl of fixes for T-Head custom extensions.
 * A fix for systems with the legacy PMU, that manifests as a crash on
   kernels built without SBI PMU support.
 * A fix for systems that clear *envcfg on suspend, which manifests as
   cbo.zero trapping after resume.
 * A pair of fixes for Svnapot systems, including removing Svnapot
   support for huge vmalloc/vmap regions.
 -----BEGIN PGP SIGNATURE-----
 
 iQJHBAABCAAxFiEEKzw3R0RoQ7JKlDp6LhMZ81+7GIkFAmXh8A0THHBhbG1lckBk
 YWJiZWx0LmNvbQAKCRAuExnzX7sYif7tD/9mlPpK/OZs9U8DXVpZU91iEekVU7ss
 CWY+Y9+fx9hjOahqUgJ72aG6mj5p9DW9cqz+73Ktds4xGCrh3Sr734nAFTshpo2K
 IiKx+Ruq6YIURzXMcNuQ4JHAOMI4P4p34cha+fZ5ORPXRKLJQqBR3eNFBa5NHuR4
 md6TaU0gJAZE3yY2llLJOPlj9cT8swPV4gc8I0pUb4gKYj3sU/2HWVEYfiBoDnjo
 XUSNV2ts9mWv7OGgBqS1QqdZeFKizPp87PRfzNBye5Gx8mpUXS52Z+W7vr6f/EUf
 stWhDnR2XQ2HYSPoo5rQqIfZHH9dp+DUtqGjNo+jX54OoFAvHHtlhrEVC4q3uGkY
 Y3RoIe17s1EvozMKXCVQ+tCrhOh/jttye5Om5gb8yJ2clATL5dJM/jkoMKMdIh5n
 KLhZBYLrgN/Z0Mb0wePnlXhVnW2/N4ruIlP5Kd+wHRR+rUlQm6Xjccg4r5MgxMgK
 iaVbBZ/JTkJhP/II5ACr519Mz5Nh2N1QKTQkbHA5XWrn9+SDnF9Dio/EurPshvmm
 xJYcG42sxkI4V9UEmriyiAs6NqIDTKyNoA28WXYLVDCrFomtehmttS9RWE7FqPku
 mAUIUd3hbP4Qrt81Gus+CwCIZSuVhJin+3VUAI6Z6FpImDoamquJvIQ3aYtZ/nye
 pDSC3QhivYUA6A==
 =FpVN
 -----END PGP SIGNATURE-----

Merge tag 'riscv-for-linus-6.8-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux

Pull RISC-V fixes from Palmer Dabbelt:

 - detect ".option arch" support on not-yet-released LLVM builds

 - fix missing TLB flush when modifying non-leaf PTEs

 - fixes for T-Head custom extensions

 - fix for systems with the legacy PMU, that manifests as a crash on
   kernels built without SBI PMU support

 - fix for systems that clear *envcfg on suspend, which manifests as
   cbo.zero trapping after resume

 - fixes for Svnapot systems, including removing Svnapot support for
   huge vmalloc/vmap regions

* tag 'riscv-for-linus-6.8-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux:
  riscv: Sparse-Memory/vmemmap out-of-bounds fix
  riscv: Fix pte_leaf_size() for NAPOT
  Revert "riscv: mm: support Svnapot in huge vmap"
  riscv: Save/restore envcfg CSR during CPU suspend
  riscv: Add a custom ISA extension for the [ms]envcfg CSR
  riscv: Fix enabling cbo.zero when running in M-mode
  perf: RISCV: Fix panic on pmu overflow handler
  MAINTAINERS: Update SiFive driver maintainers
  drivers: perf: ctr_get_width function for legacy is not defined
  drivers: perf: added capabilities for legacy PMU
  RISC-V: Ignore V from the riscv,isa DT property on older T-Head CPUs
  riscv: Fix build error if !CONFIG_ARCH_ENABLE_HUGEPAGE_MIGRATION
  riscv: mm: fix NOCACHE_THEAD does not set bit[61] correctly
  riscv: add CALLER_ADDRx support
  RISC-V: Drop invalid test from CONFIG_AS_HAS_OPTION_ARCH
  kbuild: Add -Wa,--fatal-warnings to as-instr invocation
  riscv: tlb: fix __p*d_free_tlb()
2024-03-01 12:44:33 -08:00
Linus Torvalds
5870ba3dc6 A patch to catch up with mdsmap encoding rectification which ended up
being necessary after all to enable cluster upgrades from problematic
 v18.2.0 and v18.2.1 releases.
 -----BEGIN PGP SIGNATURE-----
 
 iQFHBAABCAAxFiEEydHwtzie9C7TfviiSn/eOAIR84sFAmXiERQTHGlkcnlvbW92
 QGdtYWlsLmNvbQAKCRBKf944AhHzixs3B/0a4oo8pguKFwv7nRoPhj8psutefUo4
 DAclob36DA+7BZEPEOfcRC++fwQpuX1Xjly5hTouIvX5kJ8MbZh0HIstS8zr73XF
 DJxK+WO+mMieR7k5Ig4zjUc6Vm5JOxl4DWMo/r/+v6/tVIsD1mvvXrrtQkr/HBXs
 8OXimd1XshI7Y7z2q/liT8K5ozf1Wa0adBOeOmke0TSfJm81uauao3ZHvNkO5yE+
 zAa7XRtczYPgn5sA9ydUY5PYUUPYEtkarn1s12W42fudM5VHI2Ui6tSTcCUr6lTU
 UQRElSXygvpptl4PuFlkLdUoiTItfiF1X6TqQ5zrUnjOBVBr9v4Xz8hL
 =YrOC
 -----END PGP SIGNATURE-----

Merge tag 'ceph-for-6.8-rc7' of https://github.com/ceph/ceph-client

Pull ceph fix from Ilya Dryomov:
 "Catch up with mdsmap encoding rectification which ended up being
  necessary after all to enable cluster upgrades from problematic
  v18.2.0 and v18.2.1 releases"

* tag 'ceph-for-6.8-rc7' of https://github.com/ceph/ceph-client:
  ceph: switch to corrected encoding of max_xattr_size in mdsmap
2024-03-01 12:34:23 -08:00
Linus Torvalds
7505aa147a for-6.8-rc6-tag
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEE8rQSAMVO+zA4DBdWxWXV+ddtWDsFAmXh1GgACgkQxWXV+ddt
 WDtnvA/7BN7BZ6QmwWv9UyxhgSBtzI19AXPi/kBsssnnjNuzXoHFaVHj68lQCCOB
 a4YjRxAg7nmwFGHdVDTdnwXgUECzqlVkeX9cXg1ZpJy0IfP9RriGedRlC/93z7aV
 pg6DnKMh2FlkibK7yO6kRBR8RYLc5aVIytqHXgUeqbaquuhj2Hh8EpqRo2X0RsoE
 wDXlK0qgrU8HyrA3fHdqKYPcm1+cYABGTCwGx65iRffy8vH+KFSAr71G8jOJVEUj
 DgNWJCpBjXJNs0dsKrik5oGmvLd3GDBKinNX7R2mAvMAMGWrL+fVVTVTfBS/clUT
 FBiVFNYCJuphMcO3Qjs6JIuEez0GuGEeh1m+tQ8W795At1FSiINtE5J7LjmJUl5X
 FuUwOUpxco1lTXBLX149Y9kk7AEOaqYxy0XbH4r5bbKyuzQegRGB9/qQX4sSaCt3
 3T+Td9PvS+6Jo+CDO0dsYhG/h3bsHeHtHGR6f2CiO/m1zHDnTX9aYVcLMM3hsrMI
 8OUEy1jkuKnDZQuZuIWES/3V9FlJL34dR3Cb236Pv/yIH1iujIc27g0qXrC1vzPg
 wnUL1wheLQ9IRLedXoiHtX2Y2ZfFQGQDrIKNCJFD+WNPkZYffih5QNTV/mPZmL80
 9EbjoVTu+6rygzdD43R1RWvK0kFsY44RKhHreI8SItO+e3/0TAs=
 =hMf8
 -----END PGP SIGNATURE-----

Merge tag 'for-6.8-rc6-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux

Pull btrfs fixes from David Sterba:

 - fix freeing allocated id for anon dev when snapshot creation fails

 - fiemap fixes:
     - followup for a recent deadlock fix, ranges that fiemap can access
       can still race with ordered extent completion
     - make sure fiemap with SYNC flag does not race with writes

* tag 'for-6.8-rc6-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux:
  btrfs: fix double free of anonymous device after snapshot creation failure
  btrfs: ensure fiemap doesn't race with writes when FIEMAP_FLAG_SYNC is given
  btrfs: fix race between ordered extent completion and fiemap
2024-03-01 12:29:20 -08:00
Linus Torvalds
3aec97e0c7 Description for this pull request:
- Fix ftruncate failure when allocating non-contiguous clusters.
 -----BEGIN PGP SIGNATURE-----
 
 iQJKBAABCgA0FiEE6NzKS6Uv/XAAGHgyZwv7A1FEIQgFAmXhiBkWHGxpbmtpbmpl
 b25Aa2VybmVsLm9yZwAKCRBnC/sDUUQhCFRdD/47DYPGhZPWt4+JamGs3ZR0WX8l
 555GnbSjzLmmGUYjEyDsMmJllL7I0gX3Hm2QNOJIce1ETh3a2oSQlp+O+uIJM7zW
 rQjV8l6u+JZXEvpZwbfIfpyQ2+p6wFgueFC8+HX+VwfiJXw0hKNfqIwugjyRiWUF
 P1pptVZvsne2d7dUM8nmwedFZClP2GhyFxPqOiAvPd6Yw5s6b2yOj534eU9JSWfp
 ph/ZVnZOZNwaKUPD57OWYFKb4hLHEDTpjWjpU1jXkdeKCAB9WuJyegJMtznJIaBW
 DtkDmaUeQLPccWFWlZXOPvZfueJuWU1rxzGCqYBOvP77SPDATxqgFh5yhRj5wqnx
 Cs//VqFY6fZC6HfXAURvbM6l+NblaH1m6Bm7o7PkbBScju9tyKByqMNGLtHHnH2V
 y8jD8mFj2wjvwD+6EBdIVD7ddr1M8uyPUpk++gYxklpSDwwzngkqpUItYCv1sKhD
 tlwyPY5efDXC1e38KWTmbhGh0UACz8pVNPbFZsQ7jVlvKlAoT+/T4SGz4t+4qXpA
 IEo36PYEznxNZllf5/kTQ/yzVjPuX2K0CVTvNb01nTdGfHE1p8Uvt1nWJr2nRall
 vSsOswEbJ78O+313+HCWL2WreqlN4yCVhh+cpyinGLZgrQwBMl4uJrgBb0XxwTD6
 0PjItbRcF4C+Bo4tGw==
 =LfJg
 -----END PGP SIGNATURE-----

Merge tag 'exfat-for-6.8-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/linkinjeon/exfat

Pull exfat fix from Namjae Jeon:

 - Fix ftruncate failure when allocating non-contiguous clusters

* tag 'exfat-for-6.8-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/linkinjeon/exfat:
  exfat: fix appending discontinuous clusters to empty file
2024-03-01 12:22:30 -08:00
Linus Torvalds
1678f8d85d vfs-6.8-rc7.fixes
-----BEGIN PGP SIGNATURE-----
 
 iHUEABYKAB0WIQRAhzRXHqcMeLMyaSiRxhvAZXjcogUCZeHE0QAKCRCRxhvAZXjc
 ojUoAQDaH72HFy7vw9/5x9IN1LfbwWLNmFpF2eFVWIB/xnJaMAD/aPOxqBSHfC7W
 kam84prsnQcOh3wNF5j23HSR9HS79gw=
 =5YAw
 -----END PGP SIGNATURE-----

Merge tag 'vfs-6.8-rc7.fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs

Pull vfs fixes from Christian Brauner:
 "Two small fixes:

   - Fix an endless loop during afs directory iteration caused by not
     skipping silly-rename files correctly.

   - Fix reporting of completion events for aio causing leaks in
     userspace. This is based on the fix last week as it's now possible
     to recognize aio events submitted through the old aio interface"

* tag 'vfs-6.8-rc7.fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs:
  fs/aio: Make io_cancel() generate completions again
  afs: Fix endless loop in directory parsing
2024-03-01 12:17:02 -08:00
Linus Torvalds
17ba56605b IOMMU fix for Linux v6.8-rc6:
- Fix SVA handle sharing in multi device case
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEr9jSbILcajRFYWYyK/BELZcBGuMFAmXh7h8ACgkQK/BELZcB
 GuOcaA//QlD6S6U1mQ3Su/Nisfw/5GQK80wRpE9w3VmdyXvRXqrzecxQYAcBKbRY
 3if2nsWIexB2RRPkmRIGe4NT5MrIPRZuzjLBu+IPvuZGEiEDX8GNw5LafJ8otogH
 GPlOpEVzdx5EGQsqPR7iPzTDuHWjcPl6Fclfc9g17F0MgOHQiRmdcJo41azCJnj7
 qabBnu5uItva1/kN9ipgliRCmtU/DcHWVPnOhDVvmKK4lvsaKSn2kpWAVmuNU/ht
 6DIKsZiowjXAVdKz0WBpfL9bmllVQsvtYUG0YJu3oQikH2UoASDn2i6+GJUr1OB9
 7N6C9+YCtl5Tm7GV+91JnbNJ9Q2juSD9hRo22GauNmjS6Go5zW14T88NiF1p14pu
 Whn2C1jybGTYOAa/6Mn7D6wSDDrJ7jz79Vd4Q+ehXAD0WWeDmiat6T1Hxkrb23nE
 jfvlDUHF7oNEA6pjRNoouyUvcmT5MMBPmgayRlBDpSxHhO32O9mU0cLW7b4lt+px
 l+JQKgLADbi3W7qE19VkH/9qhCt3TGFaSwWdu+dB0b/IxeW0zqxl+BjOcBG3F0HD
 ocU63Zxm+u4VYZm9tsHhpql90914Iyr2kn8MJg0XXtwpzh9ErNcYG6wHVyh+Mh2J
 Za8tizN1KmSxd4RL9J+xlU8neY9y5y1D4OCS/hXjR5hqvaRe6XM=
 =VVrn
 -----END PGP SIGNATURE-----

Merge tag 'iommu-fix-v6.8-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu

Pull iommu fix from Joerg Roedel:

 - Fix SVA handle sharing in multi device case

* tag 'iommu-fix-v6.8-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu:
  iommu/sva: Fix SVA handle sharing in multi device case
2024-03-01 12:01:43 -08:00
Linus Torvalds
371e4a1f91 MMC core:
- Fix eMMC initialization with 1-bit bus connection
 
 MMC host:
  - mmci: Fix DMA API overlapping mappings for the stm32 variant
  - sdhci-xenon: Fix PHY stability issues
 -----BEGIN PGP SIGNATURE-----
 
 iQJLBAABCgA1FiEEugLDXPmKSktSkQsV/iaEJXNYjCkFAmXhqHMXHHVsZi5oYW5z
 c29uQGxpbmFyby5vcmcACgkQ/iaEJXNYjClzsA//QxUuGQKkjYZIRt0KKYfXA8v/
 bHW1cAK+xMmklm2XLHCE2U7ckZGdWFRCNiotXQa4iYyVFAUpx5zFYdszXZbaJkqy
 1Q4Zbl014NoxAijuJoMWPZPNThMwWtl11ZEw3hEO8d5it3g+kH7GafrdRINRDUeK
 VLhRpaUdMdjXLdEfrM9vv9slE4wA3qwGKRLm1D4H0YpDL/hPHa/tJRmcw3hCxEYO
 wzjza+tGKDi9oZdg/7H0HVZW2Yf0jImAAIvwXgLhF1Zm7LVzQxG5fW9VV5tc/Yi5
 XDi/UtjJhqoEudLCd+tK59uJa8PE0x//Uo3wNJ1nujy/5Av6J9+RV0Dk/oamF/O2
 o7wrWsdtZF/MoDQ3Fp7jjy3uqUFFMQreDM4TEEFr7+ZF0fT7mKPNB7YKms40+dI5
 mzhDdIWKedJffmj8zRipqkGfp6oIX5bj3h8AwSjLmu7N1lRyJu0TuBLzVCwASdQj
 +dc/xS7k9/MjDPXj2vppiS2ALygMArMEFTk9rdJj4HMDsMAgjDcBkeGH7tn6Bs6S
 ntTdY8DH5E+N9n2IZezsUbm81gI84r/jfZ30Iol2rkfCAuryVVdmbTVGsKgCrCX0
 M1oT7oPjMPfEjeXSw8qO0crZbBRugPANDxhTxahaGJ3jbJkY+aXjYBJuROYk+myR
 Px30aQTBJpDZM921Alw=
 =PO2r
 -----END PGP SIGNATURE-----

Merge tag 'mmc-v6.8-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc

Pull MMC fixes from Ulf Hansson:
 "MMC core:
   - Fix eMMC initialization with 1-bit bus connection

  MMC host:
   - mmci: Fix DMA API overlapping mappings for the stm32 variant
   - sdhci-xenon: Fix PHY stability issues"

* tag 'mmc-v6.8-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc:
  mmc: sdhci-xenon: add timeout for PHY init complete
  mmc: sdhci-xenon: fix PHY init clock stability
  mmc: mmci: stm32: fix DMA API overlapping mappings warning
  mmc: core: Fix eMMC initialization with 1-bit bus connection
2024-03-01 11:55:19 -08:00
Linus Torvalds
fafbad4a20 Providers:
- qcom: Fix enabled_corner aggregation for rpmhpd
  - arm: Fix NULL dereference on scmi_perf_domain removal
 -----BEGIN PGP SIGNATURE-----
 
 iQJLBAABCgA1FiEEugLDXPmKSktSkQsV/iaEJXNYjCkFAmXhpP8XHHVsZi5oYW5z
 c29uQGxpbmFyby5vcmcACgkQ/iaEJXNYjCnHZBAAynC53E42DsyteCF6uqhatamj
 06pNVGQe+7GqFQfpDgvwobM3mznAOIiEnh1omUqoA0eQH8ZM411fWDOflqpey+et
 sE2NLSPmTc7UJdCoAxXVspC+cVI0e+ZE8u2752FG1ARaEO7z+jlu/QPLkWQ5/kgh
 kuZVDtGQv6uQhG+ZsUqnaHfcrvZIB7Q+sD2YiGxTka3/c8HWbig0x2gQp/fwQO3G
 AAmS7HudBvctqWCDnjSTDv426d2rXdyDeUEDVWg/2NC8I64QRyIg4DZ/dI4oJvqa
 cJdHSfLZRhGFap0A4143cn7u054zZD430xWeMKheOwHjGrtmxhEcGHYGODCOjaVo
 R4vaeE35rnhqCLjiRHkOiuQQmysx/I/hlbu+DVkGJat9mKmwbrJvHKzO1AFD2kuX
 D9cRMTFn6T2vm44Av71l1Sm9fExYRsyHgdtatABPPd7ede+Y8rBs9AHtEU1Xd2Wb
 3moJsHinfZ//ffVsKsIe7EkUTp8Jk8OPZKkv+gbJczl4qvCt9Gu77U1cAygigBOF
 l4VyhWM7XAFU+aENZ9uob8S2NptXmYkZB1hv1ZKlnGt3+W88naY/BE533ifdGMXf
 DqYhjtWZG5LMVn0VkvJDxCJOM0MTE30yMCa8KeJSZfCgl+SbpsShwOFCzxuZlVHJ
 5lcuRv2v9ENh41khTi8=
 =e1Rr
 -----END PGP SIGNATURE-----

Merge tag 'pmdomain-v6.8-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/linux-pm

Pull pmdomain fixes from Ulf Hansson:

 - qcom: Fix enabled_corner aggregation for rpmhpd

 - arm: Fix NULL dereference on scmi_perf_domain removal

* tag 'pmdomain-v6.8-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/linux-pm:
  pmdomain: qcom: rpmhpd: Fix enabled_corner aggregation
  pmdomain: arm: Fix NULL dereference on scmi_perf_domain removal
2024-03-01 11:52:27 -08:00
Linus Torvalds
2bbb54ba1b EFI fixes for v6.8 #2
- Fix phys_addr_t size confusion in 32-bit capsule loader
 - Reduce maximum EFI variable name size to 512 to work around buggy
   firmware
 - Drop some redundant code from efivarfs while at it
 -----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQQQm/3uucuRGn1Dmh0wbglWLn0tXAUCZdr/HgAKCRAwbglWLn0t
 XGqrAP96SmiLbkEBzBAkjpIvQIwoiPUAQmfBXs4PuZ6MH/aq3wEA0VOxxH8CpVAu
 dpjd2HIjO59zMr4G7BvR/ezit3Gp2A0=
 =Bd3Z
 -----END PGP SIGNATURE-----

Merge tag 'efi-fixes-for-v6.8-2' of git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi

Pull EFI fixes from Ard Biesheuvel:
 "Only the EFI variable name size change is significant, and will be
  backported once it lands. The others are cleanup.

   - Fix phys_addr_t size confusion in 32-bit capsule loader

   - Reduce maximum EFI variable name size to 512 to work around buggy
     firmware

   - Drop some redundant code from efivarfs while at it"

* tag 'efi-fixes-for-v6.8-2' of git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi:
  efivarfs: Drop 'duplicates' bool parameter on efivar_init()
  efivarfs: Drop redundant cleanup on fill_super() failure
  efivarfs: Request at most 512 bytes for variable names
  efi/capsule-loader: fix incorrect allocation size
2024-03-01 11:40:29 -08:00
Linus Torvalds
fbf9e3b697 sound fixes for 6.8-rc7
The amount of changes wasn't as small as wished, but all reasonably
 small fixes.  There is a PCM core API change, which is for correcting
 the behavior change we took in 6.8.  The rest are device-specific
 fixes for ASoC AMD, Qualcomm, Cirrus codecs, HD-audio quirks & co.
 -----BEGIN PGP SIGNATURE-----
 
 iQJCBAABCAAsFiEEIXTw5fNLNI7mMiVaLtJE4w1nLE8FAmXgjKoOHHRpd2FpQHN1
 c2UuZGUACgkQLtJE4w1nLE82Wg/9Ht2/Po7+Vvl44hh3f5VtLjytZ0TAlxt/OQTM
 ZZVfZuBEUggps7EGXYemvPWHOw1ycTiw8+Me7Pk1RiG3Q567vvp25k9LL33I7Tio
 be4GobIn6wRdArIbvfZuhqdM8InbhQqz+cXFMW5rV0QbHL+IwNWlLVTym1NObRaF
 7aYI2dUAJ8YJUPRpbVjFEvk+vSo9cCYZulqYCzhLda2/G9nRraW+fynpqhJfiixA
 Lz9T8i+978nh81wR1DQtWCqkExW0ICIVFIM6wnr+eIyJEN1g/kxF6dBNfxzRdSKM
 pl64l8fWdOBXsOjCcu41eDDX4DputTt4p9z8KUmu0tOHfofVr4KLghOQk4SBirs2
 ipBJtCIyZvh26tdLwRgSviWiZrt2kbP5JwNaayYvj9v9GzBH4TJLhTGb/6xk8TT0
 XcRHjbozqckVChGNjKPsQ2rJ+AD8dEdAH7C4n0VAT9odLEv7ldQj8gdZbjfMVzgw
 gXIjhYpMtuk5eDxuvS3OHaKpDiyIopMIz/IWaH2kXxriI23ibBM1AoK65UHrhFVY
 ZL47jbSQ0d2XvSTigQ2/KqYzT48A9ozAI5bOfGsoqqMCxkYGACjQM8B9sAPQ9XbL
 3R2ry6ilCqJ90H0X5a0JvUxegGmbakaYxB059mmMHkMynZnNO+mRqZWi5W83yAaA
 6HaZWHk=
 =Zk6g
 -----END PGP SIGNATURE-----

Merge tag 'sound-6.8-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound

Pull sound fixes from Takashi Iwai:
 "The amount of changes wasn't as small as wished, but all reasonably
  small fixes. There is a PCM core API change, which is for correcting
  the behavior change we took in 6.8. The rest are device-specific fixes
  for ASoC AMD, Qualcomm, Cirrus codecs, HD-audio quirks & co"

* tag 'sound-6.8-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:
  ASoC: amd: yc: Fix non-functional mic on Lenovo 21J2
  ASoC: amd: yc: add new YC platform variant (0x63) support
  ALSA: hda/realtek - ALC285 reduce pop noise from Headphone port
  ASoC: amd: yc: Add Lenovo ThinkBook 21J0 into DMI quirk table
  ALSA: hda/realtek: Add special fixup for Lenovo 14IRP8
  ASoC: soc-card: Fix missing locking in snd_soc_card_get_kcontrol()
  ALSA: hda/realtek: tas2781: enable subwoofer volume control
  ALSA: pcm: clarify and fix default msbits value for all formats
  ASoC: qcom: Fix uninitialized pointer dmactl
  ALSA: hda/realtek: fix mute/micmute LED For HP mt440
  ALSA: Drop leftover snd-rtctimer stuff from Makefile
  ALSA: ump: Fix the discard error code from snd_ump_legacy_open()
  ALSA: hda/realtek: Enable Mute LED on HP 840 G8 (MB 8AB8)
  ASoC: cs35l56: Must clear HALO_STATE before issuing SYSTEM_RESET
  ALSA: hda/realtek: Fix top speaker connection on Dell Inspiron 16 Plus 7630
  ALSA: firewire-lib: fix to check cycle continuity
2024-03-01 11:32:41 -08:00
Linus Torvalds
7187ea0978 drm fixes for 6.8-rc7
buddy:
 - two allocation fixes + unit test
 
 fbcon:
 - font restore syzkaller fix
 
 ttm:
 - kunit test fix
 
 bridge:
 - fix aux-hpd leaks
 - fix aux-hpd registration
 - fix use after free in soc/qcom
 - fix boot on soc/qcom
 
 xe:
 - A couple of tracepoint updates from Priyanka and Lucas.
 - Make sure BINDs are completed before accepting UNBINDs on LR vms.
 - Don't arbitrarily restrict max number of batched binds.
 - Add uapi for dumpable bos (agreed on IRC).
 - Remove unused uapi flags and a leftover comment.
 - A couple of fixes related to the execlist backend.
 
 msm:
 - DP: Revert a change which was causing a HDP regression
 
 amdgpu:
 - Fix potential buffer overflow
 - Fix power min cap
 - Suspend/resume fix
 - SI PM fix
 - eDP fix
 
 nouveau:
 - fix a misreported VRAM sizing
 - fix a regression in suspend/resume due to freeing
 
 tegra:
 - host1x reset fix
 - only remove existing driver if display is possible
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEEKbZHaGwW9KfbeusDHTzWXnEhr4FAmXhaX0ACgkQDHTzWXnE
 hr4DtA//VzJEzhfnPlss4kgD7Io5vvH+We9eoSi0lkIrL+mHVJYQOveB/yw8KMJZ
 p6qGYi4Q/bTLyoDS2tL7oP5HfU5ZbzLG2DBFJzBo5Y6dQRhhgWsKGQs/zhlSrm9S
 k8F1lR6DVL3rZd084FIY7GlSlGCj9h2GdmpmvbJ9R0rjFEu2E0WE3aatEVTFCj/Y
 Vy8rjwrrST+cj6kefEGoRO+awmQCJrxIp2TmygB8vWZwlkmCGK+MmzOpJa2Ei5g2
 jLFzMoxN7jIVQzdF/Z3hI6j75lWJAK0mpEsstt9hJlgv/nQbuJyG7rcRfy8X7pBF
 qcT6YCMbEvvC8Kh580H6H9/CIDavKqWOPAaRluv9Y1zA1Q4Wmmeh3u74QNnAX8Fy
 y+PKLe7rraQYx5E6z0EiBpfyxckQlDn6W7wDemyCu4IPyFCj5Y+x3oZ5Ldu0yKPR
 meksQm4NySe0zv/Q2uxYmtR3PcWPCHprvjZeqt9RfAs8iOUYD7liDCoamDiqkoDK
 b2wJrBTrBCq/0JnJEDSd6barSvGjw8ufwOAfyrjsknKRaNSz8+bxpZ3CqlkH+bGj
 6v5Wsll8kRg5gfpnFRh7qWME7MeskfCC1fVby+9hZE8vKYDmISLWuq4yvSlyzJ6k
 15c6CgQrulYyxxJmeTV45mxhfNyv2n1gTem2DXEpM/f1HWK1mi0=
 =uYay
 -----END PGP SIGNATURE-----

Merge tag 'drm-fixes-2024-03-01' of https://gitlab.freedesktop.org/drm/kernel

Pull drm fixes from Dave Airlie:
 "Bunch of fixes, xe, amdgpu, nouveau and tegra all have a few. Then
  drm/bridge including some drivers/soc fallout fixes. The biggest thing
  in here is a new unit test for some buddy allocator fixes, otherwise a
  misc fbcon, ttm unit test and one msm revert.

  Seems pretty normal for this stage.

  buddy:
   - two allocation fixes + unit test

  fbcon:
   - font restore syzkaller fix

  ttm:
   - kunit test fix

  bridge:
   - fix aux-hpd leaks
   - fix aux-hpd registration
   - fix use after free in soc/qcom
   - fix boot on soc/qcom

  xe:
   - A couple of tracepoint updates from Priyanka and Lucas
   - Make sure BINDs are completed before accepting UNBINDs on LR vms
   - Don't arbitrarily restrict max number of batched binds
   - Add uapi for dumpable bos (agreed on IRC)
   - Remove unused uapi flags and a leftover comment
   - A couple of fixes related to the execlist backend

  msm:
   - DP: Revert a change which was causing a HDP regression

  amdgpu:
   - Fix potential buffer overflow
   - Fix power min cap
   - Suspend/resume fix
   - SI PM fix
   - eDP fix

  nouveau:
   - fix a misreported VRAM sizing
   - fix a regression in suspend/resume due to freeing

  tegra:
   - host1x reset fix
   - only remove existing driver if display is possible"

* tag 'drm-fixes-2024-03-01' of https://gitlab.freedesktop.org/drm/kernel: (32 commits)
  drm/nouveau: keep DMA buffers required for suspend/resume
  nouveau: report byte usage in VRAM usage
  drm/xe/xe_trace: Add move_lacks_source detail to xe_bo_move trace
  drm/xe: Deny unbinds if uapi ufence pending
  drm/xe: Expose user fence from xe_sync_entry
  drm/xe: Use pointers in trace events
  drm/xe/xe_bo_move: Enhance xe_bo_move trace
  drm/xe/mmio: fix build warning for BAR resize on 32-bit
  drm/xe: get rid of MAX_BINDS
  drm/xe: Use vmalloc for array of bind allocation in bind IOCTL
  drm/xe: Don't support execlists in xe_gt_tlb_invalidation layer
  drm/xe: Fix execlist splat
  drm/xe/uapi: Remove unused flags
  drm/xe/uapi: Remove DRM_XE_VM_BIND_FLAG_ASYNC comment left over
  drm/xe: Add uapi for dumpable bos
  drm/amd/display: Add monitor patch for specific eDP
  Revert "drm/msm/dp: use drm_bridge_hpd_notify() to report HPD status changes"
  drm/tests/drm_buddy: add alloc_range_bias test
  drm/buddy: check range allocation matches alignment
  drm/buddy: fix range bias
  ...
2024-03-01 11:23:08 -08:00
Linus Torvalds
161671a6eb Probes fixes for v6.8-rc5:
- fprobe: Fix to allocate entry_data_size buffer for each rethook
     instance. This fixes a buffer overrun bug (which leads a kernel
     crash) when fprobe user uses its entry_data in the entry_handler.
 -----BEGIN PGP SIGNATURE-----
 
 iQFPBAABCgA5FiEEh7BulGwFlgAOi5DV2/sHvwUrPxsFAmXhIPgbHG1hc2FtaS5o
 aXJhbWF0c3VAZ21haWwuY29tAAoJENv7B78FKz8bhwIH/1h5q2ZqNwNplDGVQpWU
 G1uuRHLlt47jwbGR3gfeYqVELtX0gFigBsmVouCKK3u3qerB1pDscYhULzKeHjS4
 1HAsonj+vKY2pbdCaRnxRT7ejlEioN8CwPb1eqY6Bf6XQ2tJqS5gUqdej8JDJuY5
 tpNAhHWqAnRvf1V5muclGAIU+9zavrAjbetpgrPEDIjE5idFvN+6D+4PXiM1cRIW
 KXW1oA7VlShdfY7xprSZ33Lx7C/dLWojM2P/z/BvqyXOf4f1ovqtGFJegW4n7V5b
 ZgamgOcSBwFLTVOTpOzn0peucduLFTfEWyC7fFGkHjBxTl2JypsQLEupdoaWLvBB
 el4=
 =bUgZ
 -----END PGP SIGNATURE-----

Merge tag 'probes-fixes-v6.8-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace

Pull fprobe fix from Masami Hiramatsu:

 - allocate entry_data_size buffer for each rethook instance.

   This fixes a buffer overrun bug (which leads a kernel crash)
   when fprobe user uses its entry_data in the entry_handler.

* tag 'probes-fixes-v6.8-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace:
  fprobe: Fix to allocate entry_data_size buffer with rethook instances
2024-03-01 11:17:23 -08:00
Tetsuo Handa
2f03fc340c tomoyo: fix UAF write bug in tomoyo_write_control()
Since tomoyo_write_control() updates head->write_buf when write()
of long lines is requested, we need to fetch head->write_buf after
head->io_sem is held.  Otherwise, concurrent write() requests can
cause use-after-free-write and double-free problems.

Reported-by: Sam Sun <samsun1006219@gmail.com>
Closes: https://lkml.kernel.org/r/CAEkJfYNDspuGxYx5kym8Lvp--D36CMDUErg4rxfWFJuPbbji8g@mail.gmail.com
Fixes: bd03a3e4c9 ("TOMOYO: Add policy namespace support.")
Cc:  <stable@vger.kernel.org> # Linux 3.1+
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2024-03-01 11:14:00 -08:00
Jiri Bohac
7fd817c906 x86/e820: Don't reserve SETUP_RNG_SEED in e820
SETUP_RNG_SEED in setup_data is supplied by kexec and should
not be reserved in the e820 map.

Doing so reserves 16 bytes of RAM when booting with kexec.
(16 bytes because data->len is zeroed by parse_setup_data so only
sizeof(setup_data) is reserved.)

When kexec is used repeatedly, each boot adds two entries in the
kexec-provided e820 map as the 16-byte range splits a larger
range of usable memory. Eventually all of the 128 available entries
get used up. The next split will result in losing usable memory
as the new entries cannot be added to the e820 map.

Fixes: 68b8e9713c ("x86/setup: Use rng seeds from setup_data")
Signed-off-by: Jiri Bohac <jbohac@suse.cz>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Cc: <stable@kernel.org>
Link: https://lore.kernel.org/r/ZbmOjKnARGiaYBd5@dwarf.suse.cz
2024-03-01 10:27:20 -08:00
Zhangfei Gao
6384c56c99 iommu/sva: Fix SVA handle sharing in multi device case
iommu_sva_bind_device will directly goto out in multi-device
case when found existing domain, ignoring list_add handle,
which causes the handle to fail to be shared.

Fixes: 65d4418c50 ("iommu/sva: Restore SVA handle sharing")
Signed-off-by: Zhangfei Gao <zhangfei.gao@linaro.org>
Reviewed-by: Jason Gunthorpe <jgg@nvidia.com>
Reviewed-by: Lu Baolu <baolu.lu@linux.intel.com>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
Link: https://lore.kernel.org/r/20240227064821.128-1-zhangfei.gao@linaro.org
Signed-off-by: Joerg Roedel <jroedel@suse.de>
2024-03-01 13:53:58 +01:00
Michael Ellerman
380cb2f4df selftests/powerpc: Fix fpu_signal failures
My recent commit e5d00aaac6 ("selftests/powerpc: Check all FPRs in
fpu_preempt") inadvertently broke the fpu_signal test.

It needs to take into account that fpu_preempt now loads 32 FPRs, so
enlarge darray.

Also use the newly added randomise_darray() to properly randomise darray.

Finally the checking done in signal_fpu_sig() needs to skip checking
f30/f31, because they are used as scratch registers in check_all_fprs(),
called by preempt_fpu(), and so could hold other values when the signal
is taken.

Fixes: e5d00aaac6 ("selftests/powerpc: Check all FPRs in fpu_preempt")
Reported-by: Spoorthy <spoorthy@linux.ibm.com>
Depends-on: 2ba107f679 ("selftests/powerpc: Generate better bit patterns for FPU tests")
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Link: https://msgid.link/20240301101035.1230024-1-mpe@ellerman.id.au
2024-03-01 22:15:30 +11:00
Bartosz Golaszewski
ec5c54a9d3 gpio: fix resource unwinding order in error path
Hogs are added *after* ACPI so should be removed *before* in error path.

Fixes: a411e81e61 ("gpiolib: add hogs support for machine code")
Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@linaro.org>
Reviewed-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
2024-03-01 09:33:30 +01:00
Andy Shevchenko
e4aec4daa8 gpiolib: Fix the error path order in gpiochip_add_data_with_key()
After shuffling the code, error path wasn't updated correctly.
Fix it here.

Fixes: 2f4133bb5f ("gpiolib: No need to call gpiochip_remove_pin_ranges() twice")
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@linaro.org>
2024-03-01 08:36:53 +01:00
Arturas Moskvinas
530b1dbd97 gpio: 74x164: Enable output pins after registers are reset
Chip outputs are enabled[1] before actual reset is performed[2] which might
cause pin output value to flip flop if previous pin value was set to 1.
Fix that behavior by making sure chip is fully reset before all outputs are
enabled.

Flip-flop can be noticed when module is removed and inserted again and one of
the pins was changed to 1 before removal. 100 microsecond flipping is
noticeable on oscilloscope (100khz SPI bus).

For a properly reset chip - output is enabled around 100 microseconds (on 100khz
SPI bus) later during probing process hence should be irrelevant behavioral
change.

Fixes: 7ebc194d0f (gpio: 74x164: Introduce 'enable-gpios' property)
Link: https://elixir.bootlin.com/linux/v6.7.4/source/drivers/gpio/gpio-74x164.c#L130 [1]
Link: https://elixir.bootlin.com/linux/v6.7.4/source/drivers/gpio/gpio-74x164.c#L150 [2]
Signed-off-by: Arturas Moskvinas <arturas.moskvinas@gmail.com>
Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@linaro.org>
2024-03-01 08:23:08 +01:00
Sid Pranjale
f6ecfdad35 drm/nouveau: keep DMA buffers required for suspend/resume
Nouveau deallocates a few buffers post GPU init which are required for GPU suspend/resume to function correctly.
This is likely not as big an issue on systems where the NVGPU is the only GPU, but on multi-GPU set ups it leads to a regression where the kernel module errors and results in a system-wide rendering freeze.

This commit addresses that regression by moving the two buffers required for suspend and resume to be deallocated at driver unload instead of post init.

Fixes: 042b5f8384 ("drm/nouveau: fix several DMA buffer leaks")
Signed-off-by: Sid Pranjale <sidpranjale127@protonmail.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2024-03-01 15:27:04 +10:00
Dave Airlie
f7916c47f6 nouveau: report byte usage in VRAM usage.
Turns out usage is always in bytes not shifted.

Fixes: 72fa02fdf8 ("nouveau: add an ioctl to report vram usage")
Signed-off-by: Dave Airlie <airlied@redhat.com>
2024-03-01 15:26:28 +10:00
Dave Airlie
f060e461ea amd-drm-fixes-6.8-2024-02-29:
amdgpu:
 - Fix potential buffer overflow
 - Fix power min cap
 - Suspend/resume fix
 - SI PM fix
 - eDP fix
 -----BEGIN PGP SIGNATURE-----
 
 iHUEABYKAB0WIQQgO5Idg2tXNTSZAr293/aFa7yZ2AUCZeCgBAAKCRC93/aFa7yZ
 2JyZAPwOnMslVzIcIT9QH1IvROC1EitEAcDhQvL0mGCOPO9nBAEA3iLPrJc4RKvH
 bA0Sa+e5V0F2eC8OLPWMy/1X1p0lZA0=
 =R/MV
 -----END PGP SIGNATURE-----

Merge tag 'amd-drm-fixes-6.8-2024-02-29' of https://gitlab.freedesktop.org/agd5f/linux into drm-fixes

amd-drm-fixes-6.8-2024-02-29:

amdgpu:
- Fix potential buffer overflow
- Fix power min cap
- Suspend/resume fix
- SI PM fix
- eDP fix

Signed-off-by: Dave Airlie <airlied@redhat.com>

From: Alex Deucher <alexander.deucher@amd.com>
Link: https://patchwork.freedesktop.org/patch/msgid/20240229152424.6646-1-alexander.deucher@amd.com
2024-03-01 15:09:47 +10:00
Dave Airlie
bba679c06c Merge tag 'drm-msm-fixes-2024-02-28' of https://gitlab.freedesktop.org/drm/msm into drm-fixes
Fixes for v6.8-rc7

DP:
- Revert a change which was causing a HDP regression

Signed-off-by: Dave Airlie <airlied@redhat.com>
From: Rob Clark <robdclark@gmail.com>
Link: https://patchwork.freedesktop.org/patch/msgid/CAF6AEGvhWvHiPGQ1pRD2XPAQoHEM2M35kjhrsSAEtzh8AMSRvg@mail.gmail.com
2024-03-01 14:24:52 +10:00
Dave Airlie
aa5fe428d5 UAPI Changes:
- A couple of tracepoint updates from Priyanka and Lucas.
 - Make sure BINDs are completed before accepting UNBINDs on LR vms.
 - Don't arbitrarily restrict max number of batched binds.
 - Add uapi for dumpable bos (agreed on IRC).
 - Remove unused uapi flags and a leftover comment.
 
 Driver Changes:
 - A couple of fixes related to the execlist backend.
 -----BEGIN PGP SIGNATURE-----
 
 iHUEABYKAB0WIQRskUM7w1oG5rx2IZO4FpNVCsYGvwUCZeB/nAAKCRC4FpNVCsYG
 vwU8AQCD3be2p5O/SQ5btePtB1yFv3KgL1mGir7LTuvWj7VeegEAw0+7iZe+Uscp
 XUAWl6AQQyXWxHXd4BcBAa56exMljwo=
 =Y4LX
 -----END PGP SIGNATURE-----

Merge tag 'drm-xe-fixes-2024-02-29' of https://gitlab.freedesktop.org/drm/xe/kernel into drm-fixes

UAPI Changes:
- A couple of tracepoint updates from Priyanka and Lucas.
- Make sure BINDs are completed before accepting UNBINDs on LR vms.
- Don't arbitrarily restrict max number of batched binds.
- Add uapi for dumpable bos (agreed on IRC).
- Remove unused uapi flags and a leftover comment.

Driver Changes:
- A couple of fixes related to the execlist backend.

Signed-off-by: Dave Airlie <airlied@redhat.com>

From: Thomas Hellstrom <thomas.hellstrom@linux.intel.com>
Link: https://patchwork.freedesktop.org/patch/msgid/ZeCBg4MA2hd1oggN@fedora
2024-03-01 13:46:59 +10:00
Dave Airlie
45046af3d0 A reset fix for host1x, a resource leak fix and a probe fix for aux-hpd,
a use-after-free fix and a boot fix for a pmic_glink qcom driver in
 drivers/soc, a fix for the simpledrm/tegra transition, a kunit fix for
 the TTM tests, a font handling fix for fbcon, two allocation fixes and a
 kunit test to cover them for drm/buddy
 -----BEGIN PGP SIGNATURE-----
 
 iHUEABYKAB0WIQRcEzekXsqa64kGDp7j7w1vZxhRxQUCZeCIDAAKCRDj7w1vZxhR
 xSYQAP9KTXlKqw9p/jFw/MFqBxzvwmi4/M5iUReoajPo1uCeCAD/ZY71qqBKCnrx
 LiLHbQgvzWowxyq2A6fS28Ml7Vb5nQo=
 =FZcr
 -----END PGP SIGNATURE-----

Merge tag 'drm-misc-fixes-2024-02-29' of https://anongit.freedesktop.org/git/drm/drm-misc into drm-fixes

A reset fix for host1x, a resource leak fix and a probe fix for aux-hpd,
a use-after-free fix and a boot fix for a pmic_glink qcom driver in
drivers/soc, a fix for the simpledrm/tegra transition, a kunit fix for
the TTM tests, a font handling fix for fbcon, two allocation fixes and a
kunit test to cover them for drm/buddy

Signed-off-by: Dave Airlie <airlied@redhat.com>

From: Maxime Ripard <mripard@redhat.com>
Link: https://patchwork.freedesktop.org/patch/msgid/20240229-angelic-adorable-teal-fbfabb@houat
2024-03-01 13:13:06 +10:00
Masami Hiramatsu (Google)
6572786006 fprobe: Fix to allocate entry_data_size buffer with rethook instances
Fix to allocate fprobe::entry_data_size buffer with rethook instances.
If fprobe doesn't allocate entry_data_size buffer for each rethook instance,
fprobe entry handler can cause a buffer overrun when storing entry data in
entry handler.

Link: https://lore.kernel.org/all/170920576727.107552.638161246679734051.stgit@devnote2/

Reported-by: Jiri Olsa <olsajiri@gmail.com>
Closes: https://lore.kernel.org/all/Zd9eBn2FTQzYyg7L@krava/
Fixes: 4bbd934556 ("kprobes: kretprobe scalability improvement")
Cc: stable@vger.kernel.org
Tested-by: Jiri Olsa <olsajiri@gmail.com>
Signed-off-by: Masami Hiramatsu (Google) <mhiramat@kernel.org>
2024-03-01 09:18:24 +09:00
Filipe Manana
e2b54eaf28 btrfs: fix double free of anonymous device after snapshot creation failure
When creating a snapshot we may do a double free of an anonymous device
in case there's an error committing the transaction. The second free may
result in freeing an anonymous device number that was allocated by some
other subsystem in the kernel or another btrfs filesystem.

The steps that lead to this:

1) At ioctl.c:create_snapshot() we allocate an anonymous device number
   and assign it to pending_snapshot->anon_dev;

2) Then we call btrfs_commit_transaction() and end up at
   transaction.c:create_pending_snapshot();

3) There we call btrfs_get_new_fs_root() and pass it the anonymous device
   number stored in pending_snapshot->anon_dev;

4) btrfs_get_new_fs_root() frees that anonymous device number because
   btrfs_lookup_fs_root() returned a root - someone else did a lookup
   of the new root already, which could some task doing backref walking;

5) After that some error happens in the transaction commit path, and at
   ioctl.c:create_snapshot() we jump to the 'fail' label, and after
   that we free again the same anonymous device number, which in the
   meanwhile may have been reallocated somewhere else, because
   pending_snapshot->anon_dev still has the same value as in step 1.

Recently syzbot ran into this and reported the following trace:

  ------------[ cut here ]------------
  ida_free called for id=51 which is not allocated.
  WARNING: CPU: 1 PID: 31038 at lib/idr.c:525 ida_free+0x370/0x420 lib/idr.c:525
  Modules linked in:
  CPU: 1 PID: 31038 Comm: syz-executor.2 Not tainted 6.8.0-rc4-syzkaller-00410-gc02197fc9076 #0
  Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
  RIP: 0010:ida_free+0x370/0x420 lib/idr.c:525
  Code: 10 42 80 3c 28 (...)
  RSP: 0018:ffffc90015a67300 EFLAGS: 00010246
  RAX: be5130472f5dd000 RBX: 0000000000000033 RCX: 0000000000040000
  RDX: ffffc90009a7a000 RSI: 000000000003ffff RDI: 0000000000040000
  RBP: ffffc90015a673f0 R08: ffffffff81577992 R09: 1ffff92002b4cdb4
  R10: dffffc0000000000 R11: fffff52002b4cdb5 R12: 0000000000000246
  R13: dffffc0000000000 R14: ffffffff8e256b80 R15: 0000000000000246
  FS:  00007fca3f4b46c0(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
  CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
  CR2: 00007f167a17b978 CR3: 000000001ed26000 CR4: 0000000000350ef0
  Call Trace:
   <TASK>
   btrfs_get_root_ref+0xa48/0xaf0 fs/btrfs/disk-io.c:1346
   create_pending_snapshot+0xff2/0x2bc0 fs/btrfs/transaction.c:1837
   create_pending_snapshots+0x195/0x1d0 fs/btrfs/transaction.c:1931
   btrfs_commit_transaction+0xf1c/0x3740 fs/btrfs/transaction.c:2404
   create_snapshot+0x507/0x880 fs/btrfs/ioctl.c:848
   btrfs_mksubvol+0x5d0/0x750 fs/btrfs/ioctl.c:998
   btrfs_mksnapshot+0xb5/0xf0 fs/btrfs/ioctl.c:1044
   __btrfs_ioctl_snap_create+0x387/0x4b0 fs/btrfs/ioctl.c:1306
   btrfs_ioctl_snap_create_v2+0x1ca/0x400 fs/btrfs/ioctl.c:1393
   btrfs_ioctl+0xa74/0xd40
   vfs_ioctl fs/ioctl.c:51 [inline]
   __do_sys_ioctl fs/ioctl.c:871 [inline]
   __se_sys_ioctl+0xfe/0x170 fs/ioctl.c:857
   do_syscall_64+0xfb/0x240
   entry_SYSCALL_64_after_hwframe+0x6f/0x77
  RIP: 0033:0x7fca3e67dda9
  Code: 28 00 00 00 (...)
  RSP: 002b:00007fca3f4b40c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
  RAX: ffffffffffffffda RBX: 00007fca3e7abf80 RCX: 00007fca3e67dda9
  RDX: 00000000200005c0 RSI: 0000000050009417 RDI: 0000000000000003
  RBP: 00007fca3e6ca47a R08: 0000000000000000 R09: 0000000000000000
  R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
  R13: 000000000000000b R14: 00007fca3e7abf80 R15: 00007fff6bf95658
   </TASK>

Where we get an explicit message where we attempt to free an anonymous
device number that is not currently allocated. It happens in a different
code path from the example below, at btrfs_get_root_ref(), so this change
may not fix the case triggered by syzbot.

To fix at least the code path from the example above, change
btrfs_get_root_ref() and its callers to receive a dev_t pointer argument
for the anonymous device number, so that in case it frees the number, it
also resets it to 0, so that up in the call chain we don't attempt to do
the double free.

CC: stable@vger.kernel.org # 5.10+
Link: https://lore.kernel.org/linux-btrfs/000000000000f673a1061202f630@google.com/
Fixes: e03ee2fe87 ("btrfs: do not ASSERT() if the newly created subvolume already got read")
Signed-off-by: Filipe Manana <fdmanana@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2024-02-29 22:34:11 +01:00
Filipe Manana
418b090277 btrfs: ensure fiemap doesn't race with writes when FIEMAP_FLAG_SYNC is given
When FIEMAP_FLAG_SYNC is given to fiemap the expectation is that that
are no concurrent writes and we get a stable view of the inode's extent
layout.

When the flag is given we flush all IO (and wait for ordered extents to
complete) and then lock the inode in shared mode, however that leaves open
the possibility that a write might happen right after the flushing and
before locking the inode. So fix this by flushing again after locking the
inode - we leave the initial flushing before locking the inode to avoid
holding the lock and blocking other RO operations while waiting for IO
and ordered extents to complete. The second flushing while holding the
inode's lock will most of the time do nothing or very little since the
time window for new writes to have happened is small.

Reviewed-by: Josef Bacik <josef@toxicpanda.com>
Signed-off-by: Filipe Manana <fdmanana@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2024-02-29 22:34:07 +01:00
Filipe Manana
a1a4a9ca77 btrfs: fix race between ordered extent completion and fiemap
For fiemap we recently stopped locking the target extent range for the
whole duration of the fiemap call, in order to avoid a deadlock in a
scenario where the fiemap buffer happens to be a memory mapped range of
the same file. This use case is very unlikely to be useful in practice but
it may be triggered by fuzz testing (syzbot, etc).

However by not locking the target extent range for the whole duration of
the fiemap call we can race with an ordered extent. This happens like
this:

1) The fiemap task finishes processing a file extent item that covers
   the file range [512K, 1M[, and that file extent item is the last item
   in the leaf currently being processed;

2) And ordered extent for the file range [768K, 2M[, in COW mode,
   completes (btrfs_finish_one_ordered()) and the file extent item
   covering the range [512K, 1M[ is trimmed to cover the range
   [512K, 768K[ and then a new file extent item for the range [768K, 2M[
   is inserted in the inode's subvolume tree;

3) The fiemap task calls fiemap_next_leaf_item(), which then calls
   btrfs_next_leaf() to find the next leaf / item. This finds that the
   the next key following the one we previously processed (its type is
   BTRFS_EXTENT_DATA_KEY and its offset is 512K), is the key corresponding
   to the new file extent item inserted by the ordered extent, which has
   a type of BTRFS_EXTENT_DATA_KEY and an offset of 768K;

4) Later the fiemap code ends up at emit_fiemap_extent() and triggers
   the warning:

      if (cache->offset + cache->len > offset) {
               WARN_ON(1);
               return -EINVAL;
      }

   Since we get 1M > 768K, because the previously emitted entry for the
   old extent covering the file range [512K, 1M[ ends at an offset that
   is greater than the new extent's start offset (768K). This makes fiemap
   fail with -EINVAL besides triggering the warning that produces a stack
   trace like the following:

     [1621.677651] ------------[ cut here ]------------
     [1621.677656] WARNING: CPU: 1 PID: 204366 at fs/btrfs/extent_io.c:2492 emit_fiemap_extent+0x84/0x90 [btrfs]
     [1621.677899] Modules linked in: btrfs blake2b_generic (...)
     [1621.677951] CPU: 1 PID: 204366 Comm: pool Not tainted 6.8.0-rc5-btrfs-next-151+ #1
     [1621.677954] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-0-gea1b7a073390-prebuilt.qemu.org 04/01/2014
     [1621.677956] RIP: 0010:emit_fiemap_extent+0x84/0x90 [btrfs]
     [1621.678033] Code: 2b 4c 89 63 (...)
     [1621.678035] RSP: 0018:ffffab16089ffd20 EFLAGS: 00010206
     [1621.678037] RAX: 00000000004fa000 RBX: ffffab16089ffe08 RCX: 0000000000009000
     [1621.678039] RDX: 00000000004f9000 RSI: 00000000004f1000 RDI: ffffab16089ffe90
     [1621.678040] RBP: 00000000004f9000 R08: 0000000000001000 R09: 0000000000000000
     [1621.678041] R10: 0000000000000000 R11: 0000000000001000 R12: 0000000041d78000
     [1621.678043] R13: 0000000000001000 R14: 0000000000000000 R15: ffff9434f0b17850
     [1621.678044] FS:  00007fa6e20006c0(0000) GS:ffff943bdfa40000(0000) knlGS:0000000000000000
     [1621.678046] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
     [1621.678048] CR2: 00007fa6b0801000 CR3: 000000012d404002 CR4: 0000000000370ef0
     [1621.678053] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
     [1621.678055] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
     [1621.678056] Call Trace:
     [1621.678074]  <TASK>
     [1621.678076]  ? __warn+0x80/0x130
     [1621.678082]  ? emit_fiemap_extent+0x84/0x90 [btrfs]
     [1621.678159]  ? report_bug+0x1f4/0x200
     [1621.678164]  ? handle_bug+0x42/0x70
     [1621.678167]  ? exc_invalid_op+0x14/0x70
     [1621.678170]  ? asm_exc_invalid_op+0x16/0x20
     [1621.678178]  ? emit_fiemap_extent+0x84/0x90 [btrfs]
     [1621.678253]  extent_fiemap+0x766/0xa30 [btrfs]
     [1621.678339]  btrfs_fiemap+0x45/0x80 [btrfs]
     [1621.678420]  do_vfs_ioctl+0x1e4/0x870
     [1621.678431]  __x64_sys_ioctl+0x6a/0xc0
     [1621.678434]  do_syscall_64+0x52/0x120
     [1621.678445]  entry_SYSCALL_64_after_hwframe+0x6e/0x76

There's also another case where before calling btrfs_next_leaf() we are
processing a hole or a prealloc extent and we had several delalloc ranges
within that hole or prealloc extent. In that case if the ordered extents
complete before we find the next key, we may end up finding an extent item
with an offset smaller than (or equals to) the offset in cache->offset.

So fix this by changing emit_fiemap_extent() to address these three
scenarios like this:

1) For the first case, steps listed above, adjust the length of the
   previously cached extent so that it does not overlap with the current
   extent, emit the previous one and cache the current file extent item;

2) For the second case where he had a hole or prealloc extent with
   multiple delalloc ranges inside the hole or prealloc extent's range,
   and the current file extent item has an offset that matches the offset
   in the fiemap cache, just discard what we have in the fiemap cache and
   assign the current file extent item to the cache, since it's more up
   to date;

3) For the third case where he had a hole or prealloc extent with
   multiple delalloc ranges inside the hole or prealloc extent's range
   and the offset of the file extent item we just found is smaller than
   what we have in the cache, just skip the current file extent item
   if its range end at or behind the cached extent's end, because we may
   have emitted (to the fiemap user space buffer) delalloc ranges that
   overlap with the current file extent item's range. If the file extent
   item's range goes beyond the end offset of the cached extent, just
   emit the cached extent and cache a subrange of the file extent item,
   that goes from the end offset of the cached extent to the end offset
   of the file extent item.

Dealing with those cases in those ways makes everything consistent by
reflecting the current state of file extent items in the btree and
without emitting extents that have overlapping ranges (which would be
confusing and violating expectations).

This issue could be triggered often with test case generic/561, and was
also hit and reported by Wang Yugui.

Reported-by: Wang Yugui <wangyugui@e16-tech.com>
Link: https://lore.kernel.org/linux-btrfs/20240223104619.701F.409509F4@e16-tech.com/
Fixes: b0ad381fa7 ("btrfs: fix deadlock with fiemap and extent locking")
Reviewed-by: Josef Bacik <josef@toxicpanda.com>
Signed-off-by: Filipe Manana <fdmanana@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
2024-02-29 22:34:04 +01:00
Linus Torvalds
87adedeba5 Including fixes from bluetooth, WiFi and netfilter.
We have one outstanding issue with the stmmac driver, which may
 be a LOCKDEP false positive, not a blocker.
 
 Current release - regressions:
 
  - netfilter: nf_tables: re-allow NFPROTO_INET in
    nft_(match/target)_validate()
 
  - eth: ionic: fix error handling in PCI reset code
 
 Current release - new code bugs:
 
  - eth: stmmac: complete meta data only when enabled, fix null-deref
 
  - kunit: fix again checksum tests on big endian CPUs
 
 Previous releases - regressions:
 
  - veth: try harder when allocating queue memory
 
  - Bluetooth:
    - hci_bcm4377: do not mark valid bd_addr as invalid
    - hci_event: fix handling of HCI_EV_IO_CAPA_REQUEST
 
 Previous releases - always broken:
 
  - info leak in __skb_datagram_iter() on netlink socket
 
  - mptcp:
    - map v4 address to v6 when destroying subflow
    - fix potential wake-up event loss due to sndbuf auto-tuning
    - fix double-free on socket dismantle
 
  - wifi: nl80211: reject iftype change with mesh ID change
 
  - fix small out-of-bound read when validating netlink be16/32 types
 
  - rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back
 
  - ipv6: fix potential "struct net" ref-leak in inet6_rtm_getaddr()
 
  - ip_tunnel: prevent perpetual headroom growth with huge number of
    tunnels on top of each other
 
  - mctp: fix skb leaks on error paths of mctp_local_output()
 
  - eth: ice: fixes for DPLL state reporting
 
  - dpll: rely on rcu for netdev_dpll_pin() to prevent UaF
 
  - eth: dpaa: accept phy-interface-type = "10gbase-r" in the device tree
 
 Signed-off-by: Jakub Kicinski <kuba@kernel.org>
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEE6jPA+I1ugmIBA4hXMUZtbf5SIrsFAmXg6ioACgkQMUZtbf5S
 IrupHQ/+Jt9OK8AYiUUBpeE0E0pb4yHS4KuiGWChx2YECJCeeeU6Ko4gaPI6+Nyv
 mMh/3sVsLnX7w4OXp2HddMMiFGbd1ufIptS0T/EMhHbbg1h7Qr1jhpu8aM8pb9jM
 5DwjfTZijDaW84Oe+Kk9BOonxR6A+Df27O3PSEUtLk4JCy5nwEwUr9iCxgCla499
 3aLu5eWRw8PTSsJec4BK6hfCKWiA/6oBHS1pQPwYvWuBWFZe8neYHtvt3LUwo1HR
 DwN9gtMiGBzYSSQmk8V1diGIokn80G5Krdq4gXbhsLxIU0oEJA7ltGpqasxy/OCs
 KGLHcU5wCd3j42gZOzvBzzzj8RQyd2ZekyvCu7B5Rgy3fx6JWI1jLalsQ/tT9yQg
 VJgFM2AZBb1EEAw/P2DkVQ8Km8ZuVlGtzUoldvIY1deP1/LZFWc0PftA6ndT7Ldl
 wQwKPQtJ5DMzqEe3mwSjFkL+AiSmcCHCkpnGBIi4c7Ek2/GgT1HeUMwJPh0mBftz
 smlLch3jMH2YKk7AmH7l9o/Q9ypgvl+8FA+icLaX0IjtSbzz5Q7gNyhgE0w1Hdb2
 79q6SE3ETLG/dn75XMA1C0Wowrr60WKHwagMPUl57u9bchfUT8Ler/4Sd9DWn8Vl
 55YnGPWMLCkxgpk+DHXYOWjOBRszCkXrAA71NclMnbZ5cQ86JYY=
 =T2ty
 -----END PGP SIGNATURE-----

Merge tag 'net-6.8-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

Pull networking fixes from Jakub Kicinski:
 "Including fixes from bluetooth, WiFi and netfilter.

  We have one outstanding issue with the stmmac driver, which may be a
  LOCKDEP false positive, not a blocker.

  Current release - regressions:

   - netfilter: nf_tables: re-allow NFPROTO_INET in
     nft_(match/target)_validate()

   - eth: ionic: fix error handling in PCI reset code

  Current release - new code bugs:

   - eth: stmmac: complete meta data only when enabled, fix null-deref

   - kunit: fix again checksum tests on big endian CPUs

  Previous releases - regressions:

   - veth: try harder when allocating queue memory

   - Bluetooth:
      - hci_bcm4377: do not mark valid bd_addr as invalid
      - hci_event: fix handling of HCI_EV_IO_CAPA_REQUEST

  Previous releases - always broken:

   - info leak in __skb_datagram_iter() on netlink socket

   - mptcp:
      - map v4 address to v6 when destroying subflow
      - fix potential wake-up event loss due to sndbuf auto-tuning
      - fix double-free on socket dismantle

   - wifi: nl80211: reject iftype change with mesh ID change

   - fix small out-of-bound read when validating netlink be16/32 types

   - rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back

   - ipv6: fix potential "struct net" ref-leak in inet6_rtm_getaddr()

   - ip_tunnel: prevent perpetual headroom growth with huge number of
     tunnels on top of each other

   - mctp: fix skb leaks on error paths of mctp_local_output()

   - eth: ice: fixes for DPLL state reporting

   - dpll: rely on rcu for netdev_dpll_pin() to prevent UaF

   - eth: dpaa: accept phy-interface-type = '10gbase-r' in the device
     tree"

* tag 'net-6.8-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (73 commits)
  dpll: fix build failure due to rcu_dereference_check() on unknown type
  kunit: Fix again checksum tests on big endian CPUs
  tls: fix use-after-free on failed backlog decryption
  tls: separate no-async decryption request handling from async
  tls: fix peeking with sync+async decryption
  tls: decrement decrypt_pending if no async completion will be called
  gtp: fix use-after-free and null-ptr-deref in gtp_newlink()
  net: hsr: Use correct offset for HSR TLV values in supervisory HSR frames
  igb: extend PTP timestamp adjustments to i211
  rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back
  tools: ynl: fix handling of multiple mcast groups
  selftests: netfilter: add bridge conntrack + multicast test case
  netfilter: bridge: confirm multicast packets before passing them up the stack
  netfilter: nf_tables: allow NFPROTO_INET in nft_(match/target)_validate()
  Bluetooth: qca: Fix triggering coredump implementation
  Bluetooth: hci_qca: Set BDA quirk bit if fwnode exists in DT
  Bluetooth: qca: Fix wrong event type for patch config command
  Bluetooth: Enforce validation on max value of connection interval
  Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST
  Bluetooth: mgmt: Fix limited discoverable off timeout
  ...
2024-02-29 12:40:20 -08:00
Linus Torvalds
d4f76f8065 Landlock fix for v6.8-rc7
-----BEGIN PGP SIGNATURE-----
 
 iIYEABYKAC4WIQSVyBthFV4iTW/VU1/l49DojIL20gUCZeDFdxAcbWljQGRpZ2lr
 b2QubmV0AAoJEOXj0OiMgvbSnwUA/0w0hCpUVMxKI66HmzE0tgcgWje3aLfGpoYc
 vLFIL39YAQDRJ/2HDUCLoFwKKn537nnhRAP58brZYnwwT1YQT+/VAA==
 =PNsP
 -----END PGP SIGNATURE-----

Merge tag 'landlock-6.8-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/mic/linux

Pull Landlock fix from Mickaël Salaün:
 "Fix a potential issue when handling inodes with inconsistent
  properties"

* tag 'landlock-6.8-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/mic/linux:
  landlock: Fix asymmetric private inodes referring
2024-02-29 12:29:23 -08:00
Dimitris Vlachos
a11dd49dcb
riscv: Sparse-Memory/vmemmap out-of-bounds fix
Offset vmemmap so that the first page of vmemmap will be mapped
to the first page of physical memory in order to ensure that
vmemmap’s bounds will be respected during
pfn_to_page()/page_to_pfn() operations.
The conversion macros will produce correct SV39/48/57 addresses
for every possible/valid DRAM_BASE inside the physical memory limits.

v2:Address Alex's comments

Suggested-by: Alexandre Ghiti <alexghiti@rivosinc.com>
Signed-off-by: Dimitris Vlachos <dvlachos@ics.forth.gr>
Reported-by: Dimitris Vlachos <dvlachos@ics.forth.gr>
Closes: https://lore.kernel.org/linux-riscv/20240202135030.42265-1-csd4492@csd.uoc.gr
Fixes: d95f1a542c ("RISC-V: Implement sparsemem")
Reviewed-by: Alexandre Ghiti <alexghiti@rivosinc.com>
Link: https://lore.kernel.org/r/20240229191723.32779-1-dvlachos@ics.forth.gr
Signed-off-by: Palmer Dabbelt <palmer@rivosinc.com>
2024-02-29 12:24:31 -08:00
Eric Dumazet
640f41ed33 dpll: fix build failure due to rcu_dereference_check() on unknown type
Tasmiya reports that their compiler complains that we deref
a pointer to unknown type with rcu_dereference_rtnl():

include/linux/rcupdate.h:439:9: error: dereferencing pointer to incomplete type ‘struct dpll_pin’

Unclear what compiler it is, at the moment, and we can't report
but since DPLL can't be a module - move the code from the header
into the source file.

Fixes: 0d60d8df6f ("dpll: rely on rcu for netdev_dpll_pin()")
Reported-by: Tasmiya Nalatwad <tasmiya@linux.vnet.ibm.com>
Link: https://lore.kernel.org/all/3fcf3a2c-1c1b-42c1-bacb-78fdcd700389@linux.vnet.ibm.com/
Signed-off-by: Eric Dumazet <edumazet@google.com>
Link: https://lore.kernel.org/r/20240229190515.2740221-1-kuba@kernel.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2024-02-29 12:18:37 -08:00
Palmer Dabbelt
2b8acd7154
Merge patch series "NAPOT Fixes"
Alexandre Ghiti <alexghiti@rivosinc.com> says:

This contains 2 fixes for NAPOT: patch 1 disables the use of NAPOT
mapping for vmalloc/vmap and patch 2 implements pte_leaf_size() to
report NAPOT size.

* b4-shazam-merge:
  riscv: Fix pte_leaf_size() for NAPOT
  Revert "riscv: mm: support Svnapot in huge vmap"

Link: https://lore.kernel.org/r/20240227205016.121901-1-alexghiti@rivosinc.com
Signed-off-by: Palmer Dabbelt <palmer@rivosinc.com>
2024-02-29 10:21:25 -08:00
Alexandre Ghiti
e0fe5ab419
riscv: Fix pte_leaf_size() for NAPOT
pte_leaf_size() must be reimplemented to add support for NAPOT mappings.

Fixes: 82a1a1f3bf ("riscv: mm: support Svnapot in hugetlb page")
Signed-off-by: Alexandre Ghiti <alexghiti@rivosinc.com>
Link: https://lore.kernel.org/r/20240227205016.121901-3-alexghiti@rivosinc.com
Signed-off-by: Palmer Dabbelt <palmer@rivosinc.com>
2024-02-29 10:21:23 -08:00
Alexandre Ghiti
16ab4646c9
Revert "riscv: mm: support Svnapot in huge vmap"
This reverts commit ce173474cf.

We cannot correctly deal with NAPOT mappings in vmalloc/vmap because if
some part of a NAPOT mapping is unmapped, the remaining mapping is not
updated accordingly. For example:

ptr = vmalloc_huge(64 * 1024, GFP_KERNEL);
vunmap_range((unsigned long)(ptr + PAGE_SIZE),
	     (unsigned long)(ptr + 64 * 1024));

leads to the following kernel page table dump:

0xffff8f8000ef0000-0xffff8f8000ef1000    0x00000001033c0000         4K PTE N   ..     ..   D A G . . W R V

Meaning the first entry which was not unmapped still has the N bit set,
which, if accessed first and cached in the TLB, could allow access to the
unmapped range.

That's because the logic to break the NAPOT mapping does not exist and
likely won't. Indeed, to break a NAPOT mapping, we first have to clear
the whole mapping, flush the TLB and then set the new mapping ("break-
before-make" equivalent). That works fine in userspace since we can handle
any pagefault occurring on the remaining mapping but we can't handle a kernel
pagefault on such mapping.

So fix this by reverting the commit that introduced the vmap/vmalloc
support.

Fixes: ce173474cf ("riscv: mm: support Svnapot in huge vmap")
Signed-off-by: Alexandre Ghiti <alexghiti@rivosinc.com>
Link: https://lore.kernel.org/r/20240227205016.121901-2-alexghiti@rivosinc.com
Signed-off-by: Palmer Dabbelt <palmer@rivosinc.com>
2024-02-29 10:21:22 -08:00