mirror of
https://github.com/torvalds/linux.git
synced 2026-05-12 16:18:45 +02:00
26ff969926
1430160 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Linus Torvalds
|
26ff969926 |
Rust changes for v7.1
Toolchain and infrastructure:
- Bump the minimum Rust version to 1.85.0 (and 'bindgen' to 0.71.1).
As proposed in LPC 2025 and the Maintainers Summit [1], we are going
to follow Debian Stable's Rust versions as our minimum versions.
Debian Trixie was released on 2025-08-09 with a Rust 1.85.0 and
'bindgen' 0.71.1 toolchain, which is a fair amount of time for e.g.
kernel developers to upgrade.
Other major distributions support a Rust version that is high enough
as well, including:
+ Arch Linux.
+ Fedora Linux.
+ Gentoo Linux.
+ Nix.
+ openSUSE Slowroll and openSUSE Tumbleweed.
+ Ubuntu 25.10 and 26.04 LTS. In addition, 24.04 LTS using
their versioned packages.
The merged patch series comes with the associated cleanups and
simplifications treewide that can be performed thanks to both bumps,
as well as documentation updates.
In addition, start using 'bindgen''s '--with-attribute-custom-enum'
feature to set the 'cfi_encoding' attribute for the 'lru_status' enum
used in Binder.
Link: https://lwn.net/Articles/1050174/ [1]
- Add experimental Kconfig option ('CONFIG_RUST_INLINE_HELPERS') that
inlines C helpers into Rust.
Essentially, it performs a step similar to LTO, but just for the
helpers, i.e. very local and fast.
It relies on 'llvm-link' and its '--internalize' flag, and requires
a compatible LLVM between Clang and 'rustc' (i.e. same major version,
'CONFIG_RUSTC_CLANG_LLVM_COMPATIBLE'). It is only enabled for two
architectures for now.
The result is a measurable speedup in different workloads that
different users have tested. For instance, for the null block driver,
it amounts to a 2%.
- Support global per-version flags.
While we already have per-version flags in many places, we didn't
have a place to set global ones that depend on the compiler version,
i.e. in 'rust_common_flags', which sometimes is needed to e.g. tweak
the lints set per version.
Use that to allow the 'clippy::precedence' lint for Rust < 1.86.0,
since it had a change in behavior.
- Support overriding the crate name and apply it to Rust Binder, which
wanted the module to be called 'rust_binder'.
- Add the remaining '__rust_helper' annotations (started in the
previous cycle).
'kernel' crate:
- Introduce the 'const_assert!' macro: a more powerful version of
'static_assert!' that can refer to generics inside functions or
implementation bodies, e.g.:
fn f<const N: usize>() {
const_assert!(N > 1);
}
fn g<T>() {
const_assert!(size_of::<T>() > 0, "T cannot be ZST");
}
In addition, reorganize our set of build-time assertion macros
('{build,const,static_assert}!') to live in the 'build_assert'
module.
Finally, improve the docs as well to clarify how these are different
from one another and how to pick the right one to use, and their
equivalence (if any) to the existing C ones for extra clarity.
- 'sizes' module: add 'SizeConstants' trait.
This gives us typed 'SZ_*' constants (avoiding casts) for use in
device address spaces where the address width depends on the hardware
(e.g. 32-bit MMIO windows, 64-bit GPU framebuffers, etc.), e.g.:
let gpu_heap = 14 * u64::SZ_1M;
let mmio_window = u32::SZ_16M;
- 'clk' module: implement 'Send' and 'Sync' for 'Clk' and thus simplify
the users in Tyr and PWM.
- 'ptr' module: add 'const_align_up'.
- 'str' module: improve the documentation of the 'c_str!' macro to
explain that one should only use it for non-literal cases (for the
other case we instead use C string literals, e.g. 'c"abc"').
- Disallow the use of 'CStr::{as_ptr,from_ptr}' and clean one such use
in the 'task' module.
- 'sync' module: finish the move of 'ARef' and 'AlwaysRefCounted'
outside of the 'types' module, i.e. update the last remaining
instances and finally remove the re-exports.
- 'error' module: clarify that 'from_err_ptr' can return 'Ok(NULL)',
including runtime-tested examples.
The intention is to hopefully prevent UB that assumes the result of
the function is not 'NULL' if successful. This originated from a case
of UB I noticed in 'regulator' that created a 'NonNull' on it.
Timekeeping:
- Expand the example section in the 'HrTimer' documentation.
- Mark the 'ClockSource' trait as unsafe to ensure valid values for
'ktime_get()'.
- Add 'Delta::from_nanos()'.
'pin-init' crate:
- Replace the 'Zeroable' impls for 'Option<NonZero*>' with impls of
'ZeroableOption' for 'NonZero*'.
- Improve feature gate handling for unstable features.
- Declutter the documentation of implementations of 'Zeroable' for
tuples.
- Replace uses of 'addr_of[_mut]!' with '&raw [mut]'.
rust-analyzer:
- Add type annotations to 'generate_rust_analyzer.py'.
- Add support for scripts written in Rust ('generate_rust_target.rs',
'rustdoc_test_builder.rs', 'rustdoc_test_gen.rs').
- Refactor 'generate_rust_analyzer.py' to explicitly identify host and
target crates, improve readability, and reduce duplication.
And some other fixes, cleanups and improvements.
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEPjU5OPd5QIZ9jqqOGXyLc2htIW0FAmnZVNQACgkQGXyLc2ht
IW09aA/9GIbluNhc5xNvfkMvv9Ki70TK+e/W78pQWoRlSmZU1MO6R5K2rMN+iYlu
98S53EO38P5wBWOjIVFHm9mD1b59T945gcyGk9DxxFdl6I5mFKGZvE0Z8onTE/9b
GUnO5dlWjmEwTfwD0csr4moLC8eoCGVmGpe4TEfvscAISeZJZwQ90UCoNSFy6TQS
rJyzmIOBraZPrf1qptt3Sk6KY3b9HaxLv3kh1TAPYH0Dmrhhp+ckHvn5lT8uB8ZW
xr1ThoP44Zwm+nq6JahiK1NWFXTs12vpoCQLbckJsN8r3GTmt9CfHll/0UcW5W7i
bCUeCJDNwfbpVALNmQxHjtkvmDAuhqypxCTFSMMrWS66LOUaKxZ+u0ioi/1Ljfp4
tCR1Uzpr3QD6c8rK0hJ28vW/5DjoqkMMwUDeUm6c36msST37xrDZPa/vN+VLxxhK
H8sQ3SyvE0JdK8wBvd/pHGHv+RvIdi7cbV5H/WqBpwzCcupExuXiKBdFHeVIfXkQ
zn7lsZtnBuL+hLpG1pz6BoCTW1KbR38YomaKupElkYCUYytu0H+0Af/lkK3HhviM
9uynUVsn0+JaS9QvogArW/d+I0w49yjRHkWxfXIJZd0+mkT9V3JrGY7/iXwewl5R
fRRP0hMx0vhY4f/Uss1qEu3RPfsafxnU1NBiVRZZtc37azSOKjE=
=xRA/
-----END PGP SIGNATURE-----
Merge tag 'rust-7.1' of git://git.kernel.org/pub/scm/linux/kernel/git/ojeda/linux
Pull Rust updates from Miguel Ojeda:
"Toolchain and infrastructure:
- Bump the minimum Rust version to 1.85.0 (and 'bindgen' to 0.71.1).
As proposed in LPC 2025 and the Maintainers Summit [1], we are
going to follow Debian Stable's Rust versions as our minimum
versions.
Debian Trixie was released on 2025-08-09 with a Rust 1.85.0 and
'bindgen' 0.71.1 toolchain, which is a fair amount of time for e.g.
kernel developers to upgrade.
Other major distributions support a Rust version that is high
enough as well, including:
+ Arch Linux.
+ Fedora Linux.
+ Gentoo Linux.
+ Nix.
+ openSUSE Slowroll and openSUSE Tumbleweed.
+ Ubuntu 25.10 and 26.04 LTS. In addition, 24.04 LTS using
their versioned packages.
The merged patch series comes with the associated cleanups and
simplifications treewide that can be performed thanks to both
bumps, as well as documentation updates.
In addition, start using 'bindgen''s '--with-attribute-custom-enum'
feature to set the 'cfi_encoding' attribute for the 'lru_status'
enum used in Binder.
Link: https://lwn.net/Articles/1050174/ [1]
- Add experimental Kconfig option ('CONFIG_RUST_INLINE_HELPERS') that
inlines C helpers into Rust.
Essentially, it performs a step similar to LTO, but just for the
helpers, i.e. very local and fast.
It relies on 'llvm-link' and its '--internalize' flag, and requires
a compatible LLVM between Clang and 'rustc' (i.e. same major
version, 'CONFIG_RUSTC_CLANG_LLVM_COMPATIBLE'). It is only enabled
for two architectures for now.
The result is a measurable speedup in different workloads that
different users have tested. For instance, for the null block
driver, it amounts to a 2%.
- Support global per-version flags.
While we already have per-version flags in many places, we didn't
have a place to set global ones that depend on the compiler
version, i.e. in 'rust_common_flags', which sometimes is needed to
e.g. tweak the lints set per version.
Use that to allow the 'clippy::precedence' lint for Rust < 1.86.0,
since it had a change in behavior.
- Support overriding the crate name and apply it to Rust Binder,
which wanted the module to be called 'rust_binder'.
- Add the remaining '__rust_helper' annotations (started in the
previous cycle).
'kernel' crate:
- Introduce the 'const_assert!' macro: a more powerful version of
'static_assert!' that can refer to generics inside functions or
implementation bodies, e.g.:
fn f<const N: usize>() {
const_assert!(N > 1);
}
fn g<T>() {
const_assert!(size_of::<T>() > 0, "T cannot be ZST");
}
In addition, reorganize our set of build-time assertion macros
('{build,const,static_assert}!') to live in the 'build_assert'
module.
Finally, improve the docs as well to clarify how these are
different from one another and how to pick the right one to use,
and their equivalence (if any) to the existing C ones for extra
clarity.
- 'sizes' module: add 'SizeConstants' trait.
This gives us typed 'SZ_*' constants (avoiding casts) for use in
device address spaces where the address width depends on the
hardware (e.g. 32-bit MMIO windows, 64-bit GPU framebuffers, etc.),
e.g.:
let gpu_heap = 14 * u64::SZ_1M;
let mmio_window = u32::SZ_16M;
- 'clk' module: implement 'Send' and 'Sync' for 'Clk' and thus
simplify the users in Tyr and PWM.
- 'ptr' module: add 'const_align_up'.
- 'str' module: improve the documentation of the 'c_str!' macro to
explain that one should only use it for non-literal cases (for the
other case we instead use C string literals, e.g. 'c"abc"').
- Disallow the use of 'CStr::{as_ptr,from_ptr}' and clean one such
use in the 'task' module.
- 'sync' module: finish the move of 'ARef' and 'AlwaysRefCounted'
outside of the 'types' module, i.e. update the last remaining
instances and finally remove the re-exports.
- 'error' module: clarify that 'from_err_ptr' can return 'Ok(NULL)',
including runtime-tested examples.
The intention is to hopefully prevent UB that assumes the result of
the function is not 'NULL' if successful. This originated from a
case of UB I noticed in 'regulator' that created a 'NonNull' on it.
Timekeeping:
- Expand the example section in the 'HrTimer' documentation.
- Mark the 'ClockSource' trait as unsafe to ensure valid values for
'ktime_get()'.
- Add 'Delta::from_nanos()'.
'pin-init' crate:
- Replace the 'Zeroable' impls for 'Option<NonZero*>' with impls of
'ZeroableOption' for 'NonZero*'.
- Improve feature gate handling for unstable features.
- Declutter the documentation of implementations of 'Zeroable' for
tuples.
- Replace uses of 'addr_of[_mut]!' with '&raw [mut]'.
rust-analyzer:
- Add type annotations to 'generate_rust_analyzer.py'.
- Add support for scripts written in Rust ('generate_rust_target.rs',
'rustdoc_test_builder.rs', 'rustdoc_test_gen.rs').
- Refactor 'generate_rust_analyzer.py' to explicitly identify host
and target crates, improve readability, and reduce duplication.
And some other fixes, cleanups and improvements"
* tag 'rust-7.1' of git://git.kernel.org/pub/scm/linux/kernel/git/ojeda/linux: (79 commits)
rust: sizes: add SizeConstants trait for device address space constants
rust: kernel: update `file_with_nul` comment
rust: kbuild: allow `clippy::precedence` for Rust < 1.86.0
rust: kbuild: support global per-version flags
rust: declare cfi_encoding for lru_status
docs: rust: general-information: use real example
docs: rust: general-information: simplify Kconfig example
docs: rust: quick-start: remove GDB/Binutils mention
docs: rust: quick-start: remove Nix "unstable channel" note
docs: rust: quick-start: remove Gentoo "testing" note
docs: rust: quick-start: add Ubuntu 26.04 LTS and remove subsection title
docs: rust: quick-start: update minimum Ubuntu version
docs: rust: quick-start: update Ubuntu versioned packages
docs: rust: quick-start: openSUSE provides `rust-src` package nowadays
rust: kbuild: remove "dummy parameter" workaround for `bindgen` < 0.71.1
rust: kbuild: update `bindgen --rust-target` version and replace comment
rust: rust_is_available: remove warning for `bindgen` < 0.69.5 && libclang >= 19.1
rust: rust_is_available: remove warning for `bindgen` 0.66.[01]
rust: bump `bindgen` minimum supported version to 0.71.1 (Debian Trixie)
rust: block: update `const_refs_to_static` MSRV TODO comment
...
|
||
|
Linus Torvalds
|
28483203f7 |
RCU changes for v7.1
NOCB CPU management:
- Consolidate rcu_nocb_cpu_offload() and rcu_nocb_cpu_deoffload() to reduce
code duplication.
- Extract nocb_bypass_needs_flush() helper to reduce duplication in NOCB
bypass path.
rcutorture/torture infrastructure:
- Add NOCB01 config for RCU_LAZY torture testing.
- Add NOCB02 config for NOCB poll mode testing.
- Add TRIVIAL-PREEMPT config for textbook-style preemptible RCU torture.
- Test call_srcu() with preemption both disabled and enabled.
- Remove kvm-check-branches.sh in favor of kvm-series.sh.
- Make hangs more visible in torture.sh output.
- Add informative message for tests without a recheck file.
- Fix numeric test comparison in srcu_lockdep.sh.
- Use torture_shutdown_init() in refscale and rcuscale instead of open-coded
shutdown functions.
- Fix modulo-zero error in torture_hrtimeout_ns().
SRCU:
- Fix SRCU read flavor macro comments.
- Fix s/they disables/they disable/ typo in srcu_read_unlock_fast().
RCU Tasks:
- Document that RCU Tasks Trace grace periods now imply RCU grace periods.
- Remove unnecessary smp_store_release() in cblist_init_generic().
RCU stall:
- Add BOOTPARAM_RCU_STALL_PANIC Kconfig option to allow triggering a kernel
panic on RCU stall via kernel boot parameter.
-----BEGIN PGP SIGNATURE-----
iQJKBAABCgA0FiEEcoCIrlGe4gjE06JJqA4nf2o45hAFAmnMBEAWHGpvZWxhZ25l
bGZAbnZpZGlhLmNvbQAKCRCoDid/ajjmEBCdD/4rUNIocKBmSJWHFeDzl8rvMGSx
RISjeaj8m+HUsQRSq7hecygUkSbGEQuj8KwFDJOsmuzhMRg3hR7yEz1AEphQiiIR
TN0IdGblQd57KqAk6sHsXA5mNjSWZfJQuOkvHsMxIJdhhDRDHPTGtaCBwlYoLc6b
de31LCvCfRL1QgiNAznTlPLRyehI9/+6VASLvKbmi3sQQv9B/KBBWydkryvMJbfW
uc05SUn2qQq2h/NNeYvo6RllXWMPqO4/0ll8Y71ltwFhg8JdS9qXDSFX5cWlLISA
uBA4pC9bk0xi7RGE5v4n9+fNNTr64Tjtd9QoxFvd/Jb6jdKDGjabwojoAYXCsdNw
r8Dp3fKwGofruhUqgO6LyHyG54Ro2paVYjsqr5HW9C6jalZ9+HmH5wOnKw2h5E/i
VRAM6MpwQ869ZeHhDxF8meRKf3+E+UIR95qfNZkABcFnwxgXheT+RASP/UOnoTM7
Zexuzp9c6GQu34MTt0Rz9vNfJta+ZmPlnccan1T3DgoHvcWip7IDhUD1Vqerd9/4
VK4JeeKI0t/fR5ydjs5qiA/O5caIFqtQTD0Ag2vLGQiP72pe2lRroIjD3xNZ2bWS
DN4k6ZCxR2hdPUcWzdYlGe2pYmvAlqCBxZ4fNgrs55uP2EuqW+Y8aJd9RwvRPb2B
wmTZepOh7Ct9+cjTBA==
=wjsx
-----END PGP SIGNATURE-----
Merge tag 'rcu.2026.03.31a' of git://git.kernel.org/pub/scm/linux/kernel/git/rcu/linux
Pull RCU updates from Joel Fernandes:
"NOCB CPU management:
- Consolidate rcu_nocb_cpu_offload() and rcu_nocb_cpu_deoffload() to
reduce code duplication
- Extract nocb_bypass_needs_flush() helper to reduce duplication in
NOCB bypass path
rcutorture/torture infrastructure:
- Add NOCB01 config for RCU_LAZY torture testing
- Add NOCB02 config for NOCB poll mode testing
- Add TRIVIAL-PREEMPT config for textbook-style preemptible RCU
torture
- Test call_srcu() with preemption both disabled and enabled
- Remove kvm-check-branches.sh in favor of kvm-series.sh
- Make hangs more visible in torture.sh output
- Add informative message for tests without a recheck file
- Fix numeric test comparison in srcu_lockdep.sh
- Use torture_shutdown_init() in refscale and rcuscale instead of
open-coded shutdown functions
- Fix modulo-zero error in torture_hrtimeout_ns().
SRCU:
- Fix SRCU read flavor macro comments
- Fix s/they disables/they disable/ typo in srcu_read_unlock_fast()
RCU Tasks:
- Document that RCU Tasks Trace grace periods now imply RCU grace
periods
- Remove unnecessary smp_store_release() in cblist_init_generic()"
* tag 'rcu.2026.03.31a' of git://git.kernel.org/pub/scm/linux/kernel/git/rcu/linux:
rcutorture: Test call_srcu() with preemption disabled and not
rcu: Add BOOTPARAM_RCU_STALL_PANIC Kconfig option
torture: Avoid modulo-zero error in torture_hrtimeout_ns()
rcu/nocb: Extract nocb_bypass_needs_flush() to reduce duplication
rcu/nocb: Consolidate rcu_nocb_cpu_offload/deoffload functions
rcu-tasks: Remove unnecessary smp_store_release() in cblist_init_generic()
rcutorture: Add NOCB02 config for nocb poll mode testing
rcutorture: Add NOCB01 config for RCU_LAZY torture testing
rcu-tasks: Document that RCU Tasks Trace grace periods now imply RCU grace periods
srcu: Fix s/they disables/they disable/ typo in srcu_read_unlock_fast()
srcu: Fix SRCU read flavor macro comments
rcuscale: Ditch rcu_scale_shutdown in favor of torture_shutdown_init()
refscale: Ditch ref_scale_shutdown in favor of torture_shutdown_init()
rcutorture: Fix numeric "test" comparison in srcu_lockdep.sh
torture: Print informative message for test without recheck file
torture: Make hangs more visible in torture.sh output
kvm-check-branches.sh: Remove in favor of kvm-series.sh
rcutorture: Add a textbook-style trivial preemptible RCU
|
||
|
Linus Torvalds
|
599bbba5a3 |
proc: make PROC_MEM_FORCE_PTRACE the Kconfig default
This kconfig option was introduced 18 months ago, with the historical default of always allowing forcing memory permission overrides in order to not change any existing behavior. But it was documented as "for now", and this is a gentle nudge to people that you probably _should_ be using PROC_MEM_FORCE_PTRACE. I've had that in my local kernel config since the option was introduced. Anybody who just does "make oldconfig" will pick up their old configuration with no change, so this is still meant to not change any existing system behavior, but at least gently prod people into trying it. I'd love to get rid of FOLL_FORCE entirely (see commit |
||
|
Linus Torvalds
|
fdcbb1bc06 |
Merge branch 'nocache-cleanup'
This series cleans up some of the special user copy functions naming and semantics. In particular, get rid of the (very traditional) double underscore names and behavior: the whole "optimize away the range check" model has been largely excised from the other user accessors because it's so subtle and can be unsafe, but also because it's just not a relevant optimization any more. To do that, a couple of drivers that misused the "user" copies as kernel copies in order to get non-temporal stores had to be fixed up, but that kind of code should never have been allowed anyway. The x86-only "nocache" version was also renamed to more accurately reflect what it actually does. This was all done because I looked at this code due to a report by Jann Horn, and I just couldn't stand the inconsistent naming, the horrible semantics, and the random misuse of these functions. This code should probably be cleaned up further, but it's at least slightly closer to normal semantics. I had a more intrusive series that went even further in trying to normalize the semantics, but that ended up hitting so many other inconsistencies between different architectures in this area (eg 'size_t' vs 'unsigned long' vs 'int' as size arguments, and various iovec check differences that Vasily Gorbik pointed out) that I ended up with this more limited version that fixed the worst of the issues. Reported-by: Jann Horn <jannh@google.com> Tested-by: Will Deacon <will@kernel.org> Link: https://lore.kernel.org/all/CAHk-=wgg1QVWNWG-UCFo1hx0zqrPnB3qhPzUTrWNft+MtXQXig@mail.gmail.com/ * nocache-cleanup: x86-64/arm64/powerpc: clean up and rename __copy_from_user_flushcache x86: rename and clean up __copy_from_user_inatomic_nocache() x86-64: rename misleadingly named '__copy_user_nocache()' function |
||
|
Linus Torvalds
|
028ef9c96e | Linux 7.0 | ||
|
Linus Torvalds
|
10d97b74e2 |
- Fix the error path ordering when the driver-private descriptor
allocation fails -----BEGIN PGP SIGNATURE----- iQIyBAABCgAdFiEEzv7L6UO9uDPlPSfHEsHwGGHeVUoFAmnb5aYACgkQEsHwGGHe VUqu5Q/3eYW1Ygbiti2MFGqLJPwAtzgQ0w7X6YjxzcfjG/zRuUjXjorCYz0NQSik dMMh1X2ebLj3YuLnhM3KDBoU7EM8nIvfQDw4aUU05k9UaXnxxsAb/VTMw62w/9SP bwl/3XfxlMw85kj+G1WBhPfhxX9t4v45PxSVV8gGaGwmMyDR2wRMkV9z3GYCctU7 OKDhe4gJa28wB8BdvyJ0yvRFvjxhtPC3KAjDVfqwoMaTghpE2camzE6bOxkXgZ6o dTPbRq494+cJTtfr1RgkYeATSv3yzvezxbkGoLVYe2Ch2Os+1hwMlk7ZSI7/mecC 2gwavPZ7F2mqj/y/QI+HRy9SaDJP+ntYamtw46xGjvxYadzmsrLVGgtLnFT0u0PR IoajSaY+LMiuEQCIlrBRtE1E0X10XCaIgTvl3W31+vvjvw655OSPWOQqDPoIpBvj 4SZ+89wb5t8vF9LVECYp66AMAkl3N20esm2yNzAEObOi+hsaSggG+RSPd4JOvpkn nJ30P4AUFsRun+Jdq7m0vKltT5OuheToSToDRAKpizxtoWBHg/+rUy2FHI7RmPoD V4JodpsoK3RbR4kWzovotOBiDjt9SFIVh1Y5kSULG3U31kGuWUgkaYMTmsH6A43t g3Sc+Xb7f2F8wsExFB38zID8p+eOCyUb0BsYaJp4mMK5Iafz/g== =pvsc -----END PGP SIGNATURE----- Merge tag 'edac_urgent_for_7.0' of git://git.kernel.org/pub/scm/linux/kernel/git/ras/ras Pull EDAC fix from Borislav Petkov: - Fix the error path ordering when the driver-private descriptor allocation fails * tag 'edac_urgent_for_7.0' of git://git.kernel.org/pub/scm/linux/kernel/git/ras/ras: EDAC/mc: Fix error path ordering in edac_mc_alloc() |
||
|
Linus Torvalds
|
35bdc192d8 |
workqueue: Fixes for v7.0-rc7
- Fix incomplete activation of multiple inactive works when unplugging a
pool_workqueue, where the pending_pwqs list wasn't being updated for
subsequent works.
-----BEGIN PGP SIGNATURE-----
iIQEABYKACwWIQTfIjM1kS57o3GsC/uxYfJx3gVYGQUCadvRzg4cdGpAa2VybmVs
Lm9yZwAKCRCxYfJx3gVYGeLdAP9SZN3b4QRE79fnP/1dzf2RR/XWlFq7x49Wv1nP
mmpwjQEAx/B6YabLNp98bdxaoygUkdz3zBDnL7oaWx/G0p9T/QA=
=80oo
-----END PGP SIGNATURE-----
Merge tag 'wq-for-7.0-rc7-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq
Pull workqueue fix from Tejun Heo:
"This is a fix for a stall which triggers on ordered workqueues when
there are multiple inactive work items during workqueue property
changes through sysfs, which doesn't happen that frequently.
While really late, the fix is very low risk as it just repeats an
operation which is already being performed:
- Fix incomplete activation of multiple inactive works when
unplugging a pool_workqueue, where the pending_pwqs list
wasn't being updated for subsequent works"
* tag 'wq-for-7.0-rc7-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq:
workqueue: Add pool_workqueue to pending_pwqs list when unplugging multiple inactive works
|
||
|
Linus Torvalds
|
ab3dee2640 |
Two fixes for the time/timers subsystem:
- Invert the inverted fastpath decision in check_tick_dependency(), which
prevents NOHZ full to stop the tick. That's a regression introduced in
the 7.0 merge window.
- Prevent a unpriviledged DoS in the clockevents code, where user space
can starve the timer interrupt by arming a timerfd or posix interval
timer in a tight loop with an absolute expiry time in the past. The
fix turned out to be incomplete and was was amended yesterday to make
it work on some 20 years old AMD machines as well. All issues with it
have been confirmed to be resolved by various reporters.
-----BEGIN PGP SIGNATURE-----
iQJEBAABCgAuFiEEQp8+kY+LLUocC4bMphj1TA10mKEFAmnboPYQHHRnbHhAa2Vy
bmVsLm9yZwAKCRCmGPVMDXSYocEDD/4+aEut3QsitcZliE5KTpD4QFVo70Ky5MMe
XvQgOJyvSJeUBjOW3UVROEZvBWxpb0bYRbXGTs37pCKK4DwjOmodAaY6OI5W/atb
13lnVWSiCKkZoRLs3+G+PCxCD3WuS2HhZc27fiFJmXNyLGfaLBVC2trNnheEBmUs
m3DleuJYiuL3tNbQqlKJ2nIXJFp9qpHSkZ241gxinTvFhBz6QhhAkegMbq9DmHTR
dps4xc3dtNm1poEcTKFeZesfpqlgJaX5LoDydtOFtDomKbXX2SzD82nvCBritUty
ICcd99kIpAgREEn+aer7hokV8X3eAOBRrzPe8tqWl2mc55jcjQJHxD8dE3zIAv5a
AkcnIsiItfHLCPB3iP95inUQoeBCvAX7jCWaLFH8EZCz8QfLALSetjn6HSbWeN/6
ANqFsWlKhK7b1+VcdSL8LVdPtEsE2ILEIHR8dF9GqkVXzs1OPEJJHQoqQxUfDhpa
BdAahPCybY+7lcvZko+WJYJ2Xj0TPRbvav9Ol1o8c8xLF3itFDTCL+E2VMoLdpUn
F8SRDo2FUwysO4NVjHzR7YRTBhlF1pC3MgvPCL2kCekPv2TDUgacHjygnd/QGQ8m
cEOZlD/FlCVE+MNSaLYOUFYJ2a7QwO4qCXOhjy6OFMtO3ezJnol9plqCRCJfhkgy
towg2pGIaQ==
=cnPC
-----END PGP SIGNATURE-----
Merge tag 'timers-urgent-2026-04-12' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull timer fixes from Thomas Gleixner:
"Two fixes for the time/timers subsystem:
- Invert the inverted fastpath decision in check_tick_dependency(),
which prevents NOHZ full to stop the tick. That's a regression
introduced in the 7.0 merge window.
- Prevent a unpriviledged DoS in the clockevents code, where user
space can starve the timer interrupt by arming a timerfd or posix
interval timer in a tight loop with an absolute expiry time in the
past. The fix turned out to be incomplete and was was amended
yesterday to make it work on some 20 years old AMD machines as
well. All issues with it have been confirmed to be resolved by
various reporters"
* tag 'timers-urgent-2026-04-12' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
clockevents: Prevent timer interrupt starvation
tick/nohz: Fix inverted return value in check_tick_dependency() fast path
|
||
|
Linus Torvalds
|
02640d8886 |
Fix DL server related slowdown to deferred fair tasks.
Signed-off-by: Ingo Molnar <mingo@kernel.org> -----BEGIN PGP SIGNATURE----- iQJFBAABCgAvFiEEBpT5eoXrXCwVQwEKEnMQ0APhK1gFAmnbSK8RHG1pbmdvQGtl cm5lbC5vcmcACgkQEnMQ0APhK1jwlg/8DwVE6c2SeQH51lvWNpzOp+1C/Q+P7Fxv PofW6L4AQHclj0NHSjSN+NNEuQ4y4VeaxNeJHtRrRBkAV7cPB0MOEqzRU6dpgaA+ Tlcm54X6+9xXjWpkLqCZvJBxmK6/d6NUt4mCJbXa/x7omVDoo/8I646WTbdDRZ1p YIJ63x+U06+81S/3DhsUR0X4+r5GlJDB3iTlEI3wZ26XeLsT/MvWs30QEzeQ1mzM zqqCYZ36aq1ULAz/nRYmGDIEsbwkBU0vXWeZDNeqGvMzNSK8P+Vejdd3wXXPs4vS QxbVCMQv256zmK3B9l7av0aJEwszs0aMqW/PD5QVLxTrWwV35akC0QF5GdAwNVbz m52KFMWElfq/Bu/fc/HrYeuEUY4ViA6/5Wrq021YGctidpEr+BFcFiLumQB6LL8/ 3lOBqwHtiM2qAtEvVCPgfVf3P9KmGl1OAw5TzgzzqKjA5TcDqSAe2CI/wvDhc6WK sSXo6pI3IOE2Q03X5b06Lyqd/NMVhBTb6DfwHTXdYbiDloV3m92UABBFfN9t6/qh IIn3U5JJEydZPaSKP1N9IdYScaRgqFgA2tXcMSqD1EJUYBJjh8Sp2cnv49nlfvK8 fYoSniKlmfnSaS4ooHGp/z44BCceY7x+zfGBgdMfgf31EKypqwn71biXxqvquJoA UZTOfCJ/fRc= =b4Dg -----END PGP SIGNATURE----- Merge tag 'sched-urgent-2026-04-12' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull scheduler fix from Ingo Molnar: "Fix DL server related slowdown to deferred fair tasks" * tag 'sched-urgent-2026-04-12' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: sched/deadline: Use revised wakeup rule for dl_server |
||
|
Linus Torvalds
|
d71358127c |
Fix incorrect hardware errors reported on Zen3 CPUs, such
as bogus L3 cache deferred errors. (Yazen Ghannam) Signed-off-by: Ingo Molnar <mingo@kernel.org> -----BEGIN PGP SIGNATURE----- iQJFBAABCgAvFiEEBpT5eoXrXCwVQwEKEnMQ0APhK1gFAmnbR60RHG1pbmdvQGtl cm5lbC5vcmcACgkQEnMQ0APhK1hksA/9E29kFCKEc+MpZ634k1Gb+fsUG0mPvUKa DMDqopOAlpW2TgcVkjEecPMwXIVVn2jC68pMGpW9BRkI5VxRbVq2UkmzvYsPGb4S lGO83ng4cxu+WHmWST4+7Mm/8XUZNxA3iunFJb/B1rxfA6R6s94VulcQ5PckE5ws 8X8QdueFOYr/ZgscHpan4lXzWXzJnqvhypUr+UYeRQtweScgI9/HA19+zzfO4+Er TzdcperNeBTS0TaXjZTdDtCJ9rQD4iQvokfUqItEkfBLbv136BM9dWkJp3mbTlv9 RUqbdPlXuFxxEUzJTpg2Y6qmo9n11nrt75UvE9WGuNPRQASqRvzIOfSfW7cMccJ0 PyH34KovrjUATUNHCuhvk8KnIRjy+sToT/wGkKD8hXeszG7dsH2W3ED85wqGvpbs m6tb0JLYsLJ3eg40I+wwMmm3eMGJZNsxmstk7j7pBEqMPCh3X9vojlALfM+oiHwH Fw4/jwukKQsqWR8cupOkM1EaIlEC3vsjdVXrshVok+sZ6s1bJ5iBn0zO82YC5pHJ U4u5mY5g1c/mcZ1Y7Mt9+ZYeWvq8yD3jjgmvyJEsJN2FgsiOnmWLBPQNCR2faflm QlDEiW6GwBhrt5esaTT50+5Jm8e8gb1dsu9GpOgMb4Mfc+jWIX1h65NVOBItHkuA fjxy9HLW+p8= =vLvD -----END PGP SIGNATURE----- Merge tag 'ras-urgent-2026-04-12' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 MCE fix from Ingo Molnar: "Fix incorrect hardware errors reported on Zen3 CPUs, such as bogus L3 cache deferred errors (Yazen Ghannam)" * tag 'ras-urgent-2026-04-12' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/mce/amd: Filter bogus hardware errors on Zen3 clients |
||
|
Linus Torvalds
|
c919577eee |
Four Intel uncore PMU driver fixes by Zide Chen.
Signed-off-by: Ingo Molnar <mingo@kernel.org> -----BEGIN PGP SIGNATURE----- iQJFBAABCgAvFiEEBpT5eoXrXCwVQwEKEnMQ0APhK1gFAmnbRnARHG1pbmdvQGtl cm5lbC5vcmcACgkQEnMQ0APhK1iZ6Q//ZJVnNVBHFctOYSlnu+KBcdeAKtVZmvhi 8BHetkzkO2ZPZzEFy3JRWfYcwy3toCS1JXccGUET6eI8gcpKYMUwGpzLzvoWy6p7 CkWt4ABKDBFtY+pg48nffEiEAfIdMdLTyGs20boQZiAw3wx5K3vEafTr7eS3vzgX Tkqhu33nNxZkOabKVY5Vz5rnj6ZLC9zcsYnf4Bc79PR8Fe8f4a+LdcjWGNKw2Svh o694XNXDGz7iJgvO/5alVDRAC3p8tTZHt67d75sO3RbPCD619XN7kd2G3QkaTwn2 OJZ8axx/gaLCnVKdk1FAmi87zGeM2Lf/dutpMnLhJcnqR5IdaVd5nqYHfChCoUvH BmWJnpTPXRJbrg+RSsDjVk43YexoVps7+7lhjo21vIyAwxLPffQoPIWTwCGSl0gO QcWSTHc9NBEQsrMRZJIOBaLGVf9lu7DiHs4gJIllmHp4VULSYmqS/vxNgbWf1/Z0 05Zj5Mypz6HHBQv9+HYB0nCNgKQG3N7VrU71nDIFP6Ah0in77UZmLKr75jMQ0ZSn zAjyKzWU+OBhooTpoVDLr7ov+zDVNf4R/ItL5Q4GfCcBTmts0vXoSStKEh7w5XDw 3JwhJLkwQjLFmZrwXEfcrZ8unJh/mkRhR2Ycuv5lqkla3AKBrSPCkNpRfw2kQ/Ro H4T2vVHuOu0= =x3sc -----END PGP SIGNATURE----- Merge tag 'perf-urgent-2026-04-12' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull perf fixes from Ingo Molnar: "Four Intel uncore PMU driver fixes by Zide Chen" * tag 'perf-urgent-2026-04-12' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: perf/x86/intel/uncore: Remove extra double quote mark perf/x86/intel/uncore: Fix die ID init and look up bugs perf/x86/intel/uncore: Skip discovery table for offline dies perf/x86/intel/uncore: Fix iounmap() leak on global_init failure |
||
|
Linus Torvalds
|
8648ac819d |
This push contains the following changes:
- Enforce rx socket buffer limit in af_alg. - Fix array overflow in af_alg_pull_tsgl. - Fix out-of-bounds access when parsing extensions in X.509. - Fix minimum rx size check in algif_aead. -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEn51F/lCuNhUwmDeSxycdCkmxi6cFAmnbMEoACgkQxycdCkmx i6dfGhAAv9CfsRzOYAxDkfjiTm34qHJAWXluICDSkHzbATXIUldRSeArI0Y5aNij TPtYr/8gFX+WScIWIoaFtJJKdQodcy44Mn3YoUluaVHzsifOGhJPM/wGjq8q+kpp 9jAZdAmF4EPL6mM787NZZfHtX6K9eJJ1OWs1XQREjZqJxBmBDltCUjHf1yYm4TUU ZKuEducqd9b/NGcIEOzsTkT5bo7HNj7kfjiY2AvXX55K0C2GIkmm8FLl9SQ5RBwJ 8xpY/x8AKf37JjSuk+m07NP5unvfz50sG9m+Wl4VYMPuKDDT6YHTW/cdu+nZdOHd NAQm2+4hRabUsIzIWDA2iv0FhJMc8l79gnfVjXkRFBm1XDg2T+53FCAGP/s7UCa0 DGnpEBlq61Cm4yOsXfmoo4irnSHpUZfSwNdxMMhFjdbv78WU3NAIkM26kZeBcxRJ 7p9fh6+8Y09rPkbf8LRKX7ZpV1EWW01FNmVlzRGQfyc60tSAwAWcyuxNnqNmBK/k ssQlMcD4CIcNxVYGWWQaE0I6dxmJGMNQLKkANhjGjMZvGePnZb16XpDKjFNWUOt1 BLoE4yohwSes5EUBE2mt7w1VcLsnZTePbH3DqeL8zZkBIza6NhBE96Z/JdCpvFFf 157BBFPJ7/hy6pQwK9BpsPFT82gtSo2Y8plwJ30MvaS3sEv9sjg= =7lhB -----END PGP SIGNATURE----- Merge tag 'v7.0-p5' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 Pull crypto fixes from Herbert Xu: - Enforce rx socket buffer limit in af_alg - Fix array overflow in af_alg_pull_tsgl - Fix out-of-bounds access when parsing extensions in X.509 - Fix minimum rx size check in algif_aead * tag 'v7.0-p5' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: crypto: algif_aead - Fix minimum RX size check for decryption X.509: Fix out-of-bounds access when parsing extensions crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl crypto: af_alg - limit RX SG extraction by receive buffer budget |
||
|
Herbert Xu
|
3d14bd48e3 |
crypto: algif_aead - Fix minimum RX size check for decryption
The check for the minimum receive buffer size did not take the
tag size into account during decryption. Fix this by adding the
required extra length.
Reported-by: syzbot+aa11561819dc42ebbc7c@syzkaller.appspotmail.com
Reported-by: Daniel Pouzzner <douzzer@mega.nu>
Fixes:
|
||
|
Lukas Wunner
|
d702c34082 |
X.509: Fix out-of-bounds access when parsing extensions
Leo reports an out-of-bounds access when parsing a certificate with empty Basic Constraints or Key Usage extension because the first byte of the extension is read before checking its length. Fix it. The bug can be triggered by an unprivileged user by submitting a specially crafted certificate to the kernel through the keyrings(7) API. Leo has demonstrated this with a proof-of-concept program responsibly disclosed off-list. Fixes: |
||
|
Herbert Xu
|
31d00156e5 |
crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl
When page reassignment was added to af_alg_pull_tsgl the original
loop wasn't updated so it may try to reassign one more page than
necessary.
Add the check to the reassignment so that this does not happen.
Also update the comment which still refers to the obsolete offset
argument.
Reported-by: syzbot+d23888375c2737c17ba5@syzkaller.appspotmail.com
Fixes:
|
||
|
Linus Torvalds
|
f5459048c3 |
i2c-for-7.0-final
imx: set dma_slave_config to 0 and avoid uninitialized fields -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEOZGx6rniZ1Gk92RdFA3kzBSgKbYFAmnaumsACgkQFA3kzBSg KbZ4rw/9GS9rHHX2P+8xtiHVYLZwhua2aCFC/PCDGrxj20ijr5VGjifGzP6pKqtJ rBUxlz8V264UcOxaLKlZsQSxd/kQEYcMJzCfspsUaKhxvgch5PGDI6WIeIjBrc/4 HXQxNy9LadNXS1KdcfQd1BLv44T3A5VANUdNBWxEy+E4WHRSpoN2kCSdW1xIC4mO iopoF0MC9w52BfI7wJLjkX3PPOykd4GWGxKwPqbZeaK/JivyOEaLXr3D5h2tKG3Q pawJzDDbpYwIzYUwECVR+VKrJVAnRT/lmVvust4HdNLmGU5Lz2BnsRsL8S4tu6Nn xJP7rqXR59E+T3cyqPttLZ8B2/kYBTS9XG6wQlAIh/Wyn3RBXkEGQmV5WpeTvJgU zF4D4nmY/zXC0sRAu1in9AgyVHkvVLsZu8785UjuVn4L6vP81oCs1eJCjXtYue5V mQvJU7N/nrm3Bd38ZMlrRHG1cIEnyGgfPh0z+ff+HCBZLEJGLGSDp6D0gNNdmdSX FYCSVMU+yOL5i8wXny09FyIQUeGrOZcuJ9PkS1RD54Rw+OFflqY+rBinQ2avCOaF Dg4FgIWhAKF5iYy1SDDTJc6N97OGDJjpLMp+e2KG9nuhEEIue3PqwtqbqXH3Mc9O sYk1eqyXqBn3qh3W8pxcW+5G1TFrviN6d10/o8zVWZR4YTQu/0E= =sqdX -----END PGP SIGNATURE----- Merge tag 'i2c-for-7.0-final' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux Pull i2c fix from Wolfram Sang: - imx: set dma_slave_config to 0 and avoid uninitialized fields * tag 'i2c-for-7.0-final' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux: i2c: imx: zero-initialize dma_slave_config for eDMA |
||
|
Linus Torvalds
|
e753c16cb3 |
spi: Fixes for v7.0
A couple of changes here, one update to MAINTAINERS for the AMD controller and a chnage from Pei Xiao which in spite of the changelog is actually a fix - previously the zynq-qspi driver leaked a clock enable for every flash operation it did which isn't good, these extra enables were removed when doing the enable cleanup which are probably a good idea anyway. -----BEGIN PGP SIGNATURE----- iQEzBAABCgAdFiEEreZoqmdXGLWf4p/qJNaLcl1Uh9AFAmnan/YACgkQJNaLcl1U h9BQLQf9FyBF84+tdZmpjbpo4AUFPkoViQYJH5u8cjkyek+Nsloy3uPtrsJVU0br 94+ImyTmJwaQyLQXmsm05K0GJ1ieo36JlGQNCoLYjlSSSgOU3CUkaIz5Y7QwpCF5 CGnuMErhl4EqhEV/T47Y4ehcrd8NOgoDMXMuThXcIYTN02W7C+rqOELDJ+bUOiWB c1SDyWYDv+xsK2eqxFHi8u/P3/z+Jth5poX7qeKHeNM1GF40+2/zGTTsqlHC/g9A GSaSnoPNCgproko5pLQqabvLA444FbaMjUJskv1qvpXJt1cex8e/RbBOe4JGHaWI z27Bu0jaiGW+B9OT9JTkPfbeTWTQRA== =PqQH -----END PGP SIGNATURE----- Merge tag 'spi-fix-v7.0-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi Pull spi fixes from Mark Brown: "A couple of changes here, one update to MAINTAINERS for the AMD controller and a chnage from Pei Xiao which in spite of the changelog is actually a fix - previously the zynq-qspi driver leaked a clock enable for every flash operation it did which isn't good, these extra enables were removed when doing the enable cleanup which are probably a good idea anyway" * tag 'spi-fix-v7.0-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi: MAINTAINERS: Update AMD SPI driver maintainers spi: zynq-qspi: Simplify clock handling with devm_clk_get_enabled() |
||
|
Linus Torvalds
|
e8ab311052 |
regulator: Fix for v7.0
One last fix for v7.0, the BD72720 incorrectly described which DCDC is tied to the LDO for it's LDON-HEAD mode which automates using the DCDC to more efficiently drop a supply for delivery via the LDO. -----BEGIN PGP SIGNATURE----- iQEzBAABCgAdFiEEreZoqmdXGLWf4p/qJNaLcl1Uh9AFAmnanvQACgkQJNaLcl1U h9AWWgf9HlWXVqG7M/tFqKoa1Xyza2EkUiyQWNW1dkiXGipxOg+MOa/yeFtyE6gD RClIkujt4Tt9dwI91FJ+HfWJ8O+Ux1XKRzCxsAe01gyhf68I4hQ2tl35yVzkuuyl VXdLHlek1dVGNl94IZQDPHYeICrvGCnk/OC7nf+V8bZU1YgfJTMYvNHrArPy2+zH SY4iZcJcR+vJwgWnZHeBTwzWPCWurYYz+XAEj7RseAJKqE8G3Idlqd/yIupM5mbo MhWnl1fP8xjv0tq6xhrwXPowxUt08OU9kARg+Siqy1kKN81tb0uocofUHAVGtBel y14mFWeRbYwh19yAG72guXSfUfyudw== =e5bj -----END PGP SIGNATURE----- Merge tag 'regulator-fix-v7.0-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator Pull regulator fix from Mark Brown: "One last fix for v7.0, the BD72720 incorrectly described which DCDC is tied to the LDO for its LDON-HEAD mode which automates using the DCDC to more efficiently drop a supply for delivery via the LDO" * tag 'regulator-fix-v7.0-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator: regulator: bd71828-regulator.c: Fix LDON-HEAD mode |
||
|
Linus Torvalds
|
086aca1030 |
s390:
* KVM: s390: vsie: Fix races with partial gmap invalidations x86: * KVM: x86: Use __DECLARE_FLEX_ARRAY() for UAPI structures with VLAs -----BEGIN PGP SIGNATURE----- iQFIBAABCgAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmnaOrgUHHBib256aW5p QHJlZGhhdC5jb20ACgkQv/vSX3jHroPTOwf8DW6BXYgHdDOWiiQQETD+D/JWbceG 9fKMdNjt48It3hKWc9oJ2eZU2avRHf7d8hAIUIhOeiUbeVf4QrLUfQXzP9j/9P+T vRpMlDf5Ampv3m8LxTBGESgwrlRHtWDGUFsE+CcVAIWEQfCsXnbwkeo3L9aCLTgA ekrnHqsx+Oh/n2+siEp0Nz0n8gT0hCtbqAqJlVcuHpJvzRzeDvcnukvHxjIydR65 uIFY5dahzheGqbPhplGKKAdPCHD+/S6QB+ShqKrT92zeZvhPZrt1XHV4Bt/sKSkP 9uAeuJ+JtbZvMG7n8fCg5ebwqJrw15uddZcV8l3qIuxHzyZ/XzKYhQm4oA== =7zjP -----END PGP SIGNATURE----- Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm Pull kvm fixes from Paolo Bonzini: "s390: - vsie: Fix races with partial gmap invalidations x86: - Use __DECLARE_FLEX_ARRAY() for UAPI structures with VLAs" * tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm: KVM: s390: vsie: Fix races with partial gmap invalidations KVM: x86: Use __DECLARE_FLEX_ARRAY() for UAPI structures with VLAs |
||
|
Linus Torvalds
|
558b9206d5 |
Probes fixes for v7.0-rc7
- tracing/probe: reject non-closed empty immediate strings Fixed a buffer index underflow bug that occurred when passing an non-closed empty immediate string to the probe event. -----BEGIN PGP SIGNATURE----- iQFPBAABCgA5FiEEh7BulGwFlgAOi5DV2/sHvwUrPxsFAmnaJr8bHG1hc2FtaS5o aXJhbWF0c3VAZ21haWwuY29tAAoJENv7B78FKz8b4PcH/29I02lnjYf4IJ6oiANa K5+RU+Xq0z+Tn079GapHI9vmF8d9M89bI76fqKAVBGHosk+QTdYPLwupbowY72Fq 5uZPpkMXD+cvNJz0qGEq2WOPeB+VGxq8zR/lnZjhZLupJP0DfBp6SpXS0lFx4d0Q x+bw6keG7Guq0ocq2mFNWPo2U8bxlh78UrX+pYoIHyjeO+LVNC7X7Ld3aRDebMck uDnS5oLNMojd4Vi5WYuP1GzGzIUJ0cXDDXnSVqHP5zdt7VV83eZNlfWOKe1YyHEq FoVTrb3dRFFWn2EdXOJB+DjQXWZeZtUsfJTxWm4UgPgV1DmLmBFurfB8Kk0JmX7S 0XU= =vHwk -----END PGP SIGNATURE----- Merge tag 'probes-fixes-v7.0-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace Pull tracing probe fix from Masami Hiramatsu: "Reject non-closed empty immediate strings Fix a buffer index underflow bug that occurred when passing an non-closed empty immediate string to the probe event" * tag 'probes-fixes-v7.0-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace: tracing/probe: reject non-closed empty immediate strings |
||
|
Linus Torvalds
|
6b5199f4cf |
USB fix for 7.0-final
Here is a single USB fix for a reported regression in a recent USB typec patch for 7.0-final. Sorry for the late submission, but it does fix a problem that people have been seeing with 7.0-rc7 and the stable kernels (due to a backported fix from there.) This has been in linux-next this week with no reported issues, and the reporter (Takashi), has said it resolves the problem they were seeing. Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> -----BEGIN PGP SIGNATURE----- iG0EABECAC0WIQT0tgzFv3jCIUoxPcsxR9QN2y37KQUCadofdQ8cZ3JlZ0Brcm9h aC5jb20ACgkQMUfUDdst+ynZ2QCfURKY6dXrKRPZT5L5GXa+wMNKdlMAnRz+9K0L NEuwv8+EEEDmXKYmngTM =ZiC/ -----END PGP SIGNATURE----- Merge tag 'usb-7.0-final' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb Pull USB fix from Greg KH: "Here is a single USB fix for a reported regression in a recent USB typec patch for 7.0-final. Sorry for the late submission, but it does fix a problem that people have been seeing with 7.0-rc7 and the stable kernels (due to a backported fix from there.) This has been in linux-next this week with no reported issues, and the reporter (Takashi), has said it resolves the problem they were seeing" * tag 'usb-7.0-final' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb: usb: typec: ucsi: skip connector validation before init |
||
|
Linus Torvalds
|
778322a06e |
Input updates for v7.0-rc7
- a fix for circular locking dependency in uinput - a fix for potential corruption of uinput event queue -----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQST2eWILY88ieB2DOtAj56VGEWXnAUCadnMIgAKCRBAj56VGEWX nIq2AP9KokKsXT2JwF6E/V9/eQiCXUija5lVu0eUUmjc5CpbvwEA8OTkbCgkHt62 Vux7F+drj4w5p13Fxj0+pgztZW1pfQc= =KHyc -----END PGP SIGNATURE----- Merge tag 'input-for-v7.0-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input Pull input fixes from Dmitry Torokhov: "Two fixes for force feedback handling in uinput driver: - fix circular locking dependency in uinput - fix potential corruption of uinput event queue" * tag 'input-for-v7.0-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input: Input: uinput - take event lock when submitting FF request "event" Input: uinput - fix circular locking dependency with ff-core |
||
|
Paolo Bonzini
|
1fe7294dfb |
KVM: s390: One very last second fix
Fix one more gmap-rewrite issue: races with partial gmap invalidations. -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEoWuZBM6M3lCBSfTnuARItAMU6BMFAmnVLyYACgkQuARItAMU 6BOlFBAAycmLpPZlezQfBZ7BUFLYVlZjxE1aeT+s09U9i6OtKblGfEaMtM8ivbtq gcQALX8KbNJM1tkQRJGyE15+AhofCXcjbEiWxCJ3PzktoMhSU1If10EbpRenPxlB gqylMolWJ3wHuq3swlmHNCSFBKGci/jDJfed01QxSda7ngQ2uEqS7iF9ud/zyZgt IcTlsmIR0jT5vcq1eyaHw5NQ8bvMgJrzp85SwY7uTZIV2NDyUKIdsW6aYvI9jGCH Y39OgK/Nz7oKJgguMKiJetXYWhPPg/3sqRhKSseD9URypxaAvWOmPOrwxa2QtrCS sv1p2kGTKikep9wxTnvdXwxQOFDVQFyMcT77DDwGl7kWkKHRSZtbGskdesmdvni/ QEW5IqgO/f7jfTbuPmmgNf93QzTWiGSBLsjOjSY3IcqGrhwe6/JAdu21Ge+Oi+kA 0FWE1Q97tHZRuSGHIiWlFgziCAl0EKzaRenPaLX7j3s7TuaGoOGE7WEC8zPldnpi MUNfts8MIxOr+CEz5wM6duIym+YC2ZKJn87TOo5tJ3xM7JbPhflNTossnkYSkVuS WZNhArK+NrlP6NF1dTy7RBePOHHLH7RCxoYSoZ/dMYwr9sMcxAp0ULnMwQxVwx23 1OXqGQwS/rkhy/Gw77MhNdyUa8hxsK4nOWDebhJVxTjEVLbd9vE= =UmKD -----END PGP SIGNATURE----- Merge tag 'kvm-s390-master-7.0-4' of https://git.kernel.org/pub/scm/linux/kernel/git/kvms390/linux into HEAD KVM: s390: One very last second fix Fix one more gmap-rewrite issue: races with partial gmap invalidations. |
||
|
Paolo Bonzini
|
0e9b0e0124 |
KVM x86 fixes for 7.1
Declare flexible arrays in uAPI structures using __DECLARE_FLEX_ARRAY() so that KVM's uAPI headers can be included in C++ projects. -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEKTobbabEP7vbhhN9OlYIJqCjN/0FAmnZHqsACgkQOlYIJqCj N/331BAApsvBOvcKxeHM598wAsZTtBIUiMWrm/hybB2zhXxbcC9BDPN5NrYP9eJX khlLm9YRDI2Hvk8QNuwPXV/mHU5U0HNJ48BUToL6H5x6792dnRCbL046rYCyRZbi bUjMcUjTWtv7g+UEoYOsMpmYQlTlf4krCbw2ixn6/4c2Ab76TRmrISU+tknoal+b KGXEJWhsEiueUD8xpjR84P0h3d6x+EHc2oyDk/k+aFZAcbjWFz/8aLjOSVc00V36 DqYKbMGO/22CNkWSLk9Dr6mitn6HmG151HNAvUvHlPMFQLrP9jpk13u1IHZsR7H4 4yykj4tm5+02775IFqfPLNZ4Ipk70WO50ndl3plh7G7187ckYsfl+oQu2c4oIveB sPfnEHqteGKw+GLOM9Xu4MVCAvy7FFGlgGIkZpULA7cLNyIayfmKuZTF7/UEh9Wy fL2UAypzJjCIgLFyoio4CHqLJ4vuUneyHyoJczS/Wd9kuL0kHrLEw771gLGjwslB Nk0900qPlxEWx47G6MadzSh+JexjT9KrSCgaACNWKJpzQMkcw6gwDSIGq9F/f0Ac Zl7XFbQ2KKm/Z8CWCTg5XdxI6zz0NCzlcYoepk7CfHgs0xZjWqu5AReLcQnffx2/ c5YKoOffkicokffWQju64kjE/VYpdAITHONa1r7hv73/bfYfUGg= =VJsI -----END PGP SIGNATURE----- Merge tag 'kvm-x86-fixes-7.1' of https://github.com/kvm-x86/linux into HEAD KVM x86 fixes for 7.1 Declare flexible arrays in uAPI structures using __DECLARE_FLEX_ARRAY() so that KVM's uAPI headers can be included in C++ projects. |
||
|
Linus Torvalds
|
e774d5f1bc |
RISC-V updates for v7.0-rc8
Before v7.0 is released, fix a few issues with the CFI patchset,
merged earlier in v7.0-rc, that primarily affect interfaces to
non-kernel code:
- Improve the prctl() interface for per-task indirect branch landing
pad control to expand abbreviations and to resemble the speculation
control prctl() interface
- Expand the "LP" and "SS" abbreviations in the ptrace uapi header
file to "branch landing pad" and "shadow stack", to improve
readability
- Fix a typo in a CFI-related macro name in the ptrace uapi header
file
- Ensure that the indirect branch tracking state and shadow stack
state are unlocked immediately after an exec() on the new task so
that libc subsequently can control it
- While working in this area, clean up the kernel-internal,
cross-architecture prctl() function names by expanding the
abbreviations mentioned above
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEElRDoIDdEz9/svf2Kx4+xDQu9KksFAmnYP5YACgkQx4+xDQu9
KkuoPQ//Yye5D+35EqfA12yP96Vrtg0QCKiqMotz3yLo0T7zh5KosAs/QIE5eQi7
vWRnCld5PsFa0ZS2822oPfQo8pKVO1y7M2ecFWSwaOWq865Xs82M/puqEQF3GFCS
219cg1dTVBGvvKSf4MINUBRprfZmZRT9pzhSk79qHEbHKzwCDk7uah51iUdyPJyd
KX3hshYMLq3rooTHR2wD/ChTpV+pCrt2rSUVbW8+sTUWDfv2sTLauHmemKw7LpdW
C0SulXvcYkGyiqsB5AXW9x2ttJ5hX9diPb73XS6eBCU0CaMl9BVZWNKeqhEMJxKR
wmqIadD8pelf7Jh7wGAbNW4hWqTsO3xRpZH38Y/cGLdhs3cqvKjEmT3fOFWUP9bP
hWv5027gVXVSOmvxhPiUJs7D5WWAz4Q64JZfdJSmDdEWVXcI0v/hzdukuPw4iiT6
DaqOyClTcwc+j1jawFTICXTF7wXfvZT5sjulrmPk1HX4nZ5padKpfQ77AdKHF9Q6
9pC25QHQk42h/R4ynA4lm15YnCOfYvjP25hU7K64gQnqO6qBrolfrA4kJOmdYv/g
1IXsA2YZafJbcXwyFZjWy50uu5gaCM5JhRRFdUrjmB6j3gv9HfBlWJXQywReUjPo
Kq4tnFppxzFVm23COj9j5kyjsFjUhZ8KCft3+n7lrndeOCk5Z3E=
=5/Ct
-----END PGP SIGNATURE-----
Merge tag 'riscv-for-linus-v7.0-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux
Pull RISC-V updates from Paul Walmsley:
"Before v7.0 is released, fix a few issues with the CFI patchset,
merged earlier in v7.0-rc, that primarily affect interfaces to
non-kernel code:
- Improve the prctl() interface for per-task indirect branch landing
pad control to expand abbreviations and to resemble the speculation
control prctl() interface
- Expand the "LP" and "SS" abbreviations in the ptrace uapi header
file to "branch landing pad" and "shadow stack", to improve
readability
- Fix a typo in a CFI-related macro name in the ptrace uapi header
file
- Ensure that the indirect branch tracking state and shadow stack
state are unlocked immediately after an exec() on the new task so
that libc subsequently can control it
- While working in this area, clean up the kernel-internal,
cross-architecture prctl() function names by expanding the
abbreviations mentioned above"
* tag 'riscv-for-linus-v7.0-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux:
prctl: cfi: change the branch landing pad prctl()s to be more descriptive
riscv: ptrace: cfi: expand "SS" references to "shadow stack" in uapi headers
prctl: rename branch landing pad implementation functions to be more explicit
riscv: ptrace: expand "LP" references to "branch landing pads" in uapi headers
riscv: cfi: clear CFI lock status in start_thread()
riscv: ptrace: cfi: fix "PRACE" typo in uapi header
|
||
|
Linus Torvalds
|
c43adb3613 |
drm fixes for 7.0 final
xe: - Fix HW engine idleness unit conversion i915: - Drop check for changed VM in EXECBUF - Fix refcount underflow race in intel_engine_park_heartbeat - Do not use pipe_src as borders for SU area in PSR vc4: - runtime pm reference fix - memory leak fixes - locking fix ethosu: - make ARM only -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEEKbZHaGwW9KfbeusDHTzWXnEhr4FAmnZbwYACgkQDHTzWXnE hr6peA/+J7OdSuUJYwNQ59chQWD3q2jVVjlGWfUyYtE2Z1iYyt4uAkvKtZ5PFQnH WdluAtUdg/bc15QbBMeoKEWOBniJyjAgs/4o/oFsQNZL87trxCoaiL/akWdv7QiV lx51a3R26WvhsDJDgBklMNvPydTDxM2jdqX4juwXjIE324/WyPTE1ytYQQkJAbAx zo82XDx1Ucog+N1XtO13ORwC0Qaug2AU5JPi1ZbjwyzLX/3fFmCb3SmcdLyGlwbY mCyoivvs4e0PgpE2RprrVpazW+yZE2n6pj1Xi3FwNHx/8VUmTzECbaw+2nasaONY t8tri/etOkNl6w4VvNXoZXZiCU577nMjMDd9KXBmI3daRvq8zUqbiBIcFY2TCtbV NyL52vgn01SVXejASrm/x3r/FIL3UETbu1qKpOrF8gUEoMtlFPKCNGRIZt+PWDT9 jGzug6d6XXKfhf/nOQr42TOXKbA3dO2I3QB0BosZJxwfwushEHqzw3rNCtRfahlx l++Upc//w9FkPO57UCtfcdymXA0NOiwsqTM2gS9r2dGt5cf6WJkR3tylUzZuwgqv WvpjjwHL3Zun4pBLL+ELpdfnGXVbGFD0vfown+hIrY0RDKVEgUPRfpmyMX1ZV3k7 6IugM3HSZmQZMdCeWKCMKL210E5Wo1AwPj+YrTFX/REYJeLlZCw= =jot2 -----END PGP SIGNATURE----- Merge tag 'drm-fixes-2026-04-11' of https://gitlab.freedesktop.org/drm/kernel Pull drm fixes from Dave Airlie: "Last set of fixes, a few vc4, and i915, one xe and one ethosu Kconfig fix. xe: - Fix HW engine idleness unit conversion i915: - Drop check for changed VM in EXECBUF - Fix refcount underflow race in intel_engine_park_heartbeat - Do not use pipe_src as borders for SU area in PSR vc4: - runtime pm reference fix - memory leak fixes - locking fix ethosu: - make ARM only" * tag 'drm-fixes-2026-04-11' of https://gitlab.freedesktop.org/drm/kernel: drm/i915/gem: Drop check for changed VM in EXECBUF drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat drm/xe: Fix bug in idledly unit conversion drm/i915/psr: Do not use pipe_src as borders for SU area accel: ethosu: Add hardware dependency hint drm/vc4: Protect madv read in vc4_gem_object_mmap() with madv_lock drm/vc4: Fix a memory leak in hang state error path drm/vc4: Fix memory leak of BO array in hang state drm/vc4: Release runtime PM reference after binding V3D |
||
|
Dave Airlie
|
b3be33f2c1 |
Merge tag 'drm-intel-fixes-2026-04-09' of https://gitlab.freedesktop.org/drm/i915/kernel into drm-fixes
- Drop check for changed VM in EXECBUF - Fix refcount underflow race in intel_engine_park_heartbeat - Do not use pipe_src as borders for SU area in PSR Signed-off-by: Dave Airlie <airlied@redhat.com> From: Joonas Lahtinen <joonas.lahtinen@linux.intel.com> Link: https://patch.msgid.link/add6fPHRC7Bc8Uri@jlahtine-mobl |
||
|
Thomas Gleixner
|
d6e152d905 |
clockevents: Prevent timer interrupt starvation
Calvin reported an odd NMI watchdog lockup which claims that the CPU locked
up in user space. He provided a reproducer, which sets up a timerfd based
timer and then rearms it in a loop with an absolute expiry time of 1ns.
As the expiry time is in the past, the timer ends up as the first expiring
timer in the per CPU hrtimer base and the clockevent device is programmed
with the minimum delta value. If the machine is fast enough, this ends up
in a endless loop of programming the delta value to the minimum value
defined by the clock event device, before the timer interrupt can fire,
which starves the interrupt and consequently triggers the lockup detector
because the hrtimer callback of the lockup mechanism is never invoked.
As a first step to prevent this, avoid reprogramming the clock event device
when:
- a forced minimum delta event is pending
- the new expiry delta is less then or equal to the minimum delta
Thanks to Calvin for providing the reproducer and to Borislav for testing
and providing data from his Zen5 machine.
The problem is not limited to Zen5, but depending on the underlying
clock event device (e.g. TSC deadline timer on Intel) and the CPU speed
not necessarily observable.
This change serves only as the last resort and further changes will be made
to prevent this scenario earlier in the call chain as far as possible.
[ tglx: Updated to restore the old behaviour vs. !force and delta <= 0 and
fixed up the tick-broadcast handlers as pointed out by Borislav ]
Fixes:
|
||
|
Linus Torvalds
|
7c6c4ed80b |
vfs-7.0-rc8.fixes
Please consider pulling these changes from the signed vfs-7.0-rc8.fixes tag. Thanks! Christian -----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQRAhzRXHqcMeLMyaSiRxhvAZXjcogUCadjZCgAKCRCRxhvAZXjc om/TAQDsAIxYiJ4hR7rNrKuyL+FP7kuN8WX9DmjU+45Pt/SZNwEA2pSH0y7osa2+ xRGkN0pPQTu6JIlx0rCXlY9PYnXCPQg= =RHx5 -----END PGP SIGNATURE----- Merge tag 'vfs-7.0-rc8.fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs Pull vfs fixes from Christian Brauner: "The kernfs rbtree is keyed by (hash, ns, name) where the hash is seeded with the raw namespace pointer via init_name_hash(ns). The resulting hash values are exposed to userspace through readdir seek positions, and the pointer-based ordering in kernfs_name_compare() is observable through entry order. Switch from raw pointers to ns_common::ns_id for both hashing and comparison. A preparatory commit first replaces all const void * namespace parameters with const struct ns_common * throughout kernfs, sysfs, and kobject so the code can access ns->ns_id. Also compare the ns_id when hashes match in the rbtree to handle crafted collisions. Also fix eventpoll RCU grace period issue and a cachefiles refcount problem" * tag 'vfs-7.0-rc8.fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs: kernfs: make directory seek namespace-aware kernfs: use namespace id instead of pointer for hashing and comparison kernfs: pass struct ns_common instead of const void * for namespace tags eventpoll: defer struct eventpoll free to RCU grace period cachefiles: fix incorrect dentry refcount in cachefiles_cull() |
||
|
Linus Torvalds
|
96463e4e02 |
Turbostat Fixes
Fix a memory allocation issue that could corrupt output values or SEGV Fix a perf initilization issue that could exit on some HW + kernels. Minor fixes. -----BEGIN PGP SIGNATURE----- iQJIBAABCgAyFiEE67dNfPFP+XUaA73mB9BFOha3NhcFAmnY/PkUHGxlbi5icm93 bkBpbnRlbC5jb20ACgkQB9BFOha3NhcTIA//QsbmJV7qddOe/kOhS7izRyVjuaLQ QIyIrSLSa5+49oT4uRhZxuzDm6N6zVykFf+yxK5E2TSf+JfvzfwjZJQEgUPqHtkt vietoJheI4voMgmDQk39oxQmYyxmXuD3TRgvY+EN+QEIuWFA3/J9YaOulQMICrRy TX3juoZ3mxUpO8LC6+t3Yd8Kl1JEl3cKj3LdX7cMIchLM2cSTlbVFGSP0y5f0mu/ m54+JLSeSCFyqfin8rkgLYar8+AIIrHVak57rQ3qKBUOfoJlMaJEgXC4/sKdEzAW zKld2cFfzzXd2LnShN9Su7L9VCF09POKpD7P9bk9rDcp/MfsOmlKRctRvnY4T7Bq si+AflAYzYtHlq0LQbw2tHsKLFnqIJziDzz+YHl9UxcK0X17Gkp32NSQOX7Djvdu g/HDMHudnyoq0dAObieQgevYAWYmfKTNeQpJk+d+27X9HTzNXCDe70D774+DhM73 ViDU5zPrFBc1Z9ScQmgbe4z2N3MvzWGkodJRseb1v44ClH+Z6sCG4RYxYpxj0Zyu 0rR5GBb6ymuDUAQYEVuk2/F05bgmp3oXhoaddC+bO115XGEfe9sR7PBk3p9LYSM5 KirznZsjE8qI8GUXdL4EztTtIUJ5sx9CWb5FqP6k7XovrPCoMhSsbbo0vUbLCK4C eh0+iPh3sAf0NZs= =xJLy -----END PGP SIGNATURE----- Merge tag 'turbostat-fixes-for-7.0' of git://git.kernel.org/pub/scm/linux/kernel/git/lenb/linux Pull turbostat fixes from Len Brown: - Fix a memory allocation issue that could corrupt output values or SEGV - Fix a perf initilization issue that could exit on some HW + kernels - Minor fixes * tag 'turbostat-fixes-for-7.0' of git://git.kernel.org/pub/scm/linux/kernel/git/lenb/linux: tools/power turbostat: Allow execution to continue after perf_l2_init() failure tools/power turbostat: Fix delimiter bug in print functions tools/power turbostat: Fix --show/--hide for individual cpuidle counters tools/power turbostat: Fix incorrect format variable tools/power turbostat: Consistently use print_float_value() tools/power/turbostat: Fix microcode patch level output for AMD/Hygon tools/power turbostat: Eliminate unnecessary data structure allocation tools/power turbostat: Fix swidle header vs data display tools/power turbostat: Fix illegal memory access when SMT is present and disabled |
||
|
Linus Torvalds
|
017102b40c |
gpio fixes for v7.0
- gracefully handle missing regmap in gpio-bd72720 - fix IRQ resource release in gpio-tegra - return -ENOMEM on devm_kzalloc() failure instead of -ENODEV in gpio-tegra -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEkeUTLeW1Rh17omX8BZ0uy/82hMMFAmnYsyQACgkQBZ0uy/82 hMO1zBAAtpp2oB08jEHByAwVR7D/6TF9zcHNXUteEaVI1ZO/hIiE3GVDJ5Omo9RH CvfKTnG0MXgFQx6UZUuo21sc25Cmw06NVC0NJ5mA9FA+MSP7o4ujkOn9cVtlbAY4 rWrtKopmyAfpqiJg07iYND6kY4lPYSNLHcxqS0lXUzCnmpzh+0MoPpTnhA6XfZn1 D5ruJ9PU6DVscAZ0SOr4G14Y9u62ZHzn5wWTgErMD6KN4sdQu1k8zTlYBb44UDwq w2VkBSEnLzYLjhXfOyoneQJrbAmfZy6TKykVfsZ6cffyvtJ5ROvgvrVRXJgym/zM T7fcruSadv13MXStpINkwixxQ1y4d9IGsDViwPTVL4a5vFqeD5XYyxrSX8z4u8rR StNauZgtW2zGC9wYRbeAqJAlyBu2uxV7ij1nDrcEdt2/9T2LW/5kssjI1XN1vos0 mDWVHN+0HFJvzEQrjjl9DTy/cCwILXPpYmHJ4U4MFlTcqHkvzIczVw/pTGdpoQgG QKNt6HjdrWyGoniVpXw0wH2Njbo/rMYic3NMBXMvZXU9Z/eRKfhqHIyxuN2q3GmL 1y1w3JLXy/mGqxic1yv3JfxbmfskQe1XP5wl8/6ovOOfB/VMheTimWiMe2Dnf0xM xWDzbTwwq5cQEG6y7RL+0RZi1o0bM7HU1I9+VRCjGVYZ5PjNJks= =7OtG -----END PGP SIGNATURE----- Merge tag 'gpio-fixes-for-v7.0' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux Pull gpio fixes from Bartosz Golaszewski: - gracefully handle missing regmap in gpio-bd72720 - fix IRQ resource release in gpio-tegra - return -ENOMEM on devm_kzalloc() failure instead of -ENODEV in gpio-tegra * tag 'gpio-fixes-for-v7.0' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux: gpio: tegra: return -ENOMEM on allocation failure in probe gpio: tegra: fix irq_release_resources calling enable instead of disable gpio: bd72720: handle missing regmap |
||
|
Linus Torvalds
|
77c3c619d2 |
Pin control fixes for the v7.0 series:
- Three fixes for the Intel pin control driver fixing the feature
set for the new silicon.
- One fix for an IRQ storm in the MCP23S08 pin controller/GPIO
expander.
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEElDRnuGcz/wPCXQWMQRCzN7AZXXMFAmnYob4ACgkQQRCzN7AZ
XXME3A//QZAEsAOPr/YJ9yHINKPySSvOR14TbK04nZECqYObY7jxR+clKJp/2r4A
ZdNAjIkoochI1mKloOnNvLsixpsFVpNW0aOhc0o/ynLIX/Syxur2gjHEytLUyr1D
At+6eZ4sOkRcjPIhDUdZ6I6jny8P8ELpgKuQ/VMXiOFvqpUZcciYJkZhaE9WRiuj
ymO9ALmepWDyqMn7cK/lhqNwAaBhYyKGRogeajYiM5txomkzpl1oiHt28ScA03ac
f2fN8DikRn5/QAETzWIuBHGZp3d96gMZVsoVo2rWtvCaUhK60kNE4ZtbXMAjkJZX
47KshfVjF/gucruhxIXYj3f6uET+uDIAbHsaP7Xxwf0MnGnihvrDh+FLptUB3MZA
fgaKbiF8oDkNAqO2AT+KfA/NUE7TYnUnH0M+k2EwT2YNl8hSuFmCq7mWSRsl/Rlw
W9AEmqGPqga2og4REOBEn3S02GUVonjGq72pfXzQgdvpBuDPlrB35wz6t/4Mo6qZ
wkbOCS4M3ACOyMxQu7SPtTAqTegHms8gzQguYHtem9RM9UlLo2RzGrOrSzVN9mEC
fK2/jZUzNCphUVXnfbZTfVacRVvBLDnAfNTYLppkcLFBNMCxm3X8NG1/BwmKVZbj
cK9NJPhGulKjEcTYPegRSMlF7CRL0Kq7ATjTLSFuo/UbUAM9PiI=
=WxTb
-----END PGP SIGNATURE-----
Merge tag 'pinctrl-v7.0-4' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl
Pull pin control fixes from Linus Walleij:
"Some late pin control fixes. I'm not happy to have bugs so late in the
kernel cycle, but they are all driver specifics so I guess it's how it
is.
- Three fixes for the Intel pin control driver fixing the feature set
for the new silicon
- One fix for an IRQ storm in the MCP23S08 pin controller/GPIO
expander"
* tag 'pinctrl-v7.0-4' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl:
pinctrl: mcp23s08: Disable all pin interrupts during probe
pinctrl: intel: Enable 3-bit PAD_OWN feature
pinctrl: intel: Fix the revision for new features (1kOhm PD, HW debouncer)
pinctrl: intel: Improve capability support
|
||
|
David Arcari
|
ba893caead |
tools/power turbostat: Allow execution to continue after perf_l2_init() failure
Currently, if perf_l2_init() fails turbostat exits after issuing the following error (which was encountered on AlderLake): turbostat: perf_l2_init(cpu0, 0x0, 0xff24) REFS: Invalid argument This occurs because perf_l2_init() calls err(). However, the code has been written in such a manner that it is able to perform cleanup and continue. Therefore, this issue can be addressed by changing the appropriate calls to err() to warnx(). Additionally, correct the PMU type arguments passed to the warning strings in the ecore and lcore blocks so the logs accurately reflect the failing counter type. Signed-off-by: David Arcari <darcari@redhat.com> Signed-off-by: Len Brown <len.brown@intel.com> |
||
|
Samasth Norway Ananda
|
57df6923ca |
gpio: tegra: return -ENOMEM on allocation failure in probe
devm_kzalloc() failure in tegra_gpio_probe() returns -ENODEV, which indicates "no such device". The correct error code for a memory allocation failure is -ENOMEM. Signed-off-by: Samasth Norway Ananda <samasth.norway.ananda@oracle.com> Link: https://patch.msgid.link/20260409185853.2163034-1-samasth.norway.ananda@oracle.com Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@oss.qualcomm.com> |
||
|
Dave Airlie
|
93be8c74b6 |
Several fixes for v3d about memory leak, runtime PM, and locking, and a
Kconfig improvement for ethosu. -----BEGIN PGP SIGNATURE----- iJUEABMJAB0WIQTkHFbLp4ejekA/qfgnX84Zoj2+dgUCaddf9AAKCRAnX84Zoj2+ dvihAYCtQsSwH6VCpDf9bknrlqXpiUu+JlU2tSrK5plyTioCfFmdE1EhZmy7RJRo EAFpb4ABf16BBat7a3SJ/8KYeNtoYggURn4JvNKKPMF1lSYa9PNmKQsJsfMGmHt5 IIKRgFYQXw== =/nuD -----END PGP SIGNATURE----- Merge tag 'drm-misc-fixes-2026-04-09' of https://gitlab.freedesktop.org/drm/misc/kernel into drm-fixes Several fixes for v3d about memory leak, runtime PM, and locking, and a Kconfig improvement for ethosu. Signed-off-by: Dave Airlie <airlied@redhat.com> From: Maxime Ripard <mripard@redhat.com> Link: https://patch.msgid.link/20260409-omniscient-tomato-coucal-edbadc@penduick |
||
|
Linus Torvalds
|
9a9c8ce300 |
Fourth round of Kbuild fixes for 7.0
- Make modules-cpio-pkg respect INSTALL_MOD_PATH so that it can be used with distribution initramfs files that have a merged /usr, such as Fedora. - Silence an instance of -Wunused-but-set-global, a strengthening of -Wunused-but-set-variable in tip of tree Clang, in modpost, as the variable for extra warnings is currently unused. Signed-off-by: Nathan Chancellor <nathan@kernel.org> -----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQR74yXHMTGczQHYypIdayaRccAalgUCadgzeAAKCRAdayaRccAa lgwUAP9DR/KRuVYPGl32xPNpNGgZm/k1TFZhISk9iVzQctDoIQD/ZMfWz/6tAWcj K1L0xTi8tzAhV16YOa/uYtr1bWEDrAI= =ejUS -----END PGP SIGNATURE----- Merge tag 'kbuild-fixes-7.0-4' of git://git.kernel.org/pub/scm/linux/kernel/git/kbuild/linux Pull Kbuild fixes from Nathan Chancellor: - Make modules-cpio-pkg respect INSTALL_MOD_PATH so that it can be used with distribution initramfs files that have a merged /usr, such as Fedora - Silence an instance of -Wunused-but-set-global, a strengthening of -Wunused-but-set-variable in tip of tree Clang, in modpost, as the variable for extra warnings is currently unused * tag 'kbuild-fixes-7.0-4' of git://git.kernel.org/pub/scm/linux/kernel/git/kbuild/linux: modpost: Declare extra_warn with unused attribute kbuild: modules-cpio-pkg: Respect INSTALL_MOD_PATH |
||
|
Linus Torvalds
|
b42ed3bb88 |
EFI fix for v7.0 #4
Fix an incorrect preprocessor conditional that may result in duplicate instances of sysfb_primary_display on x86. -----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQQQm/3uucuRGn1Dmh0wbglWLn0tXAUCadZiLQAKCRAwbglWLn0t XKBoAQD8WHlhikRyQ/8ZdshOHGkRTgRISXlPTjf7g/uuR7t4TQEA9Zt1AFUMD2+d UGtN5hGMEcLUGNn1vKNX86YpWMShuAs= =djeh -----END PGP SIGNATURE----- Merge tag 'efi-fixes-for-v7.0-4' of git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi Pull EFI fix from Ard Biesheuvel: "Fix an incorrect preprocessor conditional that may result in duplicate instances of sysfb_primary_display on x86" * tag 'efi-fixes-for-v7.0-4' of git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi: firmware: efi: Never declare sysfb_primary_display on x86 |
||
|
Linus Torvalds
|
bb2ea74eeb |
sound fixes for 7.0
Still a bit higher amount than wished, but nothing looks really scary, and all changes are about nice and smooth device-specific fixes. - HD-audio quirks, one revert for a regression and another oneliner - AMD ACP quirks - Fixes for SDCA interrupt handling - A few Intel SOF, avs and NVL fixes - Fixes for TAS2552 DT, NAU8325, and STM32 -----BEGIN PGP SIGNATURE----- iQJCBAABCAAsFiEEIXTw5fNLNI7mMiVaLtJE4w1nLE8FAmnXw6IOHHRpd2FpQHN1 c2UuZGUACgkQLtJE4w1nLE8wXRAAwvJic7rPrAGoUaCqEFt7f/ytXVh96plCggzW 0GFxqm3gKd0/1d8ebGqyKEdHqiDVv4qoTZKNtgCk0puMNj4GuBPU1Qiu2yIJkL1b /tziS4nLzTtHgpwfOgb2UEStX0BuY1igeowRg2H2v4c6e/CeMpfz77sUNepUlHj6 a3eSSguDp0VMAwoulnOcblSnHiY+m8ddkSFV/S0tB7dojiIox+fbrpj8ynN8pU1A 9fW3gF9cOVKoqR3I5jIXy2l1LdALS9c7HlksAhBc5zK3NQnZv3kEjzx9ddsHW3O+ 8Ygjl94xp4njuQqM+raE1CgMKzqaGAN+kqCmbMNK1ADCdTH2CB+TsfIP4KeD6/5K 990NIQsdkd6GlMQv3N7WabxPBMmK815GBpqm72R7CUTMt1zT7xVr5RXACTZG4VEv lSDLN7W3kYo37Tlda3Zc187sTvIS+YIuf4fWsgREVX+hI304C+GY+dW3F2LVVxd+ FmUe7PKzVM8M9KK3WCdMte4w7toq0gdVPFL7v23wA91a01sj9UScNZgCHk9puwAm v+Ms9BzNhnUPbr+JiFrCQcB01n3cZiFexk6DH1393dfVV86+q29VAC90IbLy1sJL ClM/LMy6n1rG+T0OC8NyVnfrzztoLInq5NZ98ZmaLjA67sC5M0+tdujMlwrrCZ5B mUnMZWk= =h9zn -----END PGP SIGNATURE----- Merge tag 'sound-7.0' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound Pull sound fixes from Takashi Iwai: "Still a bit higher amount than wished, but nothing looks really scary, and all changes are about nice and smooth device-specific fixes. - HD-audio quirks, one revert for a regression and another oneliner - AMD ACP quirks - Fixes for SDCA interrupt handling - A few Intel SOF, avs and NVL fixes - Fixes for TAS2552 DT, NAU8325, and STM32" * tag 'sound-7.0' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound: ASoC: amd: acp: update DMI quirk and add ACP DMIC for Lenovo platforms ASoC: SDCA: Unregister IRQ handlers on module remove ASoC: SDCA: mask Function_Status value ASoC: SDCA: Fix overwritten var within for loop ASoC: stm32_sai: fix incorrect BCLK polarity for DSP_A/B, LEFT_J ASoC: SOF: Intel: hda: modify period size constraints for ACE4 ALSA: hda/intel: enforce stricter period-size alignment for Intel NVL ASoC: nau8325: Add software reset during probe Revert "ALSA: hda/realtek: Add quirk for Gigabyte Technology to fix headphone" ASoC: Intel: avs: Fix memory leak in avs_register_i2s_test_boards() ASoC: SOF: Intel: fix iteration in is_endpoint_present() ASoC: SOF: Intel: Fix endpoint index if endpoints are missing ASoC: SDCA: Fix errors in IRQ cleanup ASoC: amd: acp: add Lenovo P16s G5 AMD quirk for legacy SDW machine ASoC: dt-bindings: ti,tas2552: Add sound-dai-cells ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14IAH10 |
||
|
Linus Torvalds
|
4e1538b1f1 |
MMC host:
- vub300: Fix use-after-free and NULL-deref on disconnect -----BEGIN PGP SIGNATURE----- iQJLBAABCgA1FiEEugLDXPmKSktSkQsV/iaEJXNYjCkFAmnXw0wXHHVsZi5oYW5z c29uQGxpbmFyby5vcmcACgkQ/iaEJXNYjCnuCA//enyP0ulyaQPHJtPDqJl7DesS njpCIQDyCHj9vE8XYUJi4KqxsIHi7H4S4aDe8h0uFv2YTZSIB6hXgU4/FHNTJB2G SQmvwFYq76wj90ubj9C5qssa8yPw01VVCDV6Y5nAueSWPQLwlPX8ZbLhi3mXihM+ A6V0aqN8hExB92wkMH10+nDS2ueW41MIYe+P23t98oWP6T+rRkjpwdXM/P9etA3q y5RE+2YwM0XJRk5pBFF01qhLnOHW4V4+9z4d1nRd7ng2svK89NMMNMYXo6BhN13T bTNFYR3SsxQI8n278ciSEfR3OaBBIMg+8odh7NJamGsPWHiela0ZdaZ+TLJNKCpe UY/tfkzhe70opRCDGzMXFyQxZc5FFOFfe9we7gnIA1KFHUm0aig+UCi4GUjCZ4oJ AaNcDMa3m9yPRyYCOnlrr5dM1rFXBXLJlmFj9d8Vt/ritHMYDahlHkkZyH2mKjZY 7/t070rYsAd8puIFSJyFKHojqy8GyArpIHOQaVoVP8GDXidqH/d6EHRDvx/meS36 T4ezujQQISD3Q0ndXcmh2nThrLEmEAvyS6Vi/O31JEfI+epCvbLuaoKg7XhLuemf 8RIA+ZZqZyzepM6lpT5tLs7ohzUW3ioYfXxCCgK7fIMhYgf1EtPEzfs+18HVAaJB ZHuHwpqICDjfEKczRng= =xsKQ -----END PGP SIGNATURE----- Merge tag 'mmc-v7.0-rc1-3' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc Pull MMC fixes from Ulf Hansson: - vub300: Fix use-after-free and NULL-deref on disconnect * tag 'mmc-v7.0-rc1-3' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc: mmc: vub300: fix use-after-free on disconnect mmc: vub300: fix NULL-deref on disconnect |
||
|
Linus Torvalds
|
d58305b2db |
pmdomain providers:
- imx: Prevent hang at power down for imx8mp-blk-ctrl firmware: - thead: Fix buffer overflow for TH1520 AON driver MAINTAINERS, mailmap: - Change Ulf Hansson's email -----BEGIN PGP SIGNATURE----- iQJLBAABCgA1FiEEugLDXPmKSktSkQsV/iaEJXNYjCkFAmnWKzsXHHVsZi5oYW5z c29uQGxpbmFyby5vcmcACgkQ/iaEJXNYjClhgRAAm+BLKRpRlsYGJ6/C9XCSxs29 ISIooRQdXMD6Lwf94dBYc2K1jn8xIBb3F/QJLZGyMmldug8bjvOEW33XMaXLnLIe +Mga6HTq5Hpg5gizv9+2Lo1EtOFBhhorTfnTY1Dc/lQ5dew1WLdP5Y3qSikT3xe9 ixKvp2Ne38VdSs7vvYULtgW7fJub4h0+Vwx1VJbdlTWNEafMnEDE5Euqktwghvgo 0GHL5OVzwBWGm3nV7chnY+Xn6bYdMjEtFT7ijnxAF9cmqU/R2OtvNgpn4b9Gs989 XqkeEo5hu7bg+R8UFnbuIc72tqc6ZXunvQReo7xeqrGob0sT29zrmKFFfwij7tLu 8i6gb7dHw0lcrsAQMUPaApcIOnf2Owf5d6g2cV7v2V1x5JEcCcEs1bkZ6TiAhYXe SS5aRFtYV8Za1L1eivYmZFT/mCZkolgQR1zYsIHc/XXEMkHy1mIY2wm31hAwuiUx dOv23FAARKvnD7W/OtW4gmST6254+PyipmJ+7gjmgvN7CfkhZaI46zqXXIUSlqqd FFsKYucB7YjPazvCtiJvb4D+N3Lo0DwdOS4Zd3EkhGy7gPQsuNgAnqyuJkgZ+dwG dldvQOV+Hv0TXS/OqwemRam4afmVNS/3+yyJGhhGjO2zBtSdprYYL/81tJ5/Tqgg 70VwM8GDKwi1dr7FKL0= =FVg1 -----END PGP SIGNATURE----- Merge tag 'pmdomain-v7.0-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/linux-pm Pull pmdomain fixes from Ulf Hansson: - imx: Prevent hang at power down for imx8mp-blk-ctrl - thead: Fix buffer overflow for TH1520 AON driver - Change Ulf Hansson's email * tag 'pmdomain-v7.0-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/linux-pm: MAINTAINERS, mailmap: Change Ulf Hansson's email pmdomain: imx8mp-blk-ctrl: Keep the NOC_HDCP clock enabled firmware: thead: Fix buffer overflow and use standard endian macros |
||
|
Linus Torvalds
|
3ffcd57823 |
last dma-mapping fix for Linux 7.0
A fix for DMA-mapping subsystem, which hides annoying, false-positive warnings from DMA-API debug on coherent platforms like x86_64 (Mikhail Gavrilov). -----BEGIN PGP SIGNATURE----- iHUEABYIAB0WIQSrngzkoBtlA8uaaJ+Jp1EFxbsSRAUCadfSDQAKCRCJp1EFxbsS RPtKAQCzfZRx2zC6ACG5opRZqqsUAah5lko9ROJZ1CK2yrfvAwEA7tGeQ8YgSUxT Xu5BHh7Ff/jk0ph001/6j7OSBZtuKAY= =xdCr -----END PGP SIGNATURE----- Merge tag 'dma-mapping-7.0-2026-04-09' of git://git.kernel.org/pub/scm/linux/kernel/git/mszyprowski/linux Pull dma-mapping fix from Marek Szyprowski: "A fix for DMA-mapping subsystem, which hides annoying, false-positive warnings from DMA-API debug on coherent platforms like x86_64 (Mikhail Gavrilov)" * tag 'dma-mapping-7.0-2026-04-09' of git://git.kernel.org/pub/scm/linux/kernel/git/mszyprowski/linux: dma-debug: suppress cacheline overlap warning when arch has no DMA alignment requirement |
||
|
Linus Torvalds
|
a55f7f5f29 |
Including fixes from netfilter, IPsec and wireless. This is again
considerably bigger than the old average. No known outstanding
regressions.
Current release - regressions:
- net: increase IP_TUNNEL_RECURSION_LIMIT to 5
- eth: ice: fix PTP timestamping broken by SyncE code on E825C
Current release - new code bugs:
- eth: stmmac: dwmac-motorcomm: fix eFUSE MAC address read failure
Previous releases - regressions:
- core: fix cross-cache free of KFENCE-allocated skb head
- sched: act_csum: validate nested VLAN headers
- rxrpc: fix call removal to use RCU safe deletion
- xfrm:
- wait for RCU readers during policy netns exit
- fix refcount leak in xfrm_migrate_policy_find
- wifi: rt2x00usb: fix devres lifetime
- mptcp: fix slab-use-after-free in __inet_lookup_established
- ipvs: fix NULL deref in ip_vs_add_service error path
- eth: airoha: fix memory leak in airoha_qdma_rx_process()
- eth: lan966x: fix use-after-free and leak in lan966x_fdma_reload()
Previous releases - always broken:
- ipv6: ioam: fix potential NULL dereferences in __ioam6_fill_trace_data()
- ipv4: nexthop: avoid duplicate NHA_HW_STATS_ENABLE on nexthop group dump
- bridge: guard local VLAN-0 FDB helpers against NULL vlan group
- xsk: tailroom reservation and MTU validation
- rxrpc:
- fix to request an ack if window is limited
- fix RESPONSE authenticator parser OOB read
- netfilter: nft_ct: fix use-after-free in timeout object destroy
- batman-adv: hold claim backbone gateways by reference
- eth: stmmac: fix PTP ref clock for Tegra234
- eth: idpf: fix PREEMPT_RT raw/bh spinlock nesting for async VC handling
- eth: ipa: fix GENERIC_CMD register field masks for IPA v5.0+
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
-----BEGIN PGP SIGNATURE-----
iQJGBAABCgAwFiEEg1AjqC77wbdLX2LbKSR5jcyPE6QFAmnXtnsSHHBhYmVuaUBy
ZWRoYXQuY29tAAoJECkkeY3MjxOkZeYQAKfZCL4rCkeO7VuoZn8lMN4YrBqVphuU
MFpLKnvU8muDamBSmXGwpsdryrzQdUtEl0C7E/YyKO8TKpmFkjQRKe/Ay5XSsmJi
fqjQiZIC9TKgVbJJbQZ4yZqOO2EZXHMRx8awnDjIwIrSLTyJtD29XaJqvmm+rojw
uAVECbXpVOWdRVyIgHf0N3y99ItvwQycv6npjXWGHDryGVH1uXz4CiWFgltFd827
MgNx5gZ7wn6ls1B4E1EsIXZeCnVOoNMUBX+CtkSl7ctZD/nvqLZ0PqGEViqGZ+w7
kEK9jWWvsmST3j0wG4IldbnQJORZrDXR5lAmvOJILxUDD4jG4zaqHPYs4ELS5sHK
E1QOs6uNBNvu40neGe7zcH4DpQzv5/W5yj0ELPBZJhV/5madjEpETOh6yO7EJRBl
sdd32LD0z8wFt8yJGEbXM7YC4A8tzNagWF0wKpRqbiKFlWHdJffwqcmEe6+2CiXx
rg0q2DAfvTesmzdMgGuk4ZOeczfZ9JbxPYA0IYrUegYmbI6tAuCK5slaKGOwoyml
hX2lXNBxaVmTk7F9Qq6I9Ona78XqO0Tg0UBzC2dIsQITvkue7ItJBpkurOwYSOGt
a8SAVV0JwXSfPquKlOfLhagPZcuQuTQfIqRKVqM47KPPO/i99okRXQbfJGrpHJKM
8bzRl6654nAs
=uzl/
-----END PGP SIGNATURE-----
Merge tag 'net-7.0-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
Pull networking fixes from Paolo Abeni:
"Including fixes from netfilter, IPsec and wireless. This is again
considerably bigger than the old average. No known outstanding
regressions.
Current release - regressions:
- net: increase IP_TUNNEL_RECURSION_LIMIT to 5
- eth: ice: fix PTP timestamping broken by SyncE code on E825C
Current release - new code bugs:
- eth: stmmac: dwmac-motorcomm: fix eFUSE MAC address read failure
Previous releases - regressions:
- core: fix cross-cache free of KFENCE-allocated skb head
- sched: act_csum: validate nested VLAN headers
- rxrpc: fix call removal to use RCU safe deletion
- xfrm:
- wait for RCU readers during policy netns exit
- fix refcount leak in xfrm_migrate_policy_find
- wifi: rt2x00usb: fix devres lifetime
- mptcp: fix slab-use-after-free in __inet_lookup_established
- ipvs: fix NULL deref in ip_vs_add_service error path
- eth:
- airoha: fix memory leak in airoha_qdma_rx_process()
- lan966x: fix use-after-free and leak in lan966x_fdma_reload()
Previous releases - always broken:
- ipv6: ioam: fix potential NULL dereferences in __ioam6_fill_trace_data()
- ipv4: nexthop: avoid duplicate NHA_HW_STATS_ENABLE on nexthop group
dump
- bridge: guard local VLAN-0 FDB helpers against NULL vlan group
- xsk: tailroom reservation and MTU validation
- rxrpc:
- fix to request an ack if window is limited
- fix RESPONSE authenticator parser OOB read
- netfilter: nft_ct: fix use-after-free in timeout object destroy
- batman-adv: hold claim backbone gateways by reference
- eth:
- stmmac: fix PTP ref clock for Tegra234
- idpf: fix PREEMPT_RT raw/bh spinlock nesting for async VC handling
- ipa: fix GENERIC_CMD register field masks for IPA v5.0+"
* tag 'net-7.0-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (104 commits)
net: lan966x: fix use-after-free and leak in lan966x_fdma_reload()
net: lan966x: fix page pool leak in error paths
net: lan966x: fix page_pool error handling in lan966x_fdma_rx_alloc_page_pool()
nfc: pn533: allocate rx skb before consuming bytes
l2tp: Drop large packets with UDP encap
net: ipa: fix event ring index not programmed for IPA v5.0+
net: ipa: fix GENERIC_CMD register field masks for IPA v5.0+
MAINTAINERS: Add Prashanth as additional maintainer for amd-xgbe driver
devlink: Fix incorrect skb socket family dumping
af_unix: read UNIX_DIAG_VFS data under unix_state_lock
Revert "mptcp: add needs_id for netlink appending addr"
mptcp: fix slab-use-after-free in __inet_lookup_established
net: txgbe: leave space for null terminators on property_entry
net: ioam6: fix OOB and missing lock
rxrpc: proc: size address buffers for %pISpc output
rxrpc: only handle RESPONSE during service challenge
rxrpc: Fix buffer overread in rxgk_do_verify_authenticator()
rxrpc: Fix leak of rxgk context in rxgk_verify_response()
rxrpc: Fix integer overflow in rxgk_verify_response()
rxrpc: Fix missing error checks for rxkad encryption/decryption failure
...
|
||
|
Linus Torvalds
|
8b02520ec5 |
IOMMU Fix for Linux v7.0-rc7
- Fix regression introduced by the empty MMU gather fix in -rc7, where the ->iotlb_sync() callback can be elided incorrectly, resulting in boot failures (hangs), crashes and potential memory corruption. -----BEGIN PGP SIGNATURE----- iQFEBAABCgAuFiEEPxTL6PPUbjXGY88ct6xw3ITBYzQFAmnXoB0QHHdpbGxAa2Vy bmVsLm9yZwAKCRC3rHDchMFjNEYPB/9PODAbRMPNDY71T4WgY4lQigu/EtZmYJLF xce6+BZOcfwWooQp74VlyB35C3NjtYGD/k+UenmSHtYIR65TOPzXoCtDRAt2XEN5 OxlA3vaCcx4EegG7RDUlzWk3w2WpjKwE7Q1GHZ3fWEb7Avz8sCNVZ1ofpVLTtGOw P+JEjrp0AsryfcxNmtnMPscHXnJURlx366UqbiElBAeYtWonVJ5o0shOynn8W4cN phy1b/GWsD7506n2LRuCBdEitf2x8TlSsfojVqhdvrJNS8ca9K7RE3omm9sg3QG4 rC3X29W5B1iyMH0GaPAr9RzCpOz49LVHgS3iNROflNTLAgtHHXqq =5vWz -----END PGP SIGNATURE----- Merge tag 'iommu-fixes-v7.0-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/iommu/linux Pull IOMMU fix from Will Deacon: - Fix regression introduced by the empty MMU gather fix in -rc7, where the ->iotlb_sync() callback can be elided incorrectly, resulting in boot failures (hangs), crashes and potential memory corruption. * tag 'iommu-fixes-v7.0-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/iommu/linux: iommu: Ensure .iotlb_sync is called correctly |
||
|
Linus Torvalds
|
acfa7a3544 |
platform-drivers-x86 for v7.0-4
New HW Support and Fixes: - amd/pmc: Add Thinkpad L14 Gen3 to quirk_s2idle_bug - asus-armoury: Add support for FA607NU, GU605MU, and GV302XU. - intel-uncore-freq: Handle autonomous UFS status bit - ISST: Handle cases with less than max buckets correctly - intel-uncore-freq & ISST: Mark minor version 3 supported (no additional driver changes required) The following is an automated shortlog grouped by driver: amd: pmc: - Add Thinkpad L14 Gen3 to quirk_s2idle_bug asus-armoury: - add support for FA607NU - add support for GU605MU - add support for GV302XU intel-uncore-freq: - Handle autonomous UFS status bit - Increase minor version ISST: - Increase minor version - Reset core count to 0 -----BEGIN PGP SIGNATURE----- iHUEABYIAB0WIQSCSUwRdwTNL2MhaBlZrE9hU+XOMQUCadeRLQAKCRBZrE9hU+XO MUZcAP4zQhma28s27tvEW1vgiwXN+DkasYw2ujLpvbYuRIGAawEAnPnAlQD27btE mN1VbuaQ0NTXpfURaHFW9M8n4u56hAE= =KAhE -----END PGP SIGNATURE----- Merge tag 'platform-drivers-x86-v7.0-4' of git://git.kernel.org/pub/scm/linux/kernel/git/pdx86/platform-drivers-x86 Pull x86 platform drivers fixes from Ilpo Järvinen: - amd/pmc: Add Thinkpad L14 Gen3 to quirk_s2idle_bug - asus-armoury: Add support for FA607NU, GU605MU, and GV302XU. - intel-uncore-freq: Handle autonomous UFS status bit - ISST: Handle cases with less than max buckets correctly - intel-uncore-freq & ISST: Mark minor version 3 supported (no additional driver changes required) * tag 'platform-drivers-x86-v7.0-4' of git://git.kernel.org/pub/scm/linux/kernel/git/pdx86/platform-drivers-x86: platform/x86: asus-armoury: add support for GU605MU platform/x86: asus-armoury: add support for FA607NU platform/x86: asus-armoury: add support for GV302XU platform/x86/amd: pmc: Add Thinkpad L14 Gen3 to quirk_s2idle_bug platform/x86/intel-uncore-freq: Increase minor version platform/x86: ISST: Increase minor version platform/x86/intel-uncore-freq: Handle autonomous UFS status bit platform/x86: ISST: Reset core count to 0 |
||
|
Paolo Abeni
|
b4afe3fa76 |
Merge branch 'net-lan966x-fix-page_pool-error-handling-and-error-paths'
David Carlier says:
====================
net: lan966x: fix page_pool error handling and error paths
This series fixes error handling around the lan966x page pool:
1/3 adds the missing IS_ERR check after page_pool_create(), preventing
a kernel oops when the error pointer flows into
xdp_rxq_info_reg_mem_model().
2/3 plugs page pool leaks in the lan966x_fdma_rx_alloc() and
lan966x_fdma_init() error paths, now reachable after 1/3.
3/3 fixes a use-after-free and page pool leak in the
lan966x_fdma_reload() restore path, where the hardware could
resume DMA into pages already returned to the page pool.
====================
Link: https://patch.msgid.link/20260405055241.35767-1-devnexen@gmail.com
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
|
||
|
David Carlier
|
59c3d55a94 |
net: lan966x: fix use-after-free and leak in lan966x_fdma_reload()
When lan966x_fdma_reload() fails to allocate new RX buffers, the restore
path restarts DMA using old descriptors whose pages were already freed
via lan966x_fdma_rx_free_pages(). Since page_pool_put_full_page() can
release pages back to the buddy allocator, the hardware may DMA into
memory now owned by other kernel subsystems.
Additionally, on the restore path, the newly created page pool (if
allocation partially succeeded) is overwritten without being destroyed,
leaking it.
Fix both issues by deferring the release of old pages until after the
new allocation succeeds. Save the old page array before the allocation
so old pages can be freed on the success path. On the failure path, the
old descriptors, pages and page pool are all still valid, making the
restore safe. Also ensure the restore path re-enables NAPI and wakes
the netdev, matching the success path.
Fixes:
|
||
|
David Carlier
|
076344a6ad |
net: lan966x: fix page pool leak in error paths
lan966x_fdma_rx_alloc() creates a page pool but does not destroy it if
the subsequent fdma_alloc_coherent() call fails, leaking the pool.
Similarly, lan966x_fdma_init() frees the coherent DMA memory when
lan966x_fdma_tx_alloc() fails but does not destroy the page pool that
was successfully created by lan966x_fdma_rx_alloc(), leaking it.
Add the missing page_pool_destroy() calls in both error paths.
Fixes:
|
||
|
David Carlier
|
3fd0da4fd8 |
net: lan966x: fix page_pool error handling in lan966x_fdma_rx_alloc_page_pool()
page_pool_create() can return an ERR_PTR on failure. The return value
is used unconditionally in the loop that follows, passing the error
pointer through xdp_rxq_info_reg_mem_model() into page_pool_use_xdp_mem(),
which dereferences it, causing a kernel oops.
Add an IS_ERR check after page_pool_create() to return early on failure.
Fixes:
|
||
|
Christian Brauner
|
cb76a81c7c |
kernfs: make directory seek namespace-aware
The rbtree backing kernfs directories is ordered by (hash, ns_id, name) but kernfs_dir_pos() only searches by hash when seeking to a position during readdir. When two nodes from different namespaces share the same hash value, the binary search can land on a node in the wrong namespace. The subsequent skip-forward loop walks rb_next() and may overshoot the correct node, silently dropping an entry from the readdir results. With the recent switch from raw namespace pointers to public namespace ids as hash seeds, computing hash collisions became an offline operation. An unprivileged user could unshare into a new network namespace, create a single interface whose name-hash collides with a target entry in init_net, and cause a victim's seekdir/readdir on /sys/class/net to miss that entry. Fix this by extending the rbtree search in kernfs_dir_pos() to also compare namespace ids when hashes match. Since the rbtree is already ordered by (hash, ns_id, name), this makes the seek land directly in the correct namespace's range, eliminating the wrong-namespace overshoot. Signed-off-by: Christian Brauner <brauner@kernel.org> |
||
|
Christian Brauner
|
1fe989e1c4 |
kernfs: use namespace id instead of pointer for hashing and comparison
kernfs uses the namespace tag as both a hash seed (via init_name_hash()) and a comparison key in the rbtree. The resulting hash values are exposed to userspace through directory seek positions (ctx->pos), and the raw pointer comparisons in kernfs_name_compare() encode kernel pointer ordering into the rbtree layout. This constitutes a KASLR information leak since the hash and ordering derived from kernel pointers can be observed from userspace. Fix this by using the 64-bit namespace id (ns_common::ns_id) instead of the raw pointer value for both hashing and comparison. The namespace id is a stable, non-secret identifier that is already exposed to userspace through other interfaces (e.g., /proc/pid/ns/, ioctl NS_GET_NSID). Introduce kernfs_ns_id() as a helper that extracts the namespace id from a potentially-NULL ns_common pointer, returning 0 for the no-namespace case. All namespace equality checks in the directory iteration and dentry revalidation paths are also switched from pointer comparison to ns_id comparison for consistency. Signed-off-by: Christian Brauner <brauner@kernel.org> |