The i_version field in the kernel has had different semantics over
the decades, but NFSv4 has certain expectations. Update the comments
in iversion.h to describe when the i_version must change.
Cc: Colin Walters <walters@verbum.org>
Cc: NeilBrown <neilb@suse.de>
Cc: Trond Myklebust <trondmy@hammerspace.com>
Cc: Dave Chinner <david@fromorbit.com>
Reviewed-by: Christian Brauner <brauner@kernel.org>
Signed-off-by: Jeff Layton <jlayton@kernel.org>
Reviewed-by: NeilBrown <neilb@suse.de>
Reviewed-by: Jan Kara <jack@suse.cz>
Reviewed-by: Christian Brauner <brauner@kernel.org>
Signed-off-by: Jeff Layton <jlayton@kernel.org>
There has been a fix we have been delaying for v6.2 due to lack of
early testing on linux-next. The commit has been sitting on linux-next
since December and testing has also been now a bit extensive by a few
developers. Since this is a fix which definitely will go to v6.3 it
should also apply to v6.2 so if there are any issues we pick them up
earlier rather than later. The fix fixes a regression since v5.3, prior
to me helping with module maintenance, however, the issue is real in
that in the worst case now can prevent boot.
We've discussed all possible corner cases [0] and at last do feel this is
ready for v6.2-rc6.
[0] https://lore.kernel.org/all/Y9A4fiobL6IHp%2F%2FP@bombadil.infradead.org/
-----BEGIN PGP SIGNATURE-----
iQJGBAABCgAwFiEENnNq2KuOejlQLZofziMdCjCSiKcFAmPQRn8SHG1jZ3JvZkBr
ZXJuZWwub3JnAAoJEM4jHQowkoinH9cP/344JxH/hzHb1XMY6DuFs2LJSrcA9t0D
ZIV4DO/MHGc6NpgNAztbtKmj2S0UX7OMOF85MwlKKNklqi2Z0DyUc6Wu2wjeTTBp
p5dqMdgtpl2BFdly5GuL7ttKXBp1Hd6Z9DVl+N5nWjrmLE/HsF4hiwTAXL6L10Fi
+n65C1hwsgbnUVCgoh/4tPGjsB8n5CemR35LBahO5EWyjFdzMMb9MBuKYNmG2j64
rh8DW6Wp5i647ysDJ13DI1/fsvMab28ZPE/JRM27Nuak9WYbzgz1zTpofRCv2tCi
B03kXBRdrtDqWomdeB4FXNJdwK+IIfLkn7K/AEKagXgRIzF7byd93H9E29zuwywG
8DmHxGpcOoyjhoYtc1oVTYSaYD5F1jYq/G4AWNrjcuR3kTiLMIsA/SQbpBe/uyI3
mqUqe6MshNb3p1a9xVEfQITCXQWvJOWvBqJcQVUN5uI8cftVtEaq9qvHurVYBnCn
tHNxMa7mP2YfZez6uXqeud4FXbEVchM07p0DCEbV59vRaQz3bse0CfB8txFadsFe
UvREoo7vrgT1A8ysuvFsXUwskEq9rQ/6XeEqm+N/EqfbG2a3ArpxygNdjP11QjA9
5MV12X2fU6x0Q0OHBCMWkxpDDnvu1tdSbQWA5lO6Zy755ya3KNoXeNOQNyqzqF6G
JkA1xZHc5UvP
=qa41
-----END PGP SIGNATURE-----
Merge tag 'modules-6.2-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/mcgrof/linux
Pull module fix from Luis Chamberlain:
"Theis is a fix we have been delaying for v6.2 due to lack of early
testing on linux-next.
The commit has been sitting in linux-next since December and testing
has also been now a bit extensive by a few developers. Since this is a
fix which definitely will go to v6.3 it should also apply to v6.2 so
if there are any issues we pick them up earlier rather than later. The
fix fixes a regression since v5.3, prior to me helping with module
maintenance, however, the issue is real in that in the worst case now
can prevent boot.
We've discussed all possible corner cases [0] and at last do feel this
is ready for v6.2-rc6"
Link https://lore.kernel.org/all/Y9A4fiobL6IHp%2F%2FP@bombadil.infradead.org/ [0]
* tag 'modules-6.2-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/mcgrof/linux:
module: Don't wait for GOING modules
- Pass the correct address to mte_clear_page_tags() on initialising
a tagged page
- Plug a race against a GICv4.1 doorbell interrupt while saving
the vgic-v3 pending state.
x86:
- A command line parsing fix and a clang compilation fix for selftests
- A fix for a longstanding VMX issue, that surprisingly was only found
now to affect real world guests
-----BEGIN PGP SIGNATURE-----
iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmPM/foUHHBib256aW5p
QHJlZGhhdC5jb20ACgkQv/vSX3jHroM18Af/ZygTp0zd0+ZEqI8lu6hi9MmL7pKu
CbzjuJUD7iw8fUGZDyYpL7CrcAdQX7JC6cRjBQMq+9Zzh+QBc1SkkBoEwpHy/EoR
xPOSlNmZGM3kQssqHhwC5ciLNYQQ9yEMAw0kTIoOw3/Aznjk70PUzjwIFC5fRTAB
+ScOQj+9hkr9bzNTnIxY50Ewt6kwiZ7BEbL3a6CHCvkFkLnUAjwp/Ci6dIsqXsae
Stlq/ZJi9QYw5Od4C0e63pfSG3MniaVT3aqisB3dEi8I4Tcpbsh7MaJf43ImFm56
jEymmu/FYWXyMpV2Dlt3703SstXO8V9lVztsnbOVgU7/TEjFD5ADUOi7Dg==
=WKnF
-----END PGP SIGNATURE-----
Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm
Pull kvm fixes from Paolo Bonzini:
"ARM64:
- Pass the correct address to mte_clear_page_tags() on initialising a
tagged page
- Plug a race against a GICv4.1 doorbell interrupt while saving the
vgic-v3 pending state.
x86:
- A command line parsing fix and a clang compilation fix for
selftests
- A fix for a longstanding VMX issue, that surprisingly was only
found now to affect real world guests"
* tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm:
KVM: selftests: Make reclaim_period_ms input always be positive
KVM: x86/vmx: Do not skip segment attributes if unusable bit is set
selftests: kvm: move declaration at the beginning of main()
KVM: arm64: GICv4.1: Fix race with doorbell on VPE activation/deactivation
KVM: arm64: Pass the actual page address to mte_clear_page_tags()
Six fixes, all in drivers. The biggest are the UFS devfreq fixes
which address a lock inversion and the two iscsi_tcp fixes which try
to prevent a use after free from userspace still accessing an area
which the kernel has released (seen by KASAN).
Signed-off-by: James E.J. Bottomley <jejb@linux.ibm.com>
-----BEGIN PGP SIGNATURE-----
iJwEABMIAEQWIQTnYEDbdso9F2cI+arnQslM7pishQUCY87V4iYcamFtZXMuYm90
dG9tbGV5QGhhbnNlbnBhcnRuZXJzaGlwLmNvbQAKCRDnQslM7pishRl+AQDWchrR
xwIlYfLEZ9wbIsJWTpxIFBxf2UpRY1CAM94KswEA49R/UA4qhrjdNsf8+Lkss5Fb
fSlWJnhlQ3YruMCmsfY=
=tm6h
-----END PGP SIGNATURE-----
Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi
Pull SCSI fixes from James Bottomley:
"Six fixes, all in drivers.
The biggest are the UFS devfreq fixes which address a lock inversion
and the two iscsi_tcp fixes which try to prevent a use after free from
userspace still accessing an area which the kernel has released (seen
by KASAN)"
* tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi:
scsi: device_handler: alua: Remove a might_sleep() annotation
scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress
scsi: ufs: core: Fix devfreq deadlocks
scsi: hpsa: Fix allocation size for scsi_host_alloc()
scsi: target: core: Fix warning on RT kernels
- Nail another UAF in NFSD's filecache
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEKLLlsBKG3yQ88j7+M2qzM29mf5cFAmPPYLoACgkQM2qzM29m
f5cFXhAAmSn3h41br0tW0vn3fkDVqJpY5y1GsT31llT833CvxoEG+dERWmfFqwaT
rfNAnfFJjJdOmLEos2KmkABP/9HLUHo3ePgqS9MXEDouHPVdnPEKLYNxB+kp/535
+NUDEm7HrcxnctZEcWdGuprmdbSexZeE4ng2lEmbvaiWRQRhBoJS59iM2YfHcN77
7bVz0jrCEYklGSwtfN0wzq9O4VeFPzRhESfycV1LV4ZvUwTNd5vGl1zBWs9ydxWN
kBET/222Bd1rGuvoNFEWcK/dQFDtPrz1tiXH06IHthPvd70BP1z25sOmNfcQHrPp
7gfGJD03PnC2CPVg8Uuou2e1/Je3/Ib+3V2cQJwUWWVWw1GDdwWrk3LG4+esRbdv
OP2qT0dw5uHOuoECwehc/mDyYv2QIIzkXUjxlMNL2WqCxXlKgxO/4lpcvryMlbw6
WHcMV9miCzkA1bK2d8QNisqkNTIQBsWzfrMbXZ9zeQnahrz981Y25OYdXjYIbRyC
itliKYty4L9mS0z2gu5Y6WNBTk9bWItkq2GIIhjWo3K4UAccgfQSn+f6rXX5wNjP
M1P2+QTtb3fMyepbYyDH0KM3wOtROA1MycFvWLSt9sobwiIa/Mt/1mMfcxHtdFEB
85rDxB+zeWqXA5xbzowI3KcmkuHta1QLfBXY9f4x5nLKFduGwAM=
=1Wj9
-----END PGP SIGNATURE-----
Merge tag 'nfsd-6.2-5' of git://git.kernel.org/pub/scm/linux/kernel/git/cel/linux
Pull nfsd fix from Chuck Lever:
- Nail another UAF in NFSD's filecache
* tag 'nfsd-6.2-5' of git://git.kernel.org/pub/scm/linux/kernel/git/cel/linux:
nfsd: don't free files unconditionally in __nfsd_file_cache_purge
-----BEGIN PGP SIGNATURE-----
iIoEABYIADIWIQSacvsUNc7UX4ntmEPzXCl4vpKOKwUCY88exxQcZWJpZ2dlcnNA
Z29vZ2xlLmNvbQAKCRDzXCl4vpKOK2GqAQD5N14vXZ7Xpn2B4pAK1bD9QTBpzFdD
NC+iC7Da9euEswD/WBCOw92Ce9N5IV3Yea9M5TsNTBF459+7F1N85TLjEg4=
=hYmO
-----END PGP SIGNATURE-----
Merge tag 'fscrypt-for-linus' of git://git.kernel.org/pub/scm/fs/fscrypt/linux
Pull fscrypt MAINTAINERS entry update from Eric Biggers:
"Update the MAINTAINERS file entry for fscrypt"
* tag 'fscrypt-for-linus' of git://git.kernel.org/pub/scm/fs/fscrypt/linux:
MAINTAINERS: update fscrypt git repo
During a system boot, it can happen that the kernel receives a burst of
requests to insert the same module but loading it eventually fails
during its init call. For instance, udev can make a request to insert
a frequency module for each individual CPU when another frequency module
is already loaded which causes the init function of the new module to
return an error.
Since commit 6e6de3dee5 ("kernel/module.c: Only return -EEXIST for
modules that have finished loading"), the kernel waits for modules in
MODULE_STATE_GOING state to finish unloading before making another
attempt to load the same module.
This creates unnecessary work in the described scenario and delays the
boot. In the worst case, it can prevent udev from loading drivers for
other devices and might cause timeouts of services waiting on them and
subsequently a failed boot.
This patch attempts a different solution for the problem 6e6de3dee5
was trying to solve. Rather than waiting for the unloading to complete,
it returns a different error code (-EBUSY) for modules in the GOING
state. This should avoid the error situation that was described in
6e6de3dee5 (user space attempting to load a dependent module because
the -EEXIST error code would suggest to user space that the first module
had been loaded successfully), while avoiding the delay situation too.
This has been tested on linux-next since December 2022 and passes
all kmod selftests except test 0009 with module compression enabled
but it has been confirmed that this issue has existed and has gone
unnoticed since prior to this commit and can also be reproduced without
module compression with a simple usleep(5000000) on tools/modprobe.c [0].
These failures are caused by hitting the kernel mod_concurrent_max and can
happen either due to a self inflicted kernel module auto-loead DoS somehow
or on a system with large CPU count and each CPU count incorrectly triggering
many module auto-loads. Both of those issues need to be fixed in-kernel.
[0] https://lore.kernel.org/all/Y9A4fiobL6IHp%2F%2FP@bombadil.infradead.org/
Fixes: 6e6de3dee5 ("kernel/module.c: Only return -EEXIST for modules that have finished loading")
Co-developed-by: Martin Wilck <mwilck@suse.com>
Signed-off-by: Martin Wilck <mwilck@suse.com>
Signed-off-by: Petr Pavlu <petr.pavlu@suse.com>
Cc: stable@vger.kernel.org
Reviewed-by: Petr Mladek <pmladek@suse.com>
[mcgrof: enhance commit log with testing and kmod test result interpretation ]
Signed-off-by: Luis Chamberlain <mcgrof@kernel.org>
-----BEGIN PGP SIGNATURE-----
iIoEABYIADIWIQSacvsUNc7UX4ntmEPzXCl4vpKOKwUCY88euhQcZWJpZ2dlcnNA
Z29vZ2xlLmNvbQAKCRDzXCl4vpKOK+yQAP4wWnC29X3t6kQC4+T2hlw+MOuZBdfd
dm70qTNd6itL7QD8DToDCGm6gt6IqunjIllUBGfEU2oyeKU5MT7SVITfnAo=
=4W3N
-----END PGP SIGNATURE-----
Merge tag 'fsverity-for-linus' of git://git.kernel.org/pub/scm/fs/fsverity/linux
Pull fsverity MAINTAINERS entry update from Eric Biggers:
"Update the MAINTAINERS file entry for fsverity"
* tag 'fsverity-for-linus' of git://git.kernel.org/pub/scm/fs/fsverity/linux:
MAINTAINERS: update fsverity git repo, list, and patchwork
Commit f3bbac3247 ("ext4: deal with legacy signed xattr name hash
values") added a hashing function for the legacy case of having the
xattr hash calculated using a signed 'char' type. It left the unsigned
case alone, since it's all implicitly handled by the '-funsigned-char'
compiler option.
However, there's been some noise about back-porting it all into stable
kernels that lack the '-funsigned-char', so let's just make that at
least possible by making the whole 'this uses unsigned char' very
explicit in the code itself. Whether such a back-port is really
warranted or not, I'll leave to others, but at least together with this
change it is technically sensible.
Also, add a 'pr_warn_once()' for reporting the "hey, signedness for this
hash calculation has changed" issue. Hopefully it never triggers except
for that xfstests generic/454 test-case, but even if it does it's just
good information to have.
If for no other reason than "we can remove the legacy signed hash code
entirely if nobody ever sees the message any more".
Cc: Sasha Levin <sashal@kernel.org>
Cc: Eric Biggers <ebiggers@kernel.org>
Cc: Andreas Dilger <adilger@dilger.ca>
Cc: Theodore Ts'o <tytso@mit.edu>,
Cc: Jason Donenfeld <Jason@zx2c4.com>
Cc: Masahiro Yamada <masahiroy@kernel.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
- Honor reserved regions when testing for IOMMU find grained super
page support, avoiding a regression on s390 for a firmware device
where the existence of the mapping, even if unused can trigger
an error state. (Niklas Schnelle)
- Fix a deadlock in releasing KVM references by using the alternate
.release() rather than .destroy() callback for the kvm-vfio device.
(Yi Liu)
-----BEGIN PGP SIGNATURE-----
iQJPBAABCAA5FiEEQvbATlQL0amee4qQI5ubbjuwiyIFAmPOwUUbHGFsZXgud2ls
bGlhbXNvbkByZWRoYXQuY29tAAoJECObm247sIsicDAQAJSMkMjCkkMQRZaPhD3O
k3/5F2cHC73zY5ldxy+a5oq7na00jkyL3+cCIgZBN7NrADPTjpgPGruhw0zhrzIw
17UvKZZYznLK7x4iapKXZEeRN6HgtUWgeYzGj43lIsiQJtablrcIYbExnCfwIOUo
APgh0crV2RJ6F7pCVuyYCJefKPDjgsrMO8YKJrVh6f6Avv445kwtk2xpIgSwp0C6
O2b/AkysT8Q2bwD7XnHrMIKJ7on2qUcfMJFgYJQ8DjDzbXw+NCW4YizcqNc3/DWM
SoPaSuNZqEbu8Q3cZuQn7uafwL6FTk9WoOef7RowSvO3dn3RA3B61hO+heYukudl
APz2dgAXPnt0fqIadyiFKDrjXcIwgmi29Xb51mAiJbKMYogmrmBhY6jVPCSOoilv
heYEvDxqwD/AiCBzuJP3Dqpc21Xq4kN4jePVFh4aR3Jd+vBITK0EIktonALhnMH+
2ik8FQ9L/HefssytcsXjtbO5K778+OsTP3Bhdbsj6qjGDXHaOIjQzJXnxeT/Uysm
5KLjNRpeRjeIRgsiOB1L8bDyD2bR7SbZWcvw3Z6E9NMY719Txvs19X6OQ9nQd90b
OPJrgVnxCZDMegy7yi68/pyOBSQduo75AgKbNdQa9Nyf92LbfL1HeBkF6+NxjAh5
SQDZYxlWtKHXH0l7yWkksn2G
=tdng
-----END PGP SIGNATURE-----
Merge tag 'vfio-v6.2-rc6' of https://github.com/awilliam/linux-vfio
Pull VFIO fixes from Alex Williamson:
- Honor reserved regions when testing for IOMMU find grained super page
support, avoiding a regression on s390 for a firmware device where
the existence of the mapping, even if unused can trigger an error
state. (Niklas Schnelle)
- Fix a deadlock in releasing KVM references by using the alternate
.release() rather than .destroy() callback for the kvm-vfio device.
(Yi Liu)
* tag 'vfio-v6.2-rc6' of https://github.com/awilliam/linux-vfio:
kvm/vfio: Fix potential deadlock on vfio group_lock
vfio/type1: Respect IOMMU reserved regions in vfio_test_domain_fgsp()
- ensure the EFI ResetSystem and ACPI PRM calls are recognized as users
of the EFI runtime, and therefore protected against exceptions
- account for the EFI runtime stack in the stacktrace code
- remove Matt Garrett's MAINTAINERS entry for efivarfs
-----BEGIN PGP SIGNATURE-----
iQGzBAABCgAdFiEE+9lifEBpyUIVN1cpw08iOZLZjyQFAmPOsW0ACgkQw08iOZLZ
jySMWwv/RFYpNsvbG2QxrrgKvRAFzHiqOaWGWlBPXa3jvoZAEWvhtRNMEm+U+3JY
jJA4F4COnhHy0xrCGb9VWP9ifrI61ZpMMpxFkkxpS/ciTUvilbkQGwLgDZP9g7Hf
jb5+W36BwQKlSQH+bLPSeiIneBHgDY04Q3gTrslSWQs6/rVc4JvYd2+SGxAu9FGz
wi5AX7hbF6zf3x1AJCyeihMClW5Pn+5PaO+ik+XZvyO2e/0YzMigStRbHL8ULRSp
aldrwHuUlNOPa/09bTtHp1cZQwKShupim0DuXuSNvRwJg3+bR4s3673AOy/NUX0G
P0Z0S/i28DOHDfj4Vf3QZiH8vqory+NGvKwr7bgFDwCdHWIS9FW8b1J3JxSLkckF
wkzZ7xl8ppA3xYCzlLP2sr+al+kAHqNTEsBsjOK4PQY0lGhrqQpzjoXs9vZ3mUOw
WAs6ZZI3Y+bhQAHSXqo7xFJr9kIbcE/3aIWc+fRT3EZXCCSkd9KnV8qm6oIeKZYr
+FYcADzY
=Qosm
-----END PGP SIGNATURE-----
Merge tag 'efi-fixes-for-v6.2-2' of git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi
Pull EFI fixes from Ard Biesheuvel:
"Another couple of EFI fixes, of which the first two were already in
-next when I sent out the previous PR, but they caused some issues on
non-EFI boots so I let them simmer for a bit longer.
- ensure the EFI ResetSystem and ACPI PRM calls are recognized as
users of the EFI runtime, and therefore protected against
exceptions
- account for the EFI runtime stack in the stacktrace code
- remove Matthew Garrett's MAINTAINERS entry for efivarfs"
* tag 'efi-fixes-for-v6.2-2' of git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi:
efi: Remove Matthew Garrett as efivarfs maintainer
arm64: efi: Account for the EFI runtime stack in stack unwinder
arm64: efi: Avoid workqueue to check whether EFI runtime is live
nfsd_file_cache_purge is called when the server is shutting down, in
which case, tearing things down is generally fine, but it also gets
called when the exports cache is flushed.
Instead of walking the cache and freeing everything unconditionally,
handle it the same as when we have a notification of conflicting access.
Fixes: ac3a2585f0 ("nfsd: rework refcounting in filecache")
Reported-by: Ruben Vestergaard <rubenv@drcmr.dk>
Reported-by: Torkil Svensgaard <torkil@drcmr.dk>
Reported-by: Shachar Kagan <skagan@nvidia.com>
Signed-off-by: Jeff Layton <jlayton@kernel.org>
Tested-by: Shachar Kagan <skagan@nvidia.com>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
get disabled due to a value error
- Fix a NULL pointer access on UP configs
- Use the proper locking when updating CPU capacity
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEzv7L6UO9uDPlPSfHEsHwGGHeVUoFAmPNKRsACgkQEsHwGGHe
VUr8NA/9GTqGUpOq0iRQkEOE1oAdT4ZxJ9dQpaWjwWSNv40HT7XJBzjtvzAyiOBF
LTUVClBct5i1/j0tVcNq1zXEj3im2e24Ki6A1TWukejgGAMT/7siSkuChEDAMg2M
b79nKCMpuIZMzkJND3qTkW/aMPpAyU82G8BeLCjw7vgPBsbVkjgbxGFKYdHgpLZa
kdX/GhOufu40jcGeUxA4zWTpXfuXT3OG7JYLrlHeJ/HEdzy9kLCkWH4jHHllzPQw
c4JwG7UnNkDKD6zkG0Guzi1zQy39egh/kaj7FQmVap9sneq+x69T4ta0BfXdBXnQ
Vsqc/nnOybUzr9Gjg5W6KRZWk0k6hK9n3+cye88BfRvzMY0KAgxeCiZEn7cuKqZp
15Agzz77vcwt32QsxjSp+hKQxJtePcBCurDhkfuAZyPELNIBeCW6inrXArprfTIg
IfEF068GKsvDGu3I/z49VXFZ9YBoerQREHbN/xL1VNeB8VoAxAE227OMUvhMcIu1
jxVvkESwc9BIybTcJbUjgg2i9t+Fv3gtZBQ6GFfDboHneia4U5a9aTyN6QGjX+5P
SIXPhePbFCNrhW7JbSGqKBd96MczbFNQinRhgX1lBU0241cAnchY4nH9fUvv7Zrt
b/QDg58tb2bJkm1Z08L256ZETELOU9nLJVxUbtBNSSO9dfkvoBs=
=aNSK
-----END PGP SIGNATURE-----
Merge tag 'sched_urgent_for_v6.2_rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull scheduler fixes from Borislav Petkov:
- Make sure the scheduler doesn't use stale frequency scaling values
when latter get disabled due to a value error
- Fix a NULL pointer access on UP configs
- Use the proper locking when updating CPU capacity
* tag 'sched_urgent_for_v6.2_rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
x86/aperfmperf: Erase stale arch_freq_scale values when disabling frequency invariance readings
sched/core: Fix NULL pointer access fault in sched_setaffinity() with non-SMP configs
sched/fair: Fixes for capacity inversion detection
sched/uclamp: Fix a uninitialized variable warnings
- Fix a use-after-free issue in qcom_edac
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEzv7L6UO9uDPlPSfHEsHwGGHeVUoFAmPNJhsACgkQEsHwGGHe
VUp5Rg//SAJS9LKvjRYKqA3ruJoSqdyb9wdp4EwvZNM9aScF5hbxcng3QT4KQbzX
EQgn9FvSa3YurAEMj7q8I4B0qby+xuR2lcbWSwg2jkXgu6cPviJOw4o3lqaSJqxS
yjfuaPpOCChmgOSfl9Yuk6Nj+mSD0nYZtK0i2qf03MGNXDWfNGokHQ1OCdrVONm7
ySBIPD2zamso8YYLcr/PjGEECw9DfNl6CwB97RfogUXfotCp0zNekCWTZNaIp/js
rETcf5FDjKsCHrL4y9fy8CJ7Bb3BGcMA7p/Vtj62CT2rhBXLKKAKU/JFnQLUBFN1
vzdhC5P46BR+e+Iy90aUYuOFvuwyIjF/wySD/DcGcXZMbeeEKvRJMECWGzZ8otQm
qyFgRoWAoIDXqxfUSS8XYAFoLoXq2KPdav2I4qt7ApW+6yovFiBRnNsbrI9fvjSo
DH2mcgmjkSY3frbxhcI6XeS+oLXDiRKwlHOFV/8GWmrbm7TKXqOgXNLLUdaqFkAH
vBTkMvxfHh4SMd6O/8KiH9dvhXgGWvJoapZpFQkVa3/c+5l0Sb1mi3YmXdaTDvtK
s7PKsUpFwDGD+98+II4pRupHkCnXMcvQVlnn/lADiX8LD9N8VudFWEhX9Bou7/gV
yVYm1sIp1t6cdKzznuaQh8rUNtwCbXOwePPua31A6V1OeieNvE4=
=P94r
-----END PGP SIGNATURE-----
Merge tag 'edac_urgent_for_v6.2_rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/ras/ras
Pull EDAC fixes from Borislav Petkov:
- Respect user-supplied polling value in the EDAC device code
- Fix a use-after-free issue in qcom_edac
* tag 'edac_urgent_for_v6.2_rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/ras/ras:
EDAC/qcom: Do not pass llcc_driv_data as edac_device_ctl_info's pvt_info
EDAC/device: Respect any driver-supplied workqueue polling value
- Fix a regression introduced by commit "gfs2: stop using
generic_writepages in gfs2_ail1_start_one".
-----BEGIN PGP SIGNATURE-----
iQJIBAABCAAyFiEEJZs3krPW0xkhLMTc1b+f6wMTZToFAmPM+scUHGFncnVlbmJh
QHJlZGhhdC5jb20ACgkQ1b+f6wMTZTqykQ/7Buqe5XNLRsEqzNSqTVApoKX+Udqw
mmClewhUybP1mHf2A8264H4IdV0iPKOGBL/KXnEf77pDwwy2a20moWMWva7l0f9R
5K6Z2kAJxgvsYcnH81Wk2xnRfZi8qiEpfc5INc8XiU9pxxP/+yfEWrUaU94JOEpH
gKYrUgPZV2c0kD7BiKDQrMbuya2vo+TooQ7BzHs3Qm8zCf/E9t9NF2WmDIRKIjuY
qDfmIO31FXcnYwrLkT5EHiuHpC47R2Y+8+B5tPvV8UTkllZQ4jWqxeBCO6wpa5Vd
kJqJkT620hDJltpCIBMlJL+MiHhclVvcUXZJiBC0k6gl3eJUFkSPU79NGEO7CO4L
DB4VeeYX9SghWZp7DEyqCZx9dev4WizwM5lM5kON72nqcUQeM9hW+ejvIgaP9/4u
1TTyJiZ7a3zBCcSOXNeiEIWDtNYUVnWpi89kAZ0SwljvbL2/neR6gWEfKj3X4CmI
V7+IycIH6qUUusLm+wopQecYvOjXZbXkBWgA+r2AIzBfj+2Yh6Ro5eFPPI58hJ1P
HKhtLvwpietjZKwYJqAJzlpKryISY6v0S3pAJGjVlEkFl8bRa+N/X1UeHQUL2ozw
EbQrjHX8xydyTY8/B9ntuCSl52USsGd153i3vhrUfYMtHaK57dCL3kRk4bvpEXVA
GDXEmbaW/fGE36A=
=xJNx
-----END PGP SIGNATURE-----
Merge tag 'gfs2-v6.2-rc4-fix' of git://git.kernel.org/pub/scm/linux/kernel/git/gfs2/linux-gfs2
Pull gfs2 writepage fix from Andreas Gruenbacher:
- Fix a regression introduced by commit "gfs2: stop using
generic_writepages in gfs2_ail1_start_one".
* tag 'gfs2-v6.2-rc4-fix' of git://git.kernel.org/pub/scm/linux/kernel/git/gfs2/linux-gfs2:
Revert "gfs2: stop using generic_writepages in gfs2_ail1_start_one"
reclaim_period_ms used to be positive only but the commit 0001725d0f
("KVM: selftests: Add atoi_positive() and atoi_non_negative() for input
validation") incorrectly changed it to non-negative validation.
Change validation to allow only positive input.
Fixes: 0001725d0f ("KVM: selftests: Add atoi_positive() and atoi_non_negative() for input validation")
Signed-off-by: Vipin Sharma <vipinsh@google.com>
Reported-by: Ben Gardon <bgardon@google.com>
Reviewed-by: Ben Gardon <bgardon@google.com>
Reviewed-by: Sean Christopherson <seanjc@google.com>
Message-Id: <20230111183408.104491-1-vipinsh@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
When serializing and deserializing kvm_sregs, attributes of the segment
descriptors are stored by user space. For unusable segments,
vmx_segment_access_rights skips all attributes and sets them to 0.
This means we zero out the DPL (Descriptor Privilege Level) for unusable
entries.
Unusable segments are - contrary to their name - usable in 64bit mode and
are used by guests to for example create a linear map through the
NULL selector.
VMENTER checks if SS.DPL is correct depending on the CS segment type.
For types 9 (Execute Only) and 11 (Execute Read), CS.DPL must be equal to
SS.DPL [1].
We have seen real world guests setting CS to a usable segment with DPL=3
and SS to an unusable segment with DPL=3. Once we go through an sregs
get/set cycle, SS.DPL turns to 0. This causes the virtual machine to crash
reproducibly.
This commit changes the attribute logic to always preserve attributes for
unusable segments. According to [2] SS.DPL is always saved on VM exits,
regardless of the unusable bit so user space applications should have saved
the information on serialization correctly.
[3] specifies that besides SS.DPL the rest of the attributes of the
descriptors are undefined after VM entry if unusable bit is set. So, there
should be no harm in setting them all to the previous state.
[1] Intel SDM Vol 3C 26.3.1.2 Checks on Guest Segment Registers
[2] Intel SDM Vol 3C 27.3.2 Saving Segment Registers and Descriptor-Table
Registers
[3] Intel SDM Vol 3C 26.3.2.2 Loading Guest Segment Registers and
Descriptor-Table Registers
Cc: Alexander Graf <graf@amazon.de>
Cc: stable@vger.kernel.org
Signed-off-by: Hendrik Borghorst <hborghor@amazon.de>
Reviewed-by: Jim Mattson <jmattson@google.com>
Reviewed-by: Alexander Graf <graf@amazon.com>
Message-Id: <20221114164823.69555-1-hborghor@amazon.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Placing a declaration of evt_reset is pedantically invalid
according to the C standard. While GCC does not really care
and only warns with -Wpedantic, clang ignores the declaration
altogether with an error:
x86_64/xen_shinfo_test.c:965:2: error: expected expression
struct kvm_xen_hvm_attr evt_reset = {
^
x86_64/xen_shinfo_test.c:969:38: error: use of undeclared identifier evt_reset
vm_ioctl(vm, KVM_XEN_HVM_SET_ATTR, &evt_reset);
^
Reported-by: Yu Zhang <yu.c.zhang@linux.intel.com>
Reported-by: Sean Christopherson <seanjc@google.com>
Fixes: a79b53aaaa ("KVM: x86: fix deadlock for KVM_XEN_EVTCHN_RESET", 2022-12-28)
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit b2b0a5e978 switched from generic_writepages() to
filemap_fdatawrite_wbc() in gfs2_ail1_start_one() on the path to
replacing ->writepage() with ->writepages() and eventually eliminating
the former. Function gfs2_ail1_start_one() is called from
gfs2_log_flush(), our main function for flushing the filesystem log.
Unfortunately, at least as implemented today, ->writepage() and
->writepages() are entirely different operations for journaled data
inodes: while the former creates and submits transactions covering the
data to be written, the latter flushes dirty buffers out to disk.
With gfs2_ail1_start_one() now calling ->writepages(), we end up
creating filesystem transactions while we are in the course of a log
flush, which immediately deadlocks on the sdp->sd_log_flush_lock
semaphore.
Work around that by going back to how things used to work before commit
b2b0a5e978 for now; figuring out a superior solution will take time we
don't have available right now. However ...
Since the removal of generic_writepages() is imminent, open-code it
here. We're already inside a blk_start_plug() ... blk_finish_plug()
section here, so skip that part of the original generic_writepages().
This reverts commit b2b0a5e978.
Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
Acked-by: Christoph Hellwig <hch@lst.de>
- Pass the correct address to mte_clear_page_tags() on initialising
a tagged page
- Plug a race against a GICv4.1 doorbell interrupt while saving
the vgic-v3 pending state.
-----BEGIN PGP SIGNATURE-----
iQJDBAABCgAtFiEEn9UcU+C1Yxj9lZw9I9DQutE9ekMFAmPLxmwPHG1hekBrZXJu
ZWwub3JnAAoJECPQ0LrRPXpDjuQP/3Fn8HesySYw/J8su4TMkVaS6FqI9uI9yrad
fp2uZFz3J8sf0ukkaqkTAkMymS+NOia7QQAgXreQEvml2n3jgQr6d1UMtLgeFgR/
3DsnpCIK/2wuvoJDh66h6Mjednxa8OhUzIfb+n0j/nrbRY1tmtCnwKykGyBG3lHB
lqMJQRF3yFK8EQOEP5vq0izwtacrcnyWZxhSO/gMkT9luvIFEX18+q+ELN40vDTe
2YGcvyNllWb23/4NsH75c7jgNNiwbiHJsWUOR1TgP8Gbps23TTdQ/0CGzIRz8F83
usKKBiY6TuxNoPbF3CDjCyGkwPw3NwhCkZEja6NuGW2co6uC/mJw6+GLrgnJvhr5
g2JBsSRiJZM/YhBh5Qp8ayyrzGhXcgjUjYNUgn8ioZ2dt4mZ4XkVQGEjYSGgEe6C
XJA5Fn+5RFG/57xEFfsZ3YYw6HoN5kLVWhg16nHnuSoM5jPfBlcqjDYDSeUqBt/u
gNpHYxWsCC8SQR7+jmtpHzT6sfus5oo9YJMIziC3rIDKVO0Ae3O3XHjknf70uG8K
s69UL0GeEexdqdaJf7EWtoqxJe4C+7NSKAfWMELGxDyHJBokFhz1/Y/yL1Dst/KQ
v7NSekCilvIJvvzTl6/PB0NIl5cV/qkR7/7k0vtBPNEZRNibNLfiK/q304HeR0QN
oSf3PrpA
=g8uY
-----END PGP SIGNATURE-----
Merge tag 'kvmarm-fixes-6.2-2' of git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm into HEAD
KVM/arm64 fixes for 6.2, take #2
- Pass the correct address to mte_clear_page_tags() on initialising
a tagged page
- Plug a race against a GICv4.1 doorbell interrupt while saving
the vgic-v3 pending state.
-----BEGIN PGP SIGNATURE-----
iQJEBAABCAAuFiEEwPw5LcreJtl1+l5K99NY+ylx4KYFAmPMUNsQHGF4Ym9lQGtl
cm5lbC5kawAKCRD301j7KXHgpnvcD/wNdwcUhKbTffXBbOY4ma1m/onW0fiIjiT4
b5fQodwI+zaEvhdW4qy8L00mHQFeIag5/EfsQbM8zrrwcmXISaqJkdgG7/KPFlYJ
UkuXi9XU3hR4/LKmXZKNRSs+HYWjARAuSTIaI03B9JKkNnDqkqQg8173lA/ejhkq
J2tdZbRoOFhBtW1RgpuCHG0WRfrAo4NM97kR/Rr5CuPSPtQ1gGssmdUdTRn9ryVV
i7SPzn0gfkOp9JS9wJx4WFG6uvHPOlONwbCMZEpoHuXZCbOKj0aYx97GcOt1AwCL
pwaBTpS76So8nACcsdhwh7hgtbNwlkEChWS5dwe0j7TEmtzVUYRduWekcHYvSQ+2
SjxWg1lmdRBYOmxw6XzJcsaz1SG396RxU7uek/OSpw1kze48ZyjlKzlu4UTnVhvA
lwMPwOcWG2VwFroWP9QQJ6xLv+qCQkHAIPBczqRbuoAuF8Q8JfvH4gezGm2c3Zcp
jz2hYG7gg5/2Ci3//5i5R5CeiS0aVnyycFMEJ+ITkj9xFnzzrr1HOXl9w4KFZakH
3thMaGcK0CC+uWGnZmKgXh7CZ//IMQqbhXmeTMUakgrL4M9llhgPse1QfCRP5OQR
1Vfuvc4s6fMVRChb9Fu4masRhN4tQzafH1haM5q1onWeRvzAkRdri7c2micmsUiJ
xFNvPmFBXA==
=1c2L
-----END PGP SIGNATURE-----
Merge tag 'io_uring-6.2-2023-01-21' of git://git.kernel.dk/linux
Pull another io_uring fix from Jens Axboe:
"Just a single fix for a regression that happened in this release due
to a poll change. Normally I would've just deferred it to next week,
but since the original fix got picked up by stable, I think it's
better to just send this one off separately.
The issue is around the poll race fix, and how it mistakenly also got
applied to multishot polling. Those don't need the race fix, and we
should not be doing any reissues for that case. Exhaustive test cases
were written and committed to the liburing regression suite for the
reported issue, and additions for similar issues"
* tag 'io_uring-6.2-2023-01-21' of git://git.kernel.dk/linux:
io_uring/poll: don't reissue in case of poll race on multishot request
Here are some small char/misc and other subsystem driver fixes for
6.2-rc5 to resolve a few reported issues. They include:
- long time pending fastrpc fixes (should have gone into 6.1, my
fault.)
- mei driver/bus fixes and new device ids
- interconnect driver fixes for reported problems
- vmci bugfix
- w1 driver bugfixes for reported problems
Almost all of these have been in linux-next with no reported problems,
the rest have all passed 0-day bot testing in my tree and on the mailing
lists where they have sat too long due to me taking a long time to catch
up on my pending patch queue.
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
iG0EABECAC0WIQT0tgzFv3jCIUoxPcsxR9QN2y37KQUCY8wBNA8cZ3JlZ0Brcm9h
aC5jb20ACgkQMUfUDdst+yk30QCgrdhgSnL4s2o/y0L/nkB4ubg9spkAoJtmRHe4
EYj/RIm7VYef65aIElVT
=Cj+i
-----END PGP SIGNATURE-----
Merge tag 'char-misc-6.2-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc
Pull char/misc driver fixes from Greg KH:
"Here are some small char/misc and other subsystem driver fixes for
6.2-rc5 to resolve a few reported issues. They include:
- long time pending fastrpc fixes (should have gone into 6.1, my
fault)
- mei driver/bus fixes and new device ids
- interconnect driver fixes for reported problems
- vmci bugfix
- w1 driver bugfixes for reported problems
Almost all of these have been in linux-next with no reported problems,
the rest have all passed 0-day bot testing in my tree and on the
mailing lists where they have sat too long due to me taking a long
time to catch up on my pending patch queue"
* tag 'char-misc-6.2-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc:
VMCI: Use threaded irqs instead of tasklets
misc: fastrpc: Pass bitfield into qcom_scm_assign_mem
gsmi: fix null-deref in gsmi_get_variable
misc: fastrpc: Fix use-after-free race condition for maps
misc: fastrpc: Don't remove map on creater_process and device_release
misc: fastrpc: Fix use-after-free and race in fastrpc_map_find
misc: fastrpc: fix error code in fastrpc_req_mmap()
mei: me: add meteor lake point M DID
mei: bus: fix unlink on bus in error path
w1: fix WARNING after calling w1_process()
w1: fix deadloop in __w1_remove_master_device()
comedi: adv_pci1760: Fix PWM instruction handling
interconnect: qcom: rpm: Use _optional func for provider clocks
interconnect: qcom: msm8996: Fix regmap max_register values
interconnect: qcom: msm8996: Provide UFS clocks to A2NoC
dt-bindings: interconnect: Add UFS clocks to MSM8996 A2NoC
Here are 3 small driver and kernel core fixes for 6.2-rc5. They
include:
- potential gadget fixup in do_prlimit
- device property refcount leak fix
- test_async_probe bugfix for reported problem.
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
iG0EABECAC0WIQT0tgzFv3jCIUoxPcsxR9QN2y37KQUCY8wB5g8cZ3JlZ0Brcm9h
aC5jb20ACgkQMUfUDdst+yl+5ACfbXPXK7nokMtxvs/9ybhH+IM63X0AmwYXZ5mK
3dCNVFru/lAZzS7HaR5F
=4fuA
-----END PGP SIGNATURE-----
Merge tag 'driver-core-6.2-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core
Pull driver core fixes from Greg KH:
"Here are three small driver and kernel core fixes for 6.2-rc5. They
include:
- potential gadget fixup in do_prlimit
- device property refcount leak fix
- test_async_probe bugfix for reported problem"
* tag 'driver-core-6.2-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core:
prlimit: do_prlimit needs to have a speculation check
driver core: Fix test_async_probe_init saves device in wrong array
device property: fix of node refcount leak in fwnode_graph_get_next_endpoint()
Here is a single staging driver fix for 6.2-rc5. It resolves a build
issue reported and Fixed by Arnd in the vc04_services driver. It's been
in linux-next this week with no reported problems.
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
iG0EABECAC0WIQT0tgzFv3jCIUoxPcsxR9QN2y37KQUCY8wCRA8cZ3JlZ0Brcm9h
aC5jb20ACgkQMUfUDdst+ykjxQCfUhSZNjIy73tZg8haV7jXEVbekvAAoMz3Ploo
7TC1ZzaPkiQfIoagMcua
=UzbQ
-----END PGP SIGNATURE-----
Merge tag 'staging-6.2-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging
Pull staging driver fix from Greg KH:
"Here is a single staging driver fix for 6.2-rc5. It resolves a build
issue reported and Fixed by Arnd in the vc04_services driver. It's
been in linux-next this week with no reported problems"
* tag 'staging-6.2-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging:
staging: vchiq_arm: fix enum vchiq_status return types
Here are some small tty and serial driver fixes for 6.2-rc5 that resolve
a number of tiny reported issues and some new device ids. They include:
- new device id for the exar serial driver
- speakup tty driver bugfix
- atmel serial driver baudrate fixup
- stm32 serial driver bugfix and then revert as the bugfix broke the
build. That will come back in a later pull request once it is all
worked out properly.
- amba-pl011 serial driver rs486 mode bugfix
- qcom_geni serial driver bugfix
Most of these have been in linux-next with no reported problems (well,
other than the build breakage which generated the revert), the new
device id passed 0-day testing.
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
iG0EABECAC0WIQT0tgzFv3jCIUoxPcsxR9QN2y37KQUCY8wDQA8cZ3JlZ0Brcm9h
aC5jb20ACgkQMUfUDdst+ynGegCguB+ZpDHKt9wccrGP3h/dwT2MAm8AnAqG4bmy
Yw/cHHPt9gx+AW6RBtAL
=EymN
-----END PGP SIGNATURE-----
Merge tag 'tty-6.2-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty
Pull tty/serial driver fixes from Greg KH:
"Here are some small tty and serial driver fixes for 6.2-rc5 that
resolve a number of tiny reported issues and some new device ids. They
include:
- new device id for the exar serial driver
- speakup tty driver bugfix
- atmel serial driver baudrate fixup
- stm32 serial driver bugfix and then revert as the bugfix broke the
build. That will come back in a later pull request once it is all
worked out properly.
- amba-pl011 serial driver rs486 mode bugfix
- qcom_geni serial driver bugfix
Most of these have been in linux-next with no reported problems (well,
other than the build breakage which generated the revert), the new
device id passed 0-day testing"
* tag 'tty-6.2-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty:
serial: exar: Add support for Sealevel 7xxxC serial cards
Revert "serial: stm32: Merge hard IRQ and threaded IRQ handling into single IRQ handler"
tty: serial: qcom_geni: avoid duplicate struct member init
serial: atmel: fix incorrect baudrate setup
tty: fix possible null-ptr-defer in spk_ttyio_release
serial: stm32: Merge hard IRQ and threaded IRQ handling into single IRQ handler
serial: amba-pl011: fix high priority character transmission in rs486 mode
serial: pch_uart: Pass correct sg to dma_unmap_sg()
tty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer
Here are a number of small USB and Thunderbolt driver fixes and new
device id changes for 6.2-rc5. Included in here are:
- thunderbolt bugfixes for reported problems
- new usb-serial driver ids added
- onboard_hub usb driver fixes for much-reported problems
- xhci bugfixes
- typec bugfixes
- ehci-fsl driver module alias fix
- iowarrior header size fix
- usb gadget driver fixes
All of these, except for the iowarrior fix, have been in linux-next with
no reported issues. The iowarrior fix passed the 0-day testing and is a
one digit change based on a reported problem in the driver (which was
written to a spec, not the real device that is now available.)
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
iG0EABECAC0WIQT0tgzFv3jCIUoxPcsxR9QN2y37KQUCY8wETA8cZ3JlZ0Brcm9h
aC5jb20ACgkQMUfUDdst+ymzQQCbBOPYVF6LWGoUCAi5nFbPgz0yAPYAoMpVH8Gx
iSoT351gbn65LS+45ehc
=mGTv
-----END PGP SIGNATURE-----
Merge tag 'usb-6.2-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb
Pull USB / Thunderbolt fixes from Greg KH:
"Here are a number of small USB and Thunderbolt driver fixes and new
device id changes for 6.2-rc5. Included in here are:
- thunderbolt bugfixes for reported problems
- new usb-serial driver ids added
- onboard_hub usb driver fixes for much-reported problems
- xhci bugfixes
- typec bugfixes
- ehci-fsl driver module alias fix
- iowarrior header size fix
- usb gadget driver fixes
All of these, except for the iowarrior fix, have been in linux-next
with no reported issues. The iowarrior fix passed the 0-day testing
and is a one digit change based on a reported problem in the driver
(which was written to a spec, not the real device that is now
available)"
* tag 'usb-6.2-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb: (40 commits)
USB: misc: iowarrior: fix up header size for USB_DEVICE_ID_CODEMERCS_IOW100
usb: host: ehci-fsl: Fix module alias
usb: dwc3: fix extcon dependency
usb: core: hub: disable autosuspend for TI TUSB8041
USB: fix misleading usb_set_intfdata() kernel doc
usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate()
USB: gadget: Add ID numbers to configfs-gadget driver names
usb: typec: tcpm: Fix altmode re-registration causes sysfs create fail
usb: gadget: g_webcam: Send color matching descriptor per frame
usb: typec: altmodes/displayport: Use proper macro for pin assignment check
usb: typec: altmodes/displayport: Fix pin assignment calculation
usb: typec: altmodes/displayport: Add pin assignment helper
usb: gadget: f_fs: Ensure ep0req is dequeued before free_request
usb: gadget: f_fs: Prevent race during ffs_ep0_queue_wait
usb: misc: onboard_hub: Move 'attach' work to the driver
usb: misc: onboard_hub: Invert driver registration order
usb: ucsi: Ensure connector delayed work items are flushed
usb: musb: fix error return code in omap2430_probe()
usb: chipidea: core: fix possible constant 0 if use IS_ERR(ci->role_switch)
xhci: Detect lpm incapable xHC USB3 roothub ports from ACPI tables
...
- Hide LDFLAGS_vmlinux from decompressor Makefiles to fix error messages
when GNU Make 4.4 is used.
- Fix 'make modules' build error when CONFIG_DEBUG_INFO_BTF_MODULES=y.
- Fix warnings emitted by GNU Make 4.4 in scripts/kconfig/Makefile.
- Support GNU Make 4.4 for scripts/jobserver-exec.
- Show clearer error message when kernel/gen_kheaders.sh fails due to
missing cpio.
-----BEGIN PGP SIGNATURE-----
iQJJBAABCgAzFiEEbmPs18K1szRHjPqEPYsBB53g2wYFAmPLnykVHG1hc2FoaXJv
eUBrZXJuZWwub3JnAAoJED2LAQed4NsGQ6QQAK+nhDBi+2X2F6D/KP4hIHSawRAx
oqbrYf+xfVB6sBpcqwlzW1jajqmHgwIYX0OmUMEGOoYsKcJ+ZtmMmGnBaukepXjt
6KVyLghNNdGPYHGrwMrvNIB2qUHQhrCP82laU701adac+mRnEAnubvIk+nJl00mF
g2gnlwtxqfH09xO2BICCMYzTnag63bIlNzkIFB4yz2LWGQZ3knHJ7THNOr9J3O3v
lx5bsQOGJYqq7q8UiTM5Y5GiWKhzupF56Q86ppIduV6LmzD7aj5sQgieGcgbkLW9
K2xXE/eIVKFPo5tazlDH5i/4oOo0ykjimt0qOd7ya1jHsgU1Qpst2cbe+evJP8fs
FcorOaizpvGYEM4C5kBh9x4kGdu71Dx9T/+JWHZ1u4vxw78DD4CqhdcZE7sR5cVr
A5RcbtIurNUka1GTllu27GqVrxLc8splMiyx9456MfHixywyvmpagW6DiU2MgLcx
wrlwN4VMylCAEKWNHB2FyeHevJqwfZgqfLTXvNGN6xQ4hITuVwTFpO6RdzztXVba
qIMMK6eK+6PKIidVDPb5dEJpkownlubccE84lYl55qSVo3CgKuweZOH1If78gGQU
927fFDyVTFtJsf68EEUUGxUS8OgWBQD9daTbNqnK28PLWWG/wtEjgHipycE4/QWN
lPMHP/qE7x3DLSB9
=m1Ee
-----END PGP SIGNATURE-----
Merge tag 'kbuild-fixes-v6.2-3' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild
Pull Kbuild fixes from Masahiro Yamada:
- Hide LDFLAGS_vmlinux from decompressor Makefiles to fix error
messages when GNU Make 4.4 is used.
- Fix 'make modules' build error when CONFIG_DEBUG_INFO_BTF_MODULES=y.
- Fix warnings emitted by GNU Make 4.4 in scripts/kconfig/Makefile.
- Support GNU Make 4.4 for scripts/jobserver-exec.
- Show clearer error message when kernel/gen_kheaders.sh fails due to
missing cpio.
* tag 'kbuild-fixes-v6.2-3' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild:
kheaders: explicitly validate existence of cpio command
scripts: support GNU make 4.4 in jobserver-exec
kconfig: Update all declared targets
scripts: rpm: make clear that mkspec script contains 4.13 feature
init/Kconfig: fix LOCALVERSION_AUTO help text
kbuild: fix 'make modules' error when CONFIG_DEBUG_INFO_BTF_MODULES=y
kbuild: export top-level LDFLAGS_vmlinux only to scripts/Makefile.vmlinux
init/version-timestamp.c: remove unneeded #include <linux/version.h>
docs: kbuild: remove mention to dropped $(objtree) feature
We potentially have old hashes of the xattr names generated on systems
with signed 'char' types. Now that everybody uses '-funsigned-char',
those hashes will no longer match.
This only happens if you use xattrs names that have the high bit set,
which probably doesn't happen in practice, but the xfstest generic/454
shows it.
Instead of adding a new "signed xattr hash filesystem" bit and having to
deal with all the possible combinations, just calculate the hash both
ways if the first one fails, and always generate new hashes with the
proper unsigned char version.
Reported-by: kernel test robot <oliver.sang@intel.com>
Link: https://lore.kernel.org/oe-lkp/202212291509.704a11c9-oliver.sang@intel.com
Link: https://lore.kernel.org/all/CAHk-=whUNjwqZXa-MH9KMmc_CpQpoFKFjAB9ZKHuu=TbsouT4A@mail.gmail.com/
Exposed-by: 3bc753c06d ("kbuild: treat char as always unsigned")
Cc: Eric Biggers <ebiggers@kernel.org>
Cc: Andreas Dilger <adilger@dilger.ca>
Cc: Theodore Ts'o <tytso@mit.edu>,
Cc: Jason Donenfeld <Jason@zx2c4.com>
Cc: Masahiro Yamada <masahiroy@kernel.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
do_prlimit() adds the user-controlled resource value to a pointer that
will subsequently be dereferenced. In order to help prevent this
codepath from being used as a spectre "gadget" a barrier needs to be
added after checking the range.
Reported-by: Jordy Zomer <jordyzomer@google.com>
Tested-by: Jordy Zomer <jordyzomer@google.com>
Suggested-by: Linus Torvalds <torvalds@linuxfoundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To save the vgic LPI pending state with GICv4.1, the VPEs must all be
unmapped from the ITSs so that the sGIC caches can be flushed.
The opposite is done once the state is saved.
This is all done by using the activate/deactivate irqdomain callbacks
directly from the vgic code. Crutially, this is done without holding
the irqdesc lock for the interrupts that represent the VPE. And these
callbacks are changing the state of the irqdesc. What could possibly
go wrong?
If a doorbell fires while we are messing with the irqdesc state,
it will acquire the lock and change the interrupt state concurrently.
Since we don't hole the lock, curruption occurs in on the interrupt
state. Oh well.
While acquiring the lock would fix this (and this was Shanker's
initial approach), this is still a layering violation we could do
without. A better approach is actually to free the VPE interrupt,
do what we have to do, and re-request it.
It is more work, but this usually happens only once in the lifetime
of the VM and we don't really care about this sort of overhead.
Fixes: f66b7b151e ("KVM: arm64: GICv4.1: Try to save VLPI state in save_pending_tables")
Reported-by: Shanker Donthineni <sdonthineni@nvidia.com>
Signed-off-by: Marc Zyngier <maz@kernel.org>
Cc: stable@vger.kernel.org
Link: https://lore.kernel.org/r/20230118022348.4137094-1-sdonthineni@nvidia.com
Commit d77e59a8fc ("arm64: mte: Lock a page for MTE tag
initialisation") added a call to mte_clear_page_tags() in case a
prior mte_copy_tags_from_user() failed in order to avoid stale tags in
the guest page (it should have really been a separate commit).
Unfortunately, the argument passed to this function was the address of
the struct page rather than the actual page address. Fix this function
call.
Fixes: d77e59a8fc ("arm64: mte: Lock a page for MTE tag initialisation")
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Cc: Marc Zyngier <maz@kernel.org>
Reviewed-by: Oliver Upton <oliver.upton@linux.dev>
Reviewed-by: Anshuman Khandual <anshuman.khandual@arm.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Signed-off-by: Marc Zyngier <maz@kernel.org>
Link: https://lore.kernel.org/r/20230119170902.1574756-1-catalin.marinas@arm.com
- fix a potential race condition and always set GPIOs used as interrupt
source to input in gpio-mxc
- fix a GPIO ACPI-related issue with system suspend on Clevo NL5xRU
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEFp3rbAvDxGAT0sefEacuoBRx13IFAmPLFecACgkQEacuoBRx
13JVhRAAtaM45L65GHsiio06G3DOJthvvEXPvxN+bOgsLVrl+XE8jlEZrPkjjkwM
jPDPpd5HLXXDxApOK2vVEXlSXS/4DuPMo7FyTInz/H2oTMXK3WubMTUM2iddgnQr
fKjRTkhaeB+dQlrQ/6ZgT08cw+Bf3r0M+A0Mo8h63xzldxNssS3pHd1s3fxiebzG
pLSlZzfBhLcXOGn74BttTTEKHLvA03CnEV/Kn1VcljLhGvudfdKzm58ncwONclea
v8y3wNj9GdcUhBSnpRxISURW2K8g3SkRVPUjefqsy9xqXMBogsp2cxUjoP/6wsj0
yphDc9ArbdDJSaX7pewtzXmM1BsWAj7NqkOCFzl7Rg5VP7gcfj1Gdc3USSD721ID
4C8VfvakrS3QcfoZvynYB8RKGZuWaM/PibZAgCMq9fErGVPvs5YjFOID3bsVYaIw
pbL6PQSsnZN1XLqPDFHGyVcBjvYR2JVWs5nuZPn3c4DhmAWgha3A51vq6vu/nUSx
jTeBI/G0fXrc+Ohge6G8nnzKCddZTMT1niUaTO8H9n6aWYw0fGZfasEsWvJnAJxD
uQ9MIQhtzM3mKCGWbx1d9l2gSj7/otrUSCG5Zx9OOuCGvq9WpEOwDDyQCoLLAb3X
7UsJT/hy1fPLhJgk5Byy/JW3DoqkNv+BbTeyiqgvnX/ClHhFj6Y=
=x2Ca
-----END PGP SIGNATURE-----
Merge tag 'gpio-fixes-for-v6.2-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux
Pull gpio fixes from Bartosz Golaszewski:
- fix a potential race condition and always set GPIOs used as interrupt
source to input in gpio-mxc
- fix a GPIO ACPI-related issue with system suspend on Clevo NL5xRU
* tag 'gpio-fixes-for-v6.2-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux:
gpiolib: acpi: Add a ignore wakeup quirk for Clevo NL5xRU
gpiolib: acpi: Allow ignoring wake capability on pins that aren't in _AEI
gpio: mxc: Always set GPIOs used as interrupt source to INPUT mode
gpio: mxc: Protect GPIO irqchip RMW with bgpio spinlock
-----BEGIN PGP SIGNATURE-----
iQGzBAABCgAdFiEE6fsu8pdIjtWE/DpLiiy9cAdyT1EFAmPK6WoACgkQiiy9cAdy
T1G0kwv8CrtMwfk/DXhDoWKM5xCkw8at+LSI7KaL9A/xt+w2whU/bi87cC0usuiH
ofdIoQnUiaTxsdcg3PZby9cX7PNPiF+B7pD+BYfIcsE4yV7xkB2B6bNpz5Yf/7d6
gx7HchkZBmGSbbYn5dBZobWiLiWMYsPn5B/0W1bpya5HvXZkhBUwLUMncHcfhgcU
B3g+qxnEDuuxJlI9+t+FCRvrLmz6Wfme9FDMzEtgoH4/ym5Vx8RzUjFLSbNfcP1m
zJSADjUQ8CIntvE5egGefmojO6w9Urmg1x8ZJFb37CvlC00X/a2af1i3YhpBYIpU
ae0+4os+6RluJnrV9rWHQ0AZKm0ZzgLakCjyas2dyXHUC42ytBRPdCPjUKVA6fAM
FhhITe7Xcu+VWN1s7mAqmbHTC2H8dzqqxOom/497msU9jKBUzETsf7Agzof+VP0m
3c7aRdKpLEBgvsst8a8sWkJZb5LuGG4EgyQXMPJ9+dfqwFkCmVXHUzGMnNnbUDLU
c7k81xnp
=k4Xk
-----END PGP SIGNATURE-----
Merge tag '6.2-rc4-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6
Pull cifs fixes from Steve French:
- important fix for packet signature calculation error
- three fixes to correct DFS deadlock, and DFS refresh problem
- remove an unused DFS function, and duplicate tcon refresh code
- DFS cache lookup fix
- uninitialized rc fix
* tag '6.2-rc4-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6:
cifs: remove unused function
cifs: do not include page data when checking signature
cifs: fix return of uninitialized rc in dfs_cache_update_tgthint()
cifs: handle cache lookup errors different than -ENOENT
cifs: remove duplicate code in __refresh_tcon()
cifs: don't take exclusive lock for updating target hints
cifs: avoid re-lookups in dfs_cache_find()
cifs: fix potential deadlock in cache_refresh_path()
- Compilation fix for Sunplus sp7021
- Add some missing headers after a cleanup to the Nomadik driver
- Fix pull type and mux routes on Rockchip RK3568
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEElDRnuGcz/wPCXQWMQRCzN7AZXXMFAmPLBQIACgkQQRCzN7AZ
XXPWChAAkygzD9nCTTwcbcaR2GYlLrtyt22meHhmVTXhbsyTvYQdbeHtHv04Dg2s
WJF0WJshLaJL/FgJGRhXRz9Ec1XOg2BtqnEniEncFYZDZuca2YyLeBEvce8Ytkak
XKga9XYyLOs1wC66gh7NVod3Q/1sZPnQIGOpP5lM3of6EiHp5Itg+1aSgzJvenxT
3Z0dMPcLqqcioSzWZh3u4bAIFrS1K9Tb6iDyjandKD6tYvOXJEXrzj0zitRcM8Ao
T4PPfSapRpHLjPDAQ7MXAZCLuUlpwg2VTv9z8oi0bBaYa2BbWtXGTeY/bCbl1Fua
NPtR501bVgb/fS7EjAN8tc6HAUgu37naiJY3OwMK+PS8MpvaWYIHDaBp33JYTpHV
E0L1H3/9aq+SUuqn2ZRJsFE5b+eZwGCu+UEg9ezOwDcIh/wJVuHQXdwCDEv6iq4D
qIRaN2JdK5FdOil+5NnLFhrgaU2xo+GMvLQDO7LZeeAh/GvpCYzZ4FRoyA/w1Eaf
Pu4MgTJ2fL/zfCEYkxoZr6g7q4Yd/HZ3cTiDKFa2VBbxQYkPQfUSTYfkLN76l/r6
L26wLUQ+if+8MhxZdmrUDZJZnKslVS4Rhpj/PqNj21dX7a/bJ9YBs04Y4jxTkSOH
IfXS+3xYkuO4/j64udl7x7qgpPWAi1kN/QEd8QCMEZ7iU/1vsnc=
=8RV7
-----END PGP SIGNATURE-----
Merge tag 'pinctrl-v6.2-2' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl
Pull pin control fixes from Linus Walleij:
- Compilation fix for Sunplus sp7021
- Add some missing headers after a cleanup to the Nomadik driver
- Fix pull type and mux routes on Rockchip RK3568
* tag 'pinctrl-v6.2-2' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl:
pinctrl: rockchip: fix mux route data for rk3568
pinctrl: rockchip: fix reading pull type on rk3568
pinctrl: nomadik: Add missing header(s)
pinctrl: sp7021: fix unused function warning
- Several hfi1 patches fixing some long standing driver bugs
- Overflow when working with sg lists with elements greater than 4G
- An rxe regression with object numbering after the mrs reach their limit
- A theoretical problem with the scatterlist merging code
-----BEGIN PGP SIGNATURE-----
iHUEABYIAB0WIQRRRCHOFoQz/8F5bUaFwuHvBreFYQUCY8sBzAAKCRCFwuHvBreF
YWMBAP92rk8L3oLrNbYTryNTv8w/LicLhmAvhC42KRy8klvFkAD6A+wskhxmHMgO
aSdznob6peMEyNONZUKcijqjnSXhyAY=
=brq4
-----END PGP SIGNATURE-----
Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma
Pull rdma fixes from Jason Gunthorpe:
- Several hfi1 patches fixing some long standing driver bugs
- Overflow when working with sg lists with elements greater than 4G
- An rxe regression with object numbering after the mrs reach their
limit
- A theoretical problem with the scatterlist merging code
* tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma:
lib/scatterlist: Fix to calculate the last_pg properly
IB/hfi1: Remove user expected buffer invalidate race
IB/hfi1: Immediately remove invalid memory from hardware
IB/hfi1: Fix expected receive setup error exit issues
IB/hfi1: Reserve user expected TIDs
IB/hfi1: Reject a zero-length user expected buffer
RDMA/core: Fix ib block iterator counter overflow
RDMA/rxe: Prevent faulty rkey generation
RDMA/rxe: Fix inaccurate constants in rxe_type_info
A previous commit fixed a poll race that can occur, but it's only
applicable for multishot requests. For a multishot request, we can safely
ignore a spurious wakeup, as we never leave the waitqueue to begin with.
A blunt reissue of a multishot armed request can cause us to leak a
buffer, if they are ring provided. While this seems like a bug in itself,
it's not really defined behavior to reissue a multishot request directly.
It's less efficient to do so as well, and not required to rearm anything
like it is for singleshot poll requests.
Cc: stable@vger.kernel.org
Fixes: 6e5aedb932 ("io_uring/poll: attempt request issue after racy poll wakeup")
Reported-and-tested-by: Olivier Langlois <olivier@trillion01.com>
Link: https://github.com/axboe/liburing/issues/778
Signed-off-by: Jens Axboe <axboe@kernel.dk>
-----BEGIN PGP SIGNATURE-----
iQJEBAABCAAuFiEEwPw5LcreJtl1+l5K99NY+ylx4KYFAmPK8NUQHGF4Ym9lQGtl
cm5lbC5kawAKCRD301j7KXHgptS/EADT+m0n7jjonp7NoENoZT2y4o5ayESuEmBV
X8QUg/Ji1P3VG3QzI+yCqevGa2Rkkd8EenlokpjLliuqPdb/aZ56G7rsebotzWu3
zOV3XNvKvD0thiMIjmXABvmUKdb3lcrM5tpC9Uqq6L52SqbtkSsPUVO+rWE/tTZk
u97dUmyQcaD2brGfn4AcR0wgQoxrcLbmUpa/TKhFIDPDl+4PFi2ePoSQSsdDJT8R
PTvQhud1dl/wJ3733vj8S8s4Sxkbm5xXt50oDaTSmdOWSNOuMNuyW3WqkZ/SPdyK
LDmtOXEfuiokJK/l+DZ9SKt6jONW6ShdEaUo37/8yjYCnZFvWkcfn+6mWaDygjqS
eI3Mwb91w8K9krTZU1tGq3qOtxEJwbtLHCM96nh8SHLjNrYYrkZQZHOcea9CgX8h
iMzI5ylP2t6RofwHwwFoZYGOxrRz/R5LS+pCFIv720QnBjb9ZpO9zoDQaDl5tOS6
UpuL3XPzs9rZZizY00NG6+vQeSdSLRyyjs4XIWYxrZy2wuC2EjM0HstMfefldQcJ
uEfgrVgd/pcUTNzCG8uH8cZbmeflivm18J6OX86l2X9d3m62HD5gULHFOFxbDwsC
zoQOsyaGVRLpO0+/0MKs7aLaZlk40VDb4XdRsM6qbd4+x+J7yicvGrkUxS6cZMwT
VlQm3YUc0g==
=L12Q
-----END PGP SIGNATURE-----
Merge tag 'block-6.2-2023-01-20' of git://git.kernel.dk/linux
Pull block fixes from Jens Axboe:
"Various little tweaks all over the place:
- NVMe pull request via Christoph:
- fix controller shutdown regression in nvme-apple (Janne Grunau)
- fix a polling on timeout regression in nvme-pci (Keith Busch)
- Fix a bug in the read request side request allocation caching
(Pavel)
- pktcdvd was brought back after we configured a NULL return on bio
splits, make it consistent with the others (me)
- BFQ refcount fix (Yu)
- Block cgroup policy activation fix (Yu)
- Fix for an md regression introduced in the 6.2 cycle (Adrian)"
* tag 'block-6.2-2023-01-20' of git://git.kernel.dk/linux:
nvme-pci: fix timeout request state check
nvme-apple: only reset the controller when RTKit is running
nvme-apple: reset controller during shutdown
block: fix hctx checks for batch allocation
block/rnbd-clt: fix wrong max ID in ida_alloc_max
blk-cgroup: fix missing pd_online_fn() while activating policy
pktcdvd: check for NULL returna fter calling bio_split_to_limits()
block, bfq: switch 'bfqg->ref' to use atomic refcount apis
md: fix incorrect declaration about claim_rdev in md_import_device
-----BEGIN PGP SIGNATURE-----
iQJEBAABCAAuFiEEwPw5LcreJtl1+l5K99NY+ylx4KYFAmPK8LcQHGF4Ym9lQGtl
cm5lbC5kawAKCRD301j7KXHgpieSD/9Mip2tHIQYITn8kYrlcw4+r7mOkj6h8fwe
vHbwf8Cc5yBATNTo8kqflyboTYmSnwJo5hZn2aMJ2/5hGOkUtZe2t+WExwBK9gwo
hFd2rqFVYji0tM2oLee+W42NhOm758mY0oWeNIlRJUISoRt8P6NPID+mK/SrWSI6
lZ9vzLyxbq9N09LzmchF8mkN148mLpckRr68kc9RgtTxhLBkw2TsQfMWrsTq9I6m
J1ZMa1zNrBq0iJUYI8hD79/T4KS0HKtyFftcqWKlxJW3MOqpwyEwCqRvzxUE576L
7AiLEPZcW1zeZGfY6FjYhoc6+fLMYsjgYgfnU5XC0zNFPlyT9JiN85nN7khNAkUe
W25ZF40HDw67slky9JbNLWYdEOW1nU/YkVhUk8VbL40cr9fyRnVHc2I/nAjYVmm4
JQTykEAZuTU/p9eTJ8SVJ22vstrGEZElBqvZuFSSA9LAIDP5kOuBSypQ02bRAKim
Y73ShrjoAirDuEZiFXQzMd8xqpc9DeL4uqKP3SEstkaajIP52qoljrEKRPhBPxMW
oYygAl3kzU6XUBEqHvp/JqeL/s0qXgH+3dlp3cf5VYgQPw19skIRKftTaPnDCmbv
jUl0eOx9WCAxRHE6Q2n3fz62woozzLIsc4MJTyAoYZHbtBPY2uG8fnR19/ymhoSr
hFJXRiwD+w==
=/7Uv
-----END PGP SIGNATURE-----
Merge tag 'io_uring-6.2-2023-01-20' of git://git.kernel.dk/linux
Pull io_uring fixes from Jens Axboe:
"Fixes for the MSG_RING opcode. Nothing really major:
- Fix an overflow missing serialization around posting CQEs to the
target ring (me)
- Disable MSG_RING on a ring that isn't enabled yet. There's nothing
really wrong with allowing it, but 1) it's somewhat odd as nobody
can receive them yet, and 2) it means that using the right delivery
mechanism might change. As nobody should be sending CQEs to a ring
that isn't enabled yet, let's just disable it (Pavel)
- Tweak to when we decide to post remotely or not for MSG_RING
(Pavel)"
* tag 'io_uring-6.2-2023-01-20' of git://git.kernel.dk/linux:
io_uring/msg_ring: fix remote queue to disabled ring
io_uring/msg_ring: fix flagging remote execution
io_uring/msg_ring: fix missing lock on overflow for IOPOLL
io_uring/msg_ring: move double lock/unlock helpers higher up
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEE8rQSAMVO+zA4DBdWxWXV+ddtWDsFAmPKw1QACgkQxWXV+ddt
WDtwJw//UjVo7LEI6A86M73n/hGl/VDDJGaWB/FN/jrHoCeMrwd9BrC+ziD8Z8sx
YoPJm9BIvvURFHZk257YuJmrkjWzh2x5T59BpsMjhg0MOiFNWIP+Cm4bc1pDgXoE
1y3YVYja3lvhR8IlUV9XGtNh16AVCzY5JQ3W8xem67+IIwa5xmOJRmDO1VIjHMGo
kpWNTDBBIBFTfkeXqZFRaHVnf99YDBKtm3zPjsvSafqewYrVHV+Ioy19f5OAprIm
E3gDVAZa5qzT0wX4Za0C9JgtlSIAQ9Q0z6s8DLbFF5B1sT1hJPKmadMSC7mvihI8
edQHuZnNmQ0ppGWK0jzxL3bLeF4fRq/u+/MxGx27OVyrdvZ3dD9VXWfxoEQ+lisI
NrN8MvYtHH2Rnm2o9eiH9oIdbEame4yd31j4KhId6BjRALpmASnXY1vfv4m+Fsja
JJ3VCQyuVCkOoC4lvLHku+/uNWpRX8xs18Bt80M/olrNM8JZc4EXssv/5uguAWOc
5SLwpkppnlHAGYOlva3TNV15mBO9gUiLQJ6YCAM2WQM+0+LmIMlSkc90n38g7KzP
351zvxkMbcaM9gRChfPxjejCJw0KY3Y5VbTyBJR65RQfQ2UM4B0QBeA10/zQSG3O
gzB4M3at6jSwP4Z731k53q1dIZf4PMSaZVLiARrSTssSrcg6wSU=
=Kqrg
-----END PGP SIGNATURE-----
Merge tag 'for-6.2-rc4-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux
Pull btrfs fixes from David Sterba:
- fix potential out-of-bounds access to leaf data when seeking in an
inline file
- fix potential crash in quota when rescan races with disable
- reimplement super block signature scratching by marking page/folio
dirty and syncing block device, allow removing write_one_page
* tag 'for-6.2-rc4-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux:
btrfs: fix race between quota rescan and disable leading to NULL pointer deref
btrfs: fix invalid leaf access due to inline extent during lseek
btrfs: stop using write_one_page in btrfs_scratch_superblock
btrfs: factor out scratching of one regular super block
This Kselftest fixes update for Linux 6.2-rc5 consists of a single
fix address error seen during unconfigured LLVM builds.
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEPZKym/RZuOCGeA/kCwJExA0NQxwFAmPKv0MACgkQCwJExA0N
QxyVzg//SDB26SRVRIClssnq66PUlT6/MDBSRIO1fyzsurgvpZuB0As2sMBN8JB9
lfmMcG/bR61FYpF9aUAnObz9HhV9Kil/oEik63sTZkE+3LjWbOyePQqykjtqk6/z
Rk1Y4ZDrwVztR8XiwzlOEuIyeR/tdnkwJlx4WE0VI+NcsAKzI5012guYbr59tnN0
6eKm1ZjCy5wLSyiEVEYgCMgX7mJEvWYiqSQl/kGdffuIu+4QSJYnEXY5HMMnYIiX
HasoIBTnAC1yNdeLEc9rQF5WETzOO5PZdHypkgKwkwAzxPcM2VsCLYwbItgJqTj6
qhoJSrXlwQ8lVrnS+GXR5rAInObhWmN4WSTq4sX0WJWE8gSbYH03ieMAkJRDPmWE
jb/WolrPuSIUSkuGRN6cTBM0I08BeNKKPMh26F1RXf0/eDa51FjaOUqFOJohSi9k
JUprlni/tgLygj+A6GUVP4gjd1K6jzLEFXrbBPFztn1lxiuRkdW+XqpoExDB9xtd
D88K+wvthc5sYYfOxwkDLftDVgjjRSpQ4XiZ2DHxyAQWy3dmRDA1xVjhDW+Qj2aA
8lWRxDAk5Jaqz8E1DFh/pcwHKnsY12Lt0s0iJ4Vq1H7FFcoXiPa4TfzTMOF4xuXa
OZRPzfrbrURd/Lvwrr4uCGbCI+J3Ky/Exz27VDocX+OTLJDMtTY=
=O4Lm
-----END PGP SIGNATURE-----
Merge tag 'linux-kselftest-fixes-6.2-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest
Pull Kselftest fix from Shuah Khan:
"Fix an error seen during unconfigured LLVM builds"
* tag 'linux-kselftest-fixes-6.2-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest:
kselftest: Fix error message for unconfigured LLVM builds
Modify __thermal_cooling_device_register() to make it call
put_device() after invoking device_register() and fix up a few
error paths calling thermal_cooling_device_destroy_sysfs()
unnecessarily (Viresh Kumar).
-----BEGIN PGP SIGNATURE-----
iQJGBAABCAAwFiEE4fcc61cGeeHD/fCwgsRv/nhiVHEFAmPK1b8SHHJqd0Byand5
c29ja2kubmV0AAoJEILEb/54YlRxFWgP/jjzhUZ9UQiRZy0ZXN2Tk+7HKq3XKBVT
7G+Rj+vX7edKoK8IbYQHaJ4aGFSmDlcweoKpPlfsmW65OIRE5KQGIyWwDG9zOdqx
iNW08Lls9H8RxZNp6Mn5CLe/pizOoWX6qtGXdQdytAJZgCZ3smDvVcVckO1DCyZH
BwoIEjlzZltAJEmZiqUciJwtRYrlapflUQnIrMu6b0Sn4Njh2Iz4igTnqIVzQ+4w
bQnwUBDv+RFS9A+DpUwjKNcxhyE6Y/uLrgreZOtTFiVuxKbKbFot59D6ixr7b/uB
XlMHIctyCU5lp2BXgAoo+xeAFMru7cOwh+rJLrxW7ZPJFtvIWsfLpAAzZKjflKHn
sNH92+yWA138phsFi9lBkvs6ebecWf40IQHpUbXV8oxRi2qnfXzn7/N8e9AGo8l7
2sLMzOa+Kf6nSE0i1KEpVHG9b1NiF7EFfQO2/yQ6Xxw0k8ONRd2aplgu55jY28W6
E5/+uSEPodoIc76yG/KKtK7UlPGnKaZwYcRf/jd4NR4S+p1yuU9rx56teNrRux96
ob7HleRtLqRSllfxD5WUjFeUCeEw+DoqTIzAU4+GIcc69OIvMAR4cQEXG9Mif8Ph
FTz0Wz10DETembye1RXOqmTcFIa0EJxP8KAAkgT6ezV6yOgjt1VzY1SSqaqsG80b
J8rIJkNn3icy
=X6Th
-----END PGP SIGNATURE-----
Merge tag 'thermal-6.2-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm
Pull thermal control fix from Rafael Wysocki:
"Modify __thermal_cooling_device_register() to make it call
put_device() after invoking device_register() and fix up a few error
paths calling thermal_cooling_device_destroy_sysfs() unnecessarily
(Viresh Kumar)"
* tag 'thermal-6.2-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
thermal: core: call put_device() only after device_register() fails
- Update the ACPICA development list address in MAINTAINERS to the new
one that does not bounce (Rafael Wysocki).
- Check whether EFI runtime is available when registering the ACPI PRM
address space handler and when running it (Ard Biesheuvel).
- Add backlight=native DMI quirk for Acer Aspire 4810T to the ACPI
video driver (Hans de Goede).
-----BEGIN PGP SIGNATURE-----
iQJGBAABCAAwFiEE4fcc61cGeeHD/fCwgsRv/nhiVHEFAmPK1noSHHJqd0Byand5
c29ja2kubmV0AAoJEILEb/54YlRxqIUP/jp450F+5GLLFHGy+Ni6+Ng8Mv83H8l8
nTMqsG2jF0ACaTYrami1bZK9+b8mKTu5SVlmslEdOXYm32Jse3UoqJ3jq80goMXq
ifi2rp2sxcPH4DJllr2q77BhnULdrAHIPc/hHstVAHAVJ64347NBjD/OPx9UfJD5
TcguWxvZN9+HwSOQjOrCeu5gZmi9yuCKtFogNbrycjVJd3EBdZs+hq30lEWvrA+B
abPDHxOHF+9poTu2jpJkT1Ha78d6jcYFcWXtAivokJkFgJZEAPxSZAeRu7pmUThA
6Cc/Sw7tqrTbiv1X8Vlb5Ii4SpgL7JlHO+lh+ZhDWO906hGcvKpeHASh5wwPDOiS
ospGlRfn1FFDbrxWuY7gp+UYM4xHioG43Sk3NcSu05h8qZcvqSTdahkIDB6oMJYZ
9567FjfYBUUN+CvTOt3YNFCG7ZR3CDQezThOB5rq+p4kv5lCe608v1f0SD+4jmjL
HeZpUij9vOkVAjBEDhXMbTf2byg1ONjgHpPOMHtzBdVToxHTkqCygaQLlc6nFjXg
L6RiQjIiMP/bB9CP01ETCwmyFguhHhDtX/6AjojxvJwsGg2HJaYEHNt8d+je70n6
AOE5DZiXX7uvDZypQOIXcQQeXbohI2B2GEMbZ2T7YBgKLhvwDM4igr2wAZsx7BLt
ypsXF1/N0MBw
=2v8+
-----END PGP SIGNATURE-----
Merge tag 'acpi-6.2-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm
Pull ACPI fixes from Rafael Wysocki:
"These update the ACPICA entry in MAINTAINERS, add a backlight handling
quirk and fix the ACPI PRM (platform runtime) mechanism support.
Specifics:
- Update the ACPICA development list address in MAINTAINERS to the
new one that does not bounce (Rafael Wysocki)
- Check whether EFI runtime is available when registering the ACPI
PRM address space handler and when running it (Ard Biesheuvel)
- Add backlight=native DMI quirk for Acer Aspire 4810T to the ACPI
video driver (Hans de Goede)"
* tag 'acpi-6.2-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
ACPI: PRM: Check whether EFI runtime is available
ACPI: video: Add backlight=native DMI quirk for Acer Aspire 4810T
MAINTAINERS: Update the ACPICA development list address
Lots of dts fixes for Qualcomm Snapdragon and NXP i.MX platforms,
including:
- A regression fix for SDHCI controllers on Inforce 6540, and
another SDHCI fix on SM8350
- Reenable cluster idle on sm8250 after the the code fix is upstream
- multiple fixes for the QMP PHY binding, needing an incompatible
dt change
- The reserved memory map is updated on Xiaomi Mi 4C and Huawei Nexus
6P, to avoid instabilities caused by use of protected memory regions
- Fix i.MX8MP DT for missing GPC Interrupt, power-domain typo and USB
clock error
- A couple of verdin-imx8mm DT fixes for audio playback support
- Fix pca9547 i2c-mux node name for i.MX and Vybrid device trees
- Fix an imx93-11x11-evk uSDHC pad setting problem that causes Micron
eMMC CMD8 CRC error in HS400ES/HS400 mode
The remaining ARM and RISC-V platforms only have very few
smaller dts bugfixes this time:
- A fix for the SiFive unmatched board's PCI memory space
- A revert to fix a regression with GPIO on Marvell Armada
- A fix for the UART address on Marvell AC5
- Missing chip-select phandles for stm32 boards
- Selecting the correct clock for the sam9x60 memory controller
- Amlogic based Odroid-HC4 needs a revert to restore USB
functionality.
And finally, there are some minor code fixes:
- Build fixes for OMAP1, pxa, riscpc, raspberry pi firmware, and zynq
firmware
- memory controller driver fixes for an OMAP regression and older bugs
on tegra, atmel and mvebu
- reset controller fixes for ti-sci and uniphier platforms
- ARM SCMI firmware fixes for a couple of rare corner cases
- Qualcomm platform driver fixes for incorrect error handling and a
backwards compatibility fix for the apr driver using older dtb
- NXP i.MX SoC driver fixes for HDMI output, error handling in the imx8
soc-id and missing reference counting on older cpuid code
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEo6/YBQwIrVS28WGKmmx57+YAGNkFAmPKahwACgkQmmx57+YA
GNnxcA//YBkeRJfseYQoe9OyfkWOVDUIImffhuL+sl6wdEPKHDzqwiVBloMR9GXj
e6g+Qc4OWSHtTozrmIBHbMh41CKTXr+76XYeJwZXxb6VOkAwbJyom9BOsyO8V9oQ
hrnjeqMgHA8VrsP5EFkE8QAEK+ptyiYlPdQdWncqBJn4552xd95P1De3AOsUsjef
Rr/VanMpS2jLuPsTZsR7mT3RmbDbrYCGua84tXihqtfz/4Eqsr9OCKrMnkZbEQty
ehxN1qAOnx7fTr7r/FJFupWN7MPaOEuwYyjQY/cuTlPSt1sq1re7YII6CC5y1wGS
eFOc/m689GvACfCW8bQIVdXcRKcYFKJOK1XvA9168QupCd+cDmuKmu0VdKLCGgTd
9fzbvYfqhXcG8wXKvDPDw2GlMvItxjJ3kzGmHaDU33c+h9Ep9u9C/Jsf/mKYo8E6
TsOAgkl1pU23cuETATi2BXx/HdH8cHUVX1ssuqiGJeVGLF+hsJuEAMS5wKexBnJ0
pVrknInSli7s4qPcVe0GYpULGRxT/FYEEeCBgl9WppkhUaU3h1Pwo2SstL6tdTwE
2vMCEi8HdQuWccxoGMEG1nE1/de2Rxv7bcefVHQTpofv47kDOlnjlIoFy9nCCVaF
fDGbMK3ArpTUNscDBs9d81U3r26/8him36H+QRvWfb7zI7DryxU=
=W7dq
-----END PGP SIGNATURE-----
Merge tag 'soc-fixes-6.2' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc
Pull ARM SoC DT and driver fixes from Arnd Bergmann:
"Lots of dts fixes for Qualcomm Snapdragon and NXP i.MX platforms,
including:
- A regression fix for SDHCI controllers on Inforce 6540, and another
SDHCI fix on SM8350
- Reenable cluster idle on sm8250 after the the code fix is upstream
- multiple fixes for the QMP PHY binding, needing an incompatible dt
change
- The reserved memory map is updated on Xiaomi Mi 4C and Huawei Nexus
6P, to avoid instabilities caused by use of protected memory
regions
- Fix i.MX8MP DT for missing GPC Interrupt, power-domain typo and USB
clock error
- A couple of verdin-imx8mm DT fixes for audio playback support
- Fix pca9547 i2c-mux node name for i.MX and Vybrid device trees
- Fix an imx93-11x11-evk uSDHC pad setting problem that causes Micron
eMMC CMD8 CRC error in HS400ES/HS400 mode
The remaining ARM and RISC-V platforms only have very few smaller dts
bugfixes this time:
- A fix for the SiFive unmatched board's PCI memory space
- A revert to fix a regression with GPIO on Marvell Armada
- A fix for the UART address on Marvell AC5
- Missing chip-select phandles for stm32 boards
- Selecting the correct clock for the sam9x60 memory controller
- Amlogic based Odroid-HC4 needs a revert to restore USB
functionality.
And finally, there are some minor code fixes:
- Build fixes for OMAP1, pxa, riscpc, raspberry pi firmware, and zynq
firmware
- memory controller driver fixes for an OMAP regression and older
bugs on tegra, atmel and mvebu
- reset controller fixes for ti-sci and uniphier platforms
- ARM SCMI firmware fixes for a couple of rare corner cases
- Qualcomm platform driver fixes for incorrect error handling and a
backwards compatibility fix for the apr driver using older dtb
- NXP i.MX SoC driver fixes for HDMI output, error handling in the
imx8 soc-id and missing reference counting on older cpuid code"
* tag 'soc-fixes-6.2' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: (60 commits)
firmware: zynqmp: fix declarations for gcc-13
ARM: dts: stm32: Fix qspi pinctrl phandle for stm32mp151a-prtt1l
ARM: dts: stm32: Fix qspi pinctrl phandle for stm32mp157c-emstamp-argon
ARM: dts: stm32: Fix qspi pinctrl phandle for stm32mp15xx-dhcom-som
ARM: dts: stm32: Fix qspi pinctrl phandle for stm32mp15xx-dhcor-som
ARM: dts: at91: sam9x60: fix the ddr clock for sam9x60
ARM: omap1: fix building gpio15xx
ARM: omap1: fix !ARCH_OMAP1_ANY link failures
firmware: raspberrypi: Fix type assignment
arm64: dts: qcom: msm8992-libra: Fix the memory map
arm64: dts: qcom: msm8992: Don't use sfpb mutex
PM: AVS: qcom-cpr: Fix an error handling path in cpr_probe()
arm64: dts: msm8994-angler: fix the memory map
arm64: dts: marvell: AC5/AC5X: Fix address for UART1
ARM: footbridge: drop unnecessary inclusion
Revert "ARM: dts: armada-39x: Fix compatible string for gpios"
Revert "ARM: dts: armada-38x: Fix compatible string for gpios"
ARM: pxa: enable PXA310/PXA320 for DT-only build
riscv: dts: sifive: fu740: fix size of pcie 32bit memory
soc: qcom: apr: Make qcom,protection-domain optional again
...
The memory for llcc_driv_data is allocated by the LLCC driver. But when
it is passed as the private driver info to the EDAC core, it will get freed
during the qcom_edac driver release. So when the qcom_edac driver gets probed
again, it will try to use the freed data leading to the use-after-free bug.
Hence, do not pass llcc_driv_data as pvt_info but rather reference it
using the platform_data pointer in the qcom_edac driver.
Fixes: 27450653f1 ("drivers: edac: Add EDAC driver support for QCOM SoCs")
Reported-by: Steev Klimaszewski <steev@kali.org>
Signed-off-by: Manivannan Sadhasivam <manivannan.sadhasivam@linaro.org>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Tested-by: Steev Klimaszewski <steev@kali.org> # Thinkpad X13s
Tested-by: Andrew Halaney <ahalaney@redhat.com> # sa8540p-ride
Cc: <stable@vger.kernel.org> # 4.20
Link: https://lore.kernel.org/r/20230118150904.26913-4-manivannan.sadhasivam@linaro.org