d129377639
1310060 Commits
Author | SHA1 | Message | Date | |
---|---|---|---|---|
Linus Torvalds
|
d129377639 |
ARM64:
* Fix the guest view of the ID registers, making the relevant fields writable from userspace (affecting ID_AA64DFR0_EL1 and ID_AA64PFR1_EL1) * Correcly expose S1PIE to guests, fixing a regression introduced in 6.12-rc1 with the S1POE support * Fix the recycling of stage-2 shadow MMUs by tracking the context (are we allowed to block or not) as well as the recycling state * Address a couple of issues with the vgic when userspace misconfigures the emulation, resulting in various splats. Headaches courtesy of our Syzkaller friends * Stop wasting space in the HYP idmap, as we are dangerously close to the 4kB limit, and this has already exploded in -next * Fix another race in vgic_init() * Fix a UBSAN error when faking the cache topology with MTE enabled RISCV: * RISCV: KVM: use raw_spinlock for critical section in imsic x86: * A bandaid for lack of XCR0 setup in selftests, which causes trouble if the compiler is configured to have x86-64-v3 (with AVX) as the default ISA. Proper XCR0 setup will come in the next merge window. * Fix an issue where KVM would not ignore low bits of the nested CR3 and potentially leak up to 31 bytes out of the guest memory's bounds * Fix case in which an out-of-date cached value for the segments could by returned by KVM_GET_SREGS. * More cleanups for KVM_X86_QUIRK_SLOT_ZAP_ALL * Override MTRR state for KVM confidential guests, making it WB by default as is already the case for Hyper-V guests. Generic: * Remove a couple of unused functions -----BEGIN PGP SIGNATURE----- iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmcVK54UHHBib256aW5p QHJlZGhhdC5jb20ACgkQv/vSX3jHroOfrgf7BRyihd28OGaqVuv2BqGYrxqfOkd6 ZqpJDOy+X7UE3iG5NhTxw4mghCJFhOwIL7gDSZwPLe6D2k01oqPSP2pLMqXb5oOv /EkltRvzG0YIH3sjZY5PROrMMxnvSKkJKxETFxFQQzMKRym2v/T5LAzrium58YIT vWZXxo2HTPXOw/U5upAqqMYJMeeJEL3kurVHtOsPytUFjrIOl0BfeKvgjOwonDIh Awm4JZwk0+1d8sYfkuzsSrTQmtshDCx1jkFN1juirt90s1EwgmOvVKiHo3gMsVP9 veDRoLTx2fM/r7TrhoHo46DTA2vbfmCltWcT0cn5x8P24BFGXXe/IDJIHA== =IVlI -----END PGP SIGNATURE----- Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm Pull kvm fixes from Paolo Bonzini: "ARM64: - Fix the guest view of the ID registers, making the relevant fields writable from userspace (affecting ID_AA64DFR0_EL1 and ID_AA64PFR1_EL1) - Correcly expose S1PIE to guests, fixing a regression introduced in 6.12-rc1 with the S1POE support - Fix the recycling of stage-2 shadow MMUs by tracking the context (are we allowed to block or not) as well as the recycling state - Address a couple of issues with the vgic when userspace misconfigures the emulation, resulting in various splats. Headaches courtesy of our Syzkaller friends - Stop wasting space in the HYP idmap, as we are dangerously close to the 4kB limit, and this has already exploded in -next - Fix another race in vgic_init() - Fix a UBSAN error when faking the cache topology with MTE enabled RISCV: - RISCV: KVM: use raw_spinlock for critical section in imsic x86: - A bandaid for lack of XCR0 setup in selftests, which causes trouble if the compiler is configured to have x86-64-v3 (with AVX) as the default ISA. Proper XCR0 setup will come in the next merge window. - Fix an issue where KVM would not ignore low bits of the nested CR3 and potentially leak up to 31 bytes out of the guest memory's bounds - Fix case in which an out-of-date cached value for the segments could by returned by KVM_GET_SREGS. - More cleanups for KVM_X86_QUIRK_SLOT_ZAP_ALL - Override MTRR state for KVM confidential guests, making it WB by default as is already the case for Hyper-V guests. Generic: - Remove a couple of unused functions" * tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm: (27 commits) RISCV: KVM: use raw_spinlock for critical section in imsic KVM: selftests: Fix out-of-bounds reads in CPUID test's array lookups KVM: selftests: x86: Avoid using SSE/AVX instructions KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory KVM: VMX: reset the segment cache after segment init in vmx_vcpu_reset() KVM: x86: Clean up documentation for KVM_X86_QUIRK_SLOT_ZAP_ALL KVM: x86/mmu: Add lockdep assert to enforce safe usage of kvm_unmap_gfn_range() KVM: x86/mmu: Zap only SPs that shadow gPTEs when deleting memslot x86/kvm: Override default caching mode for SEV-SNP and TDX KVM: Remove unused kvm_vcpu_gfn_to_pfn_atomic KVM: Remove unused kvm_vcpu_gfn_to_pfn KVM: arm64: Ensure vgic_ready() is ordered against MMIO registration KVM: arm64: vgic: Don't check for vgic_ready() when setting NR_IRQS KVM: arm64: Fix shift-out-of-bounds bug KVM: arm64: Shave a few bytes from the EL2 idmap code KVM: arm64: Don't eagerly teardown the vgic on init error KVM: arm64: Expose S1PIE to guests KVM: arm64: nv: Clarify safety of allowing TLBI unmaps to reschedule KVM: arm64: nv: Punt stage-2 recycling to a vCPU request KVM: arm64: nv: Do not block when unmapping stage-2 if disallowed ... |
||
Linus Torvalds
|
c1bc09d7bf |
Probes fixes for v6.12-rc4:
- uprobe: avoid out-of-bounds memory access of fetching args Uprobe trace events can cause out-of-bounds memory access when fetching user-space data which is bigger than one page, because it does not check the local CPU buffer size when reading the data. This checks the read data size and cut it down to the local CPU buffer size. -----BEGIN PGP SIGNATURE----- iQFPBAABCgA5FiEEh7BulGwFlgAOi5DV2/sHvwUrPxsFAmcWarUbHG1hc2FtaS5o aXJhbWF0c3VAZ21haWwuY29tAAoJENv7B78FKz8b3R4H/j1k6K4hYlDqiVyEaAgl u1b6cJncJShKdhE3laxDDvBv6oLrAypJbxiWv6obuBLpM1VTtjAFFQB84FoJae2w 3y7UPeVrIHDnxlSDGDW3jwSh8FYaFKgLMr1pLRKw6R1ED4ZhkbEIVJ6G1qFaMrYn FCMF7ZX1E7MW2FuUI3L+vaaKop8FLZUKyW1gRDfw+IPy/UTgUJLRohMbxixdprPe W+14GHPvf/lh2MiWzVjvzaBRRiUX8OW7nA4UvvCcHQXVmzx0GmPpPuiVHC7YyhTU 6FiVFKjMsv2jbzyREP4QYPF1n16Us0WZ0ZmGLfrSHyasr7ihj1m//YWCpFxCqzLb /Js= =VBeG -----END PGP SIGNATURE----- Merge tag 'probes-fixes-v6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace Pull uprobe fix from Masami Hiramatsu: - uprobe: avoid out-of-bounds memory access of fetching args Uprobe trace events can cause out-of-bounds memory access when fetching user-space data which is bigger than one page, because it does not check the local CPU buffer size when reading the data. This checks the read data size and cut it down to the local CPU buffer size. * tag 'probes-fixes-v6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace: uprobe: avoid out-of-bounds memory access of fetching args |
||
Linus Torvalds
|
7166c32651 |
vfs-6.12-rc5.fixes
-----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQRAhzRXHqcMeLMyaSiRxhvAZXjcogUCZxY6XAAKCRCRxhvAZXjc opmUAQCu4KhzBBdZmFw3AfZFNJvYb1onT4FiU0pnyGgfvzEdEwD6AlnlgQ7DL3ZN WBqBzUl+DpGYJfzhkqoEGH89Fagx7QM= =mm68 -----END PGP SIGNATURE----- Merge tag 'vfs-6.12-rc5.fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs Pull vfs fixes from Christian Brauner: "afs: - Fix a lock recursion in afs_wake_up_async_call() on ->notify_lock netfs: - Drop the references to a folio immediately after the folio has been extracted to prevent races with future I/O collection - Fix a documenation build error - Downgrade the i_rwsem for buffered writes to fix a cifs reported performance regression when switching to netfslib vfs: - Explicitly return -E2BIG from openat2() if the specified size is unexpectedly large. This aligns openat2() with other extensible struct based system calls - When copying a mount namespace ensure that we only try to remove the new copy from the mount namespace rbtree if it has already been added to it nilfs: - Clear the buffer delay flag when clearing the buffer state clags when a buffer head is discarded to prevent a kernel OOPs ocfs2: - Fix an unitialized value warning in ocfs2_setattr() proc: - Fix a kernel doc warning" * tag 'vfs-6.12-rc5.fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs: proc: Fix W=1 build kernel-doc warning afs: Fix lock recursion fs: Fix uninitialized value issue in from_kuid and from_kgid fs: don't try and remove empty rbtree node netfs: Downgrade i_rwsem for a buffered write nilfs2: fix kernel bug due to missing clearing of buffer delay flag openat2: explicitly return -E2BIG for (usize > PAGE_SIZE) netfs: fix documentation build error netfs: In readahead, put the folio refs as soon extracted |
||
Linus Torvalds
|
a777c32ca4 |
This push fixes a regression in mpi that broke RSA.
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEn51F/lCuNhUwmDeSxycdCkmxi6cFAmcSJQYACgkQxycdCkmx i6ejoBAAhK/3bk9jmxMOnVvednjrjVMqg+17daXHKbHT6eMcOwXsgr4ZWrkc5syV tQBRipdSfLhwf4aTNOzgyg3GIVVQkLZuRKDanntVdyYs65YKKUP/BiUshMAJ4DbW nkPe+LBdl0EvIWexrSKy5cyB2Yt+5MknK+mUMHyAeRjgVHNCEBMbMo/4KHGDW6fL Cn8rBATD1LCBODkxFC83pHe5M/TsxM08hL8xQxPJZm9SvNiBa7+xaS/oSApyIs8x L0RmYdlXlRGQcok5/ZCFc66QEOw2lIOwIc6sTmbT+eKFtvztkZ+ErhAuubgk5UKa TaB0qrBIpsQs2O7gFq4OU7BkG4QAlFt37MqBuf21b5Zh605s/ORDWEQobcokXpBY SmxOBxBhhLcRgb1cjUQn44/M8vrRXL0+IZiuOWkb+vcNln32bCH+BeiW6traNdL3 s3uVRF28Pd76xB4eAuT4eqiSOuCI/FyB7+hJmkOcpKC1eQUq2whrFLfru3iGItn8 bJWJQjPaysI8QXoky6miMjaeBWWOHuBWgYb2BzzHRsAdxK2oXUN/Q3BOJq1wONtP YaRzqu5vBvPk+0F/SOIl1MBp1nt62T8WRcDyIAhDsgmnuWASAKzo9Smzzo0gJr8q bB9iHTHN6yR9J3+zPyOqPY99zkaABSrQU9StFqEjN8icndG5Tfo= =MHMX -----END PGP SIGNATURE----- Merge tag 'v6.12-p4' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 Pull crypto fix from Herbert Xu: "Fix a regression in mpi that broke RSA" * tag 'v6.12-p4' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: crypto: lib/mpi - Fix an "Uninitialized scalar variable" issue |
||
Qiao Ma
|
373b9338c9 |
uprobe: avoid out-of-bounds memory access of fetching args
Uprobe needs to fetch args into a percpu buffer, and then copy to ring
buffer to avoid non-atomic context problem.
Sometimes user-space strings, arrays can be very large, but the size of
percpu buffer is only page size. And store_trace_args() won't check
whether these data exceeds a single page or not, caused out-of-bounds
memory access.
It could be reproduced by following steps:
1. build kernel with CONFIG_KASAN enabled
2. save follow program as test.c
```
\#include <stdio.h>
\#include <stdlib.h>
\#include <string.h>
// If string length large than MAX_STRING_SIZE, the fetch_store_strlen()
// will return 0, cause __get_data_size() return shorter size, and
// store_trace_args() will not trigger out-of-bounds access.
// So make string length less than 4096.
\#define STRLEN 4093
void generate_string(char *str, int n)
{
int i;
for (i = 0; i < n; ++i)
{
char c = i % 26 + 'a';
str[i] = c;
}
str[n-1] = '\0';
}
void print_string(char *str)
{
printf("%s\n", str);
}
int main()
{
char tmp[STRLEN];
generate_string(tmp, STRLEN);
print_string(tmp);
return 0;
}
```
3. compile program
`gcc -o test test.c`
4. get the offset of `print_string()`
```
objdump -t test | grep -w print_string
0000000000401199 g F .text 000000000000001b print_string
```
5. configure uprobe with offset 0x1199
```
off=0x1199
cd /sys/kernel/debug/tracing/
echo "p /root/test:${off} arg1=+0(%di):ustring arg2=\$comm arg3=+0(%di):ustring"
> uprobe_events
echo 1 > events/uprobes/enable
echo 1 > tracing_on
```
6. run `test`, and kasan will report error.
==================================================================
BUG: KASAN: use-after-free in strncpy_from_user+0x1d6/0x1f0
Write of size 8 at addr ffff88812311c004 by task test/499CPU: 0 UID: 0 PID: 499 Comm: test Not tainted 6.12.0-rc3+ #18
Hardware name: Red Hat KVM, BIOS 1.16.0-4.al8 04/01/2014
Call Trace:
<TASK>
dump_stack_lvl+0x55/0x70
print_address_description.constprop.0+0x27/0x310
kasan_report+0x10f/0x120
? strncpy_from_user+0x1d6/0x1f0
strncpy_from_user+0x1d6/0x1f0
? rmqueue.constprop.0+0x70d/0x2ad0
process_fetch_insn+0xb26/0x1470
? __pfx_process_fetch_insn+0x10/0x10
? _raw_spin_lock+0x85/0xe0
? __pfx__raw_spin_lock+0x10/0x10
? __pte_offset_map+0x1f/0x2d0
? unwind_next_frame+0xc5f/0x1f80
? arch_stack_walk+0x68/0xf0
? is_bpf_text_address+0x23/0x30
? kernel_text_address.part.0+0xbb/0xd0
? __kernel_text_address+0x66/0xb0
? unwind_get_return_address+0x5e/0xa0
? __pfx_stack_trace_consume_entry+0x10/0x10
? arch_stack_walk+0xa2/0xf0
? _raw_spin_lock_irqsave+0x8b/0xf0
? __pfx__raw_spin_lock_irqsave+0x10/0x10
? depot_alloc_stack+0x4c/0x1f0
? _raw_spin_unlock_irqrestore+0xe/0x30
? stack_depot_save_flags+0x35d/0x4f0
? kasan_save_stack+0x34/0x50
? kasan_save_stack+0x24/0x50
? mutex_lock+0x91/0xe0
? __pfx_mutex_lock+0x10/0x10
prepare_uprobe_buffer.part.0+0x2cd/0x500
uprobe_dispatcher+0x2c3/0x6a0
? __pfx_uprobe_dispatcher+0x10/0x10
? __kasan_slab_alloc+0x4d/0x90
handler_chain+0xdd/0x3e0
handle_swbp+0x26e/0x3d0
? __pfx_handle_swbp+0x10/0x10
? uprobe_pre_sstep_notifier+0x151/0x1b0
irqentry_exit_to_user_mode+0xe2/0x1b0
asm_exc_int3+0x39/0x40
RIP: 0033:0x401199
Code: 01 c2 0f b6 45 fb 88 02 83 45 fc 01 8b 45 fc 3b 45 e4 7c b7 8b 45 e4 48 98 48 8d 50 ff 48 8b 45 e8 48 01 d0 ce
RSP: 002b:00007ffdf00576a8 EFLAGS: 00000206
RAX: 00007ffdf00576b0 RBX: 0000000000000000 RCX: 0000000000000ff2
RDX: 0000000000000ffc RSI: 0000000000000ffd RDI: 00007ffdf00576b0
RBP: 00007ffdf00586b0 R08: 00007feb2f9c0d20 R09: 00007feb2f9c0d20
R10: 0000000000000001 R11: 0000000000000202 R12: 0000000000401040
R13: 00007ffdf0058780 R14: 0000000000000000 R15: 0000000000000000
</TASK>
This commit enforces the buffer's maxlen less than a page-size to avoid
store_trace_args() out-of-memory access.
Link: https://lore.kernel.org/all/20241015060148.1108331-1-mqaio@linux.alibaba.com/
Fixes:
|
||
Linus Torvalds
|
42f7652d3e | Linux 6.12-rc4 | ||
Linus Torvalds
|
d7f513ae7b |
bluetooth pull request for net:
- ISO: Fix multiple init when debugfs is disabled - Call iso_exit() on module unload - Remove debugfs directory on module init failure - btusb: Fix not being able to reconnect after suspend - btusb: Fix regression with fake CSR controllers 0a12:0001 - bnep: fix wild-memory-access in proto_unregister -----BEGIN PGP SIGNATURE----- iQJNBAABCAA3FiEE7E6oRXp8w05ovYr/9JCA4xAyCykFAmcQJGUZHGx1aXoudm9u LmRlbnR6QGludGVsLmNvbQAKCRD0kIDjEDILKeWiD/9WIrQRp7K10hc7Q9vjyex+ DA+yv3EaFbqk//BIXOAg3En+HjhrDeaIkrt0L3m5D+/Y5K/oGQeO0ffOu4aF3So2 D4Q8ZDQHXJ7pxG2hVMHbBBUikiKbt8HATMdQDutJnDtIpxxtB8ugTMm/pRG57Nq8 QjWdy5h2aYm5NwPuu/ErY26UpCljMoOrKAMiWQ539AkxQJGVN4hp4l6mVrZdnjc5 MmL1+S1r/S3PBxP5Mw3VX58c7J1Ki28d80BF+1C4qDGjKXdLoqYpCy2CRyiqlFSo 9yU37Uh1AeobbWGC8/7dIKN3PoXe1UQRhF56EdWAeTbz+yr0c8sRYsOs9SGEyWlj +PWFkpXF8Dpxs96BHf0iLy4XxtByJsdmGaUSSmdktUK1WWEOa8I51xtR0xVswOqr BXZ9ATNDZjed5DFItwyj3YYoh0L7Bid594ZuAbxHRUCOnaFNR3DZbNVe2+uZfo5l Lc2L/Vfa4mwuQtH0psMvXAvvywuGNGv9cjK5PwVyRwqsppcco5oV9LckmGMMnWoO xsU+/IMljHORL0HPvL+RaSBDprj7GgA7nDEuv7zyYMC/uWHv5olUvLNEdN/LtCaB S9mVlBpkB2yxUT8FvZg71UEK0FVix2IaFcSF8FZcJqHw+ureRH0mhwe7BUytMvH1 7IbfeYSu7h6fr6wnGrW8dQ== =k8sF -----END PGP SIGNATURE----- Merge tag 'for-net-2024-10-16' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth Pull bluetooth fixes from Luiz Augusto Von Dentz: - ISO: Fix multiple init when debugfs is disabled - Call iso_exit() on module unload - Remove debugfs directory on module init failure - btusb: Fix not being able to reconnect after suspend - btusb: Fix regression with fake CSR controllers 0a12:0001 - bnep: fix wild-memory-access in proto_unregister Note: normally the bluetooth fixes go through the networking tree, but this missed the weekly merge, and two of the commits fix regressions that have caused a fair amount of noise and have now hit stable too: https://lore.kernel.org/all/4e1977ca-6166-4891-965e-34a6f319035f@leemhuis.info/ So I'm pulling it directly just to expedite things and not miss yet another -rc release. This is not meant to become a new pattern. * tag 'for-net-2024-10-16' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth: Bluetooth: btusb: Fix regression with fake CSR controllers 0a12:0001 Bluetooth: bnep: fix wild-memory-access in proto_unregister Bluetooth: btusb: Fix not being able to reconnect after suspend Bluetooth: Remove debugfs directory on module init failure Bluetooth: Call iso_exit() on module unload Bluetooth: ISO: Fix multiple init when debugfs is disabled |
||
Linus Torvalds
|
dd4f50373e |
Pin control fixes for the v6.12 kernel series:
- Fix two error paths and a missing semicolon in the Intel driver. - Add a missing ACPI ID for the Intel Panther Lake. - Check return value of devm_kasprintf() in the Apple and STM32 drivers. - Add a missing mutex_destroy() in the aw9523 driver. - Fix a double free in cv1800_pctrl_dt_node_to_map() in the Sophgo driver. - Fix a double free in ma35_pinctrl_dt_node_to_map_func() in the Nuvoton driver. - Fix a bug in the Ocelot interrupt handler making the system hang. -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEElDRnuGcz/wPCXQWMQRCzN7AZXXMFAmcVPtQACgkQQRCzN7AZ XXM67hAAyOKNn3YlRPd/B3hGviWEwV/f2EW2i+g96feM7szPmobvPXcCnPhbXu31 FbpuhodTXw9sz69jDBeBahl4VU/C3+T4/2Fr7xSI8Tu14+nm04OZHvULcch0qpjW X+y2BPNfM6A4pN8Bxovk9wt31KpkVM11M9jMaQCzNAiWp/vv3qPrdTD51r84yZ5C GOpKBDyiQF4F5uQsXXPkhmmaQHbiIRDTTPlAGv6R1xlfLtX4RLZUyey3TZnzo3M0 iDfimhqBZmnpE8SPvf6A+cSDCeA1bl3/oKDmh1kaV/hoD9nt7fqfvYW7orBiFykf 1YIvujXu7OOizcRS/hru7aNRSWU3E9E10wR1W1RPfZyY5aRuhNyU3X3cvgEORzLE QlC2cRXcWOzUJ1pk6IevbOu+3tcPQNvFAo9grSXW/J/LD7pfZjmX9KevKG3esvvJ p3r4ta8qGP0PCfOU1dHZWWrjzxgotbGp2U1Z9ZxayT/33oEz1FDAnZePb+w7EwwO 0K4PTO4UrN1CLqZYQhyP4ILMnvCuGfBHPdEjmFIySVbJfu/Bqm8IJ45a5AeS0TiE 5S6bkyqS3cGh1k5WKM2kkuCp0gxoL1WFbznR9pmEiZxJ3dyZ7L4BRuk7eIVSN9La DpDDZqYImeckAG1BNMQolh79mfN0RIBnQr7g/oomCuVe8k/XA+g= =uwk3 -----END PGP SIGNATURE----- Merge tag 'pinctrl-v6.12-2' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl Pull pin control fixes from Linus Walleij: "Mostly error path fixes, but one pretty serious interrupt problem in the Ocelot driver as well: - Fix two error paths and a missing semicolon in the Intel driver - Add a missing ACPI ID for the Intel Panther Lake - Check return value of devm_kasprintf() in the Apple and STM32 drivers - Add a missing mutex_destroy() in the aw9523 driver - Fix a double free in cv1800_pctrl_dt_node_to_map() in the Sophgo driver - Fix a double free in ma35_pinctrl_dt_node_to_map_func() in the Nuvoton driver - Fix a bug in the Ocelot interrupt handler making the system hang" * tag 'pinctrl-v6.12-2' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl: pinctrl: ocelot: fix system hang on level based interrupts pinctrl: nuvoton: fix a double free in ma35_pinctrl_dt_node_to_map_func() pinctrl: sophgo: fix double free in cv1800_pctrl_dt_node_to_map() pinctrl: intel: platform: Add Panther Lake to the list of supported pinctrl: aw9523: add missing mutex_destroy pinctrl: stm32: check devm_kasprintf() returned value pinctrl: apple: check devm_kasprintf() returned value pinctrl: intel: platform: use semicolon instead of comma in ncommunities assignment pinctrl: intel: platform: fix error path in device_for_each_child_node() |
||
Linus Torvalds
|
c55228220d |
Char/Misc/IIO fixes for 6.12-rc4
Here are a number of small char/misc/iio driver fixes for 6.12-rc4. Included in here are the following: - loads of small iio driver fixes for reported problems - parport driver out-of-bounds fix - Kconfig description and MAINTAINERS file updates All of these, except for the Kconfig and MAINTAINERS file updates have been in linux-next all week. Those other two are just documentation changes and will have no runtime issues and were merged on Friday. Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> -----BEGIN PGP SIGNATURE----- iG0EABECAC0WIQT0tgzFv3jCIUoxPcsxR9QN2y37KQUCZxUGYg8cZ3JlZ0Brcm9h aC5jb20ACgkQMUfUDdst+ynTCQCggBy+iX/11utliIaNKD2PHkB5BjQAn1igXYZI hgWphEoTvBtVgGfOzNwt =0mak -----END PGP SIGNATURE----- Merge tag 'char-misc-6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc Pull misc driver fixes from Greg KH: "Here are a number of small char/misc/iio driver fixes for 6.12-rc4: - loads of small iio driver fixes for reported problems - parport driver out-of-bounds fix - Kconfig description and MAINTAINERS file updates All of these, except for the Kconfig and MAINTAINERS file updates have been in linux-next all week. Those other two are just documentation changes and will have no runtime issues and were merged on Friday" * tag 'char-misc-6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc: (39 commits) misc: rtsx: list supported models in Kconfig help MAINTAINERS: Remove some entries due to various compliance requirements. misc: microchip: pci1xxxx: add support for NVMEM_DEVID_AUTO for OTP device misc: microchip: pci1xxxx: add support for NVMEM_DEVID_AUTO for EEPROM device parport: Proper fix for array out-of-bounds access iio: frequency: admv4420: fix missing select REMAP_SPI in Kconfig iio: frequency: {admv4420,adrf6780}: format Kconfig entries iio: adc: ad4695: Add missing Kconfig select iio: adc: ti-ads8688: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig iio: hid-sensors: Fix an error handling path in _hid_sensor_set_report_latency() iioc: dac: ltc2664: Fix span variable usage in ltc2664_channel_config() iio: dac: stm32-dac-core: add missing select REGMAP_MMIO in Kconfig iio: dac: ltc1660: add missing select REGMAP_SPI in Kconfig iio: dac: ad5770r: add missing select REGMAP_SPI in Kconfig iio: amplifiers: ada4250: add missing select REGMAP_SPI in Kconfig iio: frequency: adf4377: add missing select REMAP_SPI in Kconfig iio: resolver: ad2s1210: add missing select (TRIGGERED_)BUFFER in Kconfig iio: resolver: ad2s1210 add missing select REGMAP in Kconfig iio: proximity: mb1232: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig iio: pressure: bm1390: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig ... |
||
Linus Torvalds
|
c01ac4b944 |
TTY/Serial driver fixes for 6.12-rc4
Here are some small tty and serial driver fixes for 6.12-rc4. Included in here are: - qcom-geni serial driver fixes, wow what a mess of a UART chip that thing is... - vt infoleak fix for odd font sizes - imx serial driver bugfix - yet-another n_gsm ldisc bugfix, slowly chipping down the issues in that piece of code. All of these have been in linux-next for over a week with no reported issues. Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> -----BEGIN PGP SIGNATURE----- iG0EABECAC0WIQT0tgzFv3jCIUoxPcsxR9QN2y37KQUCZxUGDQ8cZ3JlZ0Brcm9h aC5jb20ACgkQMUfUDdst+ymS+ACfQaKXHHy0WZ/kB22Eif7KgKsx+D0AnjxH+H5l knORLhrVW+V41wyk9QM/ =qbdY -----END PGP SIGNATURE----- Merge tag 'tty-6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty Pull tty/serial driver fixes from Greg KH: "Here are some small tty and serial driver fixes for 6.12-rc4: - qcom-geni serial driver fixes, wow what a mess of a UART chip that thing is... - vt infoleak fix for odd font sizes - imx serial driver bugfix - yet-another n_gsm ldisc bugfix, slowly chipping down the issues in that piece of code All of these have been in linux-next for over a week with no reported issues" * tag 'tty-6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty: serial: qcom-geni: rename suspend functions serial: qcom-geni: drop unused receive parameter serial: qcom-geni: drop flip buffer WARN() serial: qcom-geni: fix rx cancel dma status bit serial: qcom-geni: fix receiver enable serial: qcom-geni: fix dma rx cancellation serial: qcom-geni: fix shutdown race serial: qcom-geni: revert broken hibernation support serial: qcom-geni: fix polled console initialisation serial: imx: Update mctrl old_status on RTSD interrupt tty: n_gsm: Fix use-after-free in gsm_cleanup_mux vt: prevent kernel-infoleak in con_font_get() |
||
Linus Torvalds
|
b68c189570 |
USB driver fixes for 6.12-rc4
Here are some small USB driver fixes and new device ids for 6.12-rc4. Included in here are: - xhci driver fixes for a number of reported issues - new usb-serial driver ids - dwc3 driver fixes for reported problems. - usb gadget driver fixes for reported problems - typec driver fixes - MAINTAINER file updates All of these have been in linux-next this week with no reported issues. Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> -----BEGIN PGP SIGNATURE----- iG0EABECAC0WIQT0tgzFv3jCIUoxPcsxR9QN2y37KQUCZxUHDg8cZ3JlZ0Brcm9h aC5jb20ACgkQMUfUDdst+ykYGACgvHkvAFkhaCeJKubX4cso1BAM+60AoMrkdNyB aNAH0Zn2IoZOfRjHWit6 =sHyY -----END PGP SIGNATURE----- Merge tag 'usb-6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb Pull USB driver fixes from Greg KH: "Here are some small USB driver fixes and new device ids for 6.12-rc4: - xhci driver fixes for a number of reported issues - new usb-serial driver ids - dwc3 driver fixes for reported problems. - usb gadget driver fixes for reported problems - typec driver fixes - MAINTAINER file updates All of these have been in linux-next this week with no reported issues" * tag 'usb-6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb: USB: serial: option: add Telit FN920C04 MBIM compositions USB: serial: option: add support for Quectel EG916Q-GL xhci: dbc: honor usb transfer size boundaries. usb: xhci: Fix handling errors mid TD followed by other errors xhci: Mitigate failed set dequeue pointer commands xhci: Fix incorrect stream context type macro USB: gadget: dummy-hcd: Fix "task hung" problem usb: gadget: f_uac2: fix return value for UAC2_ATTRIBUTE_STRING store usb: dwc3: core: Fix system suspend on TI AM62 platforms xhci: tegra: fix checked USB2 port number usb: dwc3: Wait for EndXfer completion before restoring GUSB2PHYCFG usb: typec: qcom-pmic-typec: fix sink status being overwritten with RP_DEF usb: typec: altmode should keep reference to parent MAINTAINERS: usb: raw-gadget: add bug tracker link MAINTAINERS: Add an entry for the LJCA drivers |
||
Linus Torvalds
|
db87114dcf |
- Explicitly disable the TSC deadline timer when going idle to address
some CPU errata in that area - Do not apply the Zenbleed fix on anything else except AMD Zen2 on the late microcode loading path - Clear CPU buffers later in the NMI exit path on 32-bit to avoid register clearing while they still contain sensitive data, for the RDFS mitigation - Do not clobber EFLAGS.ZF with VERW on the opportunistic SYSRET exit path on 32-bit - Fix parsing issues of memory bandwidth specification in sysfs for resctrl's memory bandwidth allocation feature - Other small cleanups and improvements -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEzv7L6UO9uDPlPSfHEsHwGGHeVUoFAmcU6aMACgkQEsHwGGHe VUqXPxAAjG0m9J11jBNlNsorPKe0dlhkgV6RpEOtCWov0mvxSAPQazT9PE0FTCvx Hm/IdEmj5vkkJOC/R7pga8Yz5fRwGtYwIHyS5618Wh+KAfdsXDgTFvCKaBQt0ltB 9U5+mwmyzzL6rS6jcv/y28qwi0STd4dHKg6K9sWAtga1bQSPCyJMZjeh9op5CxNh QOppCJR23jrp9I9c1zFd1LJPM4GY+KTYXTa7076sfcoD2taHbxAwsC/wiMooh5A2 k0EItyzy2UWWSUxAW8QhZJyuAWav631tHjcz9iETgNZmjgpR0sTGFGkRaYB74qkf vS2yyGpTSoKhxXVcBe7Z6cMf5DhUUjMa7itXZnY7kWCenvwfa3/nuSUKtIeqTPyg a6BXypPFyYaqRWHtCiN6KjwXaS+fbc385Fh6m8Q/NDrHnXG84oLQ3DK0WKj4Z37V YRflsWJ4ZRIwLALGsKJX+qbe9Oh3VDE3Q8MH9pCiJi227YB2OzyImJmCUBRY9bIC 7Amw4aUBUxX/VUpUOC4CJnx8SOG7cIeM06E6jM7J6LgWHpee++ccbFpZNqFh3VW/ j67AifRJFljG+JcyPLZxZ4M/bzpsGkpZ7iiW8wI8k0CPoG7lcvbkZ3pQ4eizAHIJ 0a+WQ9jHj1/64g4bT7Ml8lZRbzfBG/ksLkRwq8Gakt+h7GQbsd4= =n0wZ -----END PGP SIGNATURE----- Merge tag 'x86_urgent_for_v6.12_rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 fixes from Borislav Petkov: - Explicitly disable the TSC deadline timer when going idle to address some CPU errata in that area - Do not apply the Zenbleed fix on anything else except AMD Zen2 on the late microcode loading path - Clear CPU buffers later in the NMI exit path on 32-bit to avoid register clearing while they still contain sensitive data, for the RDFS mitigation - Do not clobber EFLAGS.ZF with VERW on the opportunistic SYSRET exit path on 32-bit - Fix parsing issues of memory bandwidth specification in sysfs for resctrl's memory bandwidth allocation feature - Other small cleanups and improvements * tag 'x86_urgent_for_v6.12_rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/apic: Always explicitly disarm TSC-deadline timer x86/CPU/AMD: Only apply Zenbleed fix for Zen2 during late microcode load x86/bugs: Use code segment selector for VERW operand x86/entry_32: Clear CPU buffers after register restore in NMI return x86/entry_32: Do not clobber user EFLAGS.ZF x86/resctrl: Annotate get_mem_config() functions as __init x86/resctrl: Avoid overflow in MB settings in bw_validate() x86/amd_nb: Add new PCI ID for AMD family 1Ah model 20h |
||
Linus Torvalds
|
949c9ef59b |
- Fix a case for sifive-plic where an interrupt gets disabled *and* masked and
remains masked when it gets reenabled later - Plug a small race in GIC-v4 where userspace can force an affinity change of a virtual CPU (vPE) in its unmapping path - Do not mix the two sets of ocelot irqchip's registers in the mask calculation of the main interrupt sticky register - Other smaller fixlets and cleanups -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEzv7L6UO9uDPlPSfHEsHwGGHeVUoFAmcU5d0ACgkQEsHwGGHe VUrNARAAtS7zkD4zQcJx2r0sr/jkLoWszP3+6Xgz/DKiT6+MUn7An+GmwvCPwZYd rVqQBBpt6Fzfn8tYY53lLC9C5zvp04aXfKv7/qNsvxI3XmDozwkjQ3pu83TYhXsn 4dWZyUlk3BtyY9Au4aoK0c1X7zaxoGaHs+kQa5PJvPr7bW+fL1RqkpdyOzb3G3+A rj/KdKz42B54cKCSfQ0321tz/9Ts24ewr8vIhIoVDuHbhZ+gQc9GueZuK75Lm2iT YZZuBXYUueIESwkRnK2PtpTJn9Q2hF/z52SqPr33D2jCcMFk1WuscBG2kMie/ifL HZyVE1ynhg8RRJRMxJ2H14aWNZbYa+PnFoK9B2oAquUDRJ/ef7laTpjXQjyYgH/X xjNdW/lm/yklxc1vmVvPmfGtP0joc17cYix8rGLxymH7oOvvcOxhJRwWmUCLuC78 y1LRwPZxgbC4iK1Rar9IfIzsVMgWQUoGDY3NgoA95xiBcYrfrXjHFgIasKTn5tJd sQKA4DOlVNotCplWf+Vo801CvXQSr7vra+5apcEYJOTTUEfnPT6LcNXh9S5obpsq aB0pMgT1xWimIWCwLvwEVYwkKEeYW+TskuM3x1Movzk4BSW1yNZUseoBl1jXPclg xxSuCNnc5gCn5CbYBt4qrVR+vNga+TYbvvD3KfnDUkWSZKqsjbg= =LwSw -----END PGP SIGNATURE----- Merge tag 'irq_urgent_for_v6.12_rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull irq fixes from Borislav Petkov: - Fix a case for sifive-plic where an interrupt gets disabled *and* masked and remains masked when it gets reenabled later - Plug a small race in GIC-v4 where userspace can force an affinity change of a virtual CPU (vPE) in its unmapping path - Do not mix the two sets of ocelot irqchip's registers in the mask calculation of the main interrupt sticky register - Other smaller fixlets and cleanups * tag 'irq_urgent_for_v6.12_rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: irqchip/renesas-rzg2l: Fix missing put_device irqchip/riscv-intc: Fix SMP=n boot with ACPI irqchip/sifive-plic: Unmask interrupt in plic_irq_enable() irqchip/gic-v4: Don't allow a VMOVP on a dying VPE irqchip/sifive-plic: Return error code on failure irqchip/riscv-imsic: Fix output text of base address irqchip/ocelot: Comment sticky register clearing code irqchip/ocelot: Fix trigger register address irqchip: Remove obsolete config ARM_GIC_V3_ITS_PCI |
||
Linus Torvalds
|
2b4d25010d |
- Add PREEMPT_RT maintainers
- Fix another aspect of delayed dequeued tasks wrt determining their state, i.e., whether they're runnable or blocked - Handle delayed dequeued tasks and their migration wrt PSI properly - Fix the situation where a delayed dequeue task gets enqueued into a new class, which should not happen - Fix a case where memory allocation would happen while the runqueue lock is held, which is a no-no - Do not over-schedule when tasks with shorter slices preempt the currently running task - Make sure delayed to deque entities are properly handled before unthrottling - Other smaller cleanups and improvements -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEzv7L6UO9uDPlPSfHEsHwGGHeVUoFAmcU3tMACgkQEsHwGGHe VUqpuhAAqqyi2NNgrIOlEWh/Ej4NQZL7KleF84cSpKCIBK2somYX5ksgMcUgn82i bIuDVErQu/a4lhNAf5zn7TO3yuPA1Q5xd/453qBlWM9ApkH0S69Mp9f0yocVu8F0 t3XsgXm+/R8A4TYbiv8cB+r1Xt8E5NUP6RkNIKCHbPLAG94gqYF8UZEJ9sAl9ZXw qEWc9afpnp+4LQ9PlzePuaM976LWUPB49OoFZMnFmY1VkvFuVjkjXSVzJX6l4qB7 Omo/+TXOOBSHXVVflNx/68Q16irFHAnqwPPrLCBQWBLIPz3iRiZjV9ptD9tUZkRM M+klL7w0jRG+8wa9fTwuqybmBNIBt4Az1/WUw9Lc3ryEWRsCKzkGT8au3lv5FpQY CTwIIBSMmUcqQSG40R0HHS3nDR4UBFFD0PAww+8cJQZc0IPd2rT9/hfqYdt3sq2Z vV9rmTFOcDlApeDdCGcfC7zJhdgVuBgDVjdTsE5SNRUduBUsBYOeLDnT+0Qi0ArJ txVINGxQDm6jz512f4CAB/xzUcYpU4o639Z1Jkd6a8QbO1NBZGX1ioOcvPEMhmFF f/qFyM8ctR5Kj6LJCZiDcstqtAZviW1d2uMp48gk2QeSvkCyIUQqrWshItd02iBG TZdSYRvSYtYSIz7WYtE/CABUDmrJGjuLtb+jOrR93//TsWwwVdE= =1D7H -----END PGP SIGNATURE----- Merge tag 'sched_urgent_for_v6.12_rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull scheduling fixes from Borislav Petkov: - Add PREEMPT_RT maintainers - Fix another aspect of delayed dequeued tasks wrt determining their state, i.e., whether they're runnable or blocked - Handle delayed dequeued tasks and their migration wrt PSI properly - Fix the situation where a delayed dequeue task gets enqueued into a new class, which should not happen - Fix a case where memory allocation would happen while the runqueue lock is held, which is a no-no - Do not over-schedule when tasks with shorter slices preempt the currently running task - Make sure delayed to deque entities are properly handled before unthrottling - Other smaller cleanups and improvements * tag 'sched_urgent_for_v6.12_rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: MAINTAINERS: Add an entry for PREEMPT_RT. sched/fair: Fix external p->on_rq users sched/psi: Fix mistaken CPU pressure indication after corrupted task state bug sched/core: Dequeue PSI signals for blocked tasks that are delayed sched: Fix delayed_dequeue vs switched_from_fair() sched/core: Disable page allocation in task_tick_mm_cid() sched/deadline: Use hrtick_enabled_dl() before start_hrtick_dl() sched/eevdf: Fix wakeup-preempt by checking cfs_rq->nr_running sched: Fix sched_delayed vs cfs_bandwidth |
||
Linus Torvalds
|
a5ee44c829 |
xen: branch for v6.12-rc4
-----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQRTLbB6QfY48x44uB6AXGG7T9hjvgUCZxTVfAAKCRCAXGG7T9hj vixMAQDQPRqtmbpAr9l7tIrVMRqGktuV6nVTeLGXUDpqC7wM0gEA9c/h/Z0QVKth 0XKyYWMsUIQ2Y5lKP8ywr0KxRQuUmQ0= =U3e3 -----END PGP SIGNATURE----- Merge tag 'for-linus-6.12a-rc4-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip Pull xen fix from Juergen Gross: "A single fix for a build failure introduced this merge window" * tag 'for-linus-6.12a-rc4-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip: xen: Remove dependency between pciback and privcmd |
||
Linus Torvalds
|
10e93e1900 |
dma-mapping fix for Linux 6.12
Just another small tracing fix from Sean. -----BEGIN PGP SIGNATURE----- iQI/BAABCgApFiEEgdbnc3r/njty3Iq9D55TZVIEUYMFAmcUhhoLHGhjaEBsc3Qu ZGUACgkQD55TZVIEUYPzww//XpnJtQ2glWj9MZAbrPAHsBooazaIae1wfxPXCb9u EzaookDsTZhVtS0buSH9+EcNC5fWsr7Q7wyazx4cmGl6wOdHZ6mq+YbpxGQmhgWe MHDXu/X+rCRsa4cU5X8LUCjWVpKsu0kQE2B3E7M6cYfCWH9r1r9jaW0uXxdTQRWf Yi6W43cL/G946aT76wTspFrCfBqLgxypuTPGgehHpbF99sC/eJ6YHzGkOxc+mZ/5 AatMB/npW8Y0G38yScp6gJZ4XaetJ6hflXoFN1pR7ehDggmZAjM/WfPwFlqZgjbk sVL0GjLuE4kbLnXIWX7GzzY/sXlUbebIKkAiYw3uqeo3KchU8/pA2Cqb9qWzdQmf FkMJQO7rgj7BvlJnxccDVAZYedkoywdj4Jw/B8hnm5jF355g4tZDmXm+4A88KtHZ qnz7pBNdfFumyMEJFwUzOAMWyN2ZDdirb3lrDsCXlIV56h4NH60I6D+cAsX9a+94 Qao0xLr72jlk4NNDQShYJgHybCVTMMep3Wjkejg/EEZCxdkkyMpSOZXJeBLlxn80 O2fdRynM5EhG+e28pjFYvU+/zLT0poSRaE+jBfWJLtG9xCFMybWRKtASH7VcaRLQ /kDPR51ZttfNYQscVWi7S+R37VWksPLEbFQHSFDvOcwGKgcnFpllDuwv+o62TuUc eKk= =MnDt -----END PGP SIGNATURE----- Merge tag 'dma-mapping-6.12-2024-10-20' of git://git.infradead.org/users/hch/dma-mapping Pull dma-mapping fix from Christoph Hellwig: "Just another small tracing fix from Sean" * tag 'dma-mapping-6.12-2024-10-20' of git://git.infradead.org/users/hch/dma-mapping: dma-mapping: fix tracing dma_alloc/free with vmalloc'd memory |
||
Paolo Bonzini
|
e9001a382f |
KVM/arm64 fixes for 6.12, take #3
- Stop wasting space in the HYP idmap, as we are dangerously close to the 4kB limit, and this has already exploded in -next - Fix another race in vgic_init() - Fix a UBSAN error when faking the cache topology with MTE enabled -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEn9UcU+C1Yxj9lZw9I9DQutE9ekMFAmcQ0ioACgkQI9DQutE9 ekP71Q/9FJOSfvZU0aPTeMLkrkJFkVO1Xvecq2YSrYSdBBtaVO3WAybV/tbSLKGb rgy64JOoRYys9I8kbvztGul7vT6QgrTZMGjbNVHGmKVXsnEYRY2jKWwtRh20nnhx hwIiAItkp76MGEurOJShFffDju4Psuj0lMPDYDv3j24YHSX+fiWIWcwHoqM9baVt IRIx2bkJf5isbXJ0i2dtV6PvxBn7ShdDU2VoMr+69LtSgiQypRQ2OXyBvOHt1Pg4 7r5MY3YueMLSRdyuFFyr1esPDzZLRdhHZts/BbFmiBafGUPBrzSXjeBXM+GO0day 8eEqhe1HSDsg9ctC6EJZbTfKC0T6UpSwUT7zlujgLhdaBae8mSuJVC0rywGRmWi8 AHFWZQSu4mTdDaJ5A/dyZeXv3ir+lQIUMLTm6EJ+3+PSACTKt1TCDqUKM0z2tFvB F96cH3/m9vAlxoeLmxeZqX6RGU44ttDFkyqDcS8hezV5meTNLJ580r0iyqnBhIu0 szNhOxhHziTUOrps0EM8Cx7WElYUK3MJ30t8pZRwZaYQOjlm2NeqTwI0I/c4dHNX IUvdFXCVSWLFyGULpKf/tPqeq/nZKQ900gzoGJNSPnZ2gEw0QnVhGyIFaPbj42Eb TTs2nvCJU5bE96nvz3mAkxWF5Uuu0yw1CRII6XPbkMCpaTocrPs= =2Cfq -----END PGP SIGNATURE----- Merge tag 'kvmarm-fixes-6.12-3' of git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm into HEAD KVM/arm64 fixes for 6.12, take #3 - Stop wasting space in the HYP idmap, as we are dangerously close to the 4kB limit, and this has already exploded in -next - Fix another race in vgic_init() - Fix a UBSAN error when faking the cache topology with MTE enabled |
||
Paolo Bonzini
|
ddd5c58201 |
KVM/arm64 fixes for 6.12, take #2
- Fix the guest view of the ID registers, making the relevant fields writable from userspace (affecting ID_AA64DFR0_EL1 and ID_AA64PFR1_EL1) - Correcly expose S1PIE to guests, fixing a regression introduced in 6.12-rc1 with the S1POE support - Fix the recycling of stage-2 shadow MMUs by tracking the context (are we allowed to block or not) as well as the recycling state - Address a couple of issues with the vgic when userspace misconfigures the emulation, resulting in various splats. Headaches courtesy of our Syzkaller friends -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEn9UcU+C1Yxj9lZw9I9DQutE9ekMFAmcJJfcACgkQI9DQutE9 ekPD+A//QPpX99cWV5ryj0Ado9JeewfNBPba4PR1gmR1+HZLrpawo1BjUKFVa4jl iempDeUmhX68M7JyfpdgzW7HMKkemqavioWcL/bRY7ZZ4ss3g4w0BNKkwTkA+IEj qkxNw/LYRjDtjXWAmV4YB17M3AXYtj0Xnwgu8XKTlgp9EAqNxYAGDW/OX/vrkyKk 0Zbe1xg0pq5NxAZhC9TC2b0aHCXPVN9qsHvqJW7mu9qy0/Z4ix+CAXcnmlG9lpZg OsAIBu1fWt4YC2Q6+J8Bhu/RcvQtw0doPOllI/wEhx/Za3mzkBMBdvitMD7s5Ldy KQ9uSWbDCcdVUPjLVsnVm4zZ+Dp/DixXPmlQaMfO/sIu0A4LLj8DvGc7CaJGF6Fu jumXgT6A9IiJEBWAFbB9P2HD83ROW+3deCyOHDzGmJtfPQ0jHC9PCMjMVGQlcvcy 4aWrzxFjSsMvR7ILUBL2y53pTDXDZH02GGAn/zRjfAwr8Qqy3iLTDVvmfXnuIIZE HR4gXrvp9g7+nhwEkbB1a7MmAW/xPNFHJ0floAp7I4EqXfOcvPewG/Da3fDjDIV3 HFNEVnrjWvct6aiPx1rRbQDJcC5ROn4Cl52sKcMmxYpZ2EK9YzsYNYoJiNFmhmU3 8EW+lMraGNQXxyzhZHsoAmmqkwy8YyjG37uH/EEHdHtDGJAJHls= =OM+r -----END PGP SIGNATURE----- Merge tag 'kvmarm-fixes-6.12-2' of git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm into HEAD KVM/arm64 fixes for 6.12, take #2 - Fix the guest view of the ID registers, making the relevant fields writable from userspace (affecting ID_AA64DFR0_EL1 and ID_AA64PFR1_EL1) - Correcly expose S1PIE to guests, fixing a regression introduced in 6.12-rc1 with the S1POE support - Fix the recycling of stage-2 shadow MMUs by tracking the context (are we allowed to block or not) as well as the recycling state - Address a couple of issues with the vgic when userspace misconfigures the emulation, resulting in various splats. Headaches courtesy of our Syzkaller friends |
||
Cyan Yang
|
3ec4350d4e |
RISCV: KVM: use raw_spinlock for critical section in imsic
For the external interrupt updating procedure in imsic, there was a spinlock to protect it already. But since it should not be preempted in any cases, we should turn to use raw_spinlock to prevent any preemption in case PREEMPT_RT was enabled. Signed-off-by: Cyan Yang <cyan.yang@sifive.com> Reviewed-by: Yong-Xuan Wang <yongxuan.wang@sifive.com> Reviewed-by: Anup Patel <anup@brainfault.org> Message-ID: <20240919160126.44487-1-cyan.yang@sifive.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> |
||
Sean Christopherson
|
773cca1834 |
KVM: selftests: Fix out-of-bounds reads in CPUID test's array lookups
When looking for a "mangled", i.e. dynamic, CPUID entry, terminate the
walk based on the number of array _entries_, not the size in bytes of
the array. Iterating based on the total size of the array can result in
false passes, e.g. if the random data beyond the array happens to match
a CPUID entry's function and index.
Fixes:
|
||
Vitaly Kuznetsov
|
9a400068a1 |
KVM: selftests: x86: Avoid using SSE/AVX instructions
Some distros switched gcc to '-march=x86-64-v3' by default and while it's hard to find a CPU which doesn't support it today, many KVM selftests fail with ==== Test Assertion Failure ==== lib/x86_64/processor.c:570: Unhandled exception in guest pid=72747 tid=72747 errno=4 - Interrupted system call Unhandled exception '0x6' at guest RIP '0x4104f7' The failure is easy to reproduce elsewhere with $ make clean && CFLAGS='-march=x86-64-v3' make -j && ./x86_64/kvm_pv_test The root cause of the problem seems to be that with '-march=x86-64-v3' GCC uses AVX* instructions (VMOVQ in the example above) and without prior XSETBV() in the guest this results in #UD. It is certainly possible to add it there, e.g. the following saves the day as well: Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com> Message-ID: <20240920154422.2890096-1-vkuznets@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> |
||
Sean Christopherson
|
f559b2e9c5 |
KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory
Ignore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as bits
4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn't
enforce 32-byte alignment of nCR3.
In the absolute worst case scenario, failure to ignore bits 4:0 can result
in an out-of-bounds read, e.g. if the target page is at the end of a
memslot, and the VMM isn't using guard pages.
Per the APM:
The CR3 register points to the base address of the page-directory-pointer
table. The page-directory-pointer table is aligned on a 32-byte boundary,
with the low 5 address bits 4:0 assumed to be 0.
And the SDM's much more explicit:
4:0 Ignored
Note, KVM gets this right when loading PDPTRs, it's only the nSVM flow
that is broken.
Fixes:
|
||
Maxim Levitsky
|
731285fbb6 |
KVM: VMX: reset the segment cache after segment init in vmx_vcpu_reset()
Reset the segment cache after segment initialization in vmx_vcpu_reset()
to harden KVM against caching stale/uninitialized data. Without the
recent fix to bypass the cache in kvm_arch_vcpu_put(), the following
scenario is possible:
- vCPU is just created, and the vCPU thread is preempted before
SS.AR_BYTES is written in vmx_vcpu_reset().
- When scheduling out the vCPU task, kvm_arch_vcpu_in_kernel() =>
vmx_get_cpl() reads and caches '0' for SS.AR_BYTES.
- vmx_vcpu_reset() => seg_setup() configures SS.AR_BYTES, but doesn't
invoke vmx_segment_cache_clear() to invalidate the cache.
As a result, KVM retains a stale value in the cache, which can be read,
e.g. via KVM_GET_SREGS. Usually this is not a problem because the VMX
segment cache is reset on each VM-Exit, but if the userspace VMM (e.g KVM
selftests) reads and writes system registers just after the vCPU was
created, _without_ modifying SS.AR_BYTES, userspace will write back the
stale '0' value and ultimately will trigger a VM-Entry failure due to
incorrect SS segment type.
Invalidating the cache after writing the VMCS doesn't address the general
issue of cache accesses from IRQ context being unsafe, but it does prevent
KVM from clobbering the VMCS, i.e. mitigates the harm done _if_ KVM has a
bug that results in an unsafe cache access.
Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
Fixes:
|
||
Sean Christopherson
|
5a27984244 |
KVM: x86: Clean up documentation for KVM_X86_QUIRK_SLOT_ZAP_ALL
Massage the documentation for KVM_X86_QUIRK_SLOT_ZAP_ALL to call out that it applies to moved memslots as well as deleted memslots, to avoid KVM's "fast zap" terminology (which has no meaning for userspace), and to reword the documented targeted zap behavior to specifically say that KVM _may_ zap a subset of all SPTEs. As evidenced by the fix to zap non-leafs SPTEs with gPTEs, formally documenting KVM's exact internal behavior is risky and unnecessary. Signed-off-by: Sean Christopherson <seanjc@google.com> Message-ID: <20241009192345.1148353-4-seanjc@google.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> |
||
Sean Christopherson
|
28cf497881 |
KVM: x86/mmu: Add lockdep assert to enforce safe usage of kvm_unmap_gfn_range()
Add a lockdep assertion in kvm_unmap_gfn_range() to ensure that either mmu_invalidate_in_progress is elevated, or that the range is being zapped due to memslot removal (loosely detected by slots_lock being held). Zapping SPTEs without mmu_invalidate_{in_progress,seq} protection is unsafe as KVM's page fault path snapshots state before acquiring mmu_lock, and thus can create SPTEs with stale information if vCPUs aren't forced to retry faults (due to seeing an in-progress or past MMU invalidation). Memslot removal is a special case, as the memslot is retrieved outside of mmu_invalidate_seq, i.e. doesn't use the "standard" protections, and instead relies on SRCU synchronization to ensure any in-flight page faults are fully resolved before zapping SPTEs. Signed-off-by: Sean Christopherson <seanjc@google.com> Message-ID: <20241009192345.1148353-3-seanjc@google.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> |
||
Sean Christopherson
|
58a20a9435 |
KVM: x86/mmu: Zap only SPs that shadow gPTEs when deleting memslot
When performing a targeted zap on memslot removal, zap only MMU pages that shadow guest PTEs, as zapping all SPs that "match" the gfn is inexact and unnecessary. Furthermore, for_each_gfn_valid_sp() arguably shouldn't exist, because it doesn't do what most people would it expect it to do. The "round gfn for level" adjustment that is done for direct SPs (no gPTE) means that the exact gfn comparison will not get a match, even when a SP does "cover" a gfn, or was even created specifically for a gfn. For memslot deletion specifically, KVM's behavior will vary significantly based on the size and alignment of a memslot, and in weird ways. E.g. for a 4KiB memslot, KVM will zap more SPs if the slot is 1GiB aligned than if it's only 4KiB aligned. And as described below, zapping SPs in the aligned case overzaps for direct MMUs, as odds are good the upper-level SPs are serving other memslots. To iterate over all potentially-relevant gfns, KVM would need to make a pass over the hash table for each level, with the gfn used for lookup rounded for said level. And then check that the SP is of the correct level, too, e.g. to avoid over-zapping. But even then, KVM would massively overzap, as processing every level is all but guaranteed to zap SPs that serve other memslots, especially if the memslot being removed is relatively small. KVM could mitigate that issue by processing only levels that can be possible guest huge pages, i.e. are less likely to be re-used for other memslot, but while somewhat logical, that's quite arbitrary and would be a bit of a mess to implement. So, zap only SPs with gPTEs, as the resulting behavior is easy to describe, is predictable, and is explicitly minimal, i.e. KVM only zaps SPs that absolutely must be zapped. Cc: Yan Zhao <yan.y.zhao@intel.com> Signed-off-by: Sean Christopherson <seanjc@google.com> Reviewed-by: Yan Zhao <yan.y.zhao@intel.com> Tested-by: Yan Zhao <yan.y.zhao@intel.com> Message-ID: <20241009192345.1148353-2-seanjc@google.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> |
||
Kirill A. Shutemov
|
8e690b817e |
x86/kvm: Override default caching mode for SEV-SNP and TDX
AMD SEV-SNP and Intel TDX have limited access to MTRR: either it is not advertised in CPUID or it cannot be programmed (on TDX, due to #VE on CR0.CD clear). This results in guests using uncached mappings where it shouldn't and pmd/pud_set_huge() failures due to non-uniform memory type reported by mtrr_type_lookup(). Override MTRR state, making it WB by default as the kernel does for Hyper-V guests. Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> Suggested-by: Binbin Wu <binbin.wu@intel.com> Cc: Juergen Gross <jgross@suse.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Reviewed-by: Juergen Gross <jgross@suse.com> Message-ID: <20241015095818.357915-1-kirill.shutemov@linux.intel.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> |
||
Dr. David Alan Gilbert
|
bc07eea2f3 |
KVM: Remove unused kvm_vcpu_gfn_to_pfn_atomic
The last use of kvm_vcpu_gfn_to_pfn_atomic was removed by commit
|
||
Dr. David Alan Gilbert
|
88a387cf9e |
KVM: Remove unused kvm_vcpu_gfn_to_pfn
The last use of kvm_vcpu_gfn_to_pfn was removed by commit
|
||
Linus Torvalds
|
715ca9dd68 |
io_uring-6.12-20241019
-----BEGIN PGP SIGNATURE----- iQJEBAABCAAuFiEEwPw5LcreJtl1+l5K99NY+ylx4KYFAmcUKf8QHGF4Ym9lQGtl cm5lbC5kawAKCRD301j7KXHgpm1eD/43olMZDS4WHFFW81/pK/YtgnAg9mNPEZNj Ny6t2ti/L97nS+HhAzOPKIvmXtA9UxlQ9j2zpGrl4NCQzxOmlr5JOKKoNnrdLb70 InUkJ/Rt5lo7pU97qRE6sqe0zHorxLMK1GM+ASH06ay+bQzKor2WtUie5cxnhEkk T8xk4nLCp2+mXqQIaKFQCIGGsEOCCaJEBFp7xaaDyX5CuxfG1Dc/pJoQyAVB1HGU irZXWl5WPmVokblo+akmqsmoXQ2szw2+JIb2HhHzjPX3wViocDcBDVv58ArW/sz3 KLk2SQk65A6b05K7NaEhv1sI0bxpQnvZM3y7YmXP/KEZ9cy0ztmipQulpZRbL4M1 vZI8RW0GVG6DiYSDlvnVrlgSs8/YeurWH2cetS7DjQtKGPIoqGJg4nl+ACu6yxXl c4y25ilJ2dE18i4H39B6v6dBX5tg9YQ2ekWy/T83uaIcwogF6ob0cCesCmaRe0D7 3rCbe3/7Ft4XpKcg+7RqUGz6PV27R51F1/kUlIxUCibIq6zEmjT29sQIknBbLot5 LdTSoWSPIbw8y2Ji8uaZbeB4dbUG4t0HZYW9BiFE4cGQCQtQQxjZATi2hHlwaUIH 31VOoO1yaQgu9IPY24jTQqW4odfU36bAXEHcne6vbafvLO1YXwk9Mdfi82cypbWn +ufVvSQ7qQ== =B5R5 -----END PGP SIGNATURE----- Merge tag 'io_uring-6.12-20241019' of git://git.kernel.dk/linux Pull one more io_uring fix from Jens Axboe: "Fix for a regression introduced in 6.12-rc2, where a condition check was negated and hence -EAGAIN would bubble back up up to userspace rather than trigger a retry condition" * tag 'io_uring-6.12-20241019' of git://git.kernel.dk/linux: io_uring/rw: fix wrong NOWAIT check in io_rw_init_file() |
||
Linus Torvalds
|
531643fcd9 |
SCSI fixes on 20241019
Fixes all in drivers. The largest is the mpi3mr which corrects a phy count limit that should only apply to the controller but was being incorrectly applied to expander phys. Signed-off-by: James E.J. Bottomley <James.Bottomley@HansenPartnership.com> -----BEGIN PGP SIGNATURE----- iJwEABMIAEQWIQTnYEDbdso9F2cI+arnQslM7pishQUCZxQINSYcamFtZXMuYm90 dG9tbGV5QGhhbnNlbnBhcnRuZXJzaGlwLmNvbQAKCRDnQslM7pishfuiAP9+gxzU MYpyNFYmS8iwbma+wagKMr2ZxpiIAnQIukBtugD7Baqw7YjNbAPtCcQMgC96y8ac X7zeMkLTyMqkaIjOQFk= =eHKZ -----END PGP SIGNATURE----- Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi Pull SCSI fixes from James Bottomley: "Fixes all in drivers. The largest is the mpi3mr which corrects a phy count limit that should only apply to the controller but was being incorrectly applied to expander phys" * tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi: scsi: target: core: Fix null-ptr-deref in target_alloc_device() scsi: mpi3mr: Validate SAS port assignments scsi: ufs: core: Set SDEV_OFFLINE when UFS is shut down scsi: ufs: core: Requeue aborted request scsi: ufs: core: Fix the issue of ICU failure |
||
Linus Torvalds
|
06526daaff |
ftrace: A couple of fixes to function graph infrastructure
- Fix allocation of idle shadow stack allocation during hotplug If function graph tracing is started when a CPU is offline, if it were come online during the trace then the idle task that represents the CPU will not get a shadow stack allocated for it. This means all function graph hooks that happen while that idle task is running (including in interrupt mode) will have all its events dropped. Switch over to the CPU hotplug mechanism that will have any newly brought on line CPU get a callback that can allocate the shadow stack for its idle task. - Fix allocation size of the ret_stack_list array When function graph tracing converted over to allowing more than one user at a time, it had to convert its shadow stack from an array of ret_stack structures to an array of unsigned longs. The shadow stacks are allocated in batches of 32 at a time and assigned to every running task. The batch is held by the ret_stack_list array. But when the conversion happened, instead of allocating an array of 32 pointers, it was allocated as a ret_stack itself (PAGE_SIZE). This ret_stack_list gets passed to a function that iterates over what it believes is its size defined by the FTRACE_RETSTACK_ALLOC_SIZE macro (which is 32). Luckily (PAGE_SIZE) is greater than 32 * sizeof(long), otherwise this would have been an array overflow. This still should be fixed and the ret_stack_list should be allocated to the size it is expected to be as someday it may end up being bigger than SHADOW_STACK_SIZE. -----BEGIN PGP SIGNATURE----- iIoEABYIADIWIQRRSw7ePDh/lE+zeZMp5XQQmuv6qgUCZxP8RhQccm9zdGVkdEBn b29kbWlzLm9yZwAKCRAp5XQQmuv6qmW3AP4qCOvU/g9g6u32gIZmS1oUWqe3q+Rq 9OKCk0JP6GGc8AD/cF816lbs5vpDiZFdbBvaz5gLHqhfAt35NVU8T5tbJA4= =Lh3A -----END PGP SIGNATURE----- Merge tag 'ftrace-v6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace Pull ftrace fixes from Steven Rostedt: "A couple of fixes to function graph infrastructure: - Fix allocation of idle shadow stack allocation during hotplug If function graph tracing is started when a CPU is offline, if it were come online during the trace then the idle task that represents the CPU will not get a shadow stack allocated for it. This means all function graph hooks that happen while that idle task is running (including in interrupt mode) will have all its events dropped. Switch over to the CPU hotplug mechanism that will have any newly brought on line CPU get a callback that can allocate the shadow stack for its idle task. - Fix allocation size of the ret_stack_list array When function graph tracing converted over to allowing more than one user at a time, it had to convert its shadow stack from an array of ret_stack structures to an array of unsigned longs. The shadow stacks are allocated in batches of 32 at a time and assigned to every running task. The batch is held by the ret_stack_list array. But when the conversion happened, instead of allocating an array of 32 pointers, it was allocated as a ret_stack itself (PAGE_SIZE). This ret_stack_list gets passed to a function that iterates over what it believes is its size defined by the FTRACE_RETSTACK_ALLOC_SIZE macro (which is 32). Luckily (PAGE_SIZE) is greater than 32 * sizeof(long), otherwise this would have been an array overflow. This still should be fixed and the ret_stack_list should be allocated to the size it is expected to be as someday it may end up being bigger than SHADOW_STACK_SIZE" * tag 'ftrace-v6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace: fgraph: Allocate ret_stack_list with proper size fgraph: Use CPU hotplug mechanism to initialize idle shadow stacks |
||
Linus Torvalds
|
8203ca3809 |
ipe/stable-6.12 PR 20241018
-----BEGIN PGP SIGNATURE----- iIcEABYIAC8WIQQzmBmZPBN6m/hUJmnyomI6a/yO7QUCZxK0IhEcd3VmYW5Aa2Vy bmVsLm9yZwAKCRDyomI6a/yO7bYaAP9RInzgnGtws5coddMT8vlsMsCGb+4EZegC Uhw/gqWO3gD/Ua/x97apb4SZesyto8fm3rP4Aw0CvtBL5FuyKGnBBAU= =CRIh -----END PGP SIGNATURE----- Merge tag 'ipe-pr-20241018' of git://git.kernel.org/pub/scm/linux/kernel/git/wufan/ipe Pull ipe fixes from Fan Wu: "This addresses several issues identified by Luca when attempting to enable IPE on Debian and systemd: - address issues with IPE policy update errors and policy update version check, improving the clarity of error messages for better understanding by userspace programs. - enable IPE policies to be signed by secondary and platform keyrings, facilitating broader use across general Linux distributions like Debian. - updates the IPE entry in the MAINTAINERS file to reflect the new tree URL and my updated email from kernel.org" * tag 'ipe-pr-20241018' of git://git.kernel.org/pub/scm/linux/kernel/git/wufan/ipe: MAINTAINERS: update IPE tree url and Fan Wu's email ipe: fallback to platform keyring also if key in trusted keyring is rejected ipe: allow secondary and platform keyrings to install/update policies ipe: also reject policy updates with the same version ipe: return -ESTALE instead of -EINVAL on update when new policy has a lower version |
||
Linus Torvalds
|
f9e4825524 |
Input updates for v6.12-rc3
- a fix for Zinitix driver to not fail probing if property enabling touch keys functionality is not defined. Support for touch keys was added in 6.12 merge window so this issue does not affect users of released kernels - a couple new vendor/device IDs in xpad driver to enable support for more hardware. -----BEGIN PGP SIGNATURE----- iHUEABYIAB0WIQST2eWILY88ieB2DOtAj56VGEWXnAUCZxMk3gAKCRBAj56VGEWX nHcXAP99ROP6m6hoGUEvCKVtWQuuKPxJTMByLpdpHdTcX15HdQD9GB9HBVnBdIV5 hckmsRPttRfhUIlMyWWR54anNidx4ww= =yn7x -----END PGP SIGNATURE----- Merge tag 'input-for-v6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input Pull input fixes from Dmitry Torokhov: - a fix for Zinitix driver to not fail probing if the property enabling touch keys functionality is not defined. Support for touch keys was added in 6.12 merge window so this issue does not affect users of released kernels - a couple new vendor/device IDs in xpad driver to enable support for more hardware * tag 'input-for-v6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input: Input: zinitix - don't fail if linux,keycodes prop is absent Input: xpad - add support for MSI Claw A1M Input: xpad - add support for 8BitDo Ultimate 2C Wireless Controller |
||
Linus Torvalds
|
9197b73fd7 |
Mashed-up update that I sat on too long:
- fix for multiple slabs created with the same name - enable multipage folios - theorical fix to also look for opened fids by inode if none was found by dentry -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEE/IPbcYBuWt0zoYhOq06b7GqY5nAFAmcS81AACgkQq06b7GqY 5nACpBAAtXOGRjg+dushCwUVKBlnI3oTwE2G+ywnphNZg2A0emlMOxos7x1OTiM3 Fu0b10MCUWHIXo4jD6ALVPWITJTfjiXR8s90Q/ozypcIXXhkDDShhV31b2h6Iplr YyKyjEehDFRiS7rqWC2a9mce99sOpwdQRmnssnWbjYvpJ4imFbl+50Z1I5Nc/Omu j2y02eMuikiWF/shKj0Dx1mmpZ4InSv3kvlM+V2D2YdWKNonGZe/xFZhid95LXmr Upt55R8k9qR2pn4VU22eKP6c34DIZGDlrcQdPUCNP5QuaAdGZov3TjNQdjE1bJmF E2QdxvUNfvvHqlvaRrlWa27uMgXMcy7QV3LEKwmo3tmaYVw2PDMRbFXc9zQdxy91 zqXjjGasnwzE8ca36y79vZjFTHAyY5VK/3cHCL3ai+ysu4UL3k2QgmVegREG/xKk G8Nz4UO/R6s8Wc2VqxKJdZS5NMLlADS+Aes0PG+9AxQz7iR9Ktgwrw39KDxMi+Lm PeH3Gz2rP9+EPoa3usoBQtvvvmJKM/Wb9qdPW9vTtRbRJ7bVclJoizFoLMA/TiW1 Jru+HYGBO75s8RynwEDLMiJhkjZWHfVgDjPsY6YsGVH8W2gOcJ7egQ2J2EsuurN3 tzKz4uQilV+VeDuWs8pWKrX/c3Y3KpSYV+oayg7Je7LoTlQBmU8= =VG4t -----END PGP SIGNATURE----- Merge tag '9p-for-6.12-rc4' of https://github.com/martinetd/linux Pull 9p fixes from Dominique Martinet: "Mashed-up update that I sat on too long: - fix for multiple slabs created with the same name - enable multipage folios - theorical fix to also look for opened fids by inode if none was found by dentry" [ Enabling multi-page folios should have been done during the merge window, but it's a one-liner, and the actual meat of the enablement is in netfs and already in use for other filesystems... - Linus ] * tag '9p-for-6.12-rc4' of https://github.com/martinetd/linux: 9p: Avoid creating multiple slab caches with the same name 9p: Enable multipage folios 9p: v9fs_fid_find: also lookup by inode if not found dentry |
||
Linus Torvalds
|
4e6bd4a33a |
Rust fixes for v6.12 (2nd)
Toolchain and infrastructure: - Fix several issues with the 'rustc-option' macro. It includes a refactor from Masahiro of three '{cc,rust}-*' macros, which is not a fix but avoids repeating the same commands (which would be several lines in the case of 'rustc-option'). - Fix conditions for 'CONFIG_HAVE_CFI_ICALL_NORMALIZE_INTEGERS'. It includes the addition of 'CONFIG_RUSTC_LLVM_VERSION', which is not a fix but is needed for the actual fix. And a trivial grammar fix. -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEPjU5OPd5QIZ9jqqOGXyLc2htIW0FAmcS5LkACgkQGXyLc2ht IW07ghAAxP94zqWzf8bQ4IIgTYrV9WSqR9vMpd31VAPknRJjGUq5dehFxiQxDJ5X ibMcpyja8V1CGeOh4qthLJAD/OGw+ANafjLfHM/l9cQRx1uwLEac3h4/YR1x52Ep al3ISewhbs3cjko2aa6Gnym3hdYizqkKY9Bca6kvo7k4ZRRmWT3sKAsle6rV93Hw q9AjC40XC8iy2VYv/JPvP1zcr3T7ZzCrs3ELG8sLSeR0gZZEmI3e3FOWWHcRlVRa uig4SSPvhHVssG8k64CHmzUtVQCApuJuzQGG72Ozs4V5Xxk86ZRE0XzyMXaw15nu Mm8s+hDxsFXfESQg0GMCVQ7wnGFSuvRwK3sWALltXmqtGQxkYgcJ3mYtu0sP8p51 VIzDIomdUfGLxk+sDn7Lnl5PrSLaetUd94nr5qCMmfb2/7/kSaB4aHmML+8ZHCn5 I4TQONL/pVmmRm97HFaAFOzCaGRWfVoIzQ/cRaQhqK+qrTfRjyFcsMzN+Flp5A58 c3AgnTVlm4pPqtlLQ1z9BiGYT50dI0fHBOQiisogGsZwwMUqzEMOnbZjbhS/HKSp FG8hu/OyzIsNnNqOfQZN4DSTyf4qfIuyTmFM1OAel8zllCwlxy5F2hVp/opwH3/y On6CW0lunUBzCXZZ+byWudo7Vg8YpMVHATLqp9FHZpJb8JK688w= =Y7fL -----END PGP SIGNATURE----- Merge tag 'rust-fixes-6.12-2' of https://github.com/Rust-for-Linux/linux Pull rust fixes from Miguel Ojeda: "Toolchain and infrastructure: - Fix several issues with the 'rustc-option' macro. It includes a refactor from Masahiro of three '{cc,rust}-*' macros, which is not a fix but avoids repeating the same commands (which would be several lines in the case of 'rustc-option'). - Fix conditions for 'CONFIG_HAVE_CFI_ICALL_NORMALIZE_INTEGERS'. It includes the addition of 'CONFIG_RUSTC_LLVM_VERSION', which is not a fix but is needed for the actual fix. And a trivial grammar fix" * tag 'rust-fixes-6.12-2' of https://github.com/Rust-for-Linux/linux: cfi: fix conditions for HAVE_CFI_ICALL_NORMALIZE_INTEGERS kbuild: rust: add `CONFIG_RUSTC_LLVM_VERSION` kbuild: fix issues with rustc-option kbuild: refactor cc-option-yn, cc-disable-warning, rust-option-yn macros lib/Kconfig.debug: fix grammar in RUST_BUILD_ASSERT_ALLOW |
||
Jens Axboe
|
ae6a888a43 |
io_uring/rw: fix wrong NOWAIT check in io_rw_init_file()
A previous commit improved how !FMODE_NOWAIT is dealt with, but
inadvertently negated a check whilst doing so. This caused -EAGAIN to be
returned from reading files with O_NONBLOCK set. Fix up the check for
REQ_F_SUPPORT_NOWAIT.
Reported-by: Julian Orth <ju.orth@gmail.com>
Link: https://github.com/axboe/liburing/issues/1270
Fixes:
|
||
Steven Rostedt
|
fae4078c28 |
fgraph: Allocate ret_stack_list with proper size
The ret_stack_list is an array of ret_stack shadow stacks for the function
graph usage. When the first function graph is enabled, all tasks in the
system get a shadow stack. The ret_stack_list is a 32 element array of
pointers to these shadow stacks. It allocates the shadow stack in batches
(32 stacks at a time), assigns them to running tasks, and continues until
all tasks are covered.
When the function graph shadow stack changed from an array of
ftrace_ret_stack structures to an array of longs, the allocation of
ret_stack_list went from allocating an array of 32 elements to just a
block defined by SHADOW_STACK_SIZE. Luckily, that's defined as PAGE_SIZE
and is much more than enough to hold 32 pointers. But it is way overkill
for the amount needed to allocate.
Change the allocation of ret_stack_list back to a kcalloc() of
FTRACE_RETSTACK_ALLOC_SIZE pointers.
Cc: Masami Hiramatsu <mhiramat@kernel.org>
Cc: Mark Rutland <mark.rutland@arm.com>
Cc: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Link: https://lore.kernel.org/20241018215212.23f13f40@rorschach
Fixes:
|
||
Steven Rostedt
|
2c02f7375e |
fgraph: Use CPU hotplug mechanism to initialize idle shadow stacks
The function graph infrastructure allocates a shadow stack for every task
when enabled. This includes the idle tasks. The first time the function
graph is invoked, the shadow stacks are created and never freed until the
task exits. This includes the idle tasks.
Only the idle tasks that were for online CPUs had their shadow stacks
created when function graph tracing started. If function graph tracing is
enabled and a CPU comes online, the idle task representing that CPU will
not have its shadow stack created, and all function graph tracing for that
idle task will be silently dropped.
Instead, use the CPU hotplug mechanism to allocate the idle shadow stacks.
This will include idle tasks for CPUs that come online during tracing.
This issue can be reproduced by:
# cd /sys/kernel/tracing
# echo 0 > /sys/devices/system/cpu/cpu1/online
# echo 0 > set_ftrace_pid
# echo function_graph > current_tracer
# echo 1 > options/funcgraph-proc
# echo 1 > /sys/devices/system/cpu/cpu1
# grep '<idle>' per_cpu/cpu1/trace | head
Before, nothing would show up.
After:
1) <idle>-0 | 0.811 us | __enqueue_entity();
1) <idle>-0 | 5.626 us | } /* enqueue_entity */
1) <idle>-0 | | dl_server_update_idle_time() {
1) <idle>-0 | | dl_scaled_delta_exec() {
1) <idle>-0 | 0.450 us | arch_scale_cpu_capacity();
1) <idle>-0 | 1.242 us | }
1) <idle>-0 | 1.908 us | }
1) <idle>-0 | | dl_server_start() {
1) <idle>-0 | | enqueue_dl_entity() {
1) <idle>-0 | | task_contending() {
Note, if tracing stops and restarts, the old way would then initialize
the onlined CPUs.
Cc: stable@vger.kernel.org
Cc: Masami Hiramatsu <mhiramat@kernel.org>
Cc: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Cc: Mark Rutland <mark.rutland@arm.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: https://lore.kernel.org/20241018214300.6df82178@rorschach
Fixes:
|
||
Linus Torvalds
|
3d5ad2d4ec |
BPF fixes:
- Fix BPF verifier to not affect subreg_def marks in its range propagation, from Eduard Zingerman. - Fix a truncation bug in the BPF verifier's handling of coerce_reg_to_size_sx, from Dimitar Kanaliev. - Fix the BPF verifier's delta propagation between linked registers under 32-bit addition, from Daniel Borkmann. - Fix a NULL pointer dereference in BPF devmap due to missing rxq information, from Florian Kauer. - Fix a memory leak in bpf_core_apply, from Jiri Olsa. - Fix an UBSAN-reported array-index-out-of-bounds in BTF parsing for arrays of nested structs, from Hou Tao. - Fix build ID fetching where memory areas backing the file were created with memfd_secret, from Andrii Nakryiko. - Fix BPF task iterator tid filtering which was incorrectly using pid instead of tid, from Jordan Rome. - Several fixes for BPF sockmap and BPF sockhash redirection in combination with vsocks, from Michal Luczaj. - Fix riscv BPF JIT and make BPF_CMPXCHG fully ordered, from Andrea Parri. - Fix riscv BPF JIT under CONFIG_CFI_CLANG to prevent the possibility of an infinite BPF tailcall, from Pu Lehui. - Fix a build warning from resolve_btfids that bpf_lsm_key_free cannot be resolved, from Thomas Weißschuh. - Fix a bug in kfunc BTF caching for modules where the wrong BTF object was returned, from Toke Høiland-Jørgensen. - Fix a BPF selftest compilation error in cgroup-related tests with musl libc, from Tony Ambardar. - Several fixes to BPF link info dumps to fill missing fields, from Tyrone Wu. - Add BPF selftests for kfuncs from multiple modules, checking that the correct kfuncs are called, from Simon Sundberg. - Ensure that internal and user-facing bpf_redirect flags don't overlap, also from Toke Høiland-Jørgensen. - Switch to use kvzmalloc to allocate BPF verifier environment, from Rik van Riel. - Use raw_spinlock_t in BPF ringbuf to fix a sleep in atomic splat under RT, from Wander Lairson Costa. Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> -----BEGIN PGP SIGNATURE----- iIsEABYIADMWIQTFp0I1jqZrAX+hPRXbK58LschIgwUCZxK4OhUcZGFuaWVsQGlv Z2VhcmJveC5uZXQACgkQ2yufC7HISIOCrwEAib2kC5EEQn5+wKVE/bnZryVX2leT YXdfItDCBU6zCYUA+wTU5hGGn9lcDUcZx72l/KZPDyPw7HdzNJ+6iR1zQqoM =f9kv -----END PGP SIGNATURE----- Merge tag 'bpf-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf Pull bpf fixes from Daniel Borkmann: - Fix BPF verifier to not affect subreg_def marks in its range propagation (Eduard Zingerman) - Fix a truncation bug in the BPF verifier's handling of coerce_reg_to_size_sx (Dimitar Kanaliev) - Fix the BPF verifier's delta propagation between linked registers under 32-bit addition (Daniel Borkmann) - Fix a NULL pointer dereference in BPF devmap due to missing rxq information (Florian Kauer) - Fix a memory leak in bpf_core_apply (Jiri Olsa) - Fix an UBSAN-reported array-index-out-of-bounds in BTF parsing for arrays of nested structs (Hou Tao) - Fix build ID fetching where memory areas backing the file were created with memfd_secret (Andrii Nakryiko) - Fix BPF task iterator tid filtering which was incorrectly using pid instead of tid (Jordan Rome) - Several fixes for BPF sockmap and BPF sockhash redirection in combination with vsocks (Michal Luczaj) - Fix riscv BPF JIT and make BPF_CMPXCHG fully ordered (Andrea Parri) - Fix riscv BPF JIT under CONFIG_CFI_CLANG to prevent the possibility of an infinite BPF tailcall (Pu Lehui) - Fix a build warning from resolve_btfids that bpf_lsm_key_free cannot be resolved (Thomas Weißschuh) - Fix a bug in kfunc BTF caching for modules where the wrong BTF object was returned (Toke Høiland-Jørgensen) - Fix a BPF selftest compilation error in cgroup-related tests with musl libc (Tony Ambardar) - Several fixes to BPF link info dumps to fill missing fields (Tyrone Wu) - Add BPF selftests for kfuncs from multiple modules, checking that the correct kfuncs are called (Simon Sundberg) - Ensure that internal and user-facing bpf_redirect flags don't overlap (Toke Høiland-Jørgensen) - Switch to use kvzmalloc to allocate BPF verifier environment (Rik van Riel) - Use raw_spinlock_t in BPF ringbuf to fix a sleep in atomic splat under RT (Wander Lairson Costa) * tag 'bpf-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf: (38 commits) lib/buildid: Handle memfd_secret() files in build_id_parse() selftests/bpf: Add test case for delta propagation bpf: Fix print_reg_state's constant scalar dump bpf: Fix incorrect delta propagation between linked registers bpf: Properly test iter/task tid filtering bpf: Fix iter/task tid filtering riscv, bpf: Make BPF_CMPXCHG fully ordered bpf, vsock: Drop static vsock_bpf_prot initialization vsock: Update msg_count on read_skb() vsock: Update rx_bytes on read_skb() bpf, sockmap: SK_DROP on attempted redirects of unsupported af_vsock selftests/bpf: Add asserts for netfilter link info bpf: Fix link info netfilter flags to populate defrag flag selftests/bpf: Add test for sign extension in coerce_subreg_to_size_sx() selftests/bpf: Add test for truncation after sign extension in coerce_reg_to_size_sx() bpf: Fix truncation bug in coerce_reg_to_size_sx() selftests/bpf: Assert link info uprobe_multi count & path_size if unset bpf: Fix unpopulated path_size when uprobe_multi fields unset selftests/bpf: Fix cross-compiling urandom_read selftests/bpf: Add test for kfunc module order ... |
||
Linus Torvalds
|
dbafeddb95 |
linux_kselftest-fixes-6.12-rc4
kselftest fixes for Linux 6.12-rc4 -- fixes test makefile to install tests directory without which the test fails with errors. -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEPZKym/RZuOCGeA/kCwJExA0NQxwFAmcSupQACgkQCwJExA0N QxwIThAAmrmJg68T6u3LM0Fg5X6AeiIifgM12l2uFJ7l3A7i0neVeKdd/hyu5LdU pBaoazZajDUNBLmTQ8JOyJj1GisF1bxL/tlXy5xuyesf5pRcsBDU8u8R9xB8MT1c gGFKDlsT+jLwaAMNws7IRGkN2nmwuDYyhJQsuBTElN0cMViCCOTAxS0el3+9ymqK oJMHRawEGr9w8lD9wtwayK9D05YdSY3H/k6Yoco/BPSvXB0g+6dHv/h3zjkmxgmi VxAFWSDri2o4otxhPL/wNdJbzNjLrorFZ6PtYnNopZds2Qx9bqLulRcwEM0pPDtq 8qqQUOgsUyC9dMLAwp2l5zVUDfZCjSr21NS59nfjW4ZD8YZzgzmwwYJ2xQIuDunP gVX7zWcG3/6DK55BTe6LZpiqlXRrbSZ5EOvq2eZIA/cMOlddYsY9tEdr1/OB99fh TUuAQSEUpzb4p9YRfHQBAucJmWCVLJepoTzmt8PSLVnQQDGwg84OE/seX6SEt0uv kyQXM0JX1Fq9eVtijc/2hiKQzDoBK/OzopCn3undDhB/p1fpNaUfPPiyy05AMlHJ o3HMK02ooG7Mk/oOBOEDParaAQFMqJWY2DI7XY7EM2Utk/u13SZmnWKL5jVxAjob 1UC+87HiDvE+yXLS2d8nvn/NI23hfa186fCugvUl9k7XsG+6EuM= =0Kn+ -----END PGP SIGNATURE----- Merge tag 'linux_kselftest-fixes-6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest Pull kselftest fix from Shuah Khan: - fix test makefile to install tests directory without which the test fails with errors * tag 'linux_kselftest-fixes-6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest: selftest: hid: add the missing tests directory |
||
Nikita Travkin
|
2de01e0e57 |
Input: zinitix - don't fail if linux,keycodes prop is absent
When initially adding the touchkey support, a mistake was made in the
property parsing code. The possible negative errno from
device_property_count_u32() was never checked, which was an oversight
left from converting to it from the of_property as part of the review
fixes.
Re-add the correct handling of the absent property, in which case zero
touchkeys should be assumed, which would disable the feature.
Reported-by: Jakob Hauser <jahau@rocketmail.com>
Tested-by: Jakob Hauser <jahau@rocketmail.com>
Fixes:
|
||
Linus Torvalds
|
f8eacd8ad7 |
block-6.12-20241018
-----BEGIN PGP SIGNATURE----- iQJEBAABCAAuFiEEwPw5LcreJtl1+l5K99NY+ylx4KYFAmcSk4AQHGF4Ym9lQGtl cm5lbC5kawAKCRD301j7KXHgpuuXD/0UERdP+djJNoXBW5Mv7U5a4rJ7ZgfPL7ku z3ZfdnNYGitZhYkVjNQ60TLzXRQyUaIIxMVBWzkb59I6ixmuQbzm/lC55B6s/FIR bfT3afe1WRgLCaFbStu91qRs/44Mq4yK6wXcIU7LwutRT/5cqZwelqRZLK7DMFln zlGX4zNrCMRUDTr6PLa6CvyY4dmQSL17Ib1ypcKXjGs5YjDntzSrIsKVT1Wayans WroGGPG6W7r2c2kn8pe4uPIjZVfMUF2vrdIs0KEYaAQOC7ppEucCgDZMEWRs7kdH 63hheudJjVSwLF/qYnXNHe/Bz12QCZohPp6UsqRpC8o96Ralgo6Q+FxkXsVelMXW JKhtDqYGBDHOQrjrEWN1rnYw/DauEQAgvOtdVfEx2IBzPsG07cB8yv8MNA90H9QH KStI7h9qnBEMMNcXX8prOymCHNWAeuF4mbitVrRfSfEVm/0BbQ19qoyGrvwNFgEf 6T+4Xj/P+FsiLVe8vsgBZDaxEEU5Ifd/rki/QFVk/2z72BBZxmdf2nm51SOM28V7 HGMHwJI3H8rdmPXvt5Q/ve6GWNOYLO5PSAJgSSe96UStvtsAHGB4eM+LykdnE7cI SoytU5KfAM8DD6wnyHIgYuvJyZWrmLoVDrRjym8emc2KrJOe7qg+Ah4ERcNTCnhl nw50f27G4w== =waNY -----END PGP SIGNATURE----- Merge tag 'block-6.12-20241018' of git://git.kernel.dk/linux Pull block fixes from Jens Axboe: - NVMe pull request via Keith: - Fix target passthrough identifier (Nilay) - Fix tcp locking (Hannes) - Replace list with sbitmap for tracking RDMA rsp tags (Guixen) - Remove unnecessary fallthrough statements (Tokunori) - Remove ready-without-media support (Greg) - Fix multipath partition scan deadlock (Keith) - Fix concurrent PCI reset and remove queue mapping (Maurizio) - Fabrics shutdown fixes (Nilay) - Fix for a kerneldoc warning (Keith) - Fix a race with blk-rq-qos and wakeups (Omar) - Cleanup of checking for always-set tag_set (SurajSonawane2415) - Fix for a crash with CPU hotplug notifiers (Ming) - Don't allow zero-copy ublk on unprivileged device (Ming) - Use array_index_nospec() for CDROM (Josh) - Remove dead code in drbd (David) - Tweaks to elevator loading (Breno) * tag 'block-6.12-20241018' of git://git.kernel.dk/linux: cdrom: Avoid barrier_nospec() in cdrom_ioctl_media_changed() nvme: use helper nvme_ctrl_state in nvme_keep_alive_finish function nvme: make keep-alive synchronous operation nvme-loop: flush off pending I/O while shutting down loop controller nvme-pci: fix race condition between reset and nvme_dev_disable() ublk: don't allow user copy for unprivileged device blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race nvme-multipath: defer partition scanning blk-mq: setup queue ->tag_set before initializing hctx elevator: Remove argument from elevator_find_get elevator: do not request_module if elevator exists drbd: Remove unused conn_lowest_minor nvme: disable CC.CRIME (NVME_CC_CRIME) nvme: delete unnecessary fallthru comment nvmet-rdma: use sbitmap to replace rsp free list block: Fix elevator_get_default() checking for NULL q->tag_set nvme: tcp: avoid race between queue_lock lock and destroy nvmet-passthru: clear EUID/NGUID/UUID while using loop target block: fix blk_rq_map_integrity_sg kernel-doc |
||
Linus Torvalds
|
a041f47898 |
io_uring-6.12-20241018
-----BEGIN PGP SIGNATURE----- iQJEBAABCAAuFiEEwPw5LcreJtl1+l5K99NY+ylx4KYFAmcSk5EQHGF4Ym9lQGtl cm5lbC5kawAKCRD301j7KXHgpix8EACerYNC/5U1MjZvJ9sFtH3i4WtGIx3AOpxk UZyzvrmZh8+LIT2Xfvs50/SfC4LAOLuJBWr5bjkJxtNWFc02R3n/1spOIV7PV5xc FL2mBfnViW9OxCiOOdG7hRNvhCGZ9Rb5HIo1c8OoXslXCEPFDLMNJ/PTrzm1mjHz VbxLfNOXPCHprRwi70UK4mdAE6VJkMXRgh5ysjDtL3Ux4mA0fQ4x/hifGIBTbJri BPVFQlRmWHuo9DKuimn3h6asYlygD15CJS/XIfXWyans6E/3vgVy918XlvH/4kMT zN0nl2HQgaEl+4b31pxzrELWkYgMo1MM3ENWiqfClDk5k0YCf1MH5DzrMAhrg6I/ GFQF1XPOYMld/vwsM1xE+75/xKkKCOrV2EZfBfPTb11v6zePEl1F6dHST7sZ5hd2 iNSuohL2MdAODlG+itqNZpuNUgc6gqdNOCUFwli+XgBzkaiZScS5lkssq1EKhoVi 1MjkIsQNx9eXfVLa/aiDZveu3YJNeLD2XVwqjtIXSxgaCZBNa4oa4rLvOCr+xnst wM0kI7EBIDQMzaupfs0hQ07iatkw/n2ILRjrs8bM2K0hSxMEuAlj+cJkWbVI7nCR /VeHeloS6f8OwSvRF1S1zHGNmA9UR7m2nbL5HfuurrMITUg4L4sNXexnfeYEKpA9 yaCaw41USA== =gi8g -----END PGP SIGNATURE----- Merge tag 'io_uring-6.12-20241018' of git://git.kernel.dk/linux Pull io_uring fixes from Jens Axboe: - Fix a regression this merge window where cloning of registered buffers didn't take into account the dummy_ubuf - Fix a race with reading how many SQRING entries are available, causing userspace to need to loop around io_uring_sqring_wait() rather than being able to rely on SQEs being available when it returned - Ensure that the SQPOLL thread is TASK_RUNNING before running task_work off the cancelation exit path * tag 'io_uring-6.12-20241018' of git://git.kernel.dk/linux: io_uring/sqpoll: ensure task state is TASK_RUNNING when running task_work io_uring/rsrc: ignore dummy_ubuf for buffer cloning io_uring/sqpoll: close race on waiting for sqring entries |
||
John Edwards
|
22a18935d7 |
Input: xpad - add support for MSI Claw A1M
Add MSI Claw A1M controller to xpad_device match table when in xinput mode. Add MSI VID as XPAD_XBOX360_VENDOR. Signed-off-by: John Edwards <uejji@uejji.net> Reviewed-by: Derek J. Clark <derekjohn.clark@gmail.com> Reviewed-by: Christopher Snowhill <kode54@gmail.com> Link: https://lore.kernel.org/r/20241010232020.3292284-4-uejji@uejji.net Cc: stable@vger.kernel.org Signed-off-by: Dmitry Torokhov <dmitry.torokhov@gmail.com> |
||
Fan Wu
|
917a15c37d |
MAINTAINERS: update IPE tree url and Fan Wu's email
Update Integrity Policy Enforcement (IPE) LSM tree url and maintainer's email to the newly issued kernel.org tree/email. Signed-off-by: Fan Wu <wufan@kernel.org> |
||
Luca Boccassi
|
f40998a8e6 |
ipe: fallback to platform keyring also if key in trusted keyring is rejected
If enabled, we fallback to the platform keyring if the trusted keyring doesn't have the key used to sign the ipe policy. But if pkcs7_verify() rejects the key for other reasons, such as usage restrictions, we do not fallback. Do so, following the same change in dm-verity. Signed-off-by: Luca Boccassi <bluca@debian.org> Suggested-by: Serge Hallyn <serge@hallyn.com> [FW: fixed some line length issues and a typo in the commit message] Signed-off-by: Fan Wu <wufan@kernel.org> |
||
Linus Torvalds
|
b04ae0f451 |
two fixes for stable, and two small cleanup fixes
-----BEGIN PGP SIGNATURE----- iQGzBAABCgAdFiEE6fsu8pdIjtWE/DpLiiy9cAdyT1EFAmcSdmYACgkQiiy9cAdy T1EnnAwAoNbY+odLB9atHIuaBftpyINrhzRrzpwTfYNtPKUPGxxGk2fiP29YqMLb OF4jnC87E3P/xhydoZHXXe3kKBQFVMAkJZKHiZBvJd+brk/EadfQnNmIio1pwOGh zFNxSujFtsM/1HU/ZoI2kaHzrqj5KxWKWFytZ6umd8C3NyKK9Lo/lcqUBKv8MpJy XXkMBh+7HGKRfDQlU+n6NQ5+dqFL5xDjTXlm9dM8LXuInKy5oKTGnRhLA7OA8lt7 EenFo8joy0IpXUByHt+ksQ8P88NCnU2h9kGp1UrGrBPh90+MokRr9GAcH8twK8jt /bpL4yzAwuk1TAg+L9mSLT2OtWYsDpsQZmsBMbxBZGr2qmtjwgbxSgjf6DNiJZgn jz15nFsuEsU5AbX4EAE67fwRWAo9AmQFyOOcYgkiIWOFHaRU6D/2NzCxCDZ+mfpy Z5f7dF/sA158iY4wmB5BrQpFamxzpLADz6Qy4NA9hXjEKsbyFAuf22EjE64ruxZ4 8nMB3buh =peum -----END PGP SIGNATURE----- Merge tag 'v6.12-rc3-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6 Pull smb client fixes from Steve French: - Fix possible double free setting xattrs - Fix slab out of bounds with large ioctl payload - Remove three unused functions, and an unused variable that could be confusing * tag 'v6.12-rc3-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6: cifs: Remove unused functions smb/client: Fix logically dead code smb: client: fix OOBs when building SMB2_IOCTL request smb: client: fix possible double free in smb2_set_ea() |
||
Linus Torvalds
|
568570fdf2 |
XFS Bug fixes for 6.12-rc4
* Fix integer overflow in xrep_bmap * Fix stale dealloc punching for COW IO Signed-off-by: Carlos Maiolino <cem@kernel.org> -----BEGIN PGP SIGNATURE----- iJUEABMJAB0WIQQMHYkcUKcy4GgPe2RGdaER5QtfpgUCZw5LIwAKCRBGdaER5Qtf puRlAYDezbvs1dDSkKIGOt3inGdLptNAu4qniXBUkbYI9BzmtIVDueWP4Wo0dV3d gu3xrWQBfjFXdmEuBlwLuAFrp07AN18BVMj+DWCiEShsPHSoSPcF/IrDiz4BHvGv MKYq9CywFw== =Gj9b -----END PGP SIGNATURE----- Merge tag 'xfs-6.12-fixes-4' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux Pull xfs fixes from Carlos Maiolino: - Fix integer overflow in xrep_bmap - Fix stale dealloc punching for COW IO * tag 'xfs-6.12-fixes-4' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux: xfs: punch delalloc extents from the COW fork for COW writes xfs: set IOMAP_F_SHARED for all COW fork allocations xfs: share more code in xfs_buffered_write_iomap_begin xfs: support the COW fork in xfs_bmap_punch_delalloc_range xfs: IOMAP_ZERO and IOMAP_UNSHARE already hold invalidate_lock xfs: take XFS_MMAPLOCK_EXCL xfs_file_write_zero_eof xfs: factor out a xfs_file_write_zero_eof helper iomap: move locking out of iomap_write_delalloc_release iomap: remove iomap_file_buffered_write_punch_delalloc iomap: factor out a iomap_last_written_block helper xfs: fix integer overflow in xrep_bmap |
||
Linus Torvalds
|
5e9ab267be |
Power management updates for 6.12-rc4
- Enable ACPI CPPC in amd_pstate_register_driver() after disabling it in amd_pstate_unregister_driver() when switching driver operation modes (Dhananjay Ugwekar). - Make amd-pstate use nominal performance as the maximum performance level when boost is disabled (Mario Limonciello). - Add ArrowLake-H to the list of processors where PL4 is supported in the MSR part of the intel_rapl power capping driver (Srinivas Pandruvada). -----BEGIN PGP SIGNATURE----- iQJGBAABCAAwFiEE4fcc61cGeeHD/fCwgsRv/nhiVHEFAmcSi7kSHHJqd0Byand5 c29ja2kubmV0AAoJEILEb/54YlRxODYP/08cpRT/dgzXP1xVdouCd4CXrbCUzVDm QP2P+oNLvPkBo7Jc3S+jTbSAsmSidYUqNbYvEGMggsm9zhStW21n1Olz2z+P4k2c pzzU70Vmu42MxHJkbM+aMaluu/O9C3S3LGJAYWo3vPFSatRRUN6U/h9SWjwOslKd 0uj9DhyTb0iL7kdrYsa974M9ZTL5xszYpoSsdIZWMUq2LqGqsrVNeK+o7zETw86i gSVv7l96Y3O3nXNTgG362ACNMOaCz7zL1hgQ3Kjp/6Y+SeK2JEMESDinJeCQDRAg CCaRJEpcRDKesBUADT+McRuWGt8KVtNObIk+IJeJzrQIZCztTOaLF7/ePjd2IkT7 jkIwoc1Zw5LnPADUhn4+6w+gNmF/U9K2Mp5g3Y01OudEN1WDAWu+p+jr2PTD1w3A MUPC6Eo1BFeN0HZf//H52TI8fuZwCohQpbuCV2p814KnOKKWm6nZPi2OKPgC/I+r ljVp/8TB06KwZdmIcgmgqBX6jbghgMpKy6w1LCLrXPN/DWgeUWDBzO+NqpKZVFAP T8Di0RVv+QZJoIrilpKK2SnI1Rwfv6TOCB+lKPmsRxm+/OYgIhVsQFl+7fWI46DN a6+4v3yMZcc0Y1C18PKPxGpzcif6SOkJ6fChjZ7ddf4qsijaurS/kmDIkTPcOdXj SymbawvS/1dT =a0Z8 -----END PGP SIGNATURE----- Merge tag 'pm-6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm Pull power management fixes from Rafael Wysocki: "These fix two issues in the amd-pstate cpufreq driver and update the intel_rapl power capping driver with a new processor ID. Specifics: - Enable ACPI CPPC in amd_pstate_register_driver() after disabling it in amd_pstate_unregister_driver() when switching driver operation modes (Dhananjay Ugwekar) - Make amd-pstate use nominal performance as the maximum performance level when boost is disabled (Mario Limonciello) - Add ArrowLake-H to the list of processors where PL4 is supported in the MSR part of the intel_rapl power capping driver (Srinivas Pandruvada)" * tag 'pm-6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm: powercap: intel_rapl_msr: Add PL4 support for ArrowLake-H cpufreq/amd-pstate: Use nominal perf for limits when boost is disabled cpufreq/amd-pstate: Fix amd_pstate mode switch on shared memory systems |