-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmGnMAIACgkQONu9yGCS
aT6DvhAAnicmgFqzIcVpZmh+zd1VQFVQmFnlJTdfanz48k9JzkciCIjsSmnMvDZG
oPA2xIZf1oXMkxRLO+PYrUP0Y2G5XT5ADh4qAdkxTD2QtNduq5G5iH6UdZzgyey7
awhWpi/U2aE2imwbV95c1ZfSG7nNMf/XWG36uGAqUKBGQZLeoAvWy3jHqcFoIL0+
UfbAu8TN06dTizQ7IiJzM/CrqlxSRA5EnF4D58n7Hf0etVR7BdFBCGSgefnR8Dog
/zYGw2Jb0WczN6Qzws/WZm4zIC83NBYRdeaqKTIMF+0E5SrlCk1nE8Nc/WHzGazK
Co8k4zm84DY5mpkCxTqGIgZ12Whho+kB8McAKeJ3Yzvq8qjKscPt+8nVLjyj/h8Q
SNt1hTeHwTu5TGNMyNEWBjdnvuKv2XeyArpbPUsAofBdiMy8g/pkPiCOE9hoRV3N
hPMrAw6jfZC6etie30ngsepE/3r0H0/n/U3Sh5mf12gY02zBQkMlJcMi86FNnxgk
wcKgwYJca2elr3y2jSvOzs8k0OhTvaqEo0QnObR3ivooEiEbD9q2mTYidHgETM0V
x/5Aqb+09suyER6vL4G1i0agbO6sn2AAepGTRLGTDAbHHFP9aG1VbIZwoORZ1fII
VPGOq7/l0xYlIA/o0NUemcxPpGTvEkeKba7MVTbzxWcTdcF67g0=
=J7jt
-----END PGP SIGNATURE-----
Merge 5.10.83 into android-5.10
Changes in 5.10.83
bpf: Fix toctou on read-only map's constant scalar tracking
ACPI: Get acpi_device's parent from the parent field
USB: serial: option: add Telit LE910S1 0x9200 composition
USB: serial: option: add Fibocom FM101-GL variants
usb: dwc2: gadget: Fix ISOC flow for elapsed frames
usb: dwc2: hcd_queue: Fix use of floating point literal
usb: dwc3: gadget: Ignore NoStream after End Transfer
usb: dwc3: gadget: Check for L1/L2/U3 for Start Transfer
usb: dwc3: gadget: Fix null pointer exception
net: nexthop: fix null pointer dereference when IPv6 is not enabled
usb: chipidea: ci_hdrc_imx: fix potential error pointer dereference in probe
usb: typec: fusb302: Fix masking of comparator and bc_lvl interrupts
usb: hub: Fix usb enumeration issue due to address0 race
usb: hub: Fix locking issues with address0_mutex
binder: fix test regression due to sender_euid change
ALSA: ctxfi: Fix out-of-range access
ALSA: hda/realtek: Add quirk for ASRock NUC Box 1100
ALSA: hda/realtek: Fix LED on HP ProBook 435 G7
media: cec: copy sequence field for the reply
Revert "parisc: Fix backtrace to always include init funtion names"
HID: wacom: Use "Confidence" flag to prevent reporting invalid contacts
staging/fbtft: Fix backlight
staging: greybus: Add missing rwsem around snd_ctl_remove() calls
staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect()
fuse: release pipe buf after last use
xen: don't continue xenstore initialization in case of errors
xen: detect uninitialized xenbus in xenbus_init
KVM: PPC: Book3S HV: Prevent POWER7/8 TLB flush flushing SLB
tracing/uprobe: Fix uprobe_perf_open probes iteration
tracing: Fix pid filtering when triggers are attached
mmc: sdhci-esdhc-imx: disable CMDQ support
mmc: sdhci: Fix ADMA for PAGE_SIZE >= 64KiB
mdio: aspeed: Fix "Link is Down" issue
powerpc/32: Fix hardlockup on vmap stack overflow
PCI: aardvark: Deduplicate code in advk_pcie_rd_conf()
PCI: aardvark: Update comment about disabling link training
PCI: aardvark: Implement re-issuing config requests on CRS response
PCI: aardvark: Simplify initialization of rootcap on virtual bridge
PCI: aardvark: Fix link training
proc/vmcore: fix clearing user buffer by properly using clear_user()
netfilter: ctnetlink: fix filtering with CTA_TUPLE_REPLY
netfilter: ctnetlink: do not erase error code with EINVAL
netfilter: ipvs: Fix reuse connection if RS weight is 0
netfilter: flowtable: fix IPv6 tunnel addr match
ARM: dts: BCM5301X: Fix I2C controller interrupt
ARM: dts: BCM5301X: Add interrupt properties to GPIO node
ARM: dts: bcm2711: Fix PCIe interrupts
ASoC: qdsp6: q6routing: Conditionally reset FrontEnd Mixer
ASoC: qdsp6: q6asm: fix q6asm_dai_prepare error handling
ASoC: topology: Add missing rwsem around snd_ctl_remove() calls
ASoC: codecs: wcd934x: return error code correctly from hw_params
net: ieee802154: handle iftypes as u32
firmware: arm_scmi: pm: Propagate return value to caller
NFSv42: Don't fail clone() unless the OP_CLONE operation failed
ARM: socfpga: Fix crash with CONFIG_FORTIRY_SOURCE
drm/nouveau/acr: fix a couple NULL vs IS_ERR() checks
scsi: mpt3sas: Fix kernel panic during drive powercycle test
drm/vc4: fix error code in vc4_create_object()
net: marvell: prestera: fix double free issue on err path
iavf: Prevent changing static ITR values if adaptive moderation is on
ALSA: intel-dsp-config: add quirk for JSL devices based on ES8336 codec
mptcp: fix delack timer
firmware: smccc: Fix check for ARCH_SOC_ID not implemented
ipv6: fix typos in __ip6_finish_output()
nfp: checking parameter process for rx-usecs/tx-usecs is invalid
net: stmmac: fix system hang caused by eee_ctrl_timer during suspend/resume
net: stmmac: retain PTP clock time during SIOCSHWTSTAMP ioctls
net: ipv6: add fib6_nh_release_dsts stub
net: nexthop: release IPv6 per-cpu dsts when replacing a nexthop group
ice: fix vsi->txq_map sizing
ice: avoid bpf_prog refcount underflow
scsi: core: sysfs: Fix setting device state to SDEV_RUNNING
scsi: scsi_debug: Zero clear zones at reset write pointer
erofs: fix deadlock when shrink erofs slab
net/smc: Ensure the active closing peer first closes clcsock
mlxsw: Verify the accessed index doesn't exceed the array length
mlxsw: spectrum: Protect driver from buggy firmware
net: marvell: mvpp2: increase MTU limit when XDP enabled
nvmet-tcp: fix incomplete data digest send
net/ncsi : Add payload to be 32-bit aligned to fix dropped packets
PM: hibernate: use correct mode for swsusp_close()
drm/amd/display: Set plane update flags for all planes in reset
tcp_cubic: fix spurious Hystart ACK train detections for not-cwnd-limited flows
lan743x: fix deadlock in lan743x_phy_link_status_change()
net: phylink: Force link down and retrigger resolve on interface change
net: phylink: Force retrigger in case of latched link-fail indicator
net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk()
net/smc: Fix loop in smc_listen
nvmet: use IOCB_NOWAIT only if the filesystem supports it
igb: fix netpoll exit with traffic
MIPS: loongson64: fix FTLB configuration
MIPS: use 3-level pgtable for 64KB page size on MIPS_VA_BITS_48
tls: splice_read: fix record type check
tls: fix replacing proto_ops
net/sched: sch_ets: don't peek at classes beyond 'nbands'
net: vlan: fix underflow for the real_dev refcnt
net/smc: Don't call clcsock shutdown twice when smc shutdown
net: hns3: fix VF RSS failed problem after PF enable multi-TCs
net: mscc: ocelot: don't downgrade timestamping RX filters in SIOCSHWTSTAMP
net: mscc: ocelot: correctly report the timestamping RX filters in ethtool
tcp: correctly handle increased zerocopy args struct size
sched/scs: Reset task stack state in bringup_cpu()
f2fs: set SBI_NEED_FSCK flag when inconsistent node block found
ceph: properly handle statfs on multifs setups
smb3: do not error on fsync when readonly
iommu/amd: Clarify AMD IOMMUv2 initialization messages
vhost/vsock: fix incorrect used length reported to the guest
tracing: Check pid filtering when creating events
xen: sync include/xen/interface/io/ring.h with Xen's newest version
xen/blkfront: read response from backend only once
xen/blkfront: don't take local copy of a request from the ring page
xen/blkfront: don't trust the backend response data blindly
xen/netfront: read response from backend only once
xen/netfront: don't read data from request on the ring page
xen/netfront: disentangle tx_skb_freelist
xen/netfront: don't trust the backend response data blindly
tty: hvc: replace BUG_ON() with negative return value
s390/mm: validate VMA in PGSTE manipulation functions
shm: extend forced shm destroy to support objects from several IPC nses
net: stmmac: platform: fix build warning when with !CONFIG_PM_SLEEP
drm/amdgpu/gfx9: switch to golden tsc registers for renoir+
Linux 5.10.83
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ief47fb0c545e95bd269b07477eacd4c8713f287d
commit c1e6311771 upstream.
To clear a user buffer we cannot simply use memset, we have to use
clear_user(). With a virtio-mem device that registers a vmcore_cb and
has some logically unplugged memory inside an added Linux memory block,
I can easily trigger a BUG by copying the vmcore via "cp":
systemd[1]: Starting Kdump Vmcore Save Service...
kdump[420]: Kdump is using the default log level(3).
kdump[453]: saving to /sysroot/var/crash/127.0.0.1-2021-11-11-14:59:22/
kdump[458]: saving vmcore-dmesg.txt to /sysroot/var/crash/127.0.0.1-2021-11-11-14:59:22/
kdump[465]: saving vmcore-dmesg.txt complete
kdump[467]: saving vmcore
BUG: unable to handle page fault for address: 00007f2374e01000
#PF: supervisor write access in kernel mode
#PF: error_code(0x0003) - permissions violation
PGD 7a523067 P4D 7a523067 PUD 7a528067 PMD 7a525067 PTE 800000007048f867
Oops: 0003 [#1] PREEMPT SMP NOPTI
CPU: 0 PID: 468 Comm: cp Not tainted 5.15.0+ #6
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.14.0-27-g64f37cc530f1-prebuilt.qemu.org 04/01/2014
RIP: 0010:read_from_oldmem.part.0.cold+0x1d/0x86
Code: ff ff ff e8 05 ff fe ff e9 b9 e9 7f ff 48 89 de 48 c7 c7 38 3b 60 82 e8 f1 fe fe ff 83 fd 08 72 3c 49 8d 7d 08 4c 89 e9 89 e8 <49> c7 45 00 00 00 00 00 49 c7 44 05 f8 00 00 00 00 48 83 e7 f81
RSP: 0018:ffffc9000073be08 EFLAGS: 00010212
RAX: 0000000000001000 RBX: 00000000002fd000 RCX: 00007f2374e01000
RDX: 0000000000000001 RSI: 00000000ffffdfff RDI: 00007f2374e01008
RBP: 0000000000001000 R08: 0000000000000000 R09: ffffc9000073bc50
R10: ffffc9000073bc48 R11: ffffffff829461a8 R12: 000000000000f000
R13: 00007f2374e01000 R14: 0000000000000000 R15: ffff88807bd421e8
FS: 00007f2374e12140(0000) GS:ffff88807f000000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f2374e01000 CR3: 000000007a4aa000 CR4: 0000000000350eb0
Call Trace:
read_vmcore+0x236/0x2c0
proc_reg_read+0x55/0xa0
vfs_read+0x95/0x190
ksys_read+0x4f/0xc0
do_syscall_64+0x3b/0x90
entry_SYSCALL_64_after_hwframe+0x44/0xae
Some x86-64 CPUs have a CPU feature called "Supervisor Mode Access
Prevention (SMAP)", which is used to detect wrong access from the kernel
to user buffers like this: SMAP triggers a permissions violation on
wrong access. In the x86-64 variant of clear_user(), SMAP is properly
handled via clac()+stac().
To fix, properly use clear_user() when we're dealing with a user buffer.
Link: https://lkml.kernel.org/r/20211112092750.6921-1-david@redhat.com
Fixes: 997c136f51 ("fs/proc/vmcore.c: add hook to read_from_oldmem() to check for non-ram pages")
Signed-off-by: David Hildenbrand <david@redhat.com>
Acked-by: Baoquan He <bhe@redhat.com>
Cc: Dave Young <dyoung@redhat.com>
Cc: Baoquan He <bhe@redhat.com>
Cc: Vivek Goyal <vgoyal@redhat.com>
Cc: Philipp Rudo <prudo@redhat.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmGWT+QACgkQONu9yGCS
aT5mYw//ZXKzugaeJjuIaFqr7tcM7x8EefbKd2H4oMr8SW3IFElJIbNPJGMJAG/C
tLZVWZvIum7QzZoxTL+JCCKpDzBERNTo4e5u7UwzAdVqiEX69YkNU0FBOzb4qXJ7
gOZMBhy4UMIKdKD12CSXXf7ZspocsNXfzdmulRQ7CQcPoPrIMKpc4vuagN1Fy/Dz
JgXYvRUAkLxtFHoQ/TeXvR4Gv9+w2ToMdb02mI48QBO+YYrFaGt+Rza2eHTv75H+
Lydz37Nv1Pk32tA1q2jWxCzz16+Kzn+AviKiCfQK0Fb9IqnJksUIWLHSiODlVIcf
kQHejanPn/p1BnBl8puPk1KFtDW45p2GwYhXG7hjGh08DGlR7QLHBS5Aa3xPYfdd
uOy4ctygSVTx5nLjPH5vr3OE0wk/TuSSf/eyk2fmcUCspwAgBOnSYSmnJOem7LTK
VqIgXFdCRplsqN415D35ddruP2BLCKqBu4KjwJ1LGIwgsx/Pmz4hlc5YcpLm8uRg
XMqGTdcieQFOGmZJjJ2q3ecaCjfb0nmTrOylP5b55/74TFwFo042YR1ua0fEtpD4
euoHLfYv3BY1dCp34TOUFGX0l+J1kAtf//vfD/JgJx/nX+ksdFBHhYwdbSi2oQG/
9CceXYJ5duEnG+JmDOWJvcZ3T49K5XaIDNfY2zGpcSu1VZKubWg=
=tQ0m
-----END PGP SIGNATURE-----
Merge 5.10.80 into android12-5.10-lts
Changes in 5.10.80
xhci: Fix USB 3.1 enumeration issues by increasing roothub power-on-good delay
usb: xhci: Enable runtime-pm by default on AMD Yellow Carp platform
binder: use euid from cred instead of using task
binder: use cred instead of task for selinux checks
binder: use cred instead of task for getsecid
Input: iforce - fix control-message timeout
Input: elantench - fix misreporting trackpoint coordinates
Input: i8042 - Add quirk for Fujitsu Lifebook T725
libata: fix read log timeout value
ocfs2: fix data corruption on truncate
scsi: core: Remove command size deduction from scsi_setup_scsi_cmnd()
scsi: qla2xxx: Fix kernel crash when accessing port_speed sysfs file
scsi: qla2xxx: Fix use after free in eh_abort path
mmc: mtk-sd: Add wait dma stop done flow
mmc: dw_mmc: Dont wait for DRTO on Write RSP error
exfat: fix incorrect loading of i_blocks for large files
parisc: Fix set_fixmap() on PA1.x CPUs
parisc: Fix ptrace check on syscall return
tpm: Check for integer overflow in tpm2_map_response_body()
firmware/psci: fix application of sizeof to pointer
crypto: s5p-sss - Add error handling in s5p_aes_probe()
media: rkvdec: Do not override sizeimage for output format
media: ite-cir: IR receiver stop working after receive overflow
media: rkvdec: Support dynamic resolution changes
media: ir-kbd-i2c: improve responsiveness of hauppauge zilog receivers
media: v4l2-ioctl: Fix check_ext_ctrls
ALSA: hda/realtek: Fix mic mute LED for the HP Spectre x360 14
ALSA: hda/realtek: Add a quirk for HP OMEN 15 mute LED
ALSA: hda/realtek: Add quirk for Clevo PC70HS
ALSA: hda/realtek: Headset fixup for Clevo NH77HJQ
ALSA: hda/realtek: Add a quirk for Acer Spin SP513-54N
ALSA: hda/realtek: Add quirk for ASUS UX550VE
ALSA: hda/realtek: Add quirk for HP EliteBook 840 G7 mute LED
ALSA: ua101: fix division by zero at probe
ALSA: 6fire: fix control and bulk message timeouts
ALSA: line6: fix control and interrupt message timeouts
ALSA: usb-audio: Line6 HX-Stomp XL USB_ID for 48k-fixed quirk
ALSA: usb-audio: Add registration quirk for JBL Quantum 400
ALSA: hda: Free card instance properly at probe errors
ALSA: synth: missing check for possible NULL after the call to kstrdup
ALSA: timer: Fix use-after-free problem
ALSA: timer: Unconditionally unlink slave instances, too
ext4: fix lazy initialization next schedule time computation in more granular unit
ext4: ensure enough credits in ext4_ext_shift_path_extents
ext4: refresh the ext4_ext_path struct after dropping i_data_sem.
fuse: fix page stealing
x86/sme: Use #define USE_EARLY_PGTABLE_L5 in mem_encrypt_identity.c
x86/cpu: Fix migration safety with X86_BUG_NULL_SEL
x86/irq: Ensure PI wakeup handler is unregistered before module unload
ASoC: soc-core: fix null-ptr-deref in snd_soc_del_component_unlocked()
ALSA: hda/realtek: Fixes HP Spectre x360 15-eb1xxx speakers
cavium: Return negative value when pci_alloc_irq_vectors() fails
scsi: qla2xxx: Return -ENOMEM if kzalloc() fails
scsi: qla2xxx: Fix unmap of already freed sgl
mISDN: Fix return values of the probe function
cavium: Fix return values of the probe function
sfc: Export fibre-specific supported link modes
sfc: Don't use netif_info before net_device setup
hyperv/vmbus: include linux/bitops.h
ARM: dts: sun7i: A20-olinuxino-lime2: Fix ethernet phy-mode
reset: socfpga: add empty driver allowing consumers to probe
mmc: winbond: don't build on M68K
drm: panel-orientation-quirks: Add quirk for Aya Neo 2021
fcnal-test: kill hanging ping/nettest binaries on cleanup
bpf: Define bpf_jit_alloc_exec_limit for arm64 JIT
bpf: Prevent increasing bpf_jit_limit above max
gpio: mlxbf2.c: Add check for bgpio_init failure
xen/netfront: stop tx queues during live migration
nvmet-tcp: fix a memory leak when releasing a queue
spi: spl022: fix Microwire full duplex mode
net: multicast: calculate csum of looped-back and forwarded packets
watchdog: Fix OMAP watchdog early handling
drm: panel-orientation-quirks: Add quirk for GPD Win3
block: schedule queue restart after BLK_STS_ZONE_RESOURCE
nvmet-tcp: fix header digest verification
r8169: Add device 10ec:8162 to driver r8169
vmxnet3: do not stop tx queues after netif_device_detach()
nfp: bpf: relax prog rejection for mtu check through max_pkt_offset
net/smc: Fix smc_link->llc_testlink_time overflow
net/smc: Correct spelling mistake to TCPF_SYN_RECV
rds: stop using dmapool
btrfs: clear MISSING device status bit in btrfs_close_one_device
btrfs: fix lost error handling when replaying directory deletes
btrfs: call btrfs_check_rw_degradable only if there is a missing device
KVM: VMX: Unregister posted interrupt wakeup handler on hardware unsetup
ia64: kprobes: Fix to pass correct trampoline address to the handler
selinux: fix race condition when computing ocontext SIDs
hwmon: (pmbus/lm25066) Add offset coefficients
regulator: s5m8767: do not use reset value as DVS voltage if GPIO DVS is disabled
regulator: dt-bindings: samsung,s5m8767: correct s5m8767,pmic-buck-default-dvs-idx property
EDAC/sb_edac: Fix top-of-high-memory value for Broadwell/Haswell
mwifiex: fix division by zero in fw download path
ath6kl: fix division by zero in send path
ath6kl: fix control-message timeout
ath10k: fix control-message timeout
ath10k: fix division by zero in send path
PCI: Mark Atheros QCA6174 to avoid bus reset
rtl8187: fix control-message timeouts
evm: mark evm_fixmode as __ro_after_init
ifb: Depend on netfilter alternatively to tc
wcn36xx: Fix HT40 capability for 2Ghz band
wcn36xx: Fix tx_status mechanism
wcn36xx: Fix (QoS) null data frame bitrate/modulation
PM: sleep: Do not let "syscore" devices runtime-suspend during system transitions
mwifiex: Read a PCI register after writing the TX ring write pointer
mwifiex: Try waking the firmware until we get an interrupt
libata: fix checking of DMA state
wcn36xx: handle connection loss indication
rsi: fix occasional initialisation failure with BT coex
rsi: fix key enabled check causing unwanted encryption for vap_id > 0
rsi: fix rate mask set leading to P2P failure
rsi: Fix module dev_oper_mode parameter description
perf/x86/intel/uncore: Support extra IMC channel on Ice Lake server
perf/x86/intel/uncore: Fix Intel ICX IIO event constraints
RDMA/qedr: Fix NULL deref for query_qp on the GSI QP
signal: Remove the bogus sigkill_pending in ptrace_stop
memory: renesas-rpc-if: Correct QSPI data transfer in Manual mode
signal/mips: Update (_save|_restore)_fp_context to fail with -EFAULT
soc: fsl: dpio: replace smp_processor_id with raw_smp_processor_id
soc: fsl: dpio: use the combined functions to protect critical zone
mtd: rawnand: socrates: Keep the driver compatible with on-die ECC engines
power: supply: max17042_battery: Prevent int underflow in set_soc_threshold
power: supply: max17042_battery: use VFSOC for capacity when no rsns
KVM: arm64: Extract ESR_ELx.EC only
KVM: nVMX: Query current VMCS when determining if MSR bitmaps are in use
can: j1939: j1939_tp_cmd_recv(): ignore abort message in the BAM transport
can: j1939: j1939_can_recv(): ignore messages with invalid source address
powerpc/85xx: Fix oops when mpc85xx_smp_guts_ids node cannot be found
ring-buffer: Protect ring_buffer_reset() from reentrancy
serial: core: Fix initializing and restoring termios speed
ifb: fix building without CONFIG_NET_CLS_ACT
ALSA: mixer: oss: Fix racy access to slots
ALSA: mixer: fix deadlock in snd_mixer_oss_set_volume
xen/balloon: add late_initcall_sync() for initial ballooning done
ovl: fix use after free in struct ovl_aio_req
PCI: pci-bridge-emul: Fix emulation of W1C bits
PCI: cadence: Add cdns_plat_pcie_probe() missing return
PCI: aardvark: Do not clear status bits of masked interrupts
PCI: aardvark: Fix checking for link up via LTSSM state
PCI: aardvark: Do not unmask unused interrupts
PCI: aardvark: Fix reporting Data Link Layer Link Active
PCI: aardvark: Fix configuring Reference clock
PCI: aardvark: Fix return value of MSI domain .alloc() method
PCI: aardvark: Read all 16-bits from PCIE_MSI_PAYLOAD_REG
PCI: aardvark: Fix support for bus mastering and PCI_COMMAND on emulated bridge
PCI: aardvark: Fix support for PCI_BRIDGE_CTL_BUS_RESET on emulated bridge
PCI: aardvark: Set PCI Bridge Class Code to PCI Bridge
PCI: aardvark: Fix support for PCI_ROM_ADDRESS1 on emulated bridge
quota: check block number when reading the block in quota file
quota: correct error number in free_dqentry()
pinctrl: core: fix possible memory leak in pinctrl_enable()
coresight: cti: Correct the parameter for pm_runtime_put
iio: dac: ad5446: Fix ad5622_write() return value
iio: ad5770r: make devicetree property reading consistent
USB: serial: keyspan: fix memleak on probe errors
serial: 8250: fix racy uartclk update
most: fix control-message timeouts
USB: iowarrior: fix control-message timeouts
USB: chipidea: fix interrupt deadlock
power: supply: max17042_battery: Clear status bits in interrupt handler
dma-buf: WARN on dmabuf release with pending attachments
drm: panel-orientation-quirks: Update the Lenovo Ideapad D330 quirk (v2)
drm: panel-orientation-quirks: Add quirk for KD Kurio Smart C15200 2-in-1
drm: panel-orientation-quirks: Add quirk for the Samsung Galaxy Book 10.6
Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg()
Bluetooth: fix use-after-free error in lock_sock_nested()
drm/panel-orientation-quirks: add Valve Steam Deck
rcutorture: Avoid problematic critical section nesting on PREEMPT_RT
platform/x86: wmi: do not fail if disabling fails
MIPS: lantiq: dma: add small delay after reset
MIPS: lantiq: dma: reset correct number of channel
locking/lockdep: Avoid RCU-induced noinstr fail
net: sched: update default qdisc visibility after Tx queue cnt changes
rcu-tasks: Move RTGS_WAIT_CBS to beginning of rcu_tasks_kthread() loop
smackfs: Fix use-after-free in netlbl_catmap_walk()
ath11k: Align bss_chan_info structure with firmware
x86: Increase exception stack sizes
mwifiex: Run SET_BSS_MODE when changing from P2P to STATION vif-type
mwifiex: Properly initialize private structure on interface type changes
fscrypt: allow 256-bit master keys with AES-256-XTS
drm/amdgpu: Fix MMIO access page fault
ath11k: Avoid reg rules update during firmware recovery
ath11k: add handler for scan event WMI_SCAN_EVENT_DEQUEUED
ath11k: Change DMA_FROM_DEVICE to DMA_TO_DEVICE when map reinjected packets
ath10k: high latency fixes for beacon buffer
media: mt9p031: Fix corrupted frame after restarting stream
media: netup_unidvb: handle interrupt properly according to the firmware
media: atomisp: Fix error handling in probe
media: stm32: Potential NULL pointer dereference in dcmi_irq_thread()
media: uvcvideo: Set capability in s_param
media: uvcvideo: Return -EIO for control errors
media: uvcvideo: Set unique vdev name based in type
media: s5p-mfc: fix possible null-pointer dereference in s5p_mfc_probe()
media: s5p-mfc: Add checking to s5p_mfc_probe().
media: imx: set a media_device bus_info string
media: mceusb: return without resubmitting URB in case of -EPROTO error.
ia64: don't do IA64_CMPXCHG_DEBUG without CONFIG_PRINTK
rtw88: fix RX clock gate setting while fifo dump
brcmfmac: Add DMI nvram filename quirk for Cyberbook T116 tablet
media: rcar-csi2: Add checking to rcsi2_start_receiver()
ipmi: Disable some operations during a panic
fs/proc/uptime.c: Fix idle time reporting in /proc/uptime
ACPICA: Avoid evaluating methods too early during system resume
media: ipu3-imgu: imgu_fmt: Handle properly try
media: ipu3-imgu: VIDIOC_QUERYCAP: Fix bus_info
media: usb: dvd-usb: fix uninit-value bug in dibusb_read_eeprom_byte()
net-sysfs: try not to restart the syscall if it will fail eventually
tracefs: Have tracefs directories not set OTH permission bits by default
ath: dfs_pattern_detector: Fix possible null-pointer dereference in channel_detector_create()
mmc: moxart: Fix reference count leaks in moxart_probe
iov_iter: Fix iov_iter_get_pages{,_alloc} page fault return value
ACPI: battery: Accept charges over the design capacity as full
drm/amdkfd: fix resume error when iommu disabled in Picasso
net: phy: micrel: make *-skew-ps check more lenient
leaking_addresses: Always print a trailing newline
drm/msm: prevent NULL dereference in msm_gpu_crashstate_capture()
block: bump max plugged deferred size from 16 to 32
md: update superblock after changing rdev flags in state_store
memstick: r592: Fix a UAF bug when removing the driver
lib/xz: Avoid overlapping memcpy() with invalid input with in-place decompression
lib/xz: Validate the value before assigning it to an enum variable
workqueue: make sysfs of unbound kworker cpumask more clever
tracing/cfi: Fix cmp_entries_* functions signature mismatch
mt76: mt7915: fix an off-by-one bound check
mwl8k: Fix use-after-free in mwl8k_fw_state_machine()
block: remove inaccurate requeue check
media: allegro: ignore interrupt if mailbox is not initialized
nvmet: fix use-after-free when a port is removed
nvmet-rdma: fix use-after-free when a port is removed
nvmet-tcp: fix use-after-free when a port is removed
nvme: drop scan_lock and always kick requeue list when removing namespaces
PM: hibernate: Get block device exclusively in swsusp_check()
selftests: kvm: fix mismatched fclose() after popen()
selftests/bpf: Fix perf_buffer test on system with offline cpus
iwlwifi: mvm: disable RX-diversity in powersave
smackfs: use __GFP_NOFAIL for smk_cipso_doi()
ARM: clang: Do not rely on lr register for stacktrace
gre/sit: Don't generate link-local addr if addr_gen_mode is IN6_ADDR_GEN_MODE_NONE
gfs2: Cancel remote delete work asynchronously
gfs2: Fix glock_hash_walk bugs
ARM: 9136/1: ARMv7-M uses BE-8, not BE-32
vrf: run conntrack only in context of lower/physdev for locally generated packets
net: annotate data-race in neigh_output()
ACPI: AC: Quirk GK45 to skip reading _PSR
btrfs: reflink: initialize return value to 0 in btrfs_extent_same()
btrfs: do not take the uuid_mutex in btrfs_rm_device
spi: bcm-qspi: Fix missing clk_disable_unprepare() on error in bcm_qspi_probe()
wcn36xx: Correct band/freq reporting on RX
x86/hyperv: Protect set_hv_tscchange_cb() against getting preempted
drm/amd/display: dcn20_resource_construct reduce scope of FPU enabled
selftests/core: fix conflicting types compile error for close_range()
parisc: fix warning in flush_tlb_all
task_stack: Fix end_of_stack() for architectures with upwards-growing stack
erofs: don't trigger WARN() when decompression fails
parisc/unwind: fix unwinder when CONFIG_64BIT is enabled
parisc/kgdb: add kgdb_roundup() to make kgdb work with idle polling
netfilter: conntrack: set on IPS_ASSURED if flows enters internal stream state
selftests/bpf: Fix strobemeta selftest regression
Bluetooth: fix init and cleanup of sco_conn.timeout_work
rcu: Fix existing exp request check in sync_sched_exp_online_cleanup()
MIPS: lantiq: dma: fix burst length for DEU
objtool: Add xen_start_kernel() to noreturn list
x86/xen: Mark cpu_bringup_and_idle() as dead_end_function
objtool: Fix static_call list generation
drm/v3d: fix wait for TMU write combiner flush
virtio-gpu: fix possible memory allocation failure
lockdep: Let lock_is_held_type() detect recursive read as read
net: net_namespace: Fix undefined member in key_remove_domain()
cgroup: Make rebind_subsystems() disable v2 controllers all at once
wcn36xx: Fix Antenna Diversity Switching
wilc1000: fix possible memory leak in cfg_scan_result()
Bluetooth: btmtkuart: fix a memleak in mtk_hci_wmt_sync
crypto: caam - disable pkc for non-E SoCs
rxrpc: Fix _usecs_to_jiffies() by using usecs_to_jiffies()
net: dsa: rtl8366rb: Fix off-by-one bug
ath11k: fix some sleeping in atomic bugs
ath11k: Avoid race during regd updates
ath11k: fix packet drops due to incorrect 6 GHz freq value in rx status
ath11k: Fix memory leak in ath11k_qmi_driver_event_work
ath10k: Fix missing frame timestamp for beacon/probe-resp
ath10k: sdio: Add missing BH locking around napi_schdule()
drm/ttm: stop calling tt_swapin in vm_access
arm64: mm: update max_pfn after memory hotplug
drm/amdgpu: fix warning for overflow check
media: em28xx: add missing em28xx_close_extension
media: cxd2880-spi: Fix a null pointer dereference on error handling path
media: dvb-usb: fix ununit-value in az6027_rc_query
media: v4l2-ioctl: S_CTRL output the right value
media: TDA1997x: handle short reads of hdmi info frame.
media: mtk-vpu: Fix a resource leak in the error handling path of 'mtk_vpu_probe()'
media: radio-wl1273: Avoid card name truncation
media: si470x: Avoid card name truncation
media: tm6000: Avoid card name truncation
media: cx23885: Fix snd_card_free call on null card pointer
kprobes: Do not use local variable when creating debugfs file
crypto: ecc - fix CRYPTO_DEFAULT_RNG dependency
cpuidle: Fix kobject memory leaks in error paths
media: em28xx: Don't use ops->suspend if it is NULL
ath9k: Fix potential interrupt storm on queue reset
PM: EM: Fix inefficient states detection
EDAC/amd64: Handle three rank interleaving mode
rcu: Always inline rcu_dynticks_task*_{enter,exit}()
netfilter: nft_dynset: relax superfluous check on set updates
media: dvb-frontends: mn88443x: Handle errors of clk_prepare_enable()
crypto: qat - detect PFVF collision after ACK
crypto: qat - disregard spurious PFVF interrupts
hwrng: mtk - Force runtime pm ops for sleep ops
b43legacy: fix a lower bounds test
b43: fix a lower bounds test
gve: Recover from queue stall due to missed IRQ
mmc: sdhci-omap: Fix NULL pointer exception if regulator is not configured
mmc: sdhci-omap: Fix context restore
memstick: avoid out-of-range warning
memstick: jmb38x_ms: use appropriate free function in jmb38x_ms_alloc_host()
net, neigh: Fix NTF_EXT_LEARNED in combination with NTF_USE
hwmon: Fix possible memleak in __hwmon_device_register()
hwmon: (pmbus/lm25066) Let compiler determine outer dimension of lm25066_coeff
ath10k: fix max antenna gain unit
kernel/sched: Fix sched_fork() access an invalid sched_task_group
tcp: switch orphan_count to bare per-cpu counters
drm/msm: potential error pointer dereference in init()
drm/msm: uninitialized variable in msm_gem_import()
net: stream: don't purge sk_error_queue in sk_stream_kill_queues()
media: ir_toy: assignment to be16 should be of correct type
mmc: mxs-mmc: disable regulator on error and in the remove function
platform/x86: thinkpad_acpi: Fix bitwise vs. logical warning
mt76: mt7615: fix endianness warning in mt7615_mac_write_txwi
mt76: mt76x02: fix endianness warnings in mt76x02_mac.c
mt76: mt7915: fix possible infinite loop release semaphore
mt76: mt7915: fix sta_rec_wtbl tag len
mt76: mt7915: fix muar_idx in mt7915_mcu_alloc_sta_req()
rsi: stop thread firstly in rsi_91x_init() error handling
mwifiex: Send DELBA requests according to spec
net: enetc: unmap DMA in enetc_send_cmd()
phy: micrel: ksz8041nl: do not use power down mode
nvme-rdma: fix error code in nvme_rdma_setup_ctrl
PM: hibernate: fix sparse warnings
clocksource/drivers/timer-ti-dm: Select TIMER_OF
x86/sev: Fix stack type check in vc_switch_off_ist()
drm/msm: Fix potential NULL dereference in DPU SSPP
smackfs: use netlbl_cfg_cipsov4_del() for deleting cipso_v4_doi
KVM: selftests: Add operand to vmsave/vmload/vmrun in svm.c
KVM: selftests: Fix nested SVM tests when built with clang
bpftool: Avoid leaking the JSON writer prepared for program metadata
libbpf: Fix BTF data layout checks and allow empty BTF
libbpf: Allow loading empty BTFs
libbpf: Fix overflow in BTF sanity checks
libbpf: Fix BTF header parsing checks
s390/gmap: don't unconditionally call pte_unmap_unlock() in __gmap_zap()
KVM: s390: pv: avoid double free of sida page
KVM: s390: pv: avoid stalls for kvm_s390_pv_init_vm
irq: mips: avoid nested irq_enter()
tpm: fix Atmel TPM crash caused by too frequent queries
tpm_tis_spi: Add missing SPI ID
libbpf: Fix endianness detection in BPF_CORE_READ_BITFIELD_PROBED()
tcp: don't free a FIN sk_buff in tcp_remove_empty_skb()
spi: spi-rpc-if: Check return value of rpcif_sw_init()
samples/kretprobes: Fix return value if register_kretprobe() failed
KVM: s390: Fix handle_sske page fault handling
libertas_tf: Fix possible memory leak in probe and disconnect
libertas: Fix possible memory leak in probe and disconnect
wcn36xx: add proper DMA memory barriers in rx path
wcn36xx: Fix discarded frames due to wrong sequence number
drm/amdgpu/gmc6: fix DMA mask from 44 to 40 bits
selftests: bpf: Convert sk_lookup ctx access tests to PROG_TEST_RUN
selftests/bpf: Fix fd cleanup in sk_lookup test
net: amd-xgbe: Toggle PLL settings during rate change
net: phylink: avoid mvneta warning when setting pause parameters
crypto: pcrypt - Delay write to padata->info
selftests/bpf: Fix fclose/pclose mismatch in test_progs
udp6: allow SO_MARK ctrl msg to affect routing
ibmvnic: don't stop queue in xmit
ibmvnic: Process crqs after enabling interrupts
cgroup: Fix rootcg cpu.stat guest double counting
bpf: Fix propagation of bounds from 64-bit min/max into 32-bit and var_off.
bpf: Fix propagation of signed bounds from 64-bit min/max into 32-bit.
of: unittest: fix EXPECT text for gpio hog errors
iio: st_sensors: Call st_sensors_power_enable() from bus drivers
iio: st_sensors: disable regulators after device unregistration
RDMA/rxe: Fix wrong port_cap_flags
ARM: dts: BCM5301X: Fix memory nodes names
clk: mvebu: ap-cpu-clk: Fix a memory leak in error handling paths
ARM: s3c: irq-s3c24xx: Fix return value check for s3c24xx_init_intc()
arm64: dts: rockchip: Fix GPU register width for RK3328
ARM: dts: qcom: msm8974: Add xo_board reference clock to DSI0 PHY
RDMA/bnxt_re: Fix query SRQ failure
arm64: dts: ti: k3-j721e-main: Fix "max-virtual-functions" in PCIe EP nodes
arm64: dts: ti: k3-j721e-main: Fix "bus-range" upto 256 bus number for PCIe
arm64: dts: meson-g12a: Fix the pwm regulator supply properties
arm64: dts: meson-g12b: Fix the pwm regulator supply properties
bus: ti-sysc: Fix timekeeping_suspended warning on resume
ARM: dts: at91: tse850: the emac<->phy interface is rmii
scsi: dc395: Fix error case unwinding
MIPS: loongson64: make CPU_LOONGSON64 depends on MIPS_FP_SUPPORT
JFS: fix memleak in jfs_mount
arm64: dts: qcom: msm8916: Fix Secondary MI2S bit clock
arm64: dts: renesas: beacon: Fix Ethernet PHY mode
arm64: dts: qcom: pm8916: Remove wrong reg-names for rtc@6000
ALSA: hda: Reduce udelay() at SKL+ position reporting
ALSA: hda: Release controller display power during shutdown/reboot
ALSA: hda: Fix hang during shutdown due to link reset
ALSA: hda: Use position buffer for SKL+ again
soundwire: debugfs: use controller id and link_id for debugfs
scsi: pm80xx: Fix misleading log statement in pm8001_mpi_get_nvmd_resp()
driver core: Fix possible memory leak in device_link_add()
arm: dts: omap3-gta04a4: accelerometer irq fix
ASoC: SOF: topology: do not power down primary core during topology removal
soc/tegra: Fix an error handling path in tegra_powergate_power_up()
memory: fsl_ifc: fix leak of irq and nand_irq in fsl_ifc_ctrl_probe
clk: at91: check pmc node status before registering syscore ops
video: fbdev: chipsfb: use memset_io() instead of memset()
powerpc: Refactor is_kvm_guest() declaration to new header
powerpc: Rename is_kvm_guest() to check_kvm_guest()
powerpc: Reintroduce is_kvm_guest() as a fast-path check
powerpc: Fix is_kvm_guest() / kvm_para_available()
powerpc: fix unbalanced node refcount in check_kvm_guest()
serial: 8250_dw: Drop wrong use of ACPI_PTR()
usb: gadget: hid: fix error code in do_config()
power: supply: rt5033_battery: Change voltage values to µV
power: supply: max17040: fix null-ptr-deref in max17040_probe()
scsi: csiostor: Uninitialized data in csio_ln_vnp_read_cbfn()
RDMA/mlx4: Return missed an error if device doesn't support steering
usb: musb: select GENERIC_PHY instead of depending on it
staging: most: dim2: do not double-register the same device
staging: ks7010: select CRYPTO_HASH/CRYPTO_MICHAEL_MIC
pinctrl: renesas: checker: Fix off-by-one bug in drive register check
ARM: dts: stm32: Reduce DHCOR SPI NOR frequency to 50 MHz
ARM: dts: stm32: fix SAI sub nodes register range
ARM: dts: stm32: fix AV96 board SAI2 pin muxing on stm32mp15
ASoC: cs42l42: Correct some register default values
ASoC: cs42l42: Defer probe if request_threaded_irq() returns EPROBE_DEFER
soc: qcom: rpmhpd: Provide some missing struct member descriptions
soc: qcom: rpmhpd: Make power_on actually enable the domain
usb: typec: STUSB160X should select REGMAP_I2C
iio: adis: do not disabe IRQs in 'adis_init()'
scsi: ufs: Refactor ufshcd_setup_clocks() to remove skip_ref_clk
scsi: ufs: ufshcd-pltfrm: Fix memory leak due to probe defer
serial: imx: fix detach/attach of serial console
usb: dwc2: drd: fix dwc2_force_mode call in dwc2_ovr_init
usb: dwc2: drd: fix dwc2_drd_role_sw_set when clock could be disabled
usb: dwc2: drd: reset current session before setting the new one
firmware: qcom_scm: Fix error retval in __qcom_scm_is_call_available()
soc: qcom: apr: Add of_node_put() before return
pinctrl: equilibrium: Fix function addition in multiple groups
phy: qcom-qusb2: Fix a memory leak on probe
phy: ti: gmii-sel: check of_get_address() for failure
phy: qcom-snps: Correct the FSEL_MASK
serial: xilinx_uartps: Fix race condition causing stuck TX
clk: at91: sam9x60-pll: use DIV_ROUND_CLOSEST_ULL
HID: u2fzero: clarify error check and length calculations
HID: u2fzero: properly handle timeouts in usb_submit_urb
powerpc/44x/fsp2: add missing of_node_put
ASoC: cs42l42: Disable regulators if probe fails
ASoC: cs42l42: Use device_property API instead of of_property
ASoC: cs42l42: Correct configuring of switch inversion from ts-inv
virtio_ring: check desc == NULL when using indirect with packed
mips: cm: Convert to bitfield API to fix out-of-bounds access
power: supply: bq27xxx: Fix kernel crash on IRQ handler register error
apparmor: fix error check
rpmsg: Fix rpmsg_create_ept return when RPMSG config is not defined
nfsd: don't alloc under spinlock in rpc_parse_scope_id
i2c: mediatek: fixing the incorrect register offset
NFS: Fix dentry verifier races
pnfs/flexfiles: Fix misplaced barrier in nfs4_ff_layout_prepare_ds
drm/plane-helper: fix uninitialized variable reference
PCI: aardvark: Don't spam about PIO Response Status
PCI: aardvark: Fix preserving PCI_EXP_RTCTL_CRSSVE flag on emulated bridge
opp: Fix return in _opp_add_static_v2()
NFS: Fix deadlocks in nfs_scan_commit_list()
fs: orangefs: fix error return code of orangefs_revalidate_lookup()
mtd: spi-nor: hisi-sfc: Remove excessive clk_disable_unprepare()
PCI: uniphier: Serialize INTx masking/unmasking and fix the bit operation
mtd: core: don't remove debugfs directory if device is in use
remoteproc: Fix a memory leak in an error handling path in 'rproc_handle_vdev()'
rtc: rv3032: fix error handling in rv3032_clkout_set_rate()
dmaengine: at_xdmac: fix AT_XDMAC_CC_PERID() macro
NFS: Fix up commit deadlocks
NFS: Fix an Oops in pnfs_mark_request_commit()
Fix user namespace leak
auxdisplay: img-ascii-lcd: Fix lock-up when displaying empty string
auxdisplay: ht16k33: Connect backlight to fbdev
auxdisplay: ht16k33: Fix frame buffer device blanking
soc: fsl: dpaa2-console: free buffer before returning from dpaa2_console_read
netfilter: nfnetlink_queue: fix OOB when mac header was cleared
dmaengine: dmaengine_desc_callback_valid(): Check for `callback_result`
signal/sh: Use force_sig(SIGKILL) instead of do_group_exit(SIGKILL)
m68k: set a default value for MEMORY_RESERVE
watchdog: f71808e_wdt: fix inaccurate report in WDIOC_GETTIMEOUT
ar7: fix kernel builds for compiler test
scsi: qla2xxx: Changes to support FCP2 Target
scsi: qla2xxx: Relogin during fabric disturbance
scsi: qla2xxx: Fix gnl list corruption
scsi: qla2xxx: Turn off target reset during issue_lip
NFSv4: Fix a regression in nfs_set_open_stateid_locked()
i2c: xlr: Fix a resource leak in the error handling path of 'xlr_i2c_probe()'
xen-pciback: Fix return in pm_ctrl_init()
net: davinci_emac: Fix interrupt pacing disable
ethtool: fix ethtool msg len calculation for pause stats
openrisc: fix SMP tlb flush NULL pointer dereference
net: vlan: fix a UAF in vlan_dev_real_dev()
ice: Fix replacing VF hardware MAC to existing MAC filter
ice: Fix not stopping Tx queues for VFs
ACPI: PMIC: Fix intel_pmic_regs_handler() read accesses
drm/nouveau/svm: Fix refcount leak bug and missing check against null bug
net: phy: fix duplex out of sync problem while changing settings
bonding: Fix a use-after-free problem when bond_sysfs_slave_add() failed
mfd: core: Add missing of_node_put for loop iteration
can: mcp251xfd: mcp251xfd_chip_start(): fix error handling for mcp251xfd_chip_rx_int_enable()
mm/zsmalloc.c: close race window between zs_pool_dec_isolated() and zs_unregister_migration()
zram: off by one in read_block_state()
perf bpf: Add missing free to bpf_event__print_bpf_prog_info()
llc: fix out-of-bound array index in llc_sk_dev_hash()
nfc: pn533: Fix double free when pn533_fill_fragment_skbs() fails
arm64: pgtable: make __pte_to_phys/__phys_to_pte_val inline functions
bpf, sockmap: Remove unhash handler for BPF sockmap usage
bpf: sockmap, strparser, and tls are reusing qdisc_skb_cb and colliding
gve: Fix off by one in gve_tx_timeout()
seq_file: fix passing wrong private data
net/sched: sch_taprio: fix undefined behavior in ktime_mono_to_any
net: hns3: fix kernel crash when unload VF while it is being reset
net: hns3: allow configure ETS bandwidth of all TCs
net: stmmac: allow a tc-taprio base-time of zero
vsock: prevent unnecessary refcnt inc for nonblocking connect
net/smc: fix sk_refcnt underflow on linkdown and fallback
cxgb4: fix eeprom len when diagnostics not implemented
selftests/net: udpgso_bench_rx: fix port argument
ARM: 9155/1: fix early early_iounmap()
ARM: 9156/1: drop cc-option fallbacks for architecture selection
parisc: Fix backtrace to always include init funtion names
MIPS: Fix assembly error from MIPSr2 code used within MIPS_ISA_ARCH_LEVEL
x86/mce: Add errata workaround for Skylake SKX37
posix-cpu-timers: Clear task::posix_cputimers_work in copy_process()
irqchip/sifive-plic: Fixup EOI failed when masked
f2fs: should use GFP_NOFS for directory inodes
net, neigh: Enable state migration between NUD_PERMANENT and NTF_USE
9p/net: fix missing error check in p9_check_errors
memcg: prohibit unconditional exceeding the limit of dying tasks
powerpc/lib: Add helper to check if offset is within conditional branch range
powerpc/bpf: Validate branch ranges
powerpc/security: Add a helper to query stf_barrier type
powerpc/bpf: Emit stf barrier instruction sequences for BPF_NOSPEC
mm, oom: pagefault_out_of_memory: don't force global OOM for dying tasks
mm, oom: do not trigger out_of_memory from the #PF
mfd: dln2: Add cell for initializing DLN2 ADC
video: backlight: Drop maximum brightness override for brightness zero
s390/cio: check the subchannel validity for dev_busid
s390/tape: fix timer initialization in tape_std_assign()
s390/ap: Fix hanging ioctl caused by orphaned replies
s390/cio: make ccw_device_dma_* more robust
mtd: rawnand: ams-delta: Keep the driver compatible with on-die ECC engines
mtd: rawnand: xway: Keep the driver compatible with on-die ECC engines
mtd: rawnand: mpc5121: Keep the driver compatible with on-die ECC engines
mtd: rawnand: gpio: Keep the driver compatible with on-die ECC engines
mtd: rawnand: pasemi: Keep the driver compatible with on-die ECC engines
mtd: rawnand: orion: Keep the driver compatible with on-die ECC engines
mtd: rawnand: plat_nand: Keep the driver compatible with on-die ECC engines
mtd: rawnand: au1550nd: Keep the driver compatible with on-die ECC engines
powerpc/powernv/prd: Unregister OPAL_MSG_PRD2 notifier during module unload
powerpc/85xx: fix timebase sync issue when CONFIG_HOTPLUG_CPU=n
drm/sun4i: Fix macros in sun8i_csc.h
PCI: Add PCI_EXP_DEVCTL_PAYLOAD_* macros
PCI: aardvark: Fix PCIe Max Payload Size setting
SUNRPC: Partial revert of commit 6f9f17287e
ath10k: fix invalid dma_addr_t token assignment
mmc: moxart: Fix null pointer dereference on pointer host
selftests/bpf: Fix also no-alu32 strobemeta selftest
arch/cc: Introduce a function to check for confidential computing features
x86/sev: Add an x86 version of cc_platform_has()
x86/sev: Make the #VC exception stacks part of the default stacks storage
soc/tegra: pmc: Fix imbalanced clock disabling in error code path
Linux 5.10.80
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I21c750863965fbf584251fa2de3c941ae5922d3f
[ Upstream commit a130e8fbc7 ]
/proc/uptime reports idle time by reading the CPUTIME_IDLE field from
the per-cpu kcpustats. However, on NO_HZ systems, idle time is not
continually updated on idle cpus, leading this value to appear
incorrectly small.
/proc/stat performs an accounting update when reading idle time; we
can use the same approach for uptime.
With this patch, /proc/stat and /proc/uptime now agree on idle time.
Additionally, the following shows idle time tick up consistently on an
idle machine:
(while true; do cat /proc/uptime; sleep 1; done) | awk '{print $2-prev; prev=$2}'
Reported-by: Luigi Rizzo <lrizzo@google.com>
Signed-off-by: Josh Don <joshdon@google.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Link: https://lkml.kernel.org/r/20210827165438.3280779-1-joshdon@google.com
Signed-off-by: Sasha Levin <sashal@kernel.org>
Sync up with android12-5.10 for the following commits:
2a8bfea53d UPSTREAM: kernel/irq: export irq_gc_set_wake
36fbb55631 FROMGIT: procfs: prevent unpriveleged processes accessing fdinfo dir
fc2d64ec5d FROMGIT: f2fs: don't sleep while grabing nat_tree_lock
cf1646cba3 FROMLIST: scsi: ufs: Allow async suspend/resume callbacks
98afdd197f ANDROID: ABI: update generic symbol list and ABI XML
e2e063f507 ANDROID: scsi: ufs: add vendor hook to override key reprogramming
198e728044 ANDROID: GKI: Add rockchip symbol list
Change-Id: Ib1c25472ab1be58611ee2fa61047ceef48f00e7e
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
The file permissions on the fdinfo dir from were changed from
S_IRUSR|S_IXUSR to S_IRUGO|S_IXUGO, and a PTRACE_MODE_READ check was added
for opening the fdinfo files [1]. However, the ptrace permission check
was not added to the directory, allowing anyone to get the open FD numbers
by reading the fdinfo directory.
Add the missing ptrace permission check for opening the fdinfo directory.
[1] https://lkml.kernel.org/r/20210308170651.919148-1-kaleshsingh@google.com
Link: https://lkml.kernel.org/r/20210713162008.1056986-1-kaleshsingh@google.com
Fixes: 7bc3fa0172 ("procfs: allow reading fdinfo with PTRACE_MODE_READ")
Signed-off-by: Kalesh Singh <kaleshsingh@google.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Eric W. Biederman <ebiederm@xmission.com>
Cc: Christian Brauner <christian.brauner@ubuntu.com>
Cc: Christian König <christian.koenig@amd.com>
Cc: Suren Baghdasaryan <surenb@google.com>
Cc: Hridya Valsaraju <hridya@google.com>
Cc: Jann Horn <jannh@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Mark Brown <broonie@kernel.org>
Bug: 151772539
Change-Id: I274b30aa0a5ce8412eae7161d31c6ee955035da9
(cherry picked from commit fc73829fa54b0c7af32d6da7c972eb3390957da4
git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git master)
Signed-off-by: Kalesh Singh <kaleshsingh@google.com>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmEBT00ACgkQONu9yGCS
aT7svA/9HCRwW+pK3UpK1+0FK7gGH8DA3jSONj775zVEKhboDZNIwZsDqG0Ly+jm
/JejWXPKZlekaDXgzBfZY3H59xgij/VwYHe8p7cdxfi1TlhmAQwFjLNZnWav8as6
IyNkpsDJn8fMXmfHDi2u3cb8wrVi/aQDzTlwu88cUtREyZCaaYlo0Fdv9MJyhww/
p6LWPYQoZ8TmFY+Y/2ORVxFos2UVuU0hhhMdGt9LrX2WNEGRNUZUqmbhcXYfdsX0
ckSHbijIcWdcka3nQ6yOvdxw75rTqd8c/bP0y+yAteeJ0CykjVnI2cdK+M2ZEi4j
/JqpGJrRWhsZf5MiO8b3k+I1K62JDa1GYBQ9Amp8FKKzjYLPTNeFAP9IsMyDc4oi
oW98XM7XzoSEU9t/FSAIGT0hYK9k+lnPxw623LhxD6x3VPynnNAnQsLr+HirOgG6
mZ79L4ZFu3lUvVsCuCgKn/uxwDopUNlhqo5B2/4M2kSWwe2Xu5bExpGc2bT9xCOP
6fF9DmvmpG1UPGCXrOqaxemyEPmHqmyjKJpxDt6vZqlOL9vqHez4WmEEM1C+E2NZ
5VKKbBk/KZDxNX9EiFOtI2HRFb1cghoI2Hcb/QjRoB9Dv3a6cHgjxDl0eKm8SiDN
+1ytV0IFH3fT4aRiXJ7I3GBwkjKcDaX0sjYwtnCx9s5XZmm9PRQ=
=HAyL
-----END PGP SIGNATURE-----
Merge 5.10.54 into android12-5.10-lts
Changes in 5.10.54
igc: Fix use-after-free error during reset
igb: Fix use-after-free error during reset
igc: change default return of igc_read_phy_reg()
ixgbe: Fix an error handling path in 'ixgbe_probe()'
igc: Fix an error handling path in 'igc_probe()'
igb: Fix an error handling path in 'igb_probe()'
fm10k: Fix an error handling path in 'fm10k_probe()'
e1000e: Fix an error handling path in 'e1000_probe()'
iavf: Fix an error handling path in 'iavf_probe()'
igb: Check if num of q_vectors is smaller than max before array access
igb: Fix position of assignment to *ring
gve: Fix an error handling path in 'gve_probe()'
net: add kcov handle to skb extensions
bonding: fix suspicious RCU usage in bond_ipsec_add_sa()
bonding: fix null dereference in bond_ipsec_add_sa()
ixgbevf: use xso.real_dev instead of xso.dev in callback functions of struct xfrmdev_ops
bonding: fix suspicious RCU usage in bond_ipsec_del_sa()
bonding: disallow setting nested bonding + ipsec offload
bonding: Add struct bond_ipesc to manage SA
bonding: fix suspicious RCU usage in bond_ipsec_offload_ok()
bonding: fix incorrect return value of bond_ipsec_offload_ok()
ipv6: fix 'disable_policy' for fwd packets
stmmac: platform: Fix signedness bug in stmmac_probe_config_dt()
selftests: icmp_redirect: remove from checking for IPv6 route get
selftests: icmp_redirect: IPv6 PMTU info should be cleared after redirect
pwm: sprd: Ensure configuring period and duty_cycle isn't wrongly skipped
cxgb4: fix IRQ free race during driver unload
mptcp: fix warning in __skb_flow_dissect() when do syn cookie for subflow join
nvme-pci: do not call nvme_dev_remove_admin from nvme_remove
KVM: x86/pmu: Clear anythread deprecated bit when 0xa leaf is unsupported on the SVM
perf inject: Fix dso->nsinfo refcounting
perf map: Fix dso->nsinfo refcounting
perf probe: Fix dso->nsinfo refcounting
perf env: Fix sibling_dies memory leak
perf test session_topology: Delete session->evlist
perf test event_update: Fix memory leak of evlist
perf dso: Fix memory leak in dso__new_map()
perf test maps__merge_in: Fix memory leak of maps
perf env: Fix memory leak of cpu_pmu_caps
perf report: Free generated help strings for sort option
perf script: Fix memory 'threads' and 'cpus' leaks on exit
perf lzma: Close lzma stream on exit
perf probe-file: Delete namelist in del_events() on the error path
perf data: Close all files in close_dir()
perf sched: Fix record failure when CONFIG_SCHEDSTATS is not set
ASoC: wm_adsp: Correct wm_coeff_tlv_get handling
spi: imx: add a check for speed_hz before calculating the clock
spi: stm32: fixes pm_runtime calls in probe/remove
regulator: hi6421: Use correct variable type for regmap api val argument
regulator: hi6421: Fix getting wrong drvdata
spi: mediatek: fix fifo rx mode
ASoC: rt5631: Fix regcache sync errors on resume
bpf, test: fix NULL pointer dereference on invalid expected_attach_type
bpf: Fix tail_call_reachable rejection for interpreter when jit failed
xdp, net: Fix use-after-free in bpf_xdp_link_release
timers: Fix get_next_timer_interrupt() with no timers pending
liquidio: Fix unintentional sign extension issue on left shift of u16
s390/bpf: Perform r1 range checking before accessing jit->seen_reg[r1]
bpf, sockmap: Fix potential memory leak on unlikely error case
bpf, sockmap, tcp: sk_prot needs inuse_idx set for proc stats
bpf, sockmap, udp: sk_prot needs inuse_idx set for proc stats
bpftool: Check malloc return value in mount_bpffs_for_pin
net: fix uninit-value in caif_seqpkt_sendmsg
usb: hso: fix error handling code of hso_create_net_device
dma-mapping: handle vmalloc addresses in dma_common_{mmap,get_sgtable}
efi/tpm: Differentiate missing and invalid final event log table.
net: decnet: Fix sleeping inside in af_decnet
KVM: PPC: Book3S: Fix CONFIG_TRANSACTIONAL_MEM=n crash
KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak
net: sched: fix memory leak in tcindex_partial_destroy_work
sctp: trim optlen when it's a huge value in sctp_setsockopt
netrom: Decrease sock refcount when sock timers expire
scsi: iscsi: Fix iface sysfs attr detection
scsi: target: Fix protect handling in WRITE SAME(32)
spi: cadence: Correct initialisation of runtime PM again
ACPI: Kconfig: Fix table override from built-in initrd
bnxt_en: don't disable an already disabled PCI device
bnxt_en: Refresh RoCE capabilities in bnxt_ulp_probe()
bnxt_en: Add missing check for BNXT_STATE_ABORT_ERR in bnxt_fw_rset_task()
bnxt_en: Validate vlan protocol ID on RX packets
bnxt_en: Check abort error state in bnxt_half_open_nic()
net: hisilicon: rename CACHE_LINE_MASK to avoid redefinition
net/tcp_fastopen: fix data races around tfo_active_disable_stamp
ALSA: hda: intel-dsp-cfg: add missing ElkhartLake PCI ID
net: hns3: fix possible mismatches resp of mailbox
net: hns3: fix rx VLAN offload state inconsistent issue
spi: spi-bcm2835: Fix deadlock
net/sched: act_skbmod: Skip non-Ethernet packets
ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions
ceph: don't WARN if we're still opening a session to an MDS
nvme-pci: don't WARN_ON in nvme_reset_work if ctrl.state is not RESETTING
Revert "USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem"
afs: Fix tracepoint string placement with built-in AFS
r8169: Avoid duplicate sysfs entry creation error
nvme: set the PRACT bit when using Write Zeroes with T10 PI
sctp: update active_key for asoc when old key is being replaced
tcp: disable TFO blackhole logic by default
net: dsa: sja1105: make VID 4095 a bridge VLAN too
net: sched: cls_api: Fix the the wrong parameter
drm/panel: raspberrypi-touchscreen: Prevent double-free
cifs: only write 64kb at a time when fallocating a small region of a file
cifs: fix fallocate when trying to allocate a hole.
proc: Avoid mixing integer types in mem_rw()
mmc: core: Don't allocate IDA for OF aliases
s390/ftrace: fix ftrace_update_ftrace_func implementation
s390/boot: fix use of expolines in the DMA code
ALSA: usb-audio: Add missing proc text entry for BESPOKEN type
ALSA: usb-audio: Add registration quirk for JBL Quantum headsets
ALSA: sb: Fix potential ABBA deadlock in CSP driver
ALSA: hda/realtek: Fix pop noise and 2 Front Mic issues on a machine
ALSA: hdmi: Expose all pins on MSI MS-7C94 board
ALSA: pcm: Call substream ack() method upon compat mmap commit
ALSA: pcm: Fix mmap capability check
Revert "usb: renesas-xhci: Fix handling of unknown ROM state"
usb: xhci: avoid renesas_usb_fw.mem when it's unusable
xhci: Fix lost USB 2 remote wake
KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow
KVM: PPC: Book3S HV Nested: Sanitise H_ENTER_NESTED TM state
usb: hub: Disable USB 3 device initiated lpm if exit latency is too high
usb: hub: Fix link power management max exit latency (MEL) calculations
USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS
usb: max-3421: Prevent corruption of freed memory
usb: renesas_usbhs: Fix superfluous irqs happen after usb_pkt_pop()
USB: serial: option: add support for u-blox LARA-R6 family
USB: serial: cp210x: fix comments for GE CS1000
USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick
usb: gadget: Fix Unbalanced pm_runtime_enable in tegra_xudc_probe
usb: dwc2: gadget: Fix GOUTNAK flow for Slave mode.
usb: dwc2: gadget: Fix sending zero length packet in DDMA mode.
usb: typec: stusb160x: register role switch before interrupt registration
firmware/efi: Tell memblock about EFI iomem reservations
tracepoints: Update static_call before tp_funcs when adding a tracepoint
tracing/histogram: Rename "cpu" to "common_cpu"
tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop.
tracing: Synthetic event field_pos is an index not a boolean
btrfs: check for missing device in btrfs_trim_fs
media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf()
ixgbe: Fix packet corruption due to missing DMA sync
bus: mhi: core: Validate channel ID when processing command completions
posix-cpu-timers: Fix rearm racing against process tick
selftest: use mmap instead of posix_memalign to allocate memory
io_uring: explicitly count entries for poll reqs
io_uring: remove double poll entry on arm failure
userfaultfd: do not untag user pointers
memblock: make for_each_mem_range() traverse MEMBLOCK_HOTPLUG regions
hugetlbfs: fix mount mode command line processing
rbd: don't hold lock_rwsem while running_list is being drained
rbd: always kick acquire on "acquired" and "released" notifications
misc: eeprom: at24: Always append device id even if label property is set.
nds32: fix up stack guard gap
driver core: Prevent warning when removing a device link from unregistered consumer
drm: Return -ENOTTY for non-drm ioctls
drm/amdgpu: update golden setting for sienna_cichlid
net: dsa: mv88e6xxx: enable SerDes RX stats for Topaz
net: dsa: mv88e6xxx: enable SerDes PCS register dump via ethtool -d on Topaz
PCI: Mark AMD Navi14 GPU ATS as broken
bonding: fix build issue
skbuff: Release nfct refcount on napi stolen or re-used skbs
Documentation: Fix intiramfs script name
perf inject: Close inject.output on exit
usb: ehci: Prevent missed ehci interrupts with edge-triggered MSI
drm/i915/gvt: Clear d3_entered on elsp cmd submission.
sfc: ensure correct number of XDP queues
xhci: add xhci_get_virt_ep() helper
skbuff: Fix build with SKB extensions disabled
Linux 5.10.54
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ifd2823b47ab1544cd1f168b138624ffe060a471e
[ Upstream commit d238692b4b ]
Use size_t when capping the count argument received by mem_rw(). Since
count is size_t, using min_t(int, ...) can lead to a negative value
that will later be passed to access_remote_vm(), which can cause
unexpected behavior.
Since we are capping the value to at maximum PAGE_SIZE, the conversion
from size_t to int when passing it to access_remote_vm() as "len"
shouldn't be a problem.
Link: https://lkml.kernel.org/r/20210512125215.3348316-1-marcelo.cerri@canonical.com
Reviewed-by: David Disseldorp <ddiss@suse.de>
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
Signed-off-by: Marcelo Henrique Cerri <marcelo.cerri@canonical.com>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Souza Cascardo <cascardo@canonical.com>
Cc: Christian Brauner <christian.brauner@ubuntu.com>
Cc: Michel Lespinasse <walken@google.com>
Cc: Helge Deller <deller@gmx.de>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Lorenzo Stoakes <lstoakes@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmDu+1UACgkQONu9yGCS
aT7jQRAAuLDi7ejk3JUameYFMzVXGAUE6yPs392/lWJzey7IBf+2uLqz4FzqqUHp
U1GkEKJVaCacEfi0+rpi7BxNFljUdZdg/F/P68ARtAWPvwqAeJ4QIh5u3A682UUO
1M5h6e5/oY9F4kQIb5Kot04avqOeR6lTqrkA8jeP5h43ngyLWuS2d+5oOGmbCukS
UgEaCC6CiKjcN51UUTj/fXMQ0X4IDHP5pD8rWwH0IvK0i7gduvk744un8LVB6aW1
rNV88C3BEFFtkPQh2XySnXM5Ok8kYlhFoTDsqlpeAX7pA8hiUPYBoRzTg0MJtPZn
N1L/Yqhvxmn5xs9HAw7mDOo8E8NWXzsT5FvZVaBeiCgtdKmcPszylXqmSt1oiOb0
/EmkCWmlbG/3qWql24+LU4XP36iVPx32HQxAgg2XbnlNU5o0E1y2F98p6p/3JSWX
NAjHtmg/MxueFQ+w8bDzhO8YzYn1dIU3V3qaXRvtpODrmaSYW+bwCyPtSjXe3/vL
604zb3dOg9+tD/gKqfRb/UPMu24nNll8M/gnSRci05/thmIxwtYudPwoLNSejDqr
e+a8vejISfIyp41XrpYQbUeKs1WOA+A7vgx6CZrT791afiT+6UgC/ecQfg1NFxhs
8ayWpocaIszxyXxVGro1rfwZeQmTlbTCZ5wVdpn9sDPZfI7epts=
=FCrA
-----END PGP SIGNATURE-----
Merge 5.10.50 into android12-5.10-lts
Changes in 5.10.50
Bluetooth: hci_qca: fix potential GPF
Bluetooth: btqca: Don't modify firmware contents in-place
Bluetooth: Remove spurious error message
ALSA: usb-audio: fix rate on Ozone Z90 USB headset
ALSA: usb-audio: Fix OOB access at proc output
ALSA: firewire-motu: fix stream format for MOTU 8pre FireWire
ALSA: usb-audio: scarlett2: Fix wrong resume call
ALSA: intel8x0: Fix breakage at ac97 clock measurement
ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 450 G8
ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 445 G8
ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 630 G8
ALSA: hda/realtek: Add another ALC236 variant support
ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook x360 830 G8
ALSA: hda/realtek: Improve fixup for HP Spectre x360 15-df0xxx
ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D
ALSA: hda/realtek: Apply LED fixup for HP Dragonfly G1, too
ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook 830 G8 Notebook PC
media: dvb-usb: fix wrong definition
Input: usbtouchscreen - fix control-request directions
net: can: ems_usb: fix use-after-free in ems_usb_disconnect()
usb: gadget: eem: fix echo command packet response issue
usb: renesas-xhci: Fix handling of unknown ROM state
USB: cdc-acm: blacklist Heimann USB Appset device
usb: dwc3: Fix debugfs creation flow
usb: typec: Add the missed altmode_id_remove() in typec_register_altmode()
xhci: solve a double free problem while doing s4
gfs2: Fix underflow in gfs2_page_mkwrite
gfs2: Fix error handling in init_statfs
ntfs: fix validity check for file name attribute
selftests/lkdtm: Avoid needing explicit sub-shell
copy_page_to_iter(): fix ITER_DISCARD case
iov_iter_fault_in_readable() should do nothing in xarray case
Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl
crypto: nx - Fix memcpy() over-reading in nonce
crypto: ccp - Annotate SEV Firmware file names
arm_pmu: Fix write counter incorrect in ARMv7 big-endian mode
ARM: dts: ux500: Fix LED probing
ARM: dts: at91: sama5d4: fix pinctrl muxing
btrfs: send: fix invalid path for unlink operations after parent orphanization
btrfs: compression: don't try to compress if we don't have enough pages
btrfs: clear defrag status of a root if starting transaction fails
ext4: cleanup in-core orphan list if ext4_truncate() failed to get a transaction handle
ext4: fix kernel infoleak via ext4_extent_header
ext4: fix overflow in ext4_iomap_alloc()
ext4: return error code when ext4_fill_flex_info() fails
ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit
ext4: remove check for zero nr_to_scan in ext4_es_scan()
ext4: fix avefreec in find_group_orlov
ext4: use ext4_grp_locked_error in mb_find_extent
can: bcm: delay release of struct bcm_op after synchronize_rcu()
can: gw: synchronize rcu operations before removing gw job entry
can: isotp: isotp_release(): omit unintended hrtimer restart on socket release
can: j1939: j1939_sk_init(): set SOCK_RCU_FREE to call sk_destruct() after RCU is done
can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path
mac80211: remove iwlwifi specific workaround that broke sta NDP tx
SUNRPC: Fix the batch tasks count wraparound.
SUNRPC: Should wake up the privileged task firstly.
bus: mhi: Wait for M2 state during system resume
mm/gup: fix try_grab_compound_head() race with split_huge_page()
perf/smmuv3: Don't trample existing events with global filter
KVM: nVMX: Handle split-lock #AC exceptions that happen in L2
KVM: PPC: Book3S HV: Workaround high stack usage with clang
KVM: x86/mmu: Treat NX as used (not reserved) for all !TDP shadow MMUs
KVM: x86/mmu: Use MMU's role to detect CR4.SMEP value in nested NPT walk
s390/cio: dont call css_wait_for_slow_path() inside a lock
s390: mm: Fix secure storage access exception handling
f2fs: Prevent swap file in LFS mode
clk: agilex/stratix10/n5x: fix how the bypass_reg is handled
clk: agilex/stratix10: remove noc_clk
clk: agilex/stratix10: fix bypass representation
rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path
iio: frequency: adf4350: disable reg and clk on error in adf4350_probe()
iio: light: tcs3472: do not free unallocated IRQ
iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too
iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR
iio: ltr501: ltr501_read_ps(): add missing endianness conversion
iio: accel: bma180: Fix BMA25x bandwidth register values
serial: mvebu-uart: fix calculation of clock divisor
serial: sh-sci: Stop dmaengine transfer in sci_stop_tx()
serial_cs: Add Option International GSM-Ready 56K/ISDN modem
serial_cs: remove wrong GLOBETROTTER.cis entry
ath9k: Fix kernel NULL pointer dereference during ath_reset_internal()
ssb: sdio: Don't overwrite const buffer if block_write fails
rsi: Assign beacon rate settings to the correct rate_info descriptor field
rsi: fix AP mode with WPA failure due to encrypted EAPOL
tracing/histograms: Fix parsing of "sym-offset" modifier
tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing
seq_buf: Make trace_seq_putmem_hex() support data longer than 8
powerpc/stacktrace: Fix spurious "stale" traces in raise_backtrace_ipi()
loop: Fix missing discard support when using LOOP_CONFIGURE
evm: Execute evm_inode_init_security() only when an HMAC key is loaded
evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loaded
fuse: Fix crash in fuse_dentry_automount() error path
fuse: Fix crash if superblock of submount gets killed early
fuse: Fix infinite loop in sget_fc()
fuse: ignore PG_workingset after stealing
fuse: check connected before queueing on fpq->io
fuse: reject internal errno
thermal/cpufreq_cooling: Update offline CPUs per-cpu thermal_pressure
spi: Make of_register_spi_device also set the fwnode
Add a reference to ucounts for each cred
staging: media: rkvdec: fix pm_runtime_get_sync() usage count
media: marvel-ccic: fix some issues when getting pm_runtime
media: mdk-mdp: fix pm_runtime_get_sync() usage count
media: s5p: fix pm_runtime_get_sync() usage count
media: am437x: fix pm_runtime_get_sync() usage count
media: sh_vou: fix pm_runtime_get_sync() usage count
media: mtk-vcodec: fix PM runtime get logic
media: s5p-jpeg: fix pm_runtime_get_sync() usage count
media: sunxi: fix pm_runtime_get_sync() usage count
media: sti/bdisp: fix pm_runtime_get_sync() usage count
media: exynos4-is: fix pm_runtime_get_sync() usage count
media: exynos-gsc: fix pm_runtime_get_sync() usage count
spi: spi-loopback-test: Fix 'tx_buf' might be 'rx_buf'
spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages()
spi: omap-100k: Fix the length judgment problem
regulator: uniphier: Add missing MODULE_DEVICE_TABLE
sched/core: Initialize the idle task with preemption disabled
hwrng: exynos - Fix runtime PM imbalance on error
crypto: nx - add missing MODULE_DEVICE_TABLE
media: sti: fix obj-$(config) targets
media: cpia2: fix memory leak in cpia2_usb_probe
media: cobalt: fix race condition in setting HPD
media: hevc: Fix dependent slice segment flags
media: pvrusb2: fix warning in pvr2_i2c_core_done
media: imx: imx7_mipi_csis: Fix logging of only error event counters
crypto: qat - check return code of qat_hal_rd_rel_reg()
crypto: qat - remove unused macro in FW loader
crypto: qce: skcipher: Fix incorrect sg count for dma transfers
arm64: perf: Convert snprintf to sysfs_emit
sched/fair: Fix ascii art by relpacing tabs
media: i2c: ov2659: Use clk_{prepare_enable,disable_unprepare}() to set xvclk on/off
media: bt878: do not schedule tasklet when it is not setup
media: em28xx: Fix possible memory leak of em28xx struct
media: hantro: Fix .buf_prepare
media: cedrus: Fix .buf_prepare
media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release
media: bt8xx: Fix a missing check bug in bt878_probe
media: st-hva: Fix potential NULL pointer dereferences
crypto: hisilicon/sec - fixup 3des minimum key size declaration
Makefile: fix GDB warning with CONFIG_RELR
media: dvd_usb: memory leak in cinergyt2_fe_attach
memstick: rtsx_usb_ms: fix UAF
mmc: sdhci-sprd: use sdhci_sprd_writew
mmc: via-sdmmc: add a check against NULL pointer dereference
spi: meson-spicc: fix a wrong goto jump for avoiding memory leak.
spi: meson-spicc: fix memory leak in meson_spicc_probe
crypto: shash - avoid comparing pointers to exported functions under CFI
media: dvb_net: avoid speculation from net slot
media: siano: fix device register error path
media: imx-csi: Skip first few frames from a BT.656 source
hwmon: (max31790) Report correct current pwm duty cycles
hwmon: (max31790) Fix pwmX_enable attributes
drivers/perf: fix the missed ida_simple_remove() in ddr_perf_probe()
KVM: PPC: Book3S HV: Fix TLB management on SMT8 POWER9 and POWER10 processors
btrfs: fix error handling in __btrfs_update_delayed_inode
btrfs: abort transaction if we fail to update the delayed inode
btrfs: sysfs: fix format string for some discard stats
btrfs: don't clear page extent mapped if we're not invalidating the full page
btrfs: disable build on platforms having page size 256K
locking/lockdep: Fix the dep path printing for backwards BFS
lockding/lockdep: Avoid to find wrong lock dep path in check_irq_usage()
KVM: s390: get rid of register asm usage
regulator: mt6358: Fix vdram2 .vsel_mask
regulator: da9052: Ensure enough delay time for .set_voltage_time_sel
media: Fix Media Controller API config checks
ACPI: video: use native backlight for GA401/GA502/GA503
HID: do not use down_interruptible() when unbinding devices
EDAC/ti: Add missing MODULE_DEVICE_TABLE
ACPI: processor idle: Fix up C-state latency if not ordered
hv_utils: Fix passing zero to 'PTR_ERR' warning
lib: vsprintf: Fix handling of number field widths in vsscanf
Input: goodix - platform/x86: touchscreen_dmi - Move upside down quirks to touchscreen_dmi.c
platform/x86: touchscreen_dmi: Add an extra entry for the upside down Goodix touchscreen on Teclast X89 tablets
platform/x86: touchscreen_dmi: Add info for the Goodix GT912 panel of TM800A550L tablets
ACPI: EC: Make more Asus laptops use ECDT _GPE
block_dump: remove block_dump feature in mark_inode_dirty()
blk-mq: grab rq->refcount before calling ->fn in blk_mq_tagset_busy_iter
blk-mq: clear stale request in tags->rq[] before freeing one request pool
fs: dlm: cancel work sync othercon
random32: Fix implicit truncation warning in prandom_seed_state()
open: don't silently ignore unknown O-flags in openat2()
drivers: hv: Fix missing error code in vmbus_connect()
fs: dlm: fix memory leak when fenced
ACPICA: Fix memory leak caused by _CID repair function
ACPI: bus: Call kobject_put() in acpi_init() error path
ACPI: resources: Add checks for ACPI IRQ override
block: fix race between adding/removing rq qos and normal IO
platform/x86: asus-nb-wmi: Revert "Drop duplicate DMI quirk structures"
platform/x86: asus-nb-wmi: Revert "add support for ASUS ROG Zephyrus G14 and G15"
platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard()
nvme-pci: fix var. type for increasing cq_head
nvmet-fc: do not check for invalid target port in nvmet_fc_handle_fcp_rqst()
EDAC/Intel: Do not load EDAC driver when running as a guest
PCI: hv: Add check for hyperv_initialized in init_hv_pci_drv()
cifs: improve fallocate emulation
ACPI: EC: trust DSDT GPE for certain HP laptop
clocksource: Retry clock read if long delays detected
clocksource: Check per-CPU clock synchronization when marked unstable
tpm_tis_spi: add missing SPI device ID entries
ACPI: tables: Add custom DSDT file as makefile prerequisite
HID: wacom: Correct base usage for capacitive ExpressKey status bits
cifs: fix missing spinlock around update to ses->status
mailbox: qcom: Use PLATFORM_DEVID_AUTO to register platform device
block: fix discard request merge
kthread_worker: fix return value when kthread_mod_delayed_work() races with kthread_cancel_delayed_work_sync()
ia64: mca_drv: fix incorrect array size calculation
writeback, cgroup: increment isw_nr_in_flight before grabbing an inode
spi: Allow to have all native CSs in use along with GPIOs
spi: Avoid undefined behaviour when counting unused native CSs
media: venus: Rework error fail recover logic
media: s5p_cec: decrement usage count if disabled
media: hantro: do a PM resume earlier
crypto: ixp4xx - dma_unmap the correct address
crypto: ixp4xx - update IV after requests
crypto: ux500 - Fix error return code in hash_hw_final()
sata_highbank: fix deferred probing
pata_rb532_cf: fix deferred probing
media: I2C: change 'RST' to "RSET" to fix multiple build errors
sched/uclamp: Fix wrong implementation of cpu.uclamp.min
sched/uclamp: Fix locking around cpu_util_update_eff()
kbuild: Fix objtool dependency for 'OBJECT_FILES_NON_STANDARD_<obj> := n'
pata_octeon_cf: avoid WARN_ON() in ata_host_activate()
evm: fix writing <securityfs>/evm overflow
x86/elf: Use _BITUL() macro in UAPI headers
crypto: sa2ul - Fix leaks on failure paths with sa_dma_init()
crypto: sa2ul - Fix pm_runtime enable in sa_ul_probe()
crypto: ccp - Fix a resource leak in an error handling path
media: rc: i2c: Fix an error message
pata_ep93xx: fix deferred probing
locking/lockdep: Reduce LOCKDEP dependency list
media: rkvdec: Fix .buf_prepare
media: exynos4-is: Fix a use after free in isp_video_release
media: au0828: fix a NULL vs IS_ERR() check
media: tc358743: Fix error return code in tc358743_probe_of()
media: gspca/gl860: fix zero-length control requests
m68k: atari: Fix ATARI_KBD_CORE kconfig unmet dependency warning
media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2()
regulator: fan53880: Fix vsel_mask setting for FAN53880_BUCK
crypto: nitrox - fix unchecked variable in nitrox_register_interrupts
crypto: omap-sham - Fix PM reference leak in omap sham ops
crypto: x86/curve25519 - fix cpu feature checking logic in mod_exit
crypto: sm2 - remove unnecessary reset operations
crypto: sm2 - fix a memory leak in sm2
mmc: usdhi6rol0: fix error return code in usdhi6_probe()
arm64: consistently use reserved_pg_dir
arm64/mm: Fix ttbr0 values stored in struct thread_info for software-pan
media: subdev: remove VIDIOC_DQEVENT_TIME32 handling
media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx
hwmon: (lm70) Use device_get_match_data()
hwmon: (lm70) Revert "hwmon: (lm70) Add support for ACPI"
hwmon: (max31722) Remove non-standard ACPI device IDs
hwmon: (max31790) Fix fan speed reporting for fan7..12
KVM: nVMX: Sync all PGDs on nested transition with shadow paging
KVM: nVMX: Ensure 64-bit shift when checking VMFUNC bitmap
KVM: nVMX: Don't clobber nested MMU's A/D status on EPTP switch
KVM: x86/mmu: Fix return value in tdp_mmu_map_handle_target_level()
perf/arm-cmn: Fix invalid pointer when access dtc object sharing the same IRQ number
KVM: arm64: Don't zero the cycle count register when PMCR_EL0.P is set
regulator: hi655x: Fix pass wrong pointer to config.driver_data
btrfs: clear log tree recovering status if starting transaction fails
x86/sev: Make sure IRQs are disabled while GHCB is active
x86/sev: Split up runtime #VC handler for correct state tracking
sched/rt: Fix RT utilization tracking during policy change
sched/rt: Fix Deadline utilization tracking during policy change
sched/uclamp: Fix uclamp_tg_restrict()
lockdep: Fix wait-type for empty stack
lockdep/selftests: Fix selftests vs PROVE_RAW_LOCK_NESTING
spi: spi-sun6i: Fix chipselect/clock bug
crypto: nx - Fix RCU warning in nx842_OF_upd_status
psi: Fix race between psi_trigger_create/destroy
media: v4l2-async: Clean v4l2_async_notifier_add_fwnode_remote_subdev
media: video-mux: Skip dangling endpoints
PM / devfreq: Add missing error code in devfreq_add_device()
ACPI: PM / fan: Put fan device IDs into separate header file
block: avoid double io accounting for flush request
nvme-pci: look for StorageD3Enable on companion ACPI device instead
ACPI: sysfs: Fix a buffer overrun problem with description_show()
mark pstore-blk as broken
clocksource/drivers/timer-ti-dm: Save and restore timer TIOCP_CFG
extcon: extcon-max8997: Fix IRQ freeing at error path
ACPI: APEI: fix synchronous external aborts in user-mode
blk-wbt: introduce a new disable state to prevent false positive by rwb_enabled()
blk-wbt: make sure throttle is enabled properly
ACPI: Use DEVICE_ATTR_<RW|RO|WO> macros
ACPI: bgrt: Fix CFI violation
cpufreq: Make cpufreq_online() call driver->offline() on errors
blk-mq: update hctx->dispatch_busy in case of real scheduler
ocfs2: fix snprintf() checking
dax: fix ENOMEM handling in grab_mapping_entry()
mm/debug_vm_pgtable/basic: add validation for dirtiness after write protect
mm/debug_vm_pgtable/basic: iterate over entire protection_map[]
mm/debug_vm_pgtable: ensure THP availability via has_transparent_hugepage()
swap: fix do_swap_page() race with swapoff
mm/shmem: fix shmem_swapin() race with swapoff
mm: memcg/slab: properly set up gfp flags for objcg pointer array
mm: page_alloc: refactor setup_per_zone_lowmem_reserve()
mm/page_alloc: fix counting of managed_pages
xfrm: xfrm_state_mtu should return at least 1280 for ipv6
drm/bridge/sii8620: fix dependency on extcon
drm/bridge: Fix the stop condition of drm_bridge_chain_pre_enable()
drm/amd/dc: Fix a missing check bug in dm_dp_mst_detect()
drm/ast: Fix missing conversions to managed API
video: fbdev: imxfb: Fix an error message
net: mvpp2: Put fwnode in error case during ->probe()
net: pch_gbe: Propagate error from devm_gpio_request_one()
pinctrl: renesas: r8a7796: Add missing bias for PRESET# pin
pinctrl: renesas: r8a77990: JTAG pins do not have pull-down capabilities
drm/vmwgfx: Mark a surface gpu-dirty after the SVGA3dCmdDXGenMips command
drm/vmwgfx: Fix cpu updates of coherent multisample surfaces
net: qrtr: ns: Fix error return code in qrtr_ns_init()
clk: meson: g12a: fix gp0 and hifi ranges
net: ftgmac100: add missing error return code in ftgmac100_probe()
drm: rockchip: set alpha_en to 0 if it is not used
drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write()
drm/rockchip: dsi: move all lane config except LCDC mux to bind()
drm/rockchip: lvds: Fix an error handling path
drm/rockchip: cdn-dp: fix sign extension on an int multiply for a u64 result
mptcp: fix pr_debug in mptcp_token_new_connect
mptcp: generate subflow hmac after mptcp_finish_join()
RDMA/srp: Fix a recently introduced memory leak
RDMA/rtrs-clt: Check state of the rtrs_clt_sess before reading its stats
RDMA/rtrs: Do not reset hb_missed_max after re-connection
RDMA/rtrs-srv: Fix memory leak of unfreed rtrs_srv_stats object
RDMA/rtrs-srv: Fix memory leak when having multiple sessions
RDMA/rtrs-clt: Check if the queue_depth has changed during a reconnection
RDMA/rtrs-clt: Fix memory leak of not-freed sess->stats and stats->pcpu_stats
ehea: fix error return code in ehea_restart_qps()
clk: tegra30: Use 300MHz for video decoder by default
xfrm: remove the fragment check for ipv6 beet mode
net/sched: act_vlan: Fix modify to allow 0
RDMA/core: Sanitize WQ state received from the userspace
drm/pl111: depend on CONFIG_VEXPRESS_CONFIG
RDMA/rxe: Fix failure during driver load
drm/pl111: Actually fix CONFIG_VEXPRESS_CONFIG depends
drm/vc4: hdmi: Fix error path of hpd-gpios
clk: vc5: fix output disabling when enabling a FOD
drm: qxl: ensure surf.data is ininitialized
tools/bpftool: Fix error return code in do_batch()
ath10k: go to path err_unsupported when chip id is not supported
ath10k: add missing error return code in ath10k_pci_probe()
wireless: carl9170: fix LEDS build errors & warnings
ieee802154: hwsim: Fix possible memory leak in hwsim_subscribe_all_others
clk: imx8mq: remove SYS PLL 1/2 clock gates
wcn36xx: Move hal_buf allocation to devm_kmalloc in probe
ssb: Fix error return code in ssb_bus_scan()
brcmfmac: fix setting of station info chains bitmask
brcmfmac: correctly report average RSSI in station info
brcmfmac: Fix a double-free in brcmf_sdio_bus_reset
brcmsmac: mac80211_if: Fix a resource leak in an error handling path
cw1200: Revert unnecessary patches that fix unreal use-after-free bugs
ath11k: Fix an error handling path in ath11k_core_fetch_board_data_api_n()
ath10k: Fix an error code in ath10k_add_interface()
ath11k: send beacon template after vdev_start/restart during csa
netlabel: Fix memory leak in netlbl_mgmt_add_common
RDMA/mlx5: Don't add slave port to unaffiliated list
netfilter: nft_exthdr: check for IPv6 packet before further processing
netfilter: nft_osf: check for TCP packet before further processing
netfilter: nft_tproxy: restrict support to TCP and UDP transport protocols
RDMA/rxe: Fix qp reference counting for atomic ops
selftests/bpf: Whitelist test_progs.h from .gitignore
xsk: Fix missing validation for skb and unaligned mode
xsk: Fix broken Tx ring validation
bpf: Fix libelf endian handling in resolv_btfids
RDMA/rtrs-srv: Set minimal max_send_wr and max_recv_wr
samples/bpf: Fix Segmentation fault for xdp_redirect command
samples/bpf: Fix the error return code of xdp_redirect's main()
mt76: fix possible NULL pointer dereference in mt76_tx
mt76: mt7615: fix NULL pointer dereference in tx_prepare_skb()
net: ethernet: aeroflex: fix UAF in greth_of_remove
net: ethernet: ezchip: fix UAF in nps_enet_remove
net: ethernet: ezchip: fix error handling
vrf: do not push non-ND strict packets with a source LLA through packet taps again
net: sched: add barrier to ensure correct ordering for lockless qdisc
tls: prevent oversized sendfile() hangs by ignoring MSG_MORE
netfilter: nf_tables_offload: check FLOW_DISSECTOR_KEY_BASIC in VLAN transfer logic
pkt_sched: sch_qfq: fix qfq_change_class() error path
xfrm: Fix xfrm offload fallback fail case
iwlwifi: increase PNVM load timeout
rtw88: 8822c: fix lc calibration timing
vxlan: add missing rcu_read_lock() in neigh_reduce()
ip6_tunnel: fix GRE6 segmentation
net/ipv4: swap flow ports when validating source
net: ti: am65-cpsw-nuss: Fix crash when changing number of TX queues
tc-testing: fix list handling
ieee802154: hwsim: Fix memory leak in hwsim_add_one
ieee802154: hwsim: avoid possible crash in hwsim_del_edge_nl()
bpf: Fix null ptr deref with mixed tail calls and subprogs
drm/msm: Fix error return code in msm_drm_init()
drm/msm/dpu: Fix error return code in dpu_mdss_init()
mac80211: remove iwlwifi specific workaround NDPs of null_response
net: bcmgenet: Fix attaching to PYH failed on RPi 4B
ipv6: exthdrs: do not blindly use init_net
can: j1939: j1939_sk_setsockopt(): prevent allocation of j1939 filter for optlen == 0
bpf: Do not change gso_size during bpf_skb_change_proto()
i40e: Fix error handling in i40e_vsi_open
i40e: Fix autoneg disabling for non-10GBaseT links
i40e: Fix missing rtnl locking when setting up pf switch
Revert "ibmvnic: remove duplicate napi_schedule call in open function"
ibmvnic: set ltb->buff to NULL after freeing
ibmvnic: free tx_pool if tso_pool alloc fails
RDMA/cma: Protect RMW with qp_mutex
net: macsec: fix the length used to copy the key for offloading
net: phy: mscc: fix macsec key length
net: atlantic: fix the macsec key length
ipv6: fix out-of-bound access in ip6_parse_tlv()
e1000e: Check the PCIm state
net: dsa: sja1105: fix NULL pointer dereference in sja1105_reload_cbs()
bpfilter: Specify the log level for the kmsg message
RDMA/cma: Fix incorrect Packet Lifetime calculation
gve: Fix swapped vars when fetching max queues
Revert "be2net: disable bh with spin_lock in be_process_mcc"
Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid
Bluetooth: Fix not sending Set Extended Scan Response
Bluetooth: Fix Set Extended (Scan Response) Data
Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event
clk: actions: Fix UART clock dividers on Owl S500 SoC
clk: actions: Fix SD clocks factor table on Owl S500 SoC
clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC
clk: actions: Fix AHPPREDIV-H-AHB clock chain on Owl S500 SoC
clk: qcom: clk-alpha-pll: fix CAL_L write in alpha_pll_fabia_prepare
clk: si5341: Wait for DEVICE_READY on startup
clk: si5341: Avoid divide errors due to bogus register contents
clk: si5341: Check for input clock presence and PLL lock on startup
clk: si5341: Update initialization magic
writeback: fix obtain a reference to a freeing memcg css
net: lwtunnel: handle MTU calculation in forwading
net: sched: fix warning in tcindex_alloc_perfect_hash
net: tipc: fix FB_MTU eat two pages
RDMA/mlx5: Don't access NULL-cleared mpi pointer
RDMA/core: Always release restrack object
MIPS: Fix PKMAP with 32-bit MIPS huge page support
staging: fbtft: Rectify GPIO handling
staging: fbtft: Don't spam logs when probe is deferred
ASoC: rt5682: Disable irq on shutdown
rcu: Invoke rcu_spawn_core_kthreads() from rcu_spawn_gp_kthread()
serial: fsl_lpuart: don't modify arbitrary data on lpuart32
serial: fsl_lpuart: remove RTSCTS handling from get_mctrl()
serial: 8250_omap: fix a timeout loop condition
tty: nozomi: Fix a resource leak in an error handling function
mwifiex: re-fix for unaligned accesses
iio: adis_buffer: do not return ints in irq handlers
iio: adis16400: do not return ints in irq handlers
iio: adis16475: do not return ints in irq handlers
iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: accel: mxc4005: Fix overread of data and alignment issue.
iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: magn: hmc5843: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: magn: bmc150: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: chemical: atlas: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: cros_ec_sensors: Fix alignment of buffer in iio_push_to_buffers_with_timestamp()
iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp()
ASoC: rk3328: fix missing clk_disable_unprepare() on error in rk3328_platform_probe()
ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup()
backlight: lm3630a_bl: Put fwnode in error case during ->probe()
ASoC: rsnd: tidyup loop on rsnd_adg_clk_query()
Input: hil_kbd - fix error return code in hil_dev_connect()
perf scripting python: Fix tuple_set_u64()
mtd: partitions: redboot: seek fis-index-block in the right node
mtd: rawnand: arasan: Ensure proper configuration for the asserted target
staging: mmal-vchiq: Fix incorrect static vchiq_instance.
char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol()
firmware: stratix10-svc: Fix a resource leak in an error handling path
tty: nozomi: Fix the error handling path of 'nozomi_card_init()'
leds: class: The -ENOTSUPP should never be seen by user space
leds: lm3532: select regmap I2C API
leds: lm36274: Put fwnode in error case during ->probe()
leds: lm3692x: Put fwnode in any case during ->probe()
leds: lm3697: Don't spam logs when probe is deferred
leds: lp50xx: Put fwnode in error case during ->probe()
scsi: FlashPoint: Rename si_flags field
scsi: iscsi: Flush block work before unblock
mfd: mp2629: Select MFD_CORE to fix build error
mfd: rn5t618: Fix IRQ trigger by changing it to level mode
fsi: core: Fix return of error values on failures
fsi: scom: Reset the FSI2PIB engine for any error
fsi: occ: Don't accept response from un-initialized OCC
fsi/sbefifo: Clean up correct FIFO when receiving reset request from SBE
fsi/sbefifo: Fix reset timeout
visorbus: fix error return code in visorchipset_init()
iommu/amd: Fix extended features logging
s390/irq: select HAVE_IRQ_EXIT_ON_IRQ_STACK
s390: enable HAVE_IOREMAP_PROT
s390: appldata depends on PROC_SYSCTL
selftests: splice: Adjust for handler fallback removal
iommu/dma: Fix IOVA reserve dma ranges
ASoC: max98373-sdw: use first_hw_init flag on resume
ASoC: rt1308-sdw: use first_hw_init flag on resume
ASoC: rt5682-sdw: use first_hw_init flag on resume
ASoC: rt700-sdw: use first_hw_init flag on resume
ASoC: rt711-sdw: use first_hw_init flag on resume
ASoC: rt715-sdw: use first_hw_init flag on resume
ASoC: rt5682: fix getting the wrong device id when the suspend_stress_test
ASoC: rt5682-sdw: set regcache_cache_only false before reading RT5682_DEVICE_ID
ASoC: mediatek: mtk-btcvsd: Fix an error handling path in 'mtk_btcvsd_snd_probe()'
usb: gadget: f_fs: Fix setting of device and driver data cross-references
usb: dwc2: Don't reset the core after setting turnaround time
eeprom: idt_89hpesx: Put fwnode in matching case during ->probe()
eeprom: idt_89hpesx: Restore printing the unsupported fwnode name
thunderbolt: Bond lanes only when dual_link_port != NULL in alloc_dev_default()
iio: adc: at91-sama5d2: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp()
iio: magn: rm3100: Fix alignment of buffer in iio_push_to_buffers_with_timestamp()
iio: light: vcnl4000: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
ASoC: fsl_spdif: Fix error handler with pm_runtime_enable
staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt()
staging: gdm724x: check for overflow in gdm_lte_netif_rx()
staging: rtl8712: fix error handling in r871xu_drv_init
staging: rtl8712: fix memory leak in rtl871x_load_fw_cb
coresight: core: Fix use of uninitialized pointer
staging: mt7621-dts: fix pci address for PCI memory range
serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates
iio: light: vcnl4035: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK
of: Fix truncation of memory sizes on 32-bit platforms
mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume()
habanalabs: Fix an error handling path in 'hl_pci_probe()'
scsi: mpt3sas: Fix error return value in _scsih_expander_add()
soundwire: stream: Fix test for DP prepare complete
phy: uniphier-pcie: Fix updating phy parameters
phy: ti: dm816x: Fix the error handling path in 'dm816x_usb_phy_probe()
extcon: sm5502: Drop invalid register write in sm5502_reg_data
extcon: max8997: Add missing modalias string
powerpc/powernv: Fix machine check reporting of async store errors
ASoC: atmel-i2s: Fix usage of capture and playback at the same time
configfs: fix memleak in configfs_release_bin_file
ASoC: Intel: sof_sdw: add SOF_RT715_DAI_ID_FIX for AlderLake
ASoC: fsl_spdif: Fix unexpected interrupt after suspend
leds: as3645a: Fix error return code in as3645a_parse_node()
leds: ktd2692: Fix an error handling path
selftests/ftrace: fix event-no-pid on 1-core machine
serial: 8250: 8250_omap: Disable RX interrupt after DMA enable
serial: 8250: 8250_omap: Fix possible interrupt storm on K3 SoCs
powerpc: Offline CPU in stop_this_cpu()
powerpc/papr_scm: Properly handle UUID types and API
powerpc/64s: Fix copy-paste data exposure into newly created tasks
powerpc/papr_scm: Make 'perf_stats' invisible if perf-stats unavailable
ALSA: firewire-lib: Fix 'amdtp_domain_start()' when no AMDTP_OUT_STREAM stream is found
serial: mvebu-uart: do not allow changing baudrate when uartclk is not available
serial: mvebu-uart: correctly calculate minimal possible baudrate
arm64: dts: marvell: armada-37xx: Fix reg for standard variant of UART
vfio/pci: Handle concurrent vma faults
mm/pmem: avoid inserting hugepage PTE entry with fsdax if hugepage support is disabled
mm/huge_memory.c: remove dedicated macro HPAGE_CACHE_INDEX_MASK
mm/huge_memory.c: add missing read-only THP checking in transparent_hugepage_enabled()
mm/huge_memory.c: don't discard hugepage if other processes are mapping it
mm/hugetlb: use helper huge_page_order and pages_per_huge_page
mm/hugetlb: remove redundant check in preparing and destroying gigantic page
hugetlb: remove prep_compound_huge_page cleanup
include/linux/huge_mm.h: remove extern keyword
mm/z3fold: fix potential memory leak in z3fold_destroy_pool()
mm/z3fold: use release_z3fold_page_locked() to release locked z3fold page
lib/math/rational.c: fix divide by zero
selftests/vm/pkeys: fix alloc_random_pkey() to make it really, really random
selftests/vm/pkeys: handle negative sys_pkey_alloc() return code
selftests/vm/pkeys: refill shadow register after implicit kernel write
perf llvm: Return -ENOMEM when asprintf() fails
csky: fix syscache.c fallthrough warning
csky: syscache: Fixup duplicate cache flush
exfat: handle wrong stream entry size in exfat_readdir()
scsi: fc: Correct RHBA attributes length
scsi: target: cxgbit: Unmap DMA buffer before calling target_execute_cmd()
mailbox: qcom-ipcc: Fix IPCC mbox channel exhaustion
fscrypt: don't ignore minor_hash when hash is 0
fscrypt: fix derivation of SipHash keys on big endian CPUs
tpm: Replace WARN_ONCE() with dev_err_once() in tpm_tis_status()
erofs: fix error return code in erofs_read_superblock()
block: return the correct bvec when checking for gaps
io_uring: fix blocking inline submission
mmc: block: Disable CMDQ on the ioctl path
mmc: vub3000: fix control-request direction
media: exynos4-is: remove a now unused integer
scsi: core: Retry I/O for Notify (Enable Spinup) Required error
crypto: qce - fix error return code in qce_skcipher_async_req_handle()
s390: preempt: Fix preempt_count initialization
cred: add missing return error code when set_cred_ucounts() failed
iommu/dma: Fix compile warning in 32-bit builds
powerpc/preempt: Don't touch the idle task's preempt_count during hotplug
Linux 5.10.50
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Iec4eab24ea8eb5a6d79739a1aec8432d93a8f82c
[ Upstream commit e6be37b2e7 ]
Since commit 99cb0dbd47 ("mm,thp: add read-only THP support for
(non-shmem) FS"), read-only THP file mapping is supported. But it forgot
to add checking for it in transparent_hugepage_enabled(). To fix it, we
add checking for read-only THP file mapping and also introduce helper
transhuge_vma_enabled() to check whether thp is enabled for specified vma
to reduce duplicated code. We rename transparent_hugepage_enabled to
transparent_hugepage_active to make the code easier to follow as suggested
by David Hildenbrand.
[linmiaohe@huawei.com: define transhuge_vma_enabled next to transhuge_vma_suitable]
Link: https://lkml.kernel.org/r/20210514093007.4117906-1-linmiaohe@huawei.com
Link: https://lkml.kernel.org/r/20210511134857.1581273-4-linmiaohe@huawei.com
Fixes: 99cb0dbd47 ("mm,thp: add read-only THP support for (non-shmem) FS")
Signed-off-by: Miaohe Lin <linmiaohe@huawei.com>
Reviewed-by: Yang Shi <shy828301@gmail.com>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: "Aneesh Kumar K . V" <aneesh.kumar@linux.ibm.com>
Cc: Anshuman Khandual <anshuman.khandual@arm.com>
Cc: David Hildenbrand <david@redhat.com>
Cc: Hugh Dickins <hughd@google.com>
Cc: Johannes Weiner <hannes@cmpxchg.org>
Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: Matthew Wilcox <willy@infradead.org>
Cc: Minchan Kim <minchan@kernel.org>
Cc: Ralph Campbell <rcampbell@nvidia.com>
Cc: Rik van Riel <riel@surriel.com>
Cc: Song Liu <songliubraving@fb.com>
Cc: William Kucharski <william.kucharski@oracle.com>
Cc: Zi Yan <ziy@nvidia.com>
Cc: Mike Kravetz <mike.kravetz@oracle.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
And 'ino' field to /proc/<pid>/fdinfo/<FD> and
/proc/<pid>/task/<tid>/fdinfo/<FD>.
The inode numbers can be used to uniquely identify DMA buffers in user
space and avoids a dependency on /proc/<pid>/fd/* when accounting
per-process DMA buffer sizes.
Link: https://lkml.kernel.org/r/20210308170651.919148-2-kaleshsingh@google.com
Signed-off-by: Kalesh Singh <kaleshsingh@google.com>
Acked-by: Randy Dunlap <rdunlap@infradead.org>
Acked-by: Christian König <christian.koenig@amd.com>
Cc: Jann Horn <jannh@google.com>
Cc: Jeff Vander Stoep <jeffv@google.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Suren Baghdasaryan <surenb@google.com>
Cc: Minchan Kim <minchan@kernel.org>
Cc: Hridya Valsaraju <hridya@google.com>
Cc: Matthew Wilcox <willy@infradead.org>
Cc: Alexander Viro <viro@zeniv.linux.org.uk>
Cc: Kalesh Singh <kaleshsingh@google.com>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Jonathan Corbet <corbet@lwn.net>
Cc: Mauro Carvalho Chehab <mchehab+huawei@kernel.org>
Cc: Michal Hocko <mhocko@suse.com>
Cc: Alexey Gladkov <gladkov.alexey@gmail.com>
Cc: Szabolcs Nagy <szabolcs.nagy@arm.com>
Cc: Eric W. Biederman <ebiederm@xmission.com>
Cc: Christian Brauner <christian.brauner@ubuntu.com>
Cc: Michel Lespinasse <walken@google.com>
Cc: Bernd Edlinger <bernd.edlinger@hotmail.de>
Cc: Andrei Vagin <avagin@gmail.com>
Cc: Helge Deller <deller@gmx.de>
Cc: James Morris <jamorris@linux.microsoft.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit 3845f256a8)
Bug: 159126739
Bug: 167141117
Signed-off-by: Kalesh Singh <kaleshsingh@google.com>
Change-Id: Id07beac3edcc95c0b42805e24e5486965acbb46e
Android captures per-process system memory state when certain low memory
events (e.g a foreground app kill) occur, to identify potential memory
hoggers. In order to measure how much memory a process actually consumes,
it is necessary to include the DMA buffer sizes for that process in the
memory accounting. Since the handle to DMA buffers are raw FDs, it is
important to be able to identify which processes have FD references to a
DMA buffer.
Currently, DMA buffer FDs can be accounted using /proc/<pid>/fd/* and
/proc/<pid>/fdinfo -- both are only readable by the process owner, as
follows:
1. Do a readlink on each FD.
2. If the target path begins with "/dmabuf", then the FD is a dmabuf FD.
3. stat the file to get the dmabuf inode number.
4. Read/ proc/<pid>/fdinfo/<fd>, to get the DMA buffer size.
Accessing other processes' fdinfo requires root privileges. This limits
the use of the interface to debugging environments and is not suitable for
production builds. Granting root privileges even to a system process
increases the attack surface and is highly undesirable.
Since fdinfo doesn't permit reading process memory and manipulating
process state, allow accessing fdinfo under PTRACE_MODE_READ_FSCRED.
Link: https://lkml.kernel.org/r/20210308170651.919148-1-kaleshsingh@google.com
Signed-off-by: Kalesh Singh <kaleshsingh@google.com>
Suggested-by: Jann Horn <jannh@google.com>
Acked-by: Christian König <christian.koenig@amd.com>
Cc: Alexander Viro <viro@zeniv.linux.org.uk>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Alexey Gladkov <gladkov.alexey@gmail.com>
Cc: Andrei Vagin <avagin@gmail.com>
Cc: Bernd Edlinger <bernd.edlinger@hotmail.de>
Cc: Christian Brauner <christian.brauner@ubuntu.com>
Cc: Eric W. Biederman <ebiederm@xmission.com>
Cc: Helge Deller <deller@gmx.de>
Cc: Hridya Valsaraju <hridya@google.com>
Cc: James Morris <jamorris@linux.microsoft.com>
Cc: Jeff Vander Stoep <jeffv@google.com>
Cc: Jonathan Corbet <corbet@lwn.net>
Cc: Kees Cook <keescook@chromium.org>
Cc: Matthew Wilcox <willy@infradead.org>
Cc: Mauro Carvalho Chehab <mchehab+huawei@kernel.org>
Cc: Michal Hocko <mhocko@suse.com>
Cc: Michel Lespinasse <walken@google.com>
Cc: Minchan Kim <minchan@kernel.org>
Cc: Randy Dunlap <rdunlap@infradead.org>
Cc: Suren Baghdasaryan <surenb@google.com>
Cc: Szabolcs Nagy <szabolcs.nagy@arm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit 7bc3fa0172)
Bug: 159126739
Bug: 167141117
Signed-off-by: Kalesh Singh <kaleshsingh@google.com>
Change-Id: I842b689670f731138592f45c7124ef446d9aa59a
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmDJzHwACgkQONu9yGCS
aT6opRAAuTY0BewZFxfx+tMNplEo6Z/AnerfZN5UxjmIWhvE4NBoIhxgj7ZKHzKE
5xBP53Dunqa6MVrLv3VCyYstUMHO3qlDmYU6tGz/omstaQxqxB0y6b/8+Q3hkzkK
SjpLeeMIzbpleZXt+zvi5LIwMb7WM2bVLmH4kPVEAW0+GmPWZRentaF7LtHNOOfU
LBgAcRH2emxGZ3ucHJDI0xsrkdoWfe+sPZqkAiRI06wlK5EZEcc55uCy3OWzO47Z
579j4s0GX1RP6iuC8tVfoPFPPATRGAHJABX46w2xqs34Ni4PCA9FZ+cTbXgJyZoV
ZzMnjSvmtM6SjdJDz5JucUS70zU2ailHuTnjZk41XUUYoY5reG1DWSVxPP5LVh3e
1eC9P5RTHjCKt/oHA+xvfJJzKL3VyBFLpkssJkh/LOjj1yCCMj2XK7u1q+swCd7O
mJgkZS30c5bIVgV8tHjL2HPG8HnPRqR2+3vZ1yMCOSEDjQs3Qxhjlhohq33Jlfa3
wHOuuDvJyxgx+c/G4fgofWjU1eYpCltUthDiATl4w9+sACKm0FRm+ZVUlX/xr6WI
aCBEuk9hFbXQF6Jfbmg3RrhiyF1BTZJ/MKzxaOmEk8HLLEtW249qz5Up651+caqy
cfppiiV9M/QWB/soemK9uLnoBNjxEdvP00KI362ED99cNwF3eZc=
=LmrZ
-----END PGP SIGNATURE-----
Merge 5.10.44 into android12-5.10-lts
Changes in 5.10.44
proc: Track /proc/$pid/attr/ opener mm_struct
ASoC: max98088: fix ni clock divider calculation
ASoC: amd: fix for pcm_read() error
spi: Fix spi device unregister flow
spi: spi-zynq-qspi: Fix stack violation bug
bpf: Forbid trampoline attach for functions with variable arguments
net/nfc/rawsock.c: fix a permission check bug
usb: cdns3: Fix runtime PM imbalance on error
ASoC: Intel: bytcr_rt5640: Add quirk for the Glavey TM800A550L tablet
ASoC: Intel: bytcr_rt5640: Add quirk for the Lenovo Miix 3-830 tablet
vfio-ccw: Reset FSM state to IDLE inside FSM
vfio-ccw: Serialize FSM IDLE state with I/O completion
ASoC: sti-sas: add missing MODULE_DEVICE_TABLE
spi: sprd: Add missing MODULE_DEVICE_TABLE
usb: chipidea: udc: assign interrupt number to USB gadget structure
isdn: mISDN: netjet: Fix crash in nj_probe:
bonding: init notify_work earlier to avoid uninitialized use
netlink: disable IRQs for netlink_lock_table()
net: mdiobus: get rid of a BUG_ON()
cgroup: disable controllers at parse time
wq: handle VM suspension in stall detection
net/qla3xxx: fix schedule while atomic in ql_sem_spinlock
RDS tcp loopback connection can hang
net:sfc: fix non-freed irq in legacy irq mode
scsi: bnx2fc: Return failure if io_req is already in ABTS processing
scsi: vmw_pvscsi: Set correct residual data length
scsi: hisi_sas: Drop free_irq() of devm_request_irq() allocated irq
scsi: target: qla2xxx: Wait for stop_phase1 at WWN removal
net: macb: ensure the device is available before accessing GEMGXL control registers
net: appletalk: cops: Fix data race in cops_probe1
net: dsa: microchip: enable phy errata workaround on 9567
nvme-fabrics: decode host pathing error for connect
MIPS: Fix kernel hang under FUNCTION_GRAPH_TRACER and PREEMPT_TRACER
dm verity: fix require_signatures module_param permissions
bnx2x: Fix missing error code in bnx2x_iov_init_one()
nvme-tcp: remove incorrect Kconfig dep in BLK_DEV_NVME
nvmet: fix false keep-alive timeout when a controller is torn down
powerpc/fsl: set fsl,i2c-erratum-a004447 flag for P2041 i2c controllers
powerpc/fsl: set fsl,i2c-erratum-a004447 flag for P1010 i2c controllers
spi: Don't have controller clean up spi device before driver unbind
spi: Cleanup on failure of initial setup
i2c: mpc: Make use of i2c_recover_bus()
i2c: mpc: implement erratum A-004447 workaround
ALSA: seq: Fix race of snd_seq_timer_open()
ALSA: firewire-lib: fix the context to call snd_pcm_stop_xrun()
ALSA: hda/realtek: headphone and mic don't work on an Acer laptop
ALSA: hda/realtek: fix mute/micmute LEDs and speaker for HP Elite Dragonfly G2
ALSA: hda/realtek: fix mute/micmute LEDs and speaker for HP EliteBook x360 1040 G8
ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook 840 Aero G8
ALSA: hda/realtek: fix mute/micmute LEDs for HP ZBook Power G8
spi: bcm2835: Fix out-of-bounds access with more than 4 slaves
Revert "ACPI: sleep: Put the FACS table after using it"
drm: Fix use-after-free read in drm_getunique()
drm: Lock pointer access in drm_master_release()
perf/x86/intel/uncore: Fix M2M event umask for Ice Lake server
KVM: X86: MMU: Use the correct inherited permissions to get shadow page
kvm: avoid speculation-based attacks from out-of-range memslot accesses
staging: rtl8723bs: Fix uninitialized variables
async_xor: check src_offs is not NULL before updating it
btrfs: return value from btrfs_mark_extent_written() in case of error
btrfs: promote debugging asserts to full-fledged checks in validate_super
cgroup1: don't allow '\n' in renaming
ftrace: Do not blindly read the ip address in ftrace_bug()
mmc: renesas_sdhi: abort tuning when timeout detected
mmc: renesas_sdhi: Fix HS400 on R-Car M3-W+
USB: f_ncm: ncm_bitrate (speed) is unsigned
usb: f_ncm: only first packet of aggregate needs to start timer
usb: pd: Set PD_T_SINK_WAIT_CAP to 310ms
usb: dwc3-meson-g12a: fix usb2 PHY glue init when phy0 is disabled
usb: dwc3: meson-g12a: Disable the regulator in the error handling path of the probe
usb: dwc3: gadget: Bail from dwc3_gadget_exit() if dwc->gadget is NULL
usb: dwc3: ep0: fix NULL pointer exception
usb: musb: fix MUSB_QUIRK_B_DISCONNECT_99 handling
usb: typec: wcove: Use LE to CPU conversion when accessing msg->header
usb: typec: ucsi: Clear PPM capability data in ucsi_init() error path
usb: typec: intel_pmc_mux: Put fwnode in error case during ->probe()
usb: typec: intel_pmc_mux: Add missed error check for devm_ioremap_resource()
usb: gadget: f_fs: Ensure io_completion_wq is idle during unbind
USB: serial: ftdi_sio: add NovaTech OrionMX product ID
USB: serial: omninet: add device id for Zyxel Omni 56K Plus
USB: serial: quatech2: fix control-request directions
USB: serial: cp210x: fix alternate function for CP2102N QFN20
usb: gadget: eem: fix wrong eem header operation
usb: fix various gadgets null ptr deref on 10gbps cabling.
usb: fix various gadget panics on 10gbps cabling
usb: typec: tcpm: cancel vdm and state machine hrtimer when unregister tcpm port
usb: typec: tcpm: cancel frs hrtimer when unregister tcpm port
regulator: core: resolve supply for boot-on/always-on regulators
regulator: max77620: Use device_set_of_node_from_dev()
regulator: bd718x7: Fix the BUCK7 voltage setting on BD71837
regulator: fan53880: Fix missing n_voltages setting
regulator: bd71828: Fix .n_voltages settings
regulator: rtmv20: Fix .set_current_limit/.get_current_limit callbacks
phy: usb: Fix misuse of IS_ENABLED
usb: dwc3: gadget: Disable gadget IRQ during pullup disable
usb: typec: mux: Fix copy-paste mistake in typec_mux_match
drm/mcde: Fix off by 10^3 in calculation
drm/msm/a6xx: fix incorrectly set uavflagprd_inv field for A650
drm/msm/a6xx: update/fix CP_PROTECT initialization
drm/msm/a6xx: avoid shadow NULL reference in failure path
RDMA/ipoib: Fix warning caused by destroying non-initial netns
RDMA/mlx4: Do not map the core_clock page to user space unless enabled
ARM: cpuidle: Avoid orphan section warning
vmlinux.lds.h: Avoid orphan section with !SMP
tools/bootconfig: Fix error return code in apply_xbc()
phy: cadence: Sierra: Fix error return code in cdns_sierra_phy_probe()
ASoC: core: Fix Null-point-dereference in fmt_single_name()
ASoC: meson: gx-card: fix sound-dai dt schema
phy: ti: Fix an error code in wiz_probe()
gpio: wcd934x: Fix shift-out-of-bounds error
perf: Fix data race between pin_count increment/decrement
sched/fair: Keep load_avg and load_sum synced
sched/fair: Make sure to update tg contrib for blocked load
sched/fair: Fix util_est UTIL_AVG_UNCHANGED handling
x86/nmi_watchdog: Fix old-style NMI watchdog regression on old Intel CPUs
KVM: x86: Ensure liveliness of nested VM-Enter fail tracepoint message
IB/mlx5: Fix initializing CQ fragments buffer
NFS: Fix a potential NULL dereference in nfs_get_client()
NFSv4: Fix deadlock between nfs4_evict_inode() and nfs4_opendata_get_inode()
perf session: Correct buffer copying when peeking events
kvm: fix previous commit for 32-bit builds
NFS: Fix use-after-free in nfs4_init_client()
NFSv4: Fix second deadlock in nfs4_evict_inode()
NFSv4: nfs4_proc_set_acl needs to restore NFS_CAP_UIDGID_NOMAP on error.
scsi: core: Fix error handling of scsi_host_alloc()
scsi: core: Fix failure handling of scsi_add_host_with_dma()
scsi: core: Put .shost_dev in failure path if host state changes to RUNNING
scsi: core: Only put parent device if host state differs from SHOST_CREATED
tracing: Correct the length check which causes memory corruption
proc: only require mm_struct for writing
Linux 5.10.44
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ic64172b4e72ccb54d96000b3065dd8b33aa9fef5
commit 94f0b2d4a1 upstream.
Commit 591a22c14d ("proc: Track /proc/$pid/attr/ opener mm_struct") we
started using __mem_open() to track the mm_struct at open-time, so that
we could then check it for writes.
But that also ended up making the permission checks at open time much
stricter - and not just for writes, but for reads too. And that in turn
caused a regression for at least Fedora 29, where NIC interfaces fail to
start when using NetworkManager.
Since only the write side wanted the mm_struct test, ignore any failures
by __mem_open() at open time, leaving reads unaffected. The write()
time verification of the mm_struct pointer will then catch the failure
case because a NULL pointer will not match a valid 'current->mm'.
Link: https://lore.kernel.org/netdev/YMjTlp2FSJYvoyFa@unreal/
Fixes: 591a22c14d ("proc: Track /proc/$pid/attr/ opener mm_struct")
Reported-and-tested-by: Leon Romanovsky <leon@kernel.org>
Cc: Kees Cook <keescook@chromium.org>
Cc: Christian Brauner <christian.brauner@ubuntu.com>
Cc: Andrea Righi <andrea.righi@canonical.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 591a22c14d upstream.
Commit bfb819ea20 ("proc: Check /proc/$pid/attr/ writes against file opener")
tried to make sure that there could not be a confusion between the opener of
a /proc/$pid/attr/ file and the writer. It used struct cred to make sure
the privileges didn't change. However, there were existing cases where a more
privileged thread was passing the opened fd to a differently privileged thread
(during container setup). Instead, use mm_struct to track whether the opener
and writer are still the same process. (This is what several other proc files
already do, though for different reasons.)
Reported-by: Christian Brauner <christian.brauner@ubuntu.com>
Reported-by: Andrea Righi <andrea.righi@canonical.com>
Tested-by: Andrea Righi <andrea.righi@canonical.com>
Fixes: bfb819ea20 ("proc: Check /proc/$pid/attr/ writes against file opener")
Cc: stable@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
It is not possible to put an array value with subkeys under
a key node, because both of subkeys and the array elements
are using "next" field of the xbc_node.
Thus this changes the array values to use "child" field in
the array case. The reason why split this change is to
test it easily.
Picking this up FROMLIST to get the fix ASAP. It is likely to be
accepted upstream.
Signed-off-by: Devin Moore <devinmoore@google.com>
Link: https://lore.kernel.org/lkml/162262192121.264090.6540508908529705156.stgit@devnote2/
Bug: 183237066
Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org>
Change-Id: Iabd54cda32f6bde12297942d6b03bd2555e6eb0c
Changes in 5.10.42
ALSA: hda/realtek: the bass speaker can't output sound on Yoga 9i
ALSA: hda/realtek: Headphone volume is controlled by Front mixer
ALSA: hda/realtek: Chain in pop reduction fixup for ThinkStation P340
ALSA: hda/realtek: fix mute/micmute LEDs for HP 855 G8
ALSA: hda/realtek: fix mute/micmute LEDs and speaker for HP Zbook G8
ALSA: hda/realtek: fix mute/micmute LEDs and speaker for HP Zbook Fury 15 G8
ALSA: hda/realtek: fix mute/micmute LEDs and speaker for HP Zbook Fury 17 G8
ALSA: usb-audio: scarlett2: Fix device hang with ehci-pci
ALSA: usb-audio: scarlett2: Improve driver startup messages
cifs: set server->cipher_type to AES-128-CCM for SMB3.0
NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return()
iommu/vt-d: Fix sysfs leak in alloc_iommu()
perf intel-pt: Fix sample instruction bytes
perf intel-pt: Fix transaction abort handling
perf scripts python: exported-sql-viewer.py: Fix copy to clipboard from Top Calls by elapsed Time report
perf scripts python: exported-sql-viewer.py: Fix Array TypeError
perf scripts python: exported-sql-viewer.py: Fix warning display
proc: Check /proc/$pid/attr/ writes against file opener
net: hso: fix control-request directions
net/sched: fq_pie: re-factor fix for fq_pie endless loop
net/sched: fq_pie: fix OOB access in the traffic path
netfilter: nft_set_pipapo_avx2: Add irq_fpu_usable() check, fallback to non-AVX2 version
mac80211: assure all fragments are encrypted
mac80211: prevent mixed key and fragment cache attacks
mac80211: properly handle A-MSDUs that start with an RFC 1042 header
cfg80211: mitigate A-MSDU aggregation attacks
mac80211: drop A-MSDUs on old ciphers
mac80211: add fragment cache to sta_info
mac80211: check defrag PN against current frame
mac80211: prevent attacks on TKIP/WEP as well
mac80211: do not accept/forward invalid EAPOL frames
mac80211: extend protection against mixed key and fragment cache attacks
ath10k: add CCMP PN replay protection for fragmented frames for PCIe
ath10k: drop fragments with multicast DA for PCIe
ath10k: drop fragments with multicast DA for SDIO
ath10k: drop MPDU which has discard flag set by firmware for SDIO
ath10k: Fix TKIP Michael MIC verification for PCIe
ath10k: Validate first subframe of A-MSDU before processing the list
ath11k: Clear the fragment cache during key install
dm snapshot: properly fix a crash when an origin has no snapshots
drm/amd/pm: correct MGpuFanBoost setting
drm/amdgpu/vcn1: add cancel_delayed_work_sync before power gate
drm/amdkfd: correct sienna_cichlid SDMA RLC register offset error
drm/amdgpu/vcn2.0: add cancel_delayed_work_sync before power gate
drm/amdgpu/vcn2.5: add cancel_delayed_work_sync before power gate
drm/amdgpu/jpeg2.0: add cancel_delayed_work_sync before power gate
selftests/gpio: Use TEST_GEN_PROGS_EXTENDED
selftests/gpio: Move include of lib.mk up
selftests/gpio: Fix build when source tree is read only
kgdb: fix gcc-11 warnings harder
Documentation: seccomp: Fix user notification documentation
seccomp: Refactor notification handler to prepare for new semantics
serial: core: fix suspicious security_locked_down() call
misc/uss720: fix memory leak in uss720_probe
thunderbolt: usb4: Fix NVM read buffer bounds and offset issue
thunderbolt: dma_port: Fix NVM read buffer bounds and offset issue
KVM: X86: Fix vCPU preempted state from guest's point of view
KVM: arm64: Prevent mixed-width VM creation
mei: request autosuspend after sending rx flow control
staging: iio: cdc: ad7746: avoid overwrite of num_channels
iio: gyro: fxas21002c: balance runtime power in error path
iio: dac: ad5770r: Put fwnode in error case during ->probe()
iio: adc: ad7768-1: Fix too small buffer passed to iio_push_to_buffers_with_timestamp()
iio: adc: ad7124: Fix missbalanced regulator enable / disable on error.
iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers
iio: adc: ad7923: Fix undersized rx buffer.
iio: adc: ad7793: Add missing error code in ad7793_setup()
iio: adc: ad7192: Avoid disabling a clock that was never enabled.
iio: adc: ad7192: handle regulator voltage error first
serial: 8250: Add UART_BUG_TXRACE workaround for Aspeed VUART
serial: 8250_dw: Add device HID for new AMD UART controller
serial: 8250_pci: Add support for new HPE serial device
serial: 8250_pci: handle FL_NOIRQ board flag
USB: trancevibrator: fix control-request direction
Revert "irqbypass: do not start cons/prod when failed connect"
USB: usbfs: Don't WARN about excessively large memory allocations
drivers: base: Fix device link removal
serial: tegra: Fix a mask operation that is always true
serial: sh-sci: Fix off-by-one error in FIFO threshold register setting
serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait'
USB: serial: ti_usb_3410_5052: add startech.com device id
USB: serial: option: add Telit LE910-S1 compositions 0x7010, 0x7011
USB: serial: ftdi_sio: add IDs for IDS GmbH Products
USB: serial: pl2303: add device id for ADLINK ND-6530 GC
thermal/drivers/intel: Initialize RW trip to THERMAL_TEMP_INVALID
usb: dwc3: gadget: Properly track pending and queued SG
usb: gadget: udc: renesas_usb3: Fix a race in usb3_start_pipen()
usb: typec: mux: Fix matching with typec_altmode_desc
net: usb: fix memory leak in smsc75xx_bind
Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails
fs/nfs: Use fatal_signal_pending instead of signal_pending
NFS: fix an incorrect limit in filelayout_decode_layout()
NFS: Fix an Oopsable condition in __nfs_pageio_add_request()
NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce()
NFSv4: Fix v4.0/v4.1 SEEK_DATA return -ENOTSUPP when set NFS_V4_2 config
drm/meson: fix shutdown crash when component not probed
net/mlx5e: reset XPS on error flow if netdev isn't registered yet
net/mlx5e: Fix multipath lag activation
net/mlx5e: Fix error path of updating netdev queues
{net,vdpa}/mlx5: Configure interface MAC into mpfs L2 table
net/mlx5e: Fix nullptr in add_vlan_push_action()
net/mlx5: Set reformat action when needed for termination rules
net/mlx5e: Fix null deref accessing lag dev
net/mlx4: Fix EEPROM dump support
net/mlx5: Set term table as an unmanaged flow table
SUNRPC in case of backlog, hand free slots directly to waiting task
Revert "net:tipc: Fix a double free in tipc_sk_mcast_rcv"
tipc: wait and exit until all work queues are done
tipc: skb_linearize the head skb when reassembling msgs
spi: spi-fsl-dspi: Fix a resource leak in an error handling path
netfilter: flowtable: Remove redundant hw refresh bit
net: dsa: mt7530: fix VLAN traffic leaks
net: dsa: fix a crash if ->get_sset_count() fails
net: dsa: sja1105: update existing VLANs from the bridge VLAN list
net: dsa: sja1105: use 4095 as the private VLAN for untagged traffic
net: dsa: sja1105: error out on unsupported PHY mode
net: dsa: sja1105: add error handling in sja1105_setup()
net: dsa: sja1105: call dsa_unregister_switch when allocating memory fails
net: dsa: sja1105: fix VL lookup command packing for P/Q/R/S
i2c: s3c2410: fix possible NULL pointer deref on read message after write
i2c: mediatek: Disable i2c start_en and clear intr_stat brfore reset
i2c: i801: Don't generate an interrupt on bus reset
i2c: sh_mobile: Use new clock calculation formulas for RZ/G2E
afs: Fix the nlink handling of dir-over-dir rename
perf jevents: Fix getting maximum number of fds
nvmet-tcp: fix inline data size comparison in nvmet_tcp_queue_response
mptcp: avoid error message on infinite mapping
mptcp: drop unconditional pr_warn on bad opt
mptcp: fix data stream corruption
platform/x86: hp_accel: Avoid invoking _INI to speed up resume
gpio: cadence: Add missing MODULE_DEVICE_TABLE
Revert "crypto: cavium/nitrox - add an error message to explain the failure of pci_request_mem_regions"
Revert "media: usb: gspca: add a missed check for goto_low_power"
Revert "ALSA: sb: fix a missing check of snd_ctl_add"
Revert "serial: max310x: pass return value of spi_register_driver"
serial: max310x: unregister uart driver in case of failure and abort
Revert "net: fujitsu: fix a potential NULL pointer dereference"
net: fujitsu: fix potential null-ptr-deref
Revert "net/smc: fix a NULL pointer dereference"
net/smc: properly handle workqueue allocation failure
Revert "net: caif: replace BUG_ON with recovery code"
net: caif: remove BUG_ON(dev == NULL) in caif_xmit
Revert "char: hpet: fix a missing check of ioremap"
char: hpet: add checks after calling ioremap
Revert "ALSA: gus: add a check of the status of snd_ctl_add"
Revert "ALSA: usx2y: Fix potential NULL pointer dereference"
Revert "isdn: mISDNinfineon: fix potential NULL pointer dereference"
isdn: mISDNinfineon: check/cleanup ioremap failure correctly in setup_io
Revert "ath6kl: return error code in ath6kl_wmi_set_roam_lrssi_cmd()"
ath6kl: return error code in ath6kl_wmi_set_roam_lrssi_cmd()
Revert "isdn: mISDN: Fix potential NULL pointer dereference of kzalloc"
isdn: mISDN: correctly handle ph_info allocation failure in hfcsusb_ph_info
Revert "dmaengine: qcom_hidma: Check for driver register failure"
dmaengine: qcom_hidma: comment platform_driver_register call
Revert "libertas: add checks for the return value of sysfs_create_group"
libertas: register sysfs groups properly
Revert "ASoC: cs43130: fix a NULL pointer dereference"
ASoC: cs43130: handle errors in cs43130_probe() properly
Revert "media: dvb: Add check on sp8870_readreg"
media: dvb: Add check on sp8870_readreg return
Revert "media: gspca: mt9m111: Check write_bridge for timeout"
media: gspca: mt9m111: Check write_bridge for timeout
Revert "media: gspca: Check the return value of write_bridge for timeout"
media: gspca: properly check for errors in po1030_probe()
Revert "net: liquidio: fix a NULL pointer dereference"
net: liquidio: Add missing null pointer checks
Revert "brcmfmac: add a check for the status of usb_register"
brcmfmac: properly check for bus register errors
btrfs: return whole extents in fiemap
scsi: ufs: ufs-mediatek: Fix power down spec violation
scsi: BusLogic: Fix 64-bit system enumeration error for Buslogic
openrisc: Define memory barrier mb
scsi: pm80xx: Fix drives missing during rmmod/insmod loop
btrfs: release path before starting transaction when cloning inline extent
btrfs: do not BUG_ON in link_to_fixup_dir
platform/x86: hp-wireless: add AMD's hardware id to the supported list
platform/x86: intel_punit_ipc: Append MODULE_DEVICE_TABLE for ACPI
platform/x86: touchscreen_dmi: Add info for the Mediacom Winpad 7.0 W700 tablet
SMB3: incorrect file id in requests compounded with open
drm/amd/display: Disconnect non-DP with no EDID
drm/amd/amdgpu: fix refcount leak
drm/amdgpu: Fix a use-after-free
drm/amd/amdgpu: fix a potential deadlock in gpu reset
drm/amdgpu: stop touching sched.ready in the backend
platform/x86: touchscreen_dmi: Add info for the Chuwi Hi10 Pro (CWI529) tablet
block: fix a race between del_gendisk and BLKRRPART
linux/bits.h: fix compilation error with GENMASK
net: netcp: Fix an error message
net: dsa: fix error code getting shifted with 4 in dsa_slave_get_sset_count
interconnect: qcom: bcm-voter: add a missing of_node_put()
interconnect: qcom: Add missing MODULE_DEVICE_TABLE
ASoC: cs42l42: Regmap must use_single_read/write
net: stmmac: Fix MAC WoL not working if PHY does not support WoL
net: ipa: memory region array is variable size
vfio-ccw: Check initialized flag in cp_init()
spi: Assume GPIO CS active high in ACPI case
net: really orphan skbs tied to closing sk
net: packetmmap: fix only tx timestamp on request
net: fec: fix the potential memory leak in fec_enet_init()
chelsio/chtls: unlock on error in chtls_pt_recvmsg()
net: mdio: thunder: Fix a double free issue in the .remove function
net: mdio: octeon: Fix some double free issues
cxgb4/ch_ktls: Clear resources when pf4 device is removed
openvswitch: meter: fix race when getting now_ms.
tls splice: check SPLICE_F_NONBLOCK instead of MSG_DONTWAIT
net: sched: fix packet stuck problem for lockless qdisc
net: sched: fix tx action rescheduling issue during deactivation
net: sched: fix tx action reschedule issue with stopped queue
net: hso: check for allocation failure in hso_create_bulk_serial_device()
net: bnx2: Fix error return code in bnx2_init_board()
bnxt_en: Include new P5 HV definition in VF check.
bnxt_en: Fix context memory setup for 64K page size.
mld: fix panic in mld_newpack()
net/smc: remove device from smcd_dev_list after failed device_add()
gve: Check TX QPL was actually assigned
gve: Update mgmt_msix_idx if num_ntfy changes
gve: Add NULL pointer checks when freeing irqs.
gve: Upgrade memory barrier in poll routine
gve: Correct SKB queue index validation.
iommu/virtio: Add missing MODULE_DEVICE_TABLE
net: hns3: fix incorrect resp_msg issue
net: hns3: put off calling register_netdev() until client initialize complete
iommu/vt-d: Use user privilege for RID2PASID translation
cxgb4: avoid accessing registers when clearing filters
staging: emxx_udc: fix loop in _nbu2ss_nuke()
ASoC: cs35l33: fix an error code in probe()
bpf, offload: Reorder offload callback 'prepare' in verifier
bpf: Set mac_len in bpf_skb_change_head
ixgbe: fix large MTU request from VF
ASoC: qcom: lpass-cpu: Use optional clk APIs
scsi: libsas: Use _safe() loop in sas_resume_port()
net: lantiq: fix memory corruption in RX ring
ipv6: record frag_max_size in atomic fragments in input path
ALSA: usb-audio: scarlett2: snd_scarlett_gen2_controls_create() can be static
net: ethernet: mtk_eth_soc: Fix packet statistics support for MT7628/88
sch_dsmark: fix a NULL deref in qdisc_reset()
net: hsr: fix mac_len checks
MIPS: alchemy: xxs1500: add gpio-au1000.h header file
MIPS: ralink: export rt_sysc_membase for rt2880_wdt.c
net: zero-initialize tc skb extension on allocation
net: mvpp2: add buffer header handling in RX
i915: fix build warning in intel_dp_get_link_status()
samples/bpf: Consider frame size in tx_only of xdpsock sample
net: hns3: check the return of skb_checksum_help()
bpftool: Add sock_release help info for cgroup attach/prog load command
SUNRPC: More fixes for backlog congestion
Revert "Revert "ALSA: usx2y: Fix potential NULL pointer dereference""
net: hso: bail out on interrupt URB allocation failure
scripts/clang-tools: switch explicitly to Python 3
neighbour: Prevent Race condition in neighbour subsytem
usb: core: reduce power-on-good delay time of root hub
Linux 5.10.42
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I05d98d1355a080e0951b4b2ae77f0a9ccb6dfc5d
commit bfb819ea20 upstream.
Fix another "confused deputy" weakness[1]. Writes to /proc/$pid/attr/
files need to check the opener credentials, since these fds do not
transition state across execve(). Without this, it is possible to
trick another process (which may have different credentials) to write
to its own /proc/$pid/attr/ files, leading to unexpected and possibly
exploitable behaviors.
[1] https://www.kernel.org/doc/html/latest/security/credentials.html?highlight=confused#open-file-credentials
Fixes: 1da177e4c3 ("Linux-2.6.12-rc2")
Cc: stable@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Changes in 5.10.38
KEYS: trusted: Fix memory leak on object td
tpm: fix error return code in tpm2_get_cc_attrs_tbl()
tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt()
tpm, tpm_tis: Reserve locality in tpm_tis_resume()
KVM: x86/mmu: Remove the defunct update_pte() paging hook
KVM/VMX: Invoke NMI non-IST entry instead of IST entry
ACPI: PM: Add ACPI ID of Alder Lake Fan
PM: runtime: Fix unpaired parent child_count for force_resume
cpufreq: intel_pstate: Use HWP if enabled by platform firmware
kvm: Cap halt polling at kvm->max_halt_poll_ns
ath11k: fix thermal temperature read
fs: dlm: fix debugfs dump
fs: dlm: add errno handling to check callback
fs: dlm: check on minimum msglen size
fs: dlm: flush swork on shutdown
tipc: convert dest node's address to network order
ASoC: Intel: bytcr_rt5640: Enable jack-detect support on Asus T100TAF
net/mlx5e: Use net_prefetchw instead of prefetchw in MPWQE TX datapath
net: stmmac: Set FIFO sizes for ipq806x
ASoC: rsnd: core: Check convert rate in rsnd_hw_params
Bluetooth: Fix incorrect status handling in LE PHY UPDATE event
i2c: bail out early when RDWR parameters are wrong
ALSA: hdsp: don't disable if not enabled
ALSA: hdspm: don't disable if not enabled
ALSA: rme9652: don't disable if not enabled
ALSA: bebob: enable to deliver MIDI messages for multiple ports
Bluetooth: Set CONF_NOT_COMPLETE as l2cap_chan default
Bluetooth: initialize skb_queue_head at l2cap_chan_create()
net/sched: cls_flower: use ntohs for struct flow_dissector_key_ports
net: bridge: when suppression is enabled exclude RARP packets
Bluetooth: check for zapped sk before connecting
selftests/powerpc: Fix L1D flushing tests for Power10
powerpc/32: Statically initialise first emergency context
net: hns3: remediate a potential overflow risk of bd_num_list
net: hns3: add handling for xmit skb with recursive fraglist
ip6_vti: proper dev_{hold|put} in ndo_[un]init methods
ASoC: Intel: bytcr_rt5640: Add quirk for the Chuwi Hi8 tablet
ice: handle increasing Tx or Rx ring sizes
Bluetooth: btusb: Enable quirk boolean flag for Mediatek Chip.
ASoC: rt5670: Add a quirk for the Dell Venue 10 Pro 5055
i2c: Add I2C_AQ_NO_REP_START adapter quirk
MIPS: Loongson64: Use _CACHE_UNCACHED instead of _CACHE_UNCACHED_ACCELERATED
coresight: Do not scan for graph if none is present
IB/hfi1: Correct oversized ring allocation
mac80211: clear the beacon's CRC after channel switch
pinctrl: samsung: use 'int' for register masks in Exynos
rtw88: 8822c: add LC calibration for RTL8822C
mt76: mt7615: support loading EEPROM for MT7613BE
mt76: mt76x0: disable GTK offloading
mt76: mt7915: fix txpower init for TSSI off chips
fuse: invalidate attrs when page writeback completes
virtiofs: fix userns
cuse: prevent clone
iwlwifi: pcie: make cfg vs. trans_cfg more robust
powerpc/mm: Add cond_resched() while removing hpte mappings
ASoC: rsnd: call rsnd_ssi_master_clk_start() from rsnd_ssi_init()
Revert "iommu/amd: Fix performance counter initialization"
iommu/amd: Remove performance counter pre-initialization test
drm/amd/display: Force vsync flip when reconfiguring MPCC
selftests: Set CC to clang in lib.mk if LLVM is set
kconfig: nconf: stop endless search loops
ALSA: hda/realtek: Add quirk for Lenovo Ideapad S740
ASoC: Intel: sof_sdw: add quirk for new ADL-P Rvp
ALSA: hda/hdmi: fix race in handling acomp ELD notification at resume
sctp: Fix out-of-bounds warning in sctp_process_asconf_param()
flow_dissector: Fix out-of-bounds warning in __skb_flow_bpf_to_target()
powerpc/smp: Set numa node before updating mask
ASoC: rt286: Generalize support for ALC3263 codec
ethtool: ioctl: Fix out-of-bounds warning in store_link_ksettings_for_user()
net: sched: tapr: prevent cycle_time == 0 in parse_taprio_schedule
samples/bpf: Fix broken tracex1 due to kprobe argument change
powerpc/pseries: Stop calling printk in rtas_stop_self()
drm/amd/display: fixed divide by zero kernel crash during dsc enablement
drm/amd/display: add handling for hdcp2 rx id list validation
drm/amdgpu: Add mem sync flag for IB allocated by SA
mt76: mt7615: fix entering driver-own state on mt7663
crypto: ccp: Free SEV device if SEV init fails
wl3501_cs: Fix out-of-bounds warnings in wl3501_send_pkt
wl3501_cs: Fix out-of-bounds warnings in wl3501_mgmt_join
qtnfmac: Fix possible buffer overflow in qtnf_event_handle_external_auth
powerpc/iommu: Annotate nested lock for lockdep
iavf: remove duplicate free resources calls
net: ethernet: mtk_eth_soc: fix RX VLAN offload
selftests: mlxsw: Increase the tolerance of backlog buildup
selftests: mlxsw: Fix mausezahn invocation in ERSPAN scale test
kbuild: generate Module.symvers only when vmlinux exists
bnxt_en: Add PCI IDs for Hyper-V VF devices.
ia64: module: fix symbolizer crash on fdescr
watchdog: rename __touch_watchdog() to a better descriptive name
watchdog: explicitly update timestamp when reporting softlockup
watchdog/softlockup: remove logic that tried to prevent repeated reports
watchdog: fix barriers when printing backtraces from all CPUs
ASoC: rt286: Make RT286_SET_GPIO_* readable and writable
thermal: thermal_of: Fix error return code of thermal_of_populate_bind_params()
f2fs: move ioctl interface definitions to separated file
f2fs: fix compat F2FS_IOC_{MOVE,GARBAGE_COLLECT}_RANGE
f2fs: fix to allow migrating fully valid segment
f2fs: fix panic during f2fs_resize_fs()
f2fs: fix a redundant call to f2fs_balance_fs if an error occurs
remoteproc: qcom_q6v5_mss: Replace ioremap with memremap
remoteproc: qcom_q6v5_mss: Validate p_filesz in ELF loader
PCI: iproc: Fix return value of iproc_msi_irq_domain_alloc()
PCI: Release OF node in pci_scan_device()'s error path
ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook
f2fs: fix to align to section for fallocate() on pinned file
f2fs: fix to update last i_size if fallocate partially succeeds
PCI: endpoint: Make *_get_first_free_bar() take into account 64 bit BAR
PCI: endpoint: Add helper API to get the 'next' unreserved BAR
PCI: endpoint: Make *_free_bar() to return error codes on failure
PCI: endpoint: Fix NULL pointer dereference for ->get_features()
f2fs: fix to avoid touching checkpointed data in get_victim()
f2fs: fix to cover __allocate_new_section() with curseg_lock
f2fs: Fix a hungtask problem in atomic write
f2fs: fix to avoid accessing invalid fio in f2fs_allocate_data_block()
rpmsg: qcom_glink_native: fix error return code of qcom_glink_rx_data()
NFS: nfs4_bitmask_adjust() must not change the server global bitmasks
NFS: Fix attribute bitmask in _nfs42_proc_fallocate()
NFSv4.2: Always flush out writes in nfs42_proc_fallocate()
NFS: Deal correctly with attribute generation counter overflow
PCI: endpoint: Fix missing destroy_workqueue()
pNFS/flexfiles: fix incorrect size check in decode_nfs_fh()
NFSv4.2 fix handling of sr_eof in SEEK's reply
SUNRPC: Move fault injection call sites
SUNRPC: Remove trace_xprt_transmit_queued
SUNRPC: Handle major timeout in xprt_adjust_timeout()
thermal/drivers/tsens: Fix missing put_device error
NFSv4.x: Don't return NFS4ERR_NOMATCHING_LAYOUT if we're unmounting
nfsd: ensure new clients break delegations
rtc: fsl-ftm-alarm: add MODULE_TABLE()
dmaengine: idxd: Fix potential null dereference on pointer status
dmaengine: idxd: fix dma device lifetime
dmaengine: idxd: fix cdev setup and free device lifetime issues
SUNRPC: fix ternary sign expansion bug in tracing
pwm: atmel: Fix duty cycle calculation in .get_state()
xprtrdma: Avoid Receive Queue wrapping
xprtrdma: Fix cwnd update ordering
xprtrdma: rpcrdma_mr_pop() already does list_del_init()
swiotlb: Fix the type of index
ceph: fix inode leak on getattr error in __fh_to_dentry
scsi: qla2xxx: Prevent PRLI in target mode
scsi: ufs: core: Do not put UFS power into LPM if link is broken
scsi: ufs: core: Cancel rpm_dev_flush_recheck_work during system suspend
scsi: ufs: core: Narrow down fast path in system suspend path
rtc: ds1307: Fix wday settings for rx8130
net: hns3: fix incorrect configuration for igu_egu_hw_err
net: hns3: initialize the message content in hclge_get_link_mode()
net: hns3: add check for HNS3_NIC_STATE_INITED in hns3_reset_notify_up_enet()
net: hns3: fix for vxlan gpe tx checksum bug
net: hns3: use netif_tx_disable to stop the transmit queue
net: hns3: disable phy loopback setting in hclge_mac_start_phy
sctp: do asoc update earlier in sctp_sf_do_dupcook_a
RISC-V: Fix error code returned by riscv_hartid_to_cpuid()
sunrpc: Fix misplaced barrier in call_decode
libbpf: Fix signed overflow in ringbuf_process_ring
block/rnbd-clt: Change queue_depth type in rnbd_clt_session to size_t
block/rnbd-clt: Check the return value of the function rtrs_clt_query
ethernet:enic: Fix a use after free bug in enic_hard_start_xmit
sctp: fix a SCTP_MIB_CURRESTAB leak in sctp_sf_do_dupcook_b
netfilter: xt_SECMARK: add new revision to fix structure layout
xsk: Fix for xp_aligned_validate_desc() when len == chunk_size
net: stmmac: Clear receive all(RA) bit when promiscuous mode is off
drm/radeon: Fix off-by-one power_state index heap overwrite
drm/radeon: Avoid power table parsing memory leaks
arm64: entry: factor irq triage logic into macros
arm64: entry: always set GIC_PRIO_PSR_I_SET during entry
khugepaged: fix wrong result value for trace_mm_collapse_huge_page_isolate()
mm/hugeltb: handle the error case in hugetlb_fix_reserve_counts()
mm/migrate.c: fix potential indeterminate pte entry in migrate_vma_insert_page()
ksm: fix potential missing rmap_item for stable_node
mm/gup: check every subpage of a compound page during isolation
mm/gup: return an error on migration failure
mm/gup: check for isolation errors
ethtool: fix missing NLM_F_MULTI flag when dumping
net: fix nla_strcmp to handle more then one trailing null character
smc: disallow TCP_ULP in smc_setsockopt()
netfilter: nfnetlink_osf: Fix a missing skb_header_pointer() NULL check
netfilter: nftables: Fix a memleak from userdata error path in new objects
can: mcp251xfd: mcp251xfd_probe(): add missing can_rx_offload_del() in error path
can: mcp251x: fix resume from sleep before interface was brought up
can: m_can: m_can_tx_work_queue(): fix tx_skb race condition
sched: Fix out-of-bound access in uclamp
sched/fair: Fix unfairness caused by missing load decay
fs/proc/generic.c: fix incorrect pde_is_permanent check
kernel: kexec_file: fix error return code of kexec_calculate_store_digests()
kernel/resource: make walk_system_ram_res() find all busy IORESOURCE_SYSTEM_RAM resources
kernel/resource: make walk_mem_res() find all busy IORESOURCE_MEM resources
netfilter: nftables: avoid overflows in nft_hash_buckets()
i40e: fix broken XDP support
i40e: Fix use-after-free in i40e_client_subtask()
i40e: fix the restart auto-negotiation after FEC modified
i40e: Fix PHY type identifiers for 2.5G and 5G adapters
mptcp: fix splat when closing unaccepted socket
f2fs: avoid unneeded data copy in f2fs_ioc_move_range()
ARC: entry: fix off-by-one error in syscall number validation
ARC: mm: PAE: use 40-bit physical page mask
ARC: mm: Use max_high_pfn as a HIGHMEM zone border
powerpc/64s: Fix crashes when toggling stf barrier
powerpc/64s: Fix crashes when toggling entry flush barrier
hfsplus: prevent corruption in shrinking truncate
squashfs: fix divide error in calculate_skip()
userfaultfd: release page in error path to avoid BUG_ON
kasan: fix unit tests with CONFIG_UBSAN_LOCAL_BOUNDS enabled
mm/hugetlb: fix F_SEAL_FUTURE_WRITE
blk-iocost: fix weight updates of inner active iocgs
arm64: mte: initialize RGSR_EL1.SEED in __cpu_setup
arm64: Fix race condition on PG_dcache_clean in __sync_icache_dcache()
btrfs: fix race leading to unpersisted data and metadata on fsync
drm/radeon/dpm: Disable sclk switching on Oland when two 4K 60Hz monitors are connected
drm/amd/display: Initialize attribute for hdcp_srm sysfs file
drm/i915: Avoid div-by-zero on gen2
kvm: exit halt polling on need_resched() as well
KVM: LAPIC: Accurately guarantee busy wait for timer to expire when using hv_timer
drm/msm/dp: initialize audio_comp when audio starts
KVM: x86: Cancel pvclock_gtod_work on module removal
KVM: x86: Prevent deadlock against tk_core.seq
dax: Add an enum for specifying dax wakup mode
dax: Add a wakeup mode parameter to put_unlocked_entry()
dax: Wake up all waiters after invalidating dax entry
xen/unpopulated-alloc: consolidate pgmap manipulation
xen/unpopulated-alloc: fix error return code in fill_list()
perf tools: Fix dynamic libbpf link
usb: dwc3: gadget: Free gadget structure only after freeing endpoints
iio: light: gp2ap002: Fix rumtime PM imbalance on error
iio: proximity: pulsedlight: Fix rumtime PM imbalance on error
iio: hid-sensors: select IIO_TRIGGERED_BUFFER under HID_SENSOR_IIO_TRIGGER
usb: fotg210-hcd: Fix an error message
hwmon: (occ) Fix poll rate limiting
usb: musb: Fix an error message
ACPI: scan: Fix a memory leak in an error handling path
kyber: fix out of bounds access when preempted
nvmet: add lba to sect conversion helpers
nvmet: fix inline bio check for bdev-ns
nvmet-rdma: Fix NULL deref when SEND is completed with error
f2fs: compress: fix to free compress page correctly
f2fs: compress: fix race condition of overwrite vs truncate
f2fs: compress: fix to assign cc.cluster_idx correctly
nbd: Fix NULL pointer in flush_workqueue
blk-mq: plug request for shared sbitmap
blk-mq: Swap two calls in blk_mq_exit_queue()
usb: dwc3: omap: improve extcon initialization
usb: dwc3: pci: Enable usb2-gadget-lpm-disable for Intel Merrifield
usb: xhci: Increase timeout for HC halt
usb: dwc2: Fix gadget DMA unmap direction
usb: core: hub: fix race condition about TRSMRCY of resume
usb: dwc3: gadget: Enable suspend events
usb: dwc3: gadget: Return success always for kick transfer in ep queue
usb: typec: ucsi: Retrieve all the PDOs instead of just the first 4
usb: typec: ucsi: Put fwnode in any case during ->probe()
xhci-pci: Allow host runtime PM as default for Intel Alder Lake xHCI
xhci: Do not use GFP_KERNEL in (potentially) atomic context
xhci: Add reset resume quirk for AMD xhci controller.
iio: gyro: mpu3050: Fix reported temperature value
iio: tsl2583: Fix division by a zero lux_val
cdc-wdm: untangle a circular dependency between callback and softint
xen/gntdev: fix gntdev_mmap() error exit path
KVM: x86: Emulate RDPID only if RDTSCP is supported
KVM: x86: Move RDPID emulation intercept to its own enum
KVM: nVMX: Always make an attempt to map eVMCS after migration
KVM: VMX: Do not advertise RDPID if ENABLE_RDTSCP control is unsupported
KVM: VMX: Disable preemption when probing user return MSRs
Revert "iommu/vt-d: Remove WO permissions on second-level paging entries"
Revert "iommu/vt-d: Preset Access/Dirty bits for IOVA over FL"
iommu/vt-d: Preset Access/Dirty bits for IOVA over FL
iommu/vt-d: Remove WO permissions on second-level paging entries
mm: fix struct page layout on 32-bit systems
MIPS: Reinstate platform `__div64_32' handler
MIPS: Avoid DIVU in `__div64_32' is result would be zero
MIPS: Avoid handcoded DIVU in `__div64_32' altogether
clocksource/drivers/timer-ti-dm: Prepare to handle dra7 timer wrap issue
clocksource/drivers/timer-ti-dm: Handle dra7 timer wrap errata i940
ARM: 9011/1: centralize phys-to-virt conversion of DT/ATAGS address
ARM: 9012/1: move device tree mapping out of linear region
ARM: 9020/1: mm: use correct section size macro to describe the FDT virtual address
ARM: 9027/1: head.S: explicitly map DT even if it lives in the first physical section
usb: typec: tcpm: Fix error while calculating PPS out values
kobject_uevent: remove warning in init_uevent_argv()
drm/i915/gt: Fix a double free in gen8_preallocate_top_level_pdp
drm/i915: Read C0DRB3/C1DRB3 as 16 bits again
drm/i915/overlay: Fix active retire callback alignment
drm/i915: Fix crash in auto_retire
clk: exynos7: Mark aclk_fsys1_200 as critical
media: rkvdec: Remove of_match_ptr()
i2c: mediatek: Fix send master code at more than 1MHz
dt-bindings: media: renesas,vin: Make resets optional on R-Car Gen1
dt-bindings: serial: 8250: Remove duplicated compatible strings
debugfs: Make debugfs_allow RO after init
ext4: fix debug format string warning
nvme: do not try to reconfigure APST when the controller is not live
ASoC: rsnd: check all BUSIF status when error
Linux 5.10.38
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ia32e01283b488a38be48015c58a0e481f09aaf65
[ Upstream commit f4bf74d829 ]
Currently the pde_is_permanent() check is being run on root multiple times
rather than on the next proc directory entry. This looks like a
copy-paste error. Fix this by replacing root with next.
Addresses-Coverity: ("Copy-paste error")
Link: https://lkml.kernel.org/r/20210318122633.14222-1-colin.king@canonical.com
Fixes: d919b33daf ("proc: faster open/read/close with "permanent" files")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Acked-by: Christian Brauner <christian.brauner@ubuntu.com>
Reviewed-by: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Greg Kroah-Hartman <gregkh@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Changes in 5.10.37
Bluetooth: verify AMP hci_chan before amp_destroy
bluetooth: eliminate the potential race condition when removing the HCI controller
net/nfc: fix use-after-free llcp_sock_bind/connect
io_uring: truncate lengths larger than MAX_RW_COUNT on provide buffers
Revert "USB: cdc-acm: fix rounding error in TIOCSSERIAL"
usb: roles: Call try_module_get() from usb_role_switch_find_by_fwnode()
tty: moxa: fix TIOCSSERIAL jiffies conversions
tty: amiserial: fix TIOCSSERIAL permission check
USB: serial: usb_wwan: fix TIOCSSERIAL jiffies conversions
staging: greybus: uart: fix TIOCSSERIAL jiffies conversions
USB: serial: ti_usb_3410_5052: fix TIOCSSERIAL permission check
staging: fwserial: fix TIOCSSERIAL jiffies conversions
tty: moxa: fix TIOCSSERIAL permission check
staging: fwserial: fix TIOCSSERIAL permission check
drm: bridge: fix LONTIUM use of mipi_dsi_() functions
usb: typec: tcpm: Address incorrect values of tcpm psy for fixed supply
usb: typec: tcpm: Address incorrect values of tcpm psy for pps supply
usb: typec: tcpm: update power supply once partner accepts
usb: xhci-mtk: remove or operator for setting schedule parameters
usb: xhci-mtk: improve bandwidth scheduling with TT
ASoC: samsung: tm2_wm5110: check of of_parse return value
ASoC: Intel: kbl_da7219_max98927: Fix kabylake_ssp_fixup function
ASoC: tlv320aic32x4: Register clocks before registering component
ASoC: tlv320aic32x4: Increase maximum register in regmap
MIPS: pci-mt7620: fix PLL lock check
MIPS: pci-rt2880: fix slot 0 configuration
FDDI: defxx: Bail out gracefully with unassigned PCI resource for CSR
PCI: Allow VPD access for QLogic ISP2722
KVM: x86: Defer the MMU unload to the normal path on an global INVPCID
PCI: xgene: Fix cfg resource mapping
PCI: keystone: Let AM65 use the pci_ops defined in pcie-designware-host.c
PM / devfreq: Unlock mutex and free devfreq struct in error path
soc/tegra: regulators: Fix locking up when voltage-spread is out of range
iio: inv_mpu6050: Fully validate gyro and accel scale writes
iio:accel:adis16201: Fix wrong axis assignment that prevents loading
iio:adc:ad7476: Fix remove handling
sc16is7xx: Defer probe if device read fails
phy: cadence: Sierra: Fix PHY power_on sequence
misc: lis3lv02d: Fix false-positive WARN on various HP models
phy: ti: j721e-wiz: Invoke wiz_init() before of_platform_device_create()
misc: vmw_vmci: explicitly initialize vmci_notify_bm_set_msg struct
misc: vmw_vmci: explicitly initialize vmci_datagram payload
selinux: add proper NULL termination to the secclass_map permissions
x86, sched: Treat Intel SNC topology as default, COD as exception
async_xor: increase src_offs when dropping destination page
md/bitmap: wait for external bitmap writes to complete during tear down
md-cluster: fix use-after-free issue when removing rdev
md: split mddev_find
md: factor out a mddev_find_locked helper from mddev_find
md: md_open returns -EBUSY when entering racing area
md: Fix missing unused status line of /proc/mdstat
mt76: mt7615: use ieee80211_free_txskb() in mt7615_tx_token_put()
ipw2x00: potential buffer overflow in libipw_wx_set_encodeext()
cfg80211: scan: drop entry from hidden_list on overflow
rtw88: Fix array overrun in rtw_get_tx_power_params()
mt76: fix potential DMA mapping leak
FDDI: defxx: Make MMIO the configuration default except for EISA
drm/i915/gvt: Fix virtual display setup for BXT/APL
drm/i915/gvt: Fix vfio_edid issue for BXT/APL
drm/qxl: use ttm bo priorities
drm/panfrost: Clear MMU irqs before handling the fault
drm/panfrost: Don't try to map pages that are already mapped
drm/radeon: fix copy of uninitialized variable back to userspace
drm/dp_mst: Revise broadcast msg lct & lcr
drm/dp_mst: Set CLEAR_PAYLOAD_ID_TABLE as broadcast
drm: bridge/panel: Cleanup connector on bridge detach
drm/amd/display: Reject non-zero src_y and src_x for video planes
drm/amdgpu: fix concurrent VM flushes on Vega/Navi v2
ALSA: hda/realtek: Re-order ALC882 Acer quirk table entries
ALSA: hda/realtek: Re-order ALC882 Sony quirk table entries
ALSA: hda/realtek: Re-order ALC882 Clevo quirk table entries
ALSA: hda/realtek: Re-order ALC269 HP quirk table entries
ALSA: hda/realtek: Re-order ALC269 Acer quirk table entries
ALSA: hda/realtek: Re-order ALC269 Dell quirk table entries
ALSA: hda/realtek: Re-order ALC269 ASUS quirk table entries
ALSA: hda/realtek: Re-order ALC269 Sony quirk table entries
ALSA: hda/realtek: Re-order ALC269 Lenovo quirk table entries
ALSA: hda/realtek: Re-order remaining ALC269 quirk table entries
ALSA: hda/realtek: Re-order ALC662 quirk table entries
ALSA: hda/realtek: Remove redundant entry for ALC861 Haier/Uniwill devices
ALSA: hda/realtek: ALC285 Thinkpad jack pin quirk is unreachable
ALSA: hda/realtek: Fix speaker amp on HP Envy AiO 32
KVM: s390: VSIE: correctly handle MVPG when in VSIE
KVM: s390: split kvm_s390_logical_to_effective
KVM: s390: fix guarded storage control register handling
s390: fix detection of vector enhancements facility 1 vs. vector packed decimal facility
KVM: s390: VSIE: fix MVPG handling for prefixing and MSO
KVM: s390: split kvm_s390_real_to_abs
KVM: s390: extend kvm_s390_shadow_fault to return entry pointer
KVM: x86/mmu: Alloc page for PDPTEs when shadowing 32-bit NPT with 64-bit
KVM: x86: Remove emulator's broken checks on CR0/CR3/CR4 loads
KVM: nSVM: Set the shadow root level to the TDP level for nested NPT
KVM: SVM: Don't strip the C-bit from CR2 on #PF interception
KVM: SVM: Do not allow SEV/SEV-ES initialization after vCPUs are created
KVM: SVM: Inject #GP on guest MSR_TSC_AUX accesses if RDTSCP unsupported
KVM: nVMX: Defer the MMU reload to the normal path on an EPTP switch
KVM: nVMX: Truncate bits 63:32 of VMCS field on nested check in !64-bit
KVM: nVMX: Truncate base/index GPR value on address calc in !64-bit
KVM: arm/arm64: Fix KVM_VGIC_V3_ADDR_TYPE_REDIST read
KVM: Destroy I/O bus devices on unregister failure _after_ sync'ing SRCU
KVM: Stop looking for coalesced MMIO zones if the bus is destroyed
KVM: arm64: Fully zero the vcpu state on reset
KVM: arm64: Fix KVM_VGIC_V3_ADDR_TYPE_REDIST_REGION read
Revert "drivers/net/wan/hdlc_fr: Fix a double free in pvc_xmit"
Revert "i3c master: fix missing destroy_workqueue() on error in i3c_master_register"
ovl: fix missing revert_creds() on error path
Revert "drm/qxl: do not run release if qxl failed to init"
usb: gadget: pch_udc: Revert d3cb25a121 completely
Revert "tools/power turbostat: adjust for temperature offset"
firmware: xilinx: Fix dereferencing freed memory
firmware: xilinx: Add a blank line after function declaration
firmware: xilinx: Remove zynqmp_pm_get_eemi_ops() in IS_REACHABLE(CONFIG_ZYNQMP_FIRMWARE)
fpga: fpga-mgr: xilinx-spi: fix error messages on -EPROBE_DEFER
crypto: sun8i-ss - fix result memory leak on error path
memory: gpmc: fix out of bounds read and dereference on gpmc_cs[]
ARM: dts: exynos: correct fuel gauge interrupt trigger level on GT-I9100
ARM: dts: exynos: correct fuel gauge interrupt trigger level on Midas family
ARM: dts: exynos: correct MUIC interrupt trigger level on Midas family
ARM: dts: exynos: correct PMIC interrupt trigger level on Midas family
ARM: dts: exynos: correct PMIC interrupt trigger level on Odroid X/U3 family
ARM: dts: exynos: correct PMIC interrupt trigger level on SMDK5250
ARM: dts: exynos: correct PMIC interrupt trigger level on Snow
ARM: dts: s5pv210: correct fuel gauge interrupt trigger level on Fascinate family
ARM: dts: renesas: Add mmc aliases into R-Car Gen2 board dts files
arm64: dts: renesas: Add mmc aliases into board dts files
x86/platform/uv: Set section block size for hubless architectures
serial: stm32: fix code cleaning warnings and checks
serial: stm32: add "_usart" prefix in functions name
serial: stm32: fix probe and remove order for dma
serial: stm32: Use of_device_get_match_data()
serial: stm32: fix startup by enabling usart for reception
serial: stm32: fix incorrect characters on console
serial: stm32: fix TX and RX FIFO thresholds
serial: stm32: fix a deadlock condition with wakeup event
serial: stm32: fix wake-up flag handling
serial: stm32: fix a deadlock in set_termios
serial: stm32: fix tx dma completion, release channel
serial: stm32: call stm32_transmit_chars locked
serial: stm32: fix FIFO flush in startup and set_termios
serial: stm32: add FIFO flush when port is closed
serial: stm32: fix tx_empty condition
usb: typec: tcpci: Check ROLE_CONTROL while interpreting CC_STATUS
usb: typec: tps6598x: Fix return value check in tps6598x_probe()
usb: typec: stusb160x: fix return value check in stusb160x_probe()
regmap: set debugfs_name to NULL after it is freed
spi: rockchip: avoid objtool warning
mtd: rawnand: fsmc: Fix error code in fsmc_nand_probe()
mtd: rawnand: brcmnand: fix OOB R/W with Hamming ECC
mtd: Handle possible -EPROBE_DEFER from parse_mtd_partitions()
mtd: rawnand: qcom: Return actual error code instead of -ENODEV
mtd: don't lock when recursively deleting partitions
mtd: maps: fix error return code of physmap_flash_remove()
ARM: dts: stm32: fix usart 2 & 3 pinconf to wake up with flow control
arm64: dts: qcom: sm8250: Fix level triggered PMU interrupt polarity
arm64: dts: qcom: sm8250: Fix timer interrupt to specify EL2 physical timer
arm64: dts: qcom: sdm845: fix number of pins in 'gpio-ranges'
arm64: dts: qcom: sm8150: fix number of pins in 'gpio-ranges'
arm64: dts: qcom: sm8250: fix number of pins in 'gpio-ranges'
arm64: dts: qcom: db845c: fix correct powerdown pin for WSA881x
crypto: sun8i-ss - Fix memory leak of object d when dma_iv fails to map
spi: stm32: drop devres version of spi_register_master
regulator: bd9576: Fix return from bd957x_probe()
arm64: dts: renesas: r8a77980: Fix vin4-7 endpoint binding
spi: stm32: Fix use-after-free on unbind
x86/microcode: Check for offline CPUs before requesting new microcode
devtmpfs: fix placement of complete() call
usb: gadget: pch_udc: Replace cpu_to_le32() by lower_32_bits()
usb: gadget: pch_udc: Check if driver is present before calling ->setup()
usb: gadget: pch_udc: Check for DMA mapping error
usb: gadget: pch_udc: Initialize device pointer before use
usb: gadget: pch_udc: Provide a GPIO line used on Intel Minnowboard (v1)
crypto: ccp - fix command queuing to TEE ring buffer
crypto: qat - don't release uninitialized resources
crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init
fotg210-udc: Fix DMA on EP0 for length > max packet size
fotg210-udc: Fix EP0 IN requests bigger than two packets
fotg210-udc: Remove a dubious condition leading to fotg210_done
fotg210-udc: Mask GRP2 interrupts we don't handle
fotg210-udc: Don't DMA more than the buffer can take
fotg210-udc: Complete OUT requests on short packets
usb: gadget: s3c: Fix incorrect resources releasing
usb: gadget: s3c: Fix the error handling path in 's3c2410_udc_probe()'
dt-bindings: serial: stm32: Use 'type: object' instead of false for 'additionalProperties'
mtd: require write permissions for locking and badblock ioctls
arm64: dts: renesas: r8a779a0: Fix PMU interrupt
bus: qcom: Put child node before return
soundwire: bus: Fix device found flag correctly
phy: ti: j721e-wiz: Delete "clk_div_sel" clk provider during cleanup
phy: marvell: ARMADA375_USBCLUSTER_PHY should not default to y, unconditionally
arm64: dts: mediatek: fix reset GPIO level on pumpkin
NFSD: Fix sparse warning in nfs4proc.c
NFSv4.2: fix copy stateid copying for the async copy
crypto: poly1305 - fix poly1305_core_setkey() declaration
crypto: qat - fix error path in adf_isr_resource_alloc()
usb: gadget: aspeed: fix dma map failure
USB: gadget: udc: fix wrong pointer passed to IS_ERR() and PTR_ERR()
drivers: nvmem: Fix voltage settings for QTI qfprom-efuse
driver core: platform: Declare early_platform_cleanup() prototype
memory: pl353: fix mask of ECC page_size config register
soundwire: stream: fix memory leak in stream config error path
m68k: mvme147,mvme16x: Don't wipe PCC timer config bits
firmware: qcom_scm: Make __qcom_scm_is_call_available() return bool
firmware: qcom_scm: Reduce locking section for __get_convention()
firmware: qcom_scm: Workaround lack of "is available" call on SC7180
iio: adc: Kconfig: make AD9467 depend on ADI_AXI_ADC symbol
mtd: rawnand: gpmi: Fix a double free in gpmi_nand_init
irqchip/gic-v3: Fix OF_BAD_ADDR error handling
staging: comedi: tests: ni_routes_test: Fix compilation error
staging: rtl8192u: Fix potential infinite loop
staging: fwserial: fix TIOCSSERIAL implementation
staging: fwserial: fix TIOCGSERIAL implementation
staging: greybus: uart: fix unprivileged TIOCCSERIAL
soc: qcom: pdr: Fix error return code in pdr_register_listener
PM / devfreq: Use more accurate returned new_freq as resume_freq
clocksource/drivers/timer-ti-dm: Fix posted mode status check order
clocksource/drivers/timer-ti-dm: Add missing set_state_oneshot_stopped
clocksource/drivers/ingenic_ost: Fix return value check in ingenic_ost_probe()
spi: Fix use-after-free with devm_spi_alloc_*
spi: fsl: add missing iounmap() on error in of_fsl_spi_probe()
soc: qcom: mdt_loader: Validate that p_filesz < p_memsz
soc: qcom: mdt_loader: Detect truncated read of segments
PM: runtime: Replace inline function pm_runtime_callbacks_present()
cpuidle: Fix ARM_QCOM_SPM_CPUIDLE configuration
ACPI: CPPC: Replace cppc_attr with kobj_attribute
crypto: allwinner - add missing CRYPTO_ prefix
crypto: sun8i-ss - Fix memory leak of pad
crypto: sa2ul - Fix memory leak of rxd
crypto: qat - Fix a double free in adf_create_ring
cpufreq: armada-37xx: Fix setting TBG parent for load levels
clk: mvebu: armada-37xx-periph: remove .set_parent method for CPU PM clock
cpufreq: armada-37xx: Fix the AVS value for load L1
clk: mvebu: armada-37xx-periph: Fix switching CPU freq from 250 Mhz to 1 GHz
clk: mvebu: armada-37xx-periph: Fix workaround for switching from L1 to L0
cpufreq: armada-37xx: Fix driver cleanup when registration failed
cpufreq: armada-37xx: Fix determining base CPU frequency
spi: spi-zynqmp-gqspi: use wait_for_completion_timeout to make zynqmp_qspi_exec_op not interruptible
spi: spi-zynqmp-gqspi: add mutex locking for exec_op
spi: spi-zynqmp-gqspi: transmit dummy circles by using the controller's internal functionality
spi: spi-zynqmp-gqspi: fix incorrect operating mode in zynqmp_qspi_read_op
spi: fsl-lpspi: Fix PM reference leak in lpspi_prepare_xfer_hardware()
usb: gadget: r8a66597: Add missing null check on return from platform_get_resource
USB: cdc-acm: fix unprivileged TIOCCSERIAL
USB: cdc-acm: fix TIOCGSERIAL implementation
tty: actually undefine superseded ASYNC flags
tty: fix return value for unsupported ioctls
tty: Remove dead termiox code
tty: fix return value for unsupported termiox ioctls
serial: core: return early on unsupported ioctls
firmware: qcom-scm: Fix QCOM_SCM configuration
node: fix device cleanups in error handling code
crypto: chelsio - Read rxchannel-id from firmware
usbip: vudc: fix missing unlock on error in usbip_sockfd_store()
m68k: Add missing mmap_read_lock() to sys_cacheflush()
spi: spi-zynqmp-gqspi: Fix missing unlock on error in zynqmp_qspi_exec_op()
memory: renesas-rpc-if: fix possible NULL pointer dereference of resource
memory: samsung: exynos5422-dmc: handle clk_set_parent() failure
security: keys: trusted: fix TPM2 authorizations
platform/x86: pmc_atom: Match all Beckhoff Automation baytrail boards with critclk_systems DMI table
ARM: dts: aspeed: Rainier: Fix humidity sensor bus address
Drivers: hv: vmbus: Use after free in __vmbus_open()
spi: spi-zynqmp-gqspi: fix clk_enable/disable imbalance issue
spi: spi-zynqmp-gqspi: fix hang issue when suspend/resume
spi: spi-zynqmp-gqspi: fix use-after-free in zynqmp_qspi_exec_op
spi: spi-zynqmp-gqspi: return -ENOMEM if dma_map_single fails
x86/platform/uv: Fix !KEXEC build failure
hwmon: (pmbus/pxe1610) don't bail out when not all pages are active
Drivers: hv: vmbus: Increase wait time for VMbus unload
PM: hibernate: x86: Use crc32 instead of md5 for hibernation e820 integrity check
usb: dwc2: Fix host mode hibernation exit with remote wakeup flow.
usb: dwc2: Fix hibernation between host and device modes.
ttyprintk: Add TTY hangup callback.
serial: omap: don't disable rs485 if rts gpio is missing
serial: omap: fix rs485 half-duplex filtering
xen-blkback: fix compatibility bug with single page rings
soc: aspeed: fix a ternary sign expansion bug
drm/tilcdc: send vblank event when disabling crtc
drm/stm: Fix bus_flags handling
drm/amd/display: Fix off by one in hdmi_14_process_transaction()
drm/mcde/panel: Inverse misunderstood flag
sched/fair: Fix shift-out-of-bounds in load_balance()
afs: Fix updating of i_mode due to 3rd party change
rcu: Remove spurious instrumentation_end() in rcu_nmi_enter()
media: vivid: fix assignment of dev->fbuf_out_flags
media: saa7134: use sg_dma_len when building pgtable
media: saa7146: use sg_dma_len when building pgtable
media: omap4iss: return error code when omap4iss_get() failed
media: rkisp1: rsz: crash fix when setting src format
media: aspeed: fix clock handling logic
drm/probe-helper: Check epoch counter in output_poll_execute()
media: venus: core: Fix some resource leaks in the error path of 'venus_probe()'
media: platform: sunxi: sun6i-csi: fix error return code of sun6i_video_start_streaming()
media: m88ds3103: fix return value check in m88ds3103_probe()
media: docs: Fix data organization of MEDIA_BUS_FMT_RGB101010_1X30
media: [next] staging: media: atomisp: fix memory leak of object flash
media: atomisp: Fixed error handling path
media: m88rs6000t: avoid potential out-of-bounds reads on arrays
media: atomisp: Fix use after free in atomisp_alloc_css_stat_bufs()
drm/amdkfd: fix build error with AMD_IOMMU_V2=m
of: overlay: fix for_each_child.cocci warnings
x86/kprobes: Fix to check non boostable prefixes correctly
selftests: fix prepending $(OUTPUT) to $(TEST_PROGS)
pata_arasan_cf: fix IRQ check
pata_ipx4xx_cf: fix IRQ check
sata_mv: add IRQ checks
ata: libahci_platform: fix IRQ check
seccomp: Fix CONFIG tests for Seccomp_filters
nvme-tcp: block BH in sk state_change sk callback
nvmet-tcp: fix incorrect locking in state_change sk callback
clk: imx: Fix reparenting of UARTs not associated with stdout
power: supply: bq25980: Move props from battery node
nvme: retrigger ANA log update if group descriptor isn't found
media: i2c: imx219: Move out locking/unlocking of vflip and hflip controls from imx219_set_stream
media: i2c: imx219: Balance runtime PM use-count
media: v4l2-ctrls.c: fix race condition in hdl->requests list
vfio/fsl-mc: Re-order vfio_fsl_mc_probe()
vfio/pci: Move VGA and VF initialization to functions
vfio/pci: Re-order vfio_pci_probe()
vfio/mdev: Do not allow a mdev_type to have a NULL parent pointer
clk: zynqmp: move zynqmp_pll_set_mode out of round_rate callback
clk: zynqmp: pll: add set_pll_mode to check condition in zynqmp_pll_enable
drm: xlnx: zynqmp: fix a memset in zynqmp_dp_train()
clk: qcom: a53-pll: Add missing MODULE_DEVICE_TABLE
clk: qcom: apss-ipq-pll: Add missing MODULE_DEVICE_TABLE
drm/amd/display: use GFP_ATOMIC in dcn20_resource_construct
drm/radeon: Fix a missing check bug in radeon_dp_mst_detect()
clk: uniphier: Fix potential infinite loop
scsi: pm80xx: Increase timeout for pm80xx mpi_uninit_check()
scsi: pm80xx: Fix potential infinite loop
scsi: ufs: ufshcd-pltfrm: Fix deferred probing
scsi: hisi_sas: Fix IRQ checks
scsi: jazz_esp: Add IRQ check
scsi: sun3x_esp: Add IRQ check
scsi: sni_53c710: Add IRQ check
scsi: ibmvfc: Fix invalid state machine BUG_ON()
mailbox: sprd: Introduce refcnt when clients requests/free channels
mfd: stm32-timers: Avoid clearing auto reload register
nvmet-tcp: fix a segmentation fault during io parsing error
nvme-pci: don't simple map sgl when sgls are disabled
media: cedrus: Fix H265 status definitions
HSI: core: fix resource leaks in hsi_add_client_from_dt()
x86/events/amd/iommu: Fix sysfs type mismatch
perf/amd/uncore: Fix sysfs type mismatch
io_uring: fix overflows checks in provide buffers
sched/debug: Fix cgroup_path[] serialization
drivers/block/null_blk/main: Fix a double free in null_init.
xsk: Respect device's headroom and tailroom on generic xmit path
HID: plantronics: Workaround for double volume key presses
perf symbols: Fix dso__fprintf_symbols_by_name() to return the number of printed chars
ASoC: Intel: boards: sof-wm8804: add check for PLL setting
ASoC: Intel: Skylake: Compile when any configuration is selected
RDMA/mlx5: Fix mlx5 rates to IB rates map
wilc1000: write value to WILC_INTR2_ENABLE register
KVM: x86/mmu: Retry page faults that hit an invalid memslot
Bluetooth: avoid deadlock between hci_dev->lock and socket lock
net: lapbether: Prevent racing when checking whether the netif is running
libbpf: Add explicit padding to bpf_xdp_set_link_opts
bpftool: Fix maybe-uninitialized warnings
iommu: Check dev->iommu in iommu_dev_xxx functions
iommu/vt-d: Reject unsupported page request modes
selftests/bpf: Re-generate vmlinux.h and BPF skeletons if bpftool changed
libbpf: Add explicit padding to btf_dump_emit_type_decl_opts
powerpc/fadump: Mark fadump_calculate_reserve_size as __init
powerpc/prom: Mark identical_pvr_fixup as __init
MIPS: fix local_irq_{disable,enable} in asmmacro.h
ima: Fix the error code for restoring the PCR value
inet: use bigger hash table for IP ID generation
pinctrl: pinctrl-single: remove unused parameter
pinctrl: pinctrl-single: fix pcs_pin_dbg_show() when bits_per_mux is not zero
MIPS: loongson64: fix bug when PAGE_SIZE > 16KB
ASoC: wm8960: Remove bitclk relax condition in wm8960_configure_sysclk
iommu/arm-smmu-v3: add bit field SFM into GERROR_ERR_MASK
RDMA/mlx5: Fix drop packet rule in egress table
IB/isert: Fix a use after free in isert_connect_request
powerpc: Fix HAVE_HARDLOCKUP_DETECTOR_ARCH build configuration
MIPS/bpf: Enable bpf_probe_read{, str}() on MIPS again
gpio: guard gpiochip_irqchip_add_domain() with GPIOLIB_IRQCHIP
ALSA: core: remove redundant spin_lock pair in snd_card_disconnect
net: phy: lan87xx: fix access to wrong register of LAN87xx
udp: never accept GSO_FRAGLIST packets
powerpc/pseries: Only register vio drivers if vio bus exists
net/tipc: fix missing destroy_workqueue() on error in tipc_crypto_start()
bug: Remove redundant condition check in report_bug
RDMA/core: Fix corrupted SL on passive side
nfc: pn533: prevent potential memory corruption
net: hns3: Limiting the scope of vector_ring_chain variable
mips: bmips: fix syscon-reboot nodes
iommu/vt-d: Don't set then clear private data in prq_event_thread()
iommu: Fix a boundary issue to avoid performance drop
iommu/vt-d: Report right snoop capability when using FL for IOVA
iommu/vt-d: Report the right page fault address
iommu/vt-d: Preset Access/Dirty bits for IOVA over FL
iommu/vt-d: Remove WO permissions on second-level paging entries
iommu/vt-d: Invalidate PASID cache when root/context entry changed
ALSA: usb-audio: Add error checks for usb_driver_claim_interface() calls
HID: lenovo: Use brightness_set_blocking callback for setting LEDs brightness
HID: lenovo: Fix lenovo_led_set_tp10ubkbd() error handling
HID: lenovo: Check hid_get_drvdata() returns non NULL in lenovo_event()
HID: lenovo: Map mic-mute button to KEY_F20 instead of KEY_MICMUTE
KVM: arm64: Initialize VCPU mdcr_el2 before loading it
ASoC: simple-card: fix possible uninitialized single_cpu local variable
liquidio: Fix unintented sign extension of a left shift of a u16
IB/hfi1: Use kzalloc() for mmu_rb_handler allocation
powerpc/64s: Fix pte update for kernel memory on radix
powerpc/perf: Fix PMU constraint check for EBB events
powerpc: iommu: fix build when neither PCI or IBMVIO is set
mac80211: bail out if cipher schemes are invalid
perf vendor events amd: Fix broken L2 Cache Hits from L2 HWPF metric
xfs: fix return of uninitialized value in variable error
rtw88: Fix an error code in rtw_debugfs_set_rsvd_page()
mt7601u: fix always true expression
mt76: mt7615: fix tx skb dma unmap
mt76: mt7915: fix tx skb dma unmap
mt76: mt7915: fix aggr len debugfs node
mt76: mt7615: fix mib stats counter reporting to mac80211
mt76: mt7915: fix mib stats counter reporting to mac80211
mt76: mt7663s: make all of packets 4-bytes aligned in sdio tx aggregation
mt76: mt7663s: fix the possible device hang in high traffic
KVM: PPC: Book3S HV P9: Restore host CTRL SPR after guest exit
ovl: invalidate readdir cache on changes to dir with origin
RDMA/qedr: Fix error return code in qedr_iw_connect()
IB/hfi1: Fix error return code in parse_platform_config()
RDMA/bnxt_re: Fix error return code in bnxt_qplib_cq_process_terminal()
cxgb4: Fix unintentional sign extension issues
net: thunderx: Fix unintentional sign extension issue
RDMA/srpt: Fix error return code in srpt_cm_req_recv()
RDMA/rtrs-clt: destroy sysfs after removing session from active list
i2c: cadence: fix reference leak when pm_runtime_get_sync fails
i2c: img-scb: fix reference leak when pm_runtime_get_sync fails
i2c: imx-lpi2c: fix reference leak when pm_runtime_get_sync fails
i2c: imx: fix reference leak when pm_runtime_get_sync fails
i2c: omap: fix reference leak when pm_runtime_get_sync fails
i2c: sprd: fix reference leak when pm_runtime_get_sync fails
i2c: stm32f7: fix reference leak when pm_runtime_get_sync fails
i2c: xiic: fix reference leak when pm_runtime_get_sync fails
i2c: cadence: add IRQ check
i2c: emev2: add IRQ check
i2c: jz4780: add IRQ check
i2c: mlxbf: add IRQ check
i2c: rcar: make sure irq is not threaded on Gen2 and earlier
i2c: rcar: protect against supurious interrupts on V3U
i2c: rcar: add IRQ check
i2c: sh7760: add IRQ check
powerpc/xive: Drop check on irq_data in xive_core_debug_show()
powerpc/xive: Fix xmon command "dxi"
ASoC: ak5558: correct reset polarity
net/mlx5: Fix bit-wise and with zero
net/packet: make packet_fanout.arr size configurable up to 64K
net/packet: remove data races in fanout operations
drm/i915/gvt: Fix error code in intel_gvt_init_device()
iommu/amd: Put newline after closing bracket in warning
perf beauty: Fix fsconfig generator
drm/amd/pm: fix error code in smu_set_power_limit()
MIPS: pci-legacy: stop using of_pci_range_to_resource
powerpc/pseries: extract host bridge from pci_bus prior to bus removal
powerpc/smp: Reintroduce cpu_core_mask
KVM: x86: dump_vmcs should not assume GUEST_IA32_EFER is valid
rtlwifi: 8821ae: upgrade PHY and RF parameters
wlcore: fix overlapping snprintf arguments in debugfs
i2c: sh7760: fix IRQ error path
i2c: mediatek: Fix wrong dma sync flag
mwl8k: Fix a double Free in mwl8k_probe_hw
netfilter: nft_payload: fix C-VLAN offload support
netfilter: nftables_offload: VLAN id needs host byteorder in flow dissector
netfilter: nftables_offload: special ethertype handling for VLAN
vsock/vmci: log once the failed queue pair allocation
libbpf: Initialize the bpf_seq_printf parameters array field by field
net: ethernet: ixp4xx: Set the DMA masks explicitly
gro: fix napi_gro_frags() Fast GRO breakage due to IP alignment check
RDMA/cxgb4: add missing qpid increment
RDMA/i40iw: Fix error unwinding when i40iw_hmc_sd_one fails
ALSA: usb: midi: don't return -ENOMEM when usb_urb_ep_type_check fails
sfc: ef10: fix TX queue lookup in TX event handling
vsock/virtio: free queued packets when closing socket
net: marvell: prestera: fix port event handling on init
net: davinci_emac: Fix incorrect masking of tx and rx error channel
mt76: mt7615: fix memleak when mt7615_unregister_device()
crypto: ccp: Detect and reject "invalid" addresses destined for PSP
nfp: devlink: initialize the devlink port attribute "lanes"
net: stmmac: fix TSO and TBS feature enabling during driver open
net: renesas: ravb: Fix a stuck issue when a lot of frames are received
net: phy: intel-xway: enable integrated led functions
RDMA/rxe: Fix a bug in rxe_fill_ip_info()
RDMA/core: Add CM to restrack after successful attachment to a device
powerpc/64: Fix the definition of the fixmap area
ath9k: Fix error check in ath9k_hw_read_revisions() for PCI devices
ath10k: Fix a use after free in ath10k_htc_send_bundle
ath10k: Fix ath10k_wmi_tlv_op_pull_peer_stats_info() unlock without lock
wlcore: Fix buffer overrun by snprintf due to incorrect buffer size
powerpc/perf: Fix the threshold event selection for memory events in power10
powerpc/52xx: Fix an invalid ASM expression ('addi' used instead of 'add')
net: phy: marvell: fix m88e1011_set_downshift
net: phy: marvell: fix m88e1111_set_downshift
net: enetc: fix link error again
bnxt_en: fix ternary sign extension bug in bnxt_show_temp()
ARM: dts: uniphier: Change phy-mode to RGMII-ID to enable delay pins for RTL8211E
arm64: dts: uniphier: Change phy-mode to RGMII-ID to enable delay pins for RTL8211E
net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb
selftests: net: mirror_gre_vlan_bridge_1q: Make an FDB entry static
selftests: mlxsw: Remove a redundant if statement in tc_flower_scale test
bnxt_en: Fix RX consumer index logic in the error path.
KVM: VMX: Intercept FS/GS_BASE MSR accesses for 32-bit KVM
net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send
selftests/bpf: Fix BPF_CORE_READ_BITFIELD() macro
selftests/bpf: Fix field existence CO-RE reloc tests
selftests/bpf: Fix core_reloc test runner
bpf: Fix propagation of 32 bit unsigned bounds from 64 bit bounds
RDMA/siw: Fix a use after free in siw_alloc_mr
RDMA/bnxt_re: Fix a double free in bnxt_qplib_alloc_res
net: bridge: mcast: fix broken length + header check for MRDv6 Adv.
net:nfc:digital: Fix a double free in digital_tg_recv_dep_req
perf tools: Change fields type in perf_record_time_conv
perf jit: Let convert_timestamp() to be backwards-compatible
perf session: Add swap operation for event TIME_CONV
ia64: fix EFI_DEBUG build
kfifo: fix ternary sign extension bugs
mm/sl?b.c: remove ctor argument from kmem_cache_flags
mm: memcontrol: slab: fix obtain a reference to a freeing memcg
mm/sparse: add the missing sparse_buffer_fini() in error branch
mm/memory-failure: unnecessary amount of unmapping
afs: Fix speculative status fetches
bpf: Fix alu32 const subreg bound tracking on bitwise operations
bpf, ringbuf: Deny reserve of buffers larger than ringbuf
bpf: Prevent writable memory-mapping of read-only ringbuf pages
arm64: Remove arm64_dma32_phys_limit and its uses
net: Only allow init netns to set default tcp cong to a restricted algo
smp: Fix smp_call_function_single_async prototype
Revert "net/sctp: fix race condition in sctp_destroy_sock"
sctp: delay auto_asconf init until binding the first addr
Linux 5.10.37
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I5bee89c285d9dd72de967b0e70d96951ae4e06ae
[ Upstream commit 64bdc02440 ]
Strictly speaking, seccomp filters are only used
when CONFIG_SECCOMP_FILTER.
This patch fixes the condition to enable "Seccomp_filters"
in /proc/$pid/status.
Signed-off-by: Kenta Tada <Kenta.Tada@sony.com>
Fixes: c818c03b66 ("seccomp: Report number of loaded filters in /proc/$pid/status")
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/OSBPR01MB26772D245E2CF4F26B76A989F5669@OSBPR01MB2677.jpnprd01.prod.outlook.com
Signed-off-by: Sasha Levin <sashal@kernel.org>
Patch series "userfaultfd: add minor fault handling", v9.
Overview
========
This series adds a new userfaultfd feature, UFFD_FEATURE_MINOR_HUGETLBFS.
When enabled (via the UFFDIO_API ioctl), this feature means that any
hugetlbfs VMAs registered with UFFDIO_REGISTER_MODE_MISSING will *also*
get events for "minor" faults. By "minor" fault, I mean the following
situation:
Let there exist two mappings (i.e., VMAs) to the same page(s) (shared
memory). One of the mappings is registered with userfaultfd (in minor
mode), and the other is not. Via the non-UFFD mapping, the underlying
pages have already been allocated & filled with some contents. The UFFD
mapping has not yet been faulted in; when it is touched for the first
time, this results in what I'm calling a "minor" fault. As a concrete
example, when working with hugetlbfs, we have huge_pte_none(), but
find_lock_page() finds an existing page.
We also add a new ioctl to resolve such faults: UFFDIO_CONTINUE. The idea
is, userspace resolves the fault by either a) doing nothing if the
contents are already correct, or b) updating the underlying contents using
the second, non-UFFD mapping (via memcpy/memset or similar, or something
fancier like RDMA, or etc...). In either case, userspace issues
UFFDIO_CONTINUE to tell the kernel "I have ensured the page contents are
correct, carry on setting up the mapping".
Use Case
========
Consider the use case of VM live migration (e.g. under QEMU/KVM):
1. While a VM is still running, we copy the contents of its memory to a
target machine. The pages are populated on the target by writing to the
non-UFFD mapping, using the setup described above. The VM is still running
(and therefore its memory is likely changing), so this may be repeated
several times, until we decide the target is "up to date enough".
2. We pause the VM on the source, and start executing on the target machine.
During this gap, the VM's user(s) will *see* a pause, so it is desirable to
minimize this window.
3. Between the last time any page was copied from the source to the target, and
when the VM was paused, the contents of that page may have changed - and
therefore the copy we have on the target machine is out of date. Although we
can keep track of which pages are out of date, for VMs with large amounts of
memory, it is "slow" to transfer this information to the target machine. We
want to resume execution before such a transfer would complete.
4. So, the guest begins executing on the target machine. The first time it
touches its memory (via the UFFD-registered mapping), userspace wants to
intercept this fault. Userspace checks whether or not the page is up to date,
and if not, copies the updated page from the source machine, via the non-UFFD
mapping. Finally, whether a copy was performed or not, userspace issues a
UFFDIO_CONTINUE ioctl to tell the kernel "I have ensured the page contents
are correct, carry on setting up the mapping".
We don't have to do all of the final updates on-demand. The userfaultfd manager
can, in the background, also copy over updated pages once it receives the map of
which pages are up-to-date or not.
Interaction with Existing APIs
==============================
Because this is a feature, a registered VMA could potentially receive both
missing and minor faults. I spent some time thinking through how the
existing API interacts with the new feature:
UFFDIO_CONTINUE cannot be used to resolve non-minor faults, as it does not
allocate a new page. If UFFDIO_CONTINUE is used on a non-minor fault:
- For non-shared memory or shmem, -EINVAL is returned.
- For hugetlb, -EFAULT is returned.
UFFDIO_COPY and UFFDIO_ZEROPAGE cannot be used to resolve minor faults.
Without modifications, the existing codepath assumes a new page needs to
be allocated. This is okay, since userspace must have a second
non-UFFD-registered mapping anyway, thus there isn't much reason to want
to use these in any case (just memcpy or memset or similar).
- If UFFDIO_COPY is used on a minor fault, -EEXIST is returned.
- If UFFDIO_ZEROPAGE is used on a minor fault, -EEXIST is returned (or -EINVAL
in the case of hugetlb, as UFFDIO_ZEROPAGE is unsupported in any case).
- UFFDIO_WRITEPROTECT simply doesn't work with shared memory, and returns
-ENOENT in that case (regardless of the kind of fault).
Future Work
===========
This series only supports hugetlbfs. I have a second series in flight to
support shmem as well, extending the functionality. This series is more
mature than the shmem support at this point, and the functionality works
fully on hugetlbfs, so this series can be merged first and then shmem
support will follow.
This patch (of 6):
This feature allows userspace to intercept "minor" faults. By "minor"
faults, I mean the following situation:
Let there exist two mappings (i.e., VMAs) to the same page(s). One of the
mappings is registered with userfaultfd (in minor mode), and the other is
not. Via the non-UFFD mapping, the underlying pages have already been
allocated & filled with some contents. The UFFD mapping has not yet been
faulted in; when it is touched for the first time, this results in what
I'm calling a "minor" fault. As a concrete example, when working with
hugetlbfs, we have huge_pte_none(), but find_lock_page() finds an existing
page.
This commit adds the new registration mode, and sets the relevant flag on
the VMAs being registered. In the hugetlb fault path, if we find that we
have huge_pte_none(), but find_lock_page() does indeed find an existing
page, then we have a "minor" fault, and if the VMA has the userfaultfd
registration flag, we call into userfaultfd to handle it.
This is implemented as a new registration mode, instead of an API feature.
This is because the alternative implementation has significant drawbacks
[1].
However, doing it this was requires we allocate a VM_* flag for the new
registration mode. On 32-bit systems, there are no unused bits, so this
feature is only supported on architectures with
CONFIG_ARCH_USES_HIGH_VMA_FLAGS. When attempting to register a VMA in
MINOR mode on 32-bit architectures, we return -EINVAL.
[1] https://lore.kernel.org/patchwork/patch/1380226/
Link: https://lkml.kernel.org/r/20210301222728.176417-1-axelrasmussen@google.com
Link: https://lkml.kernel.org/r/20210301222728.176417-2-axelrasmussen@google.com
Signed-off-by: Axel Rasmussen <axelrasmussen@google.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
Cc: Alexander Viro <viro@zeniv.linux.org.uk>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Anshuman Khandual <anshuman.khandual@arm.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Chinwen Chang <chinwen.chang@mediatek.com>
Cc: Huang Ying <ying.huang@intel.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Jann Horn <jannh@google.com>
Cc: Jerome Glisse <jglisse@redhat.com>
Cc: Lokesh Gidra <lokeshgidra@google.com>
Cc: "Matthew Wilcox (Oracle)" <willy@infradead.org>
Cc: Michael Ellerman <mpe@ellerman.id.au>
Cc: "Michal Koutn" <mkoutny@suse.com>
Cc: Michel Lespinasse <walken@google.com>
Cc: Mike Kravetz <mike.kravetz@oracle.com>
Cc: Mike Rapoport <rppt@linux.vnet.ibm.com>
Cc: Nicholas Piggin <npiggin@gmail.com>
Cc: Peter Xu <peterx@redhat.com>
Cc: Shaohua Li <shli@fb.com>
Cc: Shawn Anastasio <shawn@anastas.io>
Cc: Steven Rostedt <rostedt@goodmis.org>
Cc: Steven Price <steven.price@arm.com>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: Adam Ruprecht <ruprecht@google.com>
Cc: Axel Rasmussen <axelrasmussen@google.com>
Cc: Cannon Matthews <cannonmatthews@google.com>
Cc: "Dr . David Alan Gilbert" <dgilbert@redhat.com>
Cc: David Rientjes <rientjes@google.com>
Cc: Mina Almasry <almasrymina@google.com>
Cc: Oliver Upton <oupton@google.com>
Cc: Kirill A. Shutemov <kirill@shutemov.name>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au>
(cherry picked from commit 82a150ec394f6b944e26786b907fc0deab5b2064
https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git akpm)
Link: https://lore.kernel.org/patchwork/patch/1388132/
Conflicts:
arch/arm64/Kconfig
fs/userfaultfd.c
mm/hugetlb.c
(All related to SPF feature. Resolved by manual rebase)
Signed-off-by: Lokesh Gidra <lokeshgidra@google.com>
Bug: 160737021
Bug: 169683130
Change-Id: I43b37272d531341439ceaa03213d0e2415e04688
Changes in 5.10.20
vmlinux.lds.h: add DWARF v5 sections
vdpa/mlx5: fix param validation in mlx5_vdpa_get_config()
debugfs: be more robust at handling improper input in debugfs_lookup()
debugfs: do not attempt to create a new file before the filesystem is initalized
scsi: libsas: docs: Remove notify_ha_event()
scsi: qla2xxx: Fix mailbox Ch erroneous error
kdb: Make memory allocations more robust
w1: w1_therm: Fix conversion result for negative temperatures
PCI: qcom: Use PHY_REFCLK_USE_PAD only for ipq8064
PCI: Decline to resize resources if boot config must be preserved
virt: vbox: Do not use wait_event_interruptible when called from kernel context
bfq: Avoid false bfq queue merging
ALSA: usb-audio: Fix PCM buffer allocation in non-vmalloc mode
MIPS: vmlinux.lds.S: add missing PAGE_ALIGNED_DATA() section
vmlinux.lds.h: Define SANTIZER_DISCARDS with CONFIG_GCOV_KERNEL=y
random: fix the RNDRESEEDCRNG ioctl
ALSA: pcm: Call sync_stop at disconnection
ALSA: pcm: Assure sync with the pending stop operation at suspend
ALSA: pcm: Don't call sync_stop if it hasn't been stopped
drm/i915/gt: One more flush for Baytrail clear residuals
ath10k: Fix error handling in case of CE pipe init failure
Bluetooth: btqcomsmd: Fix a resource leak in error handling paths in the probe function
Bluetooth: hci_uart: Fix a race for write_work scheduling
Bluetooth: Fix initializing response id after clearing struct
arm64: dts: renesas: beacon kit: Fix choppy Bluetooth Audio
arm64: dts: renesas: beacon: Fix audio-1.8V pin enable
ARM: dts: exynos: correct PMIC interrupt trigger level on Artik 5
ARM: dts: exynos: correct PMIC interrupt trigger level on Monk
ARM: dts: exynos: correct PMIC interrupt trigger level on Rinato
ARM: dts: exynos: correct PMIC interrupt trigger level on Spring
ARM: dts: exynos: correct PMIC interrupt trigger level on Arndale Octa
ARM: dts: exynos: correct PMIC interrupt trigger level on Odroid XU3 family
arm64: dts: exynos: correct PMIC interrupt trigger level on TM2
arm64: dts: exynos: correct PMIC interrupt trigger level on Espresso
memory: mtk-smi: Fix PM usage counter unbalance in mtk_smi ops
Bluetooth: hci_qca: Fix memleak in qca_controller_memdump
staging: vchiq: Fix bulk userdata handling
staging: vchiq: Fix bulk transfers on 64-bit builds
arm64: dts: qcom: msm8916-samsung-a5u: Fix iris compatible
net: stmmac: dwmac-meson8b: fix enabling the timing-adjustment clock
bpf: Add bpf_patch_call_args prototype to include/linux/bpf.h
bpf: Avoid warning when re-casting __bpf_call_base into __bpf_call_base_args
firmware: arm_scmi: Fix call site of scmi_notification_exit
arm64: dts: allwinner: A64: properly connect USB PHY to port 0
arm64: dts: allwinner: H6: properly connect USB PHY to port 0
arm64: dts: allwinner: Drop non-removable from SoPine/LTS SD card
arm64: dts: allwinner: H6: Allow up to 150 MHz MMC bus frequency
arm64: dts: allwinner: A64: Limit MMC2 bus frequency to 150 MHz
arm64: dts: qcom: msm8916-samsung-a2015: Fix sensors
cpufreq: brcmstb-avs-cpufreq: Free resources in error path
cpufreq: brcmstb-avs-cpufreq: Fix resource leaks in ->remove()
arm64: dts: rockchip: rk3328: Add clock_in_out property to gmac2phy node
ACPICA: Fix exception code class checks
usb: gadget: u_audio: Free requests only after callback
arm64: dts: qcom: sdm845-db845c: Fix reset-pin of ov8856 node
soc: qcom: socinfo: Fix an off by one in qcom_show_pmic_model()
soc: ti: pm33xx: Fix some resource leak in the error handling paths of the probe function
staging: media: atomisp: Fix size_t format specifier in hmm_alloc() debug statemenet
Bluetooth: drop HCI device reference before return
Bluetooth: Put HCI device if inquiry procedure interrupts
memory: ti-aemif: Drop child node when jumping out loop
ARM: dts: Configure missing thermal interrupt for 4430
usb: dwc2: Do not update data length if it is 0 on inbound transfers
usb: dwc2: Abort transaction after errors with unknown reason
usb: dwc2: Make "trimming xfer length" a debug message
staging: rtl8723bs: wifi_regd.c: Fix incorrect number of regulatory rules
x86/MSR: Filter MSR writes through X86_IOC_WRMSR_REGS ioctl too
arm64: dts: renesas: beacon: Fix EEPROM compatible value
can: mcp251xfd: mcp251xfd_probe(): fix errata reference
ARM: dts: armada388-helios4: assign pinctrl to LEDs
ARM: dts: armada388-helios4: assign pinctrl to each fan
arm64: dts: armada-3720-turris-mox: rename u-boot mtd partition to a53-firmware
opp: Correct debug message in _opp_add_static_v2()
Bluetooth: btusb: Fix memory leak in btusb_mtk_wmt_recv
soc: qcom: ocmem: don't return NULL in of_get_ocmem
arm64: dts: msm8916: Fix reserved and rfsa nodes unit address
arm64: dts: meson: fix broken wifi node for Khadas VIM3L
iwlwifi: mvm: set enabled in the PPAG command properly
ARM: s3c: fix fiq for clang IAS
optee: simplify i2c access
staging: wfx: fix possible panic with re-queued frames
ARM: at91: use proper asm syntax in pm_suspend
ath10k: Fix suspicious RCU usage warning in ath10k_wmi_tlv_parse_peer_stats_info()
ath10k: Fix lockdep assertion warning in ath10k_sta_statistics
ath11k: fix a locking bug in ath11k_mac_op_start()
soc: aspeed: snoop: Add clock control logic
iwlwifi: mvm: fix the type we use in the PPAG table validity checks
iwlwifi: mvm: store PPAG enabled/disabled flag properly
iwlwifi: mvm: send stored PPAG command instead of local
iwlwifi: mvm: assign SAR table revision to the command later
iwlwifi: mvm: don't check if CSA event is running before removing
bpf_lru_list: Read double-checked variable once without lock
iwlwifi: pnvm: set the PNVM again if it was already loaded
iwlwifi: pnvm: increment the pointer before checking the TLV
ath9k: fix data bus crash when setting nf_override via debugfs
selftests/bpf: Convert test_xdp_redirect.sh to bash
ibmvnic: Set to CLOSED state even on error
bnxt_en: reverse order of TX disable and carrier off
bnxt_en: Fix devlink info's stored fw.psid version format.
xen/netback: fix spurious event detection for common event case
dpaa2-eth: fix memory leak in XDP_REDIRECT
net: phy: consider that suspend2ram may cut off PHY power
net/mlx5e: Don't change interrupt moderation params when DIM is enabled
net/mlx5e: Change interrupt moderation channel params also when channels are closed
net/mlx5: Fix health error state handling
net/mlx5e: Replace synchronize_rcu with synchronize_net
net/mlx5e: kTLS, Use refcounts to free kTLS RX priv context
net/mlx5: Disable devlink reload for multi port slave device
net/mlx5: Disallow RoCE on multi port slave device
net/mlx5: Disallow RoCE on lag device
net/mlx5: Disable devlink reload for lag devices
net/mlx5e: CT: manage the lifetime of the ct entry object
net/mlx5e: Check tunnel offload is required before setting SWP
mac80211: fix potential overflow when multiplying to u32 integers
libbpf: Ignore non function pointer member in struct_ops
bpf: Fix an unitialized value in bpf_iter
bpf, devmap: Use GFP_KERNEL for xdp bulk queue allocation
bpf: Fix bpf_fib_lookup helper MTU check for SKB ctx
selftests: mptcp: fix ACKRX debug message
tcp: fix SO_RCVLOWAT related hangs under mem pressure
net: axienet: Handle deferred probe on clock properly
cxgb4/chtls/cxgbit: Keeping the max ofld immediate data size same in cxgb4 and ulds
b43: N-PHY: Fix the update of coef for the PHY revision >= 3case
bpf: Clear subreg_def for global function return values
ibmvnic: add memory barrier to protect long term buffer
ibmvnic: skip send_request_unmap for timeout reset
net: dsa: felix: perform teardown in reverse order of setup
net: dsa: felix: don't deinitialize unused ports
net: phy: mscc: adding LCPLL reset to VSC8514
net: amd-xgbe: Reset the PHY rx data path when mailbox command timeout
net: amd-xgbe: Fix NETDEV WATCHDOG transmit queue timeout warning
net: amd-xgbe: Reset link when the link never comes back
net: amd-xgbe: Fix network fluctuations when using 1G BELFUSE SFP
net: mvneta: Remove per-cpu queue mapping for Armada 3700
net: enetc: fix destroyed phylink dereference during unbind
tty: convert tty_ldisc_ops 'read()' function to take a kernel pointer
tty: implement read_iter
fbdev: aty: SPARC64 requires FB_ATY_CT
drm/gma500: Fix error return code in psb_driver_load()
gma500: clean up error handling in init
drm/fb-helper: Add missed unlocks in setcmap_legacy()
drm/panel: mantix: Tweak init sequence
drm/vc4: hdmi: Take into account the clock doubling flag in atomic_check
crypto: sun4i-ss - linearize buffers content must be kept
crypto: sun4i-ss - fix kmap usage
crypto: arm64/aes-ce - really hide slower algos when faster ones are enabled
hwrng: ingenic - Fix a resource leak in an error handling path
media: allegro: Fix use after free on error
kcsan: Rewrite kcsan_prandom_u32_max() without prandom_u32_state()
drm: rcar-du: Fix PM reference leak in rcar_cmm_enable()
drm: rcar-du: Fix crash when using LVDS1 clock for CRTC
drm: rcar-du: Fix the return check of of_parse_phandle and of_find_device_by_node
drm/amdgpu: Fix macro name _AMDGPU_TRACE_H_ in preprocessor if condition
MIPS: c-r4k: Fix section mismatch for loongson2_sc_init
MIPS: lantiq: Explicitly compare LTQ_EBU_PCC_ISTAT against 0
drm/virtio: make sure context is created in gem open
drm/fourcc: fix Amlogic format modifier masks
media: ipu3-cio2: Build only for x86
media: i2c: ov5670: Fix PIXEL_RATE minimum value
media: imx: Unregister csc/scaler only if registered
media: imx: Fix csc/scaler unregister
media: mtk-vcodec: fix error return code in vdec_vp9_decode()
media: camss: missing error code in msm_video_register()
media: vsp1: Fix an error handling path in the probe function
media: em28xx: Fix use-after-free in em28xx_alloc_urbs
media: media/pci: Fix memleak in empress_init
media: tm6000: Fix memleak in tm6000_start_stream
media: aspeed: fix error return code in aspeed_video_setup_video()
ASoC: cs42l56: fix up error handling in probe
ASoC: qcom: qdsp6: Move frontend AIFs to q6asm-dai
evm: Fix memleak in init_desc
crypto: bcm - Rename struct device_private to bcm_device_private
sched/fair: Avoid stale CPU util_est value for schedutil in task dequeue
drm/sun4i: tcon: fix inverted DCLK polarity
media: imx7: csi: Fix regression for parallel cameras on i.MX6UL
media: imx7: csi: Fix pad link validation
media: ti-vpe: cal: fix write to unallocated memory
MIPS: properly stop .eh_frame generation
MIPS: Compare __SYNC_loongson3_war against 0
drm/tegra: Fix reference leak when pm_runtime_get_sync() fails
drm/amdgpu: toggle on DF Cstate after finishing xgmi injection
bsg: free the request before return error code
macintosh/adb-iop: Use big-endian autopoll mask
drm/amd/display: Fix 10/12 bpc setup in DCE output bit depth reduction.
drm/amd/display: Fix HDMI deep color output for DCE 6-11.
media: software_node: Fix refcounts in software_node_get_next_child()
media: lmedm04: Fix misuse of comma
media: vidtv: psi: fix missing crc for PMT
media: atomisp: Fix a buffer overflow in debug code
media: qm1d1c0042: fix error return code in qm1d1c0042_init()
media: cx25821: Fix a bug when reallocating some dma memory
media: mtk-vcodec: fix argument used when DEBUG is defined
media: pxa_camera: declare variable when DEBUG is defined
media: uvcvideo: Accept invalid bFormatIndex and bFrameIndex values
sched/eas: Don't update misfit status if the task is pinned
f2fs: compress: fix potential deadlock
ASoC: qcom: lpass-cpu: Remove bit clock state check
ASoC: SOF: Intel: hda: cancel D0i3 work during runtime suspend
perf/arm-cmn: Fix PMU instance naming
perf/arm-cmn: Move IRQs when migrating context
mtd: parser: imagetag: fix error codes in bcm963xx_parse_imagetag_partitions()
crypto: talitos - Work around SEC6 ERRATA (AES-CTR mode data size error)
crypto: talitos - Fix ctr(aes) on SEC1
drm/nouveau: bail out of nouveau_channel_new if channel init fails
mm: proc: Invalidate TLB after clearing soft-dirty page state
ata: ahci_brcm: Add back regulators management
ASoC: cpcap: fix microphone timeslot mask
ASoC: codecs: add missing max_register in regmap config
mtd: parsers: afs: Fix freeing the part name memory in failure
f2fs: fix to avoid inconsistent quota data
drm/amdgpu: Prevent shift wrapping in amdgpu_read_mask()
f2fs: fix a wrong condition in __submit_bio
ASoC: qcom: Fix typo error in HDMI regmap config callbacks
KVM: nSVM: Don't strip host's C-bit from guest's CR3 when reading PDPTRs
drm/mediatek: Check if fb is null
Drivers: hv: vmbus: Avoid use-after-free in vmbus_onoffer_rescind()
ASoC: Intel: sof_sdw: add missing TGL_HDMI quirk for Dell SKU 0A5E
ASoC: Intel: sof_sdw: add missing TGL_HDMI quirk for Dell SKU 0A3E
locking/lockdep: Avoid unmatched unlock
ASoC: qcom: lpass: Fix i2s ctl register bit map
ASoC: rt5682: Fix panic in rt5682_jack_detect_handler happening during system shutdown
ASoC: SOF: debug: Fix a potential issue on string buffer termination
btrfs: clarify error returns values in __load_free_space_cache
btrfs: fix double accounting of ordered extent for subpage case in btrfs_invalidapge
KVM: x86: Restore all 64 bits of DR6 and DR7 during RSM on x86-64
s390/zcrypt: return EIO when msg retry limit reached
drm/vc4: hdmi: Move hdmi reset to bind
drm/vc4: hdmi: Fix register offset with longer CEC messages
drm/vc4: hdmi: Fix up CEC registers
drm/vc4: hdmi: Restore cec physical address on reconnect
drm/vc4: hdmi: Compute the CEC clock divider from the clock rate
drm/vc4: hdmi: Update the CEC clock divider on HSM rate change
drm/lima: fix reference leak in lima_pm_busy
drm/dp_mst: Don't cache EDIDs for physical ports
hwrng: timeriomem - Fix cooldown period calculation
crypto: ecdh_helper - Ensure 'len >= secret.len' in decode_key()
io_uring: fix possible deadlock in io_uring_poll
nvmet-tcp: fix receive data digest calculation for multiple h2cdata PDUs
nvmet-tcp: fix potential race of tcp socket closing accept_work
nvme-multipath: set nr_zones for zoned namespaces
nvmet: remove extra variable in identify ns
nvmet: set status to 0 in case for invalid nsid
ASoC: SOF: sof-pci-dev: add missing Up-Extreme quirk
ima: Free IMA measurement buffer on error
ima: Free IMA measurement buffer after kexec syscall
ASoC: simple-card-utils: Fix device module clock
fs/jfs: fix potential integer overflow on shift of a int
jffs2: fix use after free in jffs2_sum_write_data()
ubifs: Fix memleak in ubifs_init_authentication
ubifs: replay: Fix high stack usage, again
ubifs: Fix error return code in alloc_wbufs()
irqchip/imx: IMX_INTMUX should not default to y, unconditionally
smp: Process pending softirqs in flush_smp_call_function_from_idle()
drm/amdgpu/display: remove hdcp_srm sysfs on device removal
capabilities: Don't allow writing ambiguous v3 file capabilities
HSI: Fix PM usage counter unbalance in ssi_hw_init
power: supply: cpcap: Add missing IRQF_ONESHOT to fix regression
clk: meson: clk-pll: fix initializing the old rate (fallback) for a PLL
clk: meson: clk-pll: make "ret" a signed integer
clk: meson: clk-pll: propagate the error from meson_clk_pll_set_rate()
selftests/powerpc: Make the test check in eeh-basic.sh posix compliant
regulator: qcom-rpmh-regulator: add pm8009-1 chip revision
arm64: dts: qcom: qrb5165-rb5: fix pm8009 regulators
quota: Fix memory leak when handling corrupted quota file
i2c: iproc: handle only slave interrupts which are enabled
i2c: iproc: update slave isr mask (ISR_MASK_SLAVE)
i2c: iproc: handle master read request
spi: cadence-quadspi: Abort read if dummy cycles required are too many
clk: sunxi-ng: h6: Fix CEC clock
clk: renesas: r8a779a0: Remove non-existent S2 clock
clk: renesas: r8a779a0: Fix parent of CBFUSA clock
HID: core: detect and skip invalid inputs to snto32()
RDMA/siw: Fix handling of zero-sized Read and Receive Queues.
dmaengine: fsldma: Fix a resource leak in the remove function
dmaengine: fsldma: Fix a resource leak in an error handling path of the probe function
dmaengine: owl-dma: Fix a resource leak in the remove function
dmaengine: hsu: disable spurious interrupt
mfd: bd9571mwv: Use devm_mfd_add_devices()
power: supply: cpcap-charger: Fix missing power_supply_put()
power: supply: cpcap-battery: Fix missing power_supply_put()
power: supply: cpcap-charger: Fix power_supply_put on null battery pointer
fdt: Properly handle "no-map" field in the memory region
of/fdt: Make sure no-map does not remove already reserved regions
RDMA/rtrs: Extend ibtrs_cq_qp_create
RDMA/rtrs-srv: Release lock before call into close_sess
RDMA/rtrs-srv: Use sysfs_remove_file_self for disconnect
RDMA/rtrs-clt: Set mininum limit when create QP
RDMA/rtrs: Call kobject_put in the failure path
RDMA/rtrs-srv: Fix missing wr_cqe
RDMA/rtrs-clt: Refactor the failure cases in alloc_clt
RDMA/rtrs-srv: Init wr_cnt as 1
power: reset: at91-sama5d2_shdwc: fix wkupdbc mask
rtc: s5m: select REGMAP_I2C
dmaengine: idxd: set DMA channel to be private
power: supply: fix sbs-charger build, needs REGMAP_I2C
clocksource/drivers/ixp4xx: Select TIMER_OF when needed
clocksource/drivers/mxs_timer: Add missing semicolon when DEBUG is defined
spi: imx: Don't print error on -EPROBEDEFER
RDMA/mlx5: Use the correct obj_id upon DEVX TIR creation
IB/mlx5: Add mutex destroy call to cap_mask_mutex mutex
clk: sunxi-ng: h6: Fix clock divider range on some clocks
platform/chrome: cros_ec_proto: Use EC_HOST_EVENT_MASK not BIT
platform/chrome: cros_ec_proto: Add LID and BATTERY to default mask
regulator: axp20x: Fix reference cout leak
watch_queue: Drop references to /dev/watch_queue
certs: Fix blacklist flag type confusion
regulator: s5m8767: Fix reference count leak
spi: atmel: Put allocated master before return
regulator: s5m8767: Drop regulators OF node reference
power: supply: axp20x_usb_power: Init work before enabling IRQs
power: supply: smb347-charger: Fix interrupt usage if interrupt is unavailable
regulator: core: Avoid debugfs: Directory ... already present! error
isofs: release buffer head before return
watchdog: intel-mid_wdt: Postpone IRQ handler registration till SCU is ready
auxdisplay: ht16k33: Fix refresh rate handling
objtool: Fix error handling for STD/CLD warnings
objtool: Fix retpoline detection in asm code
objtool: Fix ".cold" section suffix check for newer versions of GCC
scsi: lpfc: Fix ancient double free
iommu: Switch gather->end to the inclusive end
IB/umad: Return EIO in case of when device disassociated
IB/umad: Return EPOLLERR in case of when device disassociated
KVM: PPC: Make the VMX instruction emulation routines static
powerpc/47x: Disable 256k page size
powerpc/time: Enable sched clock for irqtime
mmc: owl-mmc: Fix a resource leak in an error handling path and in the remove function
mmc: sdhci-sprd: Fix some resource leaks in the remove function
mmc: usdhi6rol0: Fix a resource leak in the error handling path of the probe
mmc: renesas_sdhi_internal_dmac: Fix DMA buffer alignment from 8 to 128-bytes
ARM: 9046/1: decompressor: Do not clear SCTLR.nTLSMD for ARMv7+ cores
i2c: qcom-geni: Store DMA mapping data in geni_i2c_dev struct
amba: Fix resource leak for drivers without .remove
iommu: Move iotlb_sync_map out from __iommu_map
iommu: Properly pass gfp_t in _iommu_map() to avoid atomic sleeping
IB/mlx5: Return appropriate error code instead of ENOMEM
IB/cm: Avoid a loop when device has 255 ports
tracepoint: Do not fail unregistering a probe due to memory failure
rtc: zynqmp: depend on HAS_IOMEM
perf tools: Fix DSO filtering when not finding a map for a sampled address
perf vendor events arm64: Fix Ampere eMag event typo
RDMA/rxe: Fix coding error in rxe_recv.c
RDMA/rxe: Fix coding error in rxe_rcv_mcast_pkt
RDMA/rxe: Correct skb on loopback path
spi: stm32: properly handle 0 byte transfer
mfd: altera-sysmgr: Fix physical address storing more
mfd: wm831x-auxadc: Prevent use after free in wm831x_auxadc_read_irq()
powerpc/pseries/dlpar: handle ibm, configure-connector delay status
powerpc/8xx: Fix software emulation interrupt
clk: qcom: gcc-msm8998: Fix Alpha PLL type for all GPLLs
kunit: tool: fix unit test cleanup handling
kselftests: dmabuf-heaps: Fix Makefile's inclusion of the kernel's usr/include dir
RDMA/hns: Fixed wrong judgments in the goto branch
RDMA/siw: Fix calculation of tx_valid_cpus size
RDMA/hns: Fix type of sq_signal_bits
RDMA/hns: Disable RQ inline by default
clk: divider: fix initialization with parent_hw
spi: pxa2xx: Fix the controller numbering for Wildcat Point
powerpc/uaccess: Avoid might_fault() when user access is enabled
powerpc/kuap: Restore AMR after replaying soft interrupts
regulator: qcom-rpmh: fix pm8009 ldo7
clk: aspeed: Fix APLL calculate formula from ast2600-A2
selftests/ftrace: Update synthetic event syntax errors
perf symbols: Use (long) for iterator for bfd symbols
regulator: bd718x7, bd71828, Fix dvs voltage levels
spi: dw: Avoid stack content exposure
spi: Skip zero-length transfers in spi_transfer_one_message()
printk: avoid prb_first_valid_seq() where possible
perf symbols: Fix return value when loading PE DSO
nfsd: register pernet ops last, unregister first
svcrdma: Hold private mutex while invoking rdma_accept()
ceph: fix flush_snap logic after putting caps
RDMA/hns: Fixes missing error code of CMDQ
RDMA/ucma: Fix use-after-free bug in ucma_create_uevent
RDMA/rtrs-srv: Fix stack-out-of-bounds
RDMA/rtrs: Only allow addition of path to an already established session
RDMA/rtrs-srv: fix memory leak by missing kobject free
RDMA/rtrs-srv-sysfs: fix missing put_device
RDMA/rtrs-srv: Do not pass a valid pointer to PTR_ERR()
Input: sur40 - fix an error code in sur40_probe()
perf record: Fix continue profiling after draining the buffer
perf intel-pt: Fix missing CYC processing in PSB
perf intel-pt: Fix premature IPC
perf intel-pt: Fix IPC with CYC threshold
perf test: Fix unaligned access in sample parsing test
Input: elo - fix an error code in elo_connect()
sparc64: only select COMPAT_BINFMT_ELF if BINFMT_ELF is set
sparc: fix led.c driver when PROC_FS is not enabled
Input: zinitix - fix return type of zinitix_init_touch()
ARM: 9065/1: OABI compat: fix build when EPOLL is not enabled
misc: eeprom_93xx46: Fix module alias to enable module autoprobe
phy: rockchip-emmc: emmc_phy_init() always return 0
phy: cadence-torrent: Fix error code in cdns_torrent_phy_probe()
misc: eeprom_93xx46: Add module alias to avoid breaking support for non device tree users
PCI: rcar: Always allocate MSI addresses in 32bit space
soundwire: cadence: fix ACK/NAK handling
pwm: rockchip: Enable APB clock during register access while probing
pwm: rockchip: rockchip_pwm_probe(): Remove superfluous clk_unprepare()
pwm: rockchip: Eliminate potential race condition when probing
PCI: xilinx-cpm: Fix reference count leak on error path
VMCI: Use set_page_dirty_lock() when unregistering guest memory
PCI: Align checking of syscall user config accessors
mei: hbm: call mei_set_devstate() on hbm stop response
drm/msm: Fix MSM_INFO_GET_IOVA with carveout
drm/msm/dsi: Correct io_start for MSM8994 (20nm PHY)
drm/msm/mdp5: Fix wait-for-commit for cmd panels
drm/msm: Fix race of GPU init vs timestamp power management.
drm/msm: Fix races managing the OOB state for timestamp vs timestamps.
drm/msm/dp: trigger unplug event in msm_dp_display_disable
vfio/iommu_type1: Populate full dirty when detach non-pinned group
vfio/iommu_type1: Fix some sanity checks in detach group
vfio-pci/zdev: fix possible segmentation fault issue
ext4: fix potential htree index checksum corruption
phy: USB_LGM_PHY should depend on X86
coresight: etm4x: Skip accessing TRCPDCR in save/restore
nvmem: core: Fix a resource leak on error in nvmem_add_cells_from_of()
nvmem: core: skip child nodes not matching binding
soundwire: bus: use sdw_update_no_pm when initializing a device
soundwire: bus: use sdw_write_no_pm when setting the bus scale registers
soundwire: export sdw_write/read_no_pm functions
soundwire: bus: fix confusion on device used by pm_runtime
misc: fastrpc: fix incorrect usage of dma_map_sgtable
remoteproc/mediatek: acknowledge watchdog IRQ after handled
regmap: sdw: use _no_pm functions in regmap_read/write
ext: EXT4_KUNIT_TESTS should depend on EXT4_FS instead of selecting it
mailbox: sprd: correct definition of SPRD_OUTBOX_FIFO_FULL
device-dax: Fix default return code of range_parse()
PCI: pci-bridge-emul: Fix array overruns, improve safety
PCI: cadence: Fix DMA range mapping early return error
i40e: Fix flow for IPv6 next header (extension header)
i40e: Add zero-initialization of AQ command structures
i40e: Fix overwriting flow control settings during driver loading
i40e: Fix addition of RX filters after enabling FW LLDP agent
i40e: Fix VFs not created
Take mmap lock in cacheflush syscall
nios2: fixed broken sys_clone syscall
i40e: Fix add TC filter for IPv6
octeontx2-af: Fix an off by one in rvu_dbg_qsize_write()
pwm: iqs620a: Fix overflow and optimize calculations
vfio/type1: Use follow_pte()
ice: report correct max number of TCs
ice: Account for port VLAN in VF max packet size calculation
ice: Fix state bits on LLDP mode switch
ice: update the number of available RSS queues
net: stmmac: fix CBS idleslope and sendslope calculation
net/mlx4_core: Add missed mlx4_free_cmd_mailbox()
PCI: rockchip: Make 'ep-gpios' DT property optional
vxlan: move debug check after netdev unregister
wireguard: device: do not generate ICMP for non-IP packets
wireguard: kconfig: use arm chacha even with no neon
ocfs2: fix a use after free on error
mm: memcontrol: fix NR_ANON_THPS accounting in charge moving
mm: memcontrol: fix slub memory accounting
mm/memory.c: fix potential pte_unmap_unlock pte error
mm/hugetlb: fix potential double free in hugetlb_register_node() error path
mm/hugetlb: suppress wrong warning info when alloc gigantic page
mm/compaction: fix misbehaviors of fast_find_migrateblock()
r8169: fix jumbo packet handling on RTL8168e
NFSv4: Fixes for nfs4_bitmask_adjust()
KVM: SVM: Intercept INVPCID when it's disabled to inject #UD
KVM: x86/mmu: Expand collapsible SPTE zap for TDP MMU to ZONE_DEVICE and HugeTLB pages
arm64: Add missing ISB after invalidating TLB in __primary_switch
i2c: brcmstb: Fix brcmstd_send_i2c_cmd condition
i2c: exynos5: Preserve high speed master code
mm,thp,shmem: make khugepaged obey tmpfs mount flags
mm: fix memory_failure() handling of dax-namespace metadata
mm/rmap: fix potential pte_unmap on an not mapped pte
proc: use kvzalloc for our kernel buffer
csky: Fix a size determination in gpr_get()
scsi: bnx2fc: Fix Kconfig warning & CNIC build errors
scsi: sd: sd_zbc: Don't pass GFP_NOIO to kvcalloc
block: reopen the device in blkdev_reread_part
ide/falconide: Fix module unload
scsi: sd: Fix Opal support
blk-settings: align max_sectors on "logical_block_size" boundary
soundwire: intel: fix possible crash when no device is detected
ACPI: property: Fix fwnode string properties matching
ACPI: configfs: add missing check after configfs_register_default_group()
cpufreq: ACPI: Set cpuinfo.max_freq directly if max boost is known
HID: logitech-dj: add support for keyboard events in eQUAD step 4 Gaming
HID: wacom: Ignore attempts to overwrite the touch_max value from HID
Input: raydium_ts_i2c - do not send zero length
Input: xpad - add support for PowerA Enhanced Wired Controller for Xbox Series X|S
Input: joydev - prevent potential read overflow in ioctl
Input: i8042 - add ASUS Zenbook Flip to noselftest list
media: mceusb: Fix potential out-of-bounds shift
USB: serial: option: update interface mapping for ZTE P685M
usb: musb: Fix runtime PM race in musb_queue_resume_work
usb: dwc3: gadget: Fix setting of DEPCFG.bInterval_m1
usb: dwc3: gadget: Fix dep->interval for fullspeed interrupt
USB: serial: ftdi_sio: fix FTX sub-integer prescaler
USB: serial: pl2303: fix line-speed handling on newer chips
USB: serial: mos7840: fix error code in mos7840_write()
USB: serial: mos7720: fix error code in mos7720_write()
phy: lantiq: rcu-usb2: wait after clock enable
ALSA: fireface: fix to parse sync status register of latter protocol
ALSA: hda: Add another CometLake-H PCI ID
ALSA: hda/hdmi: Drop bogus check at closing a stream
ALSA: hda/realtek: modify EAPD in the ALC886
ALSA: hda/realtek: Quirk for HP Spectre x360 14 amp setup
MIPS: Ingenic: Disable HPTLB for D0 XBurst CPUs too
MIPS: Support binutils configured with --enable-mips-fix-loongson3-llsc=yes
MIPS: VDSO: Use CLANG_FLAGS instead of filtering out '--target='
Revert "MIPS: Octeon: Remove special handling of CONFIG_MIPS_ELF_APPENDED_DTB=y"
Revert "bcache: Kill btree_io_wq"
bcache: Give btree_io_wq correct semantics again
bcache: Move journal work to new flush wq
Revert "drm/amd/display: Update NV1x SR latency values"
drm/amd/display: Add FPU wrappers to dcn21_validate_bandwidth()
drm/amd/display: Remove Assert from dcn10_get_dig_frontend
drm/amd/display: Add vupdate_no_lock interrupts for DCN2.1
drm/amdkfd: Fix recursive lock warnings
drm/amdgpu: Set reference clock to 100Mhz on Renoir (v2)
drm/nouveau/kms: handle mDP connectors
drm/modes: Switch to 64bit maths to avoid integer overflow
drm/sched: Cancel and flush all outstanding jobs before finish.
drm/panel: kd35t133: allow using non-continuous dsi clock
drm/rockchip: Require the YTR modifier for AFBC
ASoC: siu: Fix build error by a wrong const prefix
selinux: fix inconsistency between inode_getxattr and inode_listsecurity
erofs: initialized fields can only be observed after bit is set
tpm_tis: Fix check_locality for correct locality acquisition
tpm_tis: Clean up locality release
KEYS: trusted: Fix incorrect handling of tpm_get_random()
KEYS: trusted: Fix migratable=1 failing
KEYS: trusted: Reserve TPM for seal and unseal operations
btrfs: do not cleanup upper nodes in btrfs_backref_cleanup_node
btrfs: do not warn if we can't find the reloc root when looking up backref
btrfs: add asserts for deleting backref cache nodes
btrfs: abort the transaction if we fail to inc ref in btrfs_copy_root
btrfs: fix reloc root leak with 0 ref reloc roots on recovery
btrfs: splice remaining dirty_bg's onto the transaction dirty bg list
btrfs: handle space_info::total_bytes_pinned inside the delayed ref itself
btrfs: account for new extents being deleted in total_bytes_pinned
btrfs: fix extent buffer leak on failure to copy root
drm/i915/gt: Flush before changing register state
drm/i915/gt: Correct surface base address for renderclear
crypto: arm64/sha - add missing module aliases
crypto: aesni - prevent misaligned buffers on the stack
crypto: michael_mic - fix broken misalignment handling
crypto: sun4i-ss - checking sg length is not sufficient
crypto: sun4i-ss - IV register does not work on A10 and A13
crypto: sun4i-ss - handle BigEndian for cipher
crypto: sun4i-ss - initialize need_fallback
soc: samsung: exynos-asv: don't defer early on not-supported SoCs
soc: samsung: exynos-asv: handle reading revision register error
seccomp: Add missing return in non-void function
arm64: ptrace: Fix seccomp of traced syscall -1 (NO_SYSCALL)
misc: rtsx: init of rts522a add OCP power off when no card is present
drivers/misc/vmw_vmci: restrict too big queue size in qp_host_alloc_queue
pstore: Fix typo in compression option name
dts64: mt7622: fix slow sd card access
arm64: dts: agilex: fix phy interface bit shift for gmac1 and gmac2
staging/mt7621-dma: mtk-hsdma.c->hsdma-mt7621.c
staging: gdm724x: Fix DMA from stack
staging: rtl8188eu: Add Edimax EW-7811UN V2 to device table
floppy: reintroduce O_NDELAY fix
media: i2c: max9286: fix access to unallocated memory
media: ir_toy: add another IR Droid device
media: ipu3-cio2: Fix mbus_code processing in cio2_subdev_set_fmt()
media: marvell-ccic: power up the device on mclk enable
media: smipcie: fix interrupt handling and IR timeout
x86/virt: Eat faults on VMXOFF in reboot flows
x86/reboot: Force all cpus to exit VMX root if VMX is supported
x86/fault: Fix AMD erratum #91 errata fixup for user code
x86/entry: Fix instrumentation annotation
powerpc/prom: Fix "ibm,arch-vec-5-platform-support" scan
rcu: Pull deferred rcuog wake up to rcu_eqs_enter() callers
rcu/nocb: Perform deferred wake up before last idle's need_resched() check
kprobes: Fix to delay the kprobes jump optimization
arm64: Extend workaround for erratum 1024718 to all versions of Cortex-A55
iommu/arm-smmu-qcom: Fix mask extraction for bootloader programmed SMRs
arm64: kexec_file: fix memory leakage in create_dtb() when fdt_open_into() fails
arm64: uprobe: Return EOPNOTSUPP for AARCH32 instruction probing
arm64 module: set plt* section addresses to 0x0
arm64: spectre: Prevent lockdep splat on v4 mitigation enable path
riscv: Disable KSAN_SANITIZE for vDSO
watchdog: qcom: Remove incorrect usage of QCOM_WDT_ENABLE_IRQ
watchdog: mei_wdt: request stop on unregister
coresight: etm4x: Handle accesses to TRCSTALLCTLR
mtd: spi-nor: sfdp: Fix last erase region marking
mtd: spi-nor: sfdp: Fix wrong erase type bitmask for overlaid region
mtd: spi-nor: core: Fix erase type discovery for overlaid region
mtd: spi-nor: core: Add erase size check for erase command initialization
mtd: spi-nor: hisi-sfc: Put child node np on error path
fs/affs: release old buffer head on error path
seq_file: document how per-entry resources are managed.
x86: fix seq_file iteration for pat/memtype.c
mm: memcontrol: fix swap undercounting in cgroup2
mm: memcontrol: fix get_active_memcg return value
hugetlb: fix update_and_free_page contig page struct assumption
hugetlb: fix copy_huge_page_from_user contig page struct assumption
mm/vmscan: restore zone_reclaim_mode ABI
mm, compaction: make fast_isolate_freepages() stay within zone
KVM: nSVM: fix running nested guests when npt=0
nvmem: qcom-spmi-sdam: Fix uninitialized pdev pointer
module: Ignore _GLOBAL_OFFSET_TABLE_ when warning for undefined symbols
mmc: sdhci-esdhc-imx: fix kernel panic when remove module
mmc: sdhci-pci-o2micro: Bug fix for SDR104 HW tuning failure
powerpc/32: Preserve cr1 in exception prolog stack check to fix build error
powerpc/kexec_file: fix FDT size estimation for kdump kernel
powerpc/32s: Add missing call to kuep_lock on syscall entry
spmi: spmi-pmic-arb: Fix hw_irq overflow
mei: fix transfer over dma with extended header
mei: me: emmitsburg workstation DID
mei: me: add adler lake point S DID
mei: me: add adler lake point LP DID
gpio: pcf857x: Fix missing first interrupt
mfd: gateworks-gsc: Fix interrupt type
printk: fix deadlock when kernel panic
exfat: fix shift-out-of-bounds in exfat_fill_super()
zonefs: Fix file size of zones in full condition
kcmp: Support selection of SYS_kcmp without CHECKPOINT_RESTORE
thermal: cpufreq_cooling: freq_qos_update_request() returns < 0 on error
cpufreq: qcom-hw: drop devm_xxx() calls from init/exit hooks
cpufreq: intel_pstate: Change intel_pstate_get_hwp_max() argument
cpufreq: intel_pstate: Get per-CPU max freq via MSR_HWP_CAPABILITIES if available
proc: don't allow async path resolution of /proc/thread-self components
s390/vtime: fix inline assembly clobber list
virtio/s390: implement virtio-ccw revision 2 correctly
um: mm: check more comprehensively for stub changes
um: defer killing userspace on page table update failures
irqchip/loongson-pch-msi: Use bitmap_zalloc() to allocate bitmap
f2fs: fix out-of-repair __setattr_copy()
f2fs: enforce the immutable flag on open files
f2fs: flush data when enabling checkpoint back
sparc32: fix a user-triggerable oops in clear_user()
spi: fsl: invert spisel_boot signal on MPC8309
spi: spi-synquacer: fix set_cs handling
gfs2: fix glock confusion in function signal_our_withdraw
gfs2: Don't skip dlm unlock if glock has an lvb
gfs2: Lock imbalance on error path in gfs2_recover_one
gfs2: Recursive gfs2_quota_hold in gfs2_iomap_end
dm: fix deadlock when swapping to encrypted device
dm table: fix iterate_devices based device capability checks
dm table: fix DAX iterate_devices based device capability checks
dm table: fix zoned iterate_devices based device capability checks
dm writecache: fix performance degradation in ssd mode
dm writecache: return the exact table values that were set
dm writecache: fix writing beyond end of underlying device when shrinking
dm era: Recover committed writeset after crash
dm era: Update in-core bitset after committing the metadata
dm era: Verify the data block size hasn't changed
dm era: Fix bitset memory leaks
dm era: Use correct value size in equality function of writeset tree
dm era: Reinitialize bitset cache before digesting a new writeset
dm era: only resize metadata in preresume
drm/i915: Reject 446-480MHz HDMI clock on GLK
kgdb: fix to kill breakpoints on initmem after boot
ipv6: silence compilation warning for non-IPV6 builds
net: icmp: pass zeroed opts from icmp{,v6}_ndo_send before sending
wireguard: selftests: test multiple parallel streams
wireguard: queueing: get rid of per-peer ring buffers
net: sched: fix police ext initialization
net: qrtr: Fix memory leak in qrtr_tun_open
net_sched: fix RTNL deadlock again caused by request_module()
ARM: dts: aspeed: Add LCLK to lpc-snoop
Linux 5.10.20
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I3fbcecd9413ce212dac68d5cc800c9457feba56a
commit 0d4370cfe3 upstream.
If this is attempted by an io-wq kthread, then return -EOPNOTSUPP as we
don't currently support that. Once we can get task_pid_ptr() doing the
right thing, then this can go away again.
Use PF_IO_WORKER for this to speciically target the io_uring workers.
Modify the /proc/self/ check to use PF_IO_WORKER as well.
Cc: stable@vger.kernel.org
Fixes: 8d4c3e76e3 ("proc: don't allow async path resolution of /proc/self components")
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit 4508943794 ]
Since
sysctl: pass kernel pointers to ->proc_handler
we have been pre-allocating a buffer to copy the data from the proc
handlers into, and then copying that to userspace. The problem is this
just blindly kzalloc()'s the buffer size passed in from the read, which in
the case of our 'cat' binary was 64kib. Order-4 allocations are not
awesome, and since we can potentially allocate up to our maximum order, so
use kvzalloc for these buffers.
[willy@infradead.org: changelog tweaks]
Link: https://lkml.kernel.org/r/6345270a2c1160b89dd5e6715461f388176899d1.1612972413.git.josef@toxicpanda.com
Fixes: 32927393dc ("sysctl: pass kernel pointers to ->proc_handler")
Signed-off-by: Josef Bacik <josef@toxicpanda.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Acked-by: Vlastimil Babka <vbabka@suse.cz>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
CC: Matthew Wilcox <willy@infradead.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 912efa17e5 ]
Since commit 0758cd8304 ("asm-generic/tlb: avoid potential double
flush"), TLB invalidation is elided in tlb_finish_mmu() if no entries
were batched via the tlb_remove_*() functions. Consequently, the
page-table modifications performed by clear_refs_write() in response to
a write to /proc/<pid>/clear_refs do not perform TLB invalidation.
Although this is fine when simply aging the ptes, in the case of
clearing the "soft-dirty" state we can end up with entries where
pte_write() is false, yet a writable mapping remains in the TLB.
Fix this by avoiding the mmu_gather API altogether: managing both the
'tlb_flush_pending' flag on the 'mm_struct' and explicit TLB
invalidation for the sort-dirty path, much like mprotect() does already.
Fixes: 0758cd8304 ("asm-generic/tlb: avoid potential double flush”)
Signed-off-by: Will Deacon <will@kernel.org>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Reviewed-by: Yu Zhao <yuzhao@google.com>
Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Acked-by: Linus Torvalds <torvalds@linux-foundation.org>
Link: https://lkml.kernel.org/r/20210127235347.1402-2-will@kernel.org
Signed-off-by: Sasha Levin <sashal@kernel.org>
And 'inode_no' field to /proc/<pid>/fdinfo/<FD> and
/proc/<pid>/task/<tid>/fdinfo/<FD>.
The inode numbers can be used to uniquely identify DMA buffers
in user space and avoids a dependency on /proc/<pid>/fd/* when
accounting per-process DMA buffer sizes.
Signed-off-by: Kalesh Singh <kaleshsingh@google.com>
Acked-by: Randy Dunlap <rdunlap@infradead.org>
[Kalesh Singh - Resolve conflict in fd/proc/fd.c]
Bug: 159126739
Bug: 167141117
Link: https://lore.kernel.org/lkml/20210208155315.1367371-2-kaleshsingh@google.com/
Change-Id: Ic9c551998832129051ada07374ed02da3248dc9c
Android captures per-process system memory state when certain low memory
events (e.g a foreground app kill) occur, to identify potential memory
hoggers. In order to measure how much memory a process actually consumes,
it is necessary to include the DMA buffer sizes for that process in the
memory accounting. Since the handle to DMA buffers are raw FDs, it is
important to be able to identify which processes have FD references to
a DMA buffer.
Currently, DMA buffer FDs can be accounted using /proc/<pid>/fd/* and
/proc/<pid>/fdinfo -- both are only readable by the process owner,
as follows:
1. Do a readlink on each FD.
2. If the target path begins with "/dmabuf", then the FD is a dmabuf FD.
3. stat the file to get the dmabuf inode number.
4. Read/ proc/<pid>/fdinfo/<fd>, to get the DMA buffer size.
Accessing other processes' fdinfo requires root privileges. This limits
the use of the interface to debugging environments and is not suitable
for production builds. Granting root privileges even to a system process
increases the attack surface and is highly undesirable.
Since fdinfo doesn't permit reading process memory and manipulating
process state, allow accessing fdinfo under PTRACE_MODE_READ_FSCRED.
Suggested-by: Jann Horn <jannh@google.com>
Signed-off-by: Kalesh Singh <kaleshsingh@google.com>
Bug: 159126739
Bug: 167141117
Link: https://lore.kernel.org/lkml/20210208155315.1367371-1-kaleshsingh@google.com/
Change-Id: I41407760c7170621420739a044dbc27bdccac339
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmARRrcACgkQONu9yGCS
aT7n8xAA0lDCM7V1v/EAYw+7ZN1HNXCZhkOZzwrbFz2SSRnu0UGRbA6B9tcdHWA4
FX3ZgNcEaut3HgT4TYa3xZfhq6tB4w1vfHXyvcuDlgVv+0+LGbPaZiH/pq6wIE00
s3buqbtasRIQw4UEokos6ZJCiXHr9EmbCauQYViSf8YWR5tDjbIaqUB2TI/Cw4Io
xYYqpnHJ51KItNvOPaFoUWYA6zrD7R963aAf+vmvBfDrgcs0UgH5OTO0XY6FCYKR
ZgVMX/1pioWTAF8TMq2pzU55FP7SlohlcISC8NQrygq8JrKHVmd9c5U/MTd4ytaz
nBaEizEA8Ewz3eTSSED173jJ1OMA06prfx1NQ4fO90U11eTj+IG9qkLePsB7UBe8
7FEJ8lTKgWDDwC7UzctHaI7mIyzAX5EiItRjjlln++bnQZNjjd/TBVGqXu4FAGBP
0yBamdBrNVLVmjJQ7Wudt2iZU/gMkt9R+frq24IZLjW+5XB3L3G3S3vAm+8IYthV
OVh23SfD/w2kPJcvw4z8ZYeOigyDd7CgoLeVwrdH6jM9N1gEEElkt6gsJugPhnxH
odRRfUaRp+3j6M6ZCf8ai2QzsE0l3Uu+mJHdRaWiXOMmbsIuDFrYW/iNlLyHy8i8
EZ01/chEyjs7ek8TNdkbhpHow3wI3Uvpczt/BG7OxH/F+DpTmkE=
=tvv2
-----END PGP SIGNATURE-----
Merge 5.10.11 into android12-5.10
Changes in 5.10.11
scsi: target: tcmu: Fix use-after-free of se_cmd->priv
mtd: rawnand: gpmi: fix dst bit offset when extracting raw payload
mtd: rawnand: nandsim: Fix the logic when selecting Hamming soft ECC engine
i2c: tegra: Wait for config load atomically while in ISR
i2c: bpmp-tegra: Ignore unknown I2C_M flags
platform/x86: i2c-multi-instantiate: Don't create platform device for INT3515 ACPI nodes
platform/x86: ideapad-laptop: Disable touchpad_switch for ELAN0634
ALSA: seq: oss: Fix missing error check in snd_seq_oss_synth_make_info()
ALSA: hda/realtek - Limit int mic boost on Acer Aspire E5-575T
ALSA: hda/via: Add minimum mute flag
crypto: xor - Fix divide error in do_xor_speed()
dm crypt: fix copy and paste bug in crypt_alloc_req_aead
ACPI: scan: Make acpi_bus_get_device() clear return pointer on error
btrfs: don't get an EINTR during drop_snapshot for reloc
btrfs: do not double free backref nodes on error
btrfs: fix lockdep splat in btrfs_recover_relocation
btrfs: don't clear ret in btrfs_start_dirty_block_groups
btrfs: send: fix invalid clone operations when cloning from the same file and root
fs: fix lazytime expiration handling in __writeback_single_inode()
pinctrl: ingenic: Fix JZ4760 support
mmc: core: don't initialize block size from ext_csd if not present
mmc: sdhci-of-dwcmshc: fix rpmb access
mmc: sdhci-xenon: fix 1.8v regulator stabilization
mmc: sdhci-brcmstb: Fix mmc timeout errors on S5 suspend
dm: avoid filesystem lookup in dm_get_dev_t()
dm integrity: fix a crash if "recalculate" used without "internal_hash"
dm integrity: conditionally disable "recalculate" feature
drm/atomic: put state on error path
drm/syncobj: Fix use-after-free
drm/amdgpu: remove gpu info firmware of green sardine
drm/amd/display: DCN2X Find Secondary Pipe properly in MPO + ODM Case
drm/i915/gt: Prevent use of engine->wa_ctx after error
drm/i915: Check for rq->hwsp validity after acquiring RCU lock
ASoC: Intel: haswell: Add missing pm_ops
ASoC: rt711: mutex between calibration and power state changes
SUNRPC: Handle TCP socket sends with kernel_sendpage() again
HID: multitouch: Enable multi-input for Synaptics pointstick/touchpad device
HID: sony: select CONFIG_CRC32
dm integrity: select CRYPTO_SKCIPHER
x86/hyperv: Fix kexec panic/hang issues
scsi: ufs: Relax the condition of UFSHCI_QUIRK_SKIP_MANUAL_WB_FLUSH_CTRL
scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback
scsi: qedi: Correct max length of CHAP secret
scsi: scsi_debug: Fix memleak in scsi_debug_init()
scsi: sd: Suppress spurious errors when WRITE SAME is being disabled
riscv: Fix kernel time_init()
riscv: Fix sifive serial driver
riscv: Enable interrupts during syscalls with M-Mode
HID: logitech-dj: add the G602 receiver
HID: Ignore battery for Elan touchscreen on ASUS UX550
clk: tegra30: Add hda clock default rates to clock driver
ALSA: hda/tegra: fix tegra-hda on tegra30 soc
riscv: cacheinfo: Fix using smp_processor_id() in preemptible
arm64: make atomic helpers __always_inline
xen: Fix event channel callback via INTX/GSI
x86/xen: Add xen_no_vector_callback option to test PCI INTX delivery
x86/xen: Fix xen_hvm_smp_init() when vector callback not available
dts: phy: fix missing mdio device and probe failure of vsc8541-01 device
dts: phy: add GPIO number and active state used for phy reset
riscv: defconfig: enable gpio support for HiFive Unleashed
drm/amdgpu/psp: fix psp gfx ctrl cmds
drm/amd/display: disable dcn10 pipe split by default
HID: logitech-hidpp: Add product ID for MX Ergo in Bluetooth mode
drm/amd/display: Fix to be able to stop crc calculation
drm/nouveau/bios: fix issue shadowing expansion ROMs
drm/nouveau/privring: ack interrupts the same way as RM
drm/nouveau/i2c/gm200: increase width of aux semaphore owner fields
drm/nouveau/mmu: fix vram heap sizing
drm/nouveau/kms/nv50-: fix case where notifier buffer is at offset 0
io_uring: flush timeouts that should already have expired
libperf tests: If a test fails return non-zero
libperf tests: Fail when failing to get a tracepoint id
RISC-V: Set current memblock limit
RISC-V: Fix maximum allowed phsyical memory for RV32
x86/xen: fix 'nopvspin' build error
nfsd: Fixes for nfsd4_encode_read_plus_data()
nfsd: Don't set eof on a truncated READ_PLUS
gpiolib: cdev: fix frame size warning in gpio_ioctl()
pinctrl: aspeed: g6: Fix PWMG0 pinctrl setting
pinctrl: mediatek: Fix fallback call path
RDMA/ucma: Do not miss ctx destruction steps in some cases
btrfs: print the actual offset in btrfs_root_name
scsi: megaraid_sas: Fix MEGASAS_IOC_FIRMWARE regression
scsi: ufs: ufshcd-pltfrm depends on HAS_IOMEM
scsi: ufs: Fix tm request when non-fatal error happens
crypto: omap-sham - Fix link error without crypto-engine
bpf: Prevent double bpf_prog_put call from bpf_tracing_prog_attach
powerpc: Use the common INIT_DATA_SECTION macro in vmlinux.lds.S
powerpc: Fix alignment bug within the init sections
arm64: entry: remove redundant IRQ flag tracing
bpf: Reject too big ctx_size_in for raw_tp test run
drm/amdkfd: Fix out-of-bounds read in kdf_create_vcrat_image_cpu()
RDMA/umem: Avoid undefined behavior of rounddown_pow_of_two()
RDMA/cma: Fix error flow in default_roce_mode_store
printk: ringbuffer: fix line counting
printk: fix kmsg_dump_get_buffer length calulations
iov_iter: fix the uaccess area in copy_compat_iovec_from_user
i2c: octeon: check correct size of maximum RECV_LEN packet
drm/vc4: Unify PCM card's driver_name
platform/x86: intel-vbtn: Drop HP Stream x360 Convertible PC 11 from allow-list
platform/x86: hp-wmi: Don't log a warning on HPWMI_RET_UNKNOWN_COMMAND errors
gpio: sifive: select IRQ_DOMAIN_HIERARCHY rather than depend on it
ALSA: hda: Balance runtime/system PM if direct-complete is disabled
xsk: Clear pool even for inactive queues
selftests: net: fib_tests: remove duplicate log test
can: dev: can_restart: fix use after free bug
can: vxcan: vxcan_xmit: fix use after free bug
can: peak_usb: fix use after free bugs
perf evlist: Fix id index for heterogeneous systems
i2c: sprd: depend on COMMON_CLK to fix compile tests
iio: common: st_sensors: fix possible infinite loop in st_sensors_irq_thread
iio: ad5504: Fix setting power-down state
drivers: iio: temperature: Add delay after the addressed reset command in mlx90632.c
iio: adc: ti_am335x_adc: remove omitted iio_kfifo_free()
counter:ti-eqep: remove floor
powerpc/64s: fix scv entry fallback flush vs interrupt
cifs: do not fail __smb_send_rqst if non-fatal signals are pending
irqchip/mips-cpu: Set IPI domain parent chip
x86/fpu: Add kernel_fpu_begin_mask() to selectively initialize state
x86/topology: Make __max_die_per_package available unconditionally
x86/mmx: Use KFPU_387 for MMX string operations
x86/setup: don't remove E820_TYPE_RAM for pfn 0
proc_sysctl: fix oops caused by incorrect command parameters
mm: memcg/slab: optimize objcg stock draining
mm: memcg: fix memcg file_dirty numa stat
mm: fix numa stats for thp migration
io_uring: iopoll requests should also wake task ->in_idle state
io_uring: fix SQPOLL IORING_OP_CLOSE cancelation state
io_uring: fix short read retries for non-reg files
intel_th: pci: Add Alder Lake-P support
stm class: Fix module init return on allocation failure
serial: mvebu-uart: fix tx lost characters at power off
ehci: fix EHCI host controller initialization sequence
USB: ehci: fix an interrupt calltrace error
usb: gadget: aspeed: fix stop dma register setting.
USB: gadget: dummy-hcd: Fix errors in port-reset handling
usb: udc: core: Use lock when write to soft_connect
usb: bdc: Make bdc pci driver depend on BROKEN
usb: cdns3: imx: fix writing read-only memory issue
usb: cdns3: imx: fix can't create core device the second time issue
xhci: make sure TRB is fully written before giving it to the controller
xhci: tegra: Delay for disabling LFPS detector
drivers core: Free dma_range_map when driver probe failed
driver core: Fix device link device name collision
driver core: Extend device_is_dependent()
drm/i915: s/intel_dp_sink_dpms/intel_dp_set_power/
drm/i915: Only enable DFP 4:4:4->4:2:0 conversion when outputting YCbCr 4:4:4
x86/entry: Fix noinstr fail
x86/cpu/amd: Set __max_die_per_package on AMD
cls_flower: call nla_ok() before nla_next()
netfilter: rpfilter: mask ecn bits before fib lookup
tools: gpio: fix %llu warning in gpio-event-mon.c
tools: gpio: fix %llu warning in gpio-watch.c
drm/i915/hdcp: Update CP property in update_pipe
sh: dma: fix kconfig dependency for G2_DMA
sh: Remove unused HAVE_COPY_THREAD_TLS macro
locking/lockdep: Cure noinstr fail
ASoC: SOF: Intel: fix page fault at probe if i915 init fails
octeontx2-af: Fix missing check bugs in rvu_cgx.c
net: dsa: mv88e6xxx: also read STU state in mv88e6250_g1_vtu_getnext
selftests/powerpc: Fix exit status of pkey tests
sh_eth: Fix power down vs. is_opened flag ordering
nvme-pci: refactor nvme_unmap_data
nvme-pci: fix error unwind in nvme_map_data
cachefiles: Drop superfluous readpages aops NULL check
lightnvm: fix memory leak when submit fails
skbuff: back tiny skbs with kmalloc() in __netdev_alloc_skb() too
kasan: fix unaligned address is unhandled in kasan_remove_zero_shadow
kasan: fix incorrect arguments passing in kasan_add_zero_shadow
tcp: fix TCP socket rehash stats mis-accounting
net_sched: gen_estimator: support large ewma log
udp: mask TOS bits in udp_v4_early_demux()
ipv6: create multicast route with RTPROT_KERNEL
net_sched: avoid shift-out-of-bounds in tcindex_set_parms()
net_sched: reject silly cell_log in qdisc_get_rtab()
ipv6: set multicast flag on the multicast route
net: mscc: ocelot: allow offloading of bridge on top of LAG
net: Disable NETIF_F_HW_TLS_RX when RXCSUM is disabled
net: dsa: b53: fix an off by one in checking "vlan->vid"
tcp: do not mess with cloned skbs in tcp_add_backlog()
tcp: fix TCP_USER_TIMEOUT with zero window
net: mscc: ocelot: Fix multicast to the CPU port
net: core: devlink: use right genl user_ptr when handling port param get/set
pinctrl: qcom: Allow SoCs to specify a GPIO function that's not 0
pinctrl: qcom: No need to read-modify-write the interrupt status
pinctrl: qcom: Properly clear "intr_ack_high" interrupts when unmasking
pinctrl: qcom: Don't clear pending interrupts when enabling
x86/sev: Fix nonistr violation
tty: implement write_iter
tty: fix up hung_up_tty_write() conversion
net: systemport: free dev before on error path
x86/sev-es: Handle string port IO to kernel memory properly
tcp: Fix potential use-after-free due to double kfree()
ASoC: SOF: Intel: hda: Avoid checking jack on system suspend
drm/i915/hdcp: Get conn while content_type changed
bpf: Local storage helpers should check nullness of owner ptr passed
kernfs: implement ->read_iter
kernfs: implement ->write_iter
kernfs: wire up ->splice_read and ->splice_write
interconnect: imx8mq: Use icc_sync_state
fs/pipe: allow sendfile() to pipe again
Commit 9bb48c82ac ("tty: implement write_iter") converted the tty layer to use write_iter. Fix the redirected_tty_write declaration also in n_tty and change the comparisons to use write_iter instead of write. also in n_tty and change the comparisons to use write_iter instead of write.
mm: fix initialization of struct page for holes in memory layout
Revert "mm: fix initialization of struct page for holes in memory layout"
Linux 5.10.11
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I502239d06f9bcd68b59149376f3c796c64de5942
commit 697edcb0e4 upstream.
The process_sysctl_arg() does not check whether val is empty before
invoking strlen(val). If the command line parameter () is incorrectly
configured and val is empty, oops is triggered.
For example:
"hung_task_panic=1" is incorrectly written as "hung_task_panic", oops is
triggered. The call stack is as follows:
Kernel command line: .... hung_task_panic
......
Call trace:
__pi_strlen+0x10/0x98
parse_args+0x278/0x344
do_sysctl_args+0x8c/0xfc
kernel_init+0x5c/0xf4
ret_from_fork+0x10/0x30
To fix it, check whether "val" is empty when "phram" is a sysctl field.
Error codes are returned in the failure branch, and error logs are
generated by parse_args().
Link: https://lkml.kernel.org/r/20210118133029.28580-1-nixiaoming@huawei.com
Fixes: 3db978d480 ("kernel/sysctl: support setting sysctl parameters from kernel command line")
Signed-off-by: Xiaoming Ni <nixiaoming@huawei.com>
Acked-by: Vlastimil Babka <vbabka@suse.cz>
Cc: Luis Chamberlain <mcgrof@kernel.org>
Cc: Kees Cook <keescook@chromium.org>
Cc: Iurii Zaikin <yzaikin@google.com>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Michal Hocko <mhocko@suse.com>
Cc: Masami Hiramatsu <mhiramat@kernel.org>
Cc: Heiner Kallweit <hkallweit1@gmail.com>
Cc: Randy Dunlap <rdunlap@infradead.org>
Cc: <stable@vger.kernel.org> [5.8+]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
The VMA sequence count has been introduced to allow fast detection of
VMA modification when running a page fault handler without holding
the mmap_sem.
This patch provides protection against the VMA modification done in :
- madvise()
- mpol_rebind_policy()
- vma_replace_policy()
- change_prot_numa()
- mlock(), munlock()
- mprotect()
- mmap_region()
- collapse_huge_page()
- userfaultd registering services
In addition, VMA fields which will be read during the speculative fault
path needs to be written using WRITE_ONCE to prevent write to be split
and intermediate values to be pushed to other CPUs.
Change-Id: Ic36046b7254e538b6baf7144c50ae577ee7f2074
Signed-off-by: Laurent Dufour <ldufour@linux.vnet.ibm.com>
Link: https://lore.kernel.org/lkml/1523975611-15978-10-git-send-email-ldufour@linux.vnet.ibm.com/
Bug: 161210518
Signed-off-by: Vinayak Menon <vinmenon@codeaurora.org>
Signed-off-by: Charan Teja Reddy <charante@codeaurora.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmAHFpcACgkQONu9yGCS
aT4Vhw/+JLscHnfK//hbS6Nx95MY95VMzy+p2ccADXRy3O/5nr0HwGKnXTKB4Bg+
05S3Hv9ZU/XSszLWvgFQ0Z0peU241ASPz1uLTgtpziBT5plXa5eJULBZ+WknWMef
dNKpvKPphpEbQ0yz6o/4sbNAdiI9BzyGCOicQ2dl9nY7R/JA9YHquUD7iHMnvbs+
yxwwawNHVwszUT/fJT3iFzOAehHGAttHdf3z/bGPS1ogy2S7J5IluJgTAibd3P7G
5o7OUUA5ujEtjBLIkA61fqeL2Qaci83Ff/8KEPEfF1JeLBbMHYcLHnz3RAwBaLZh
nlM4smyTeekcnHIzyRGw16OmpoYwY3MQAt+UFLCzKhlnscB0UqCNkA9zQA9k/taw
cy7/fe5hWFU9DRv4uTUT2H1tkP+pNQ5eIaejPHMtld5JlYXoDN4RyQq7sAyMQgBj
CXADStYSR/f5sWWgRbRs1F7E0lrePsVpjOcqHXxbsS+52yN2CZSKazlOIJ9xArfM
cTzzLUuYbMZoHjIDdMMkjA41VMmyJ+BKrqEgzu3LsJQs57o/ckjnQx4VV5YiHhci
v35OL8oa9IZi8WQikB9bx2WZRWUChOGKwMNeeUwEFD4Zmye1OtyyHuzYQf9QSjRv
zbf1owwsg3xnfkvLcfru8mNMgJkgG8RpuNNVPO8boWZ4pgPu2tk=
=5K55
-----END PGP SIGNATURE-----
Merge 5.10.9 into android12-5.10
Changes in 5.10.9
btrfs: reloc: fix wrong file extent type check to avoid false ENOENT
btrfs: prevent NULL pointer dereference in extent_io_tree_panic
ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machines
ALSA: doc: Fix reference to mixart.rst
ASoC: AMD Renoir - add DMI entry for Lenovo ThinkPad X395
ASoC: dapm: remove widget from dirty list on free
x86/hyperv: check cpu mask after interrupt has been disabled
drm/amdgpu: add green_sardine device id (v2)
drm/amdgpu: fix DRM_INFO flood if display core is not supported (bug 210921)
Revert "drm/amd/display: Fixed Intermittent blue screen on OLED panel"
drm/amdgpu: add new device id for Renior
drm/i915: Allow the sysadmin to override security mitigations
drm/i915/gt: Limit VFE threads based on GT
drm/i915/backlight: fix CPU mode backlight takeover on LPT
drm/bridge: sii902x: Refactor init code into separate function
dt-bindings: display: sii902x: Add supply bindings
drm/bridge: sii902x: Enable I/O and core VCC supplies if present
tracing/kprobes: Do the notrace functions check without kprobes on ftrace
tools/bootconfig: Add tracing_on support to helper scripts
ext4: use IS_ERR instead of IS_ERR_OR_NULL and set inode null when IS_ERR
ext4: fix wrong list_splice in ext4_fc_cleanup
ext4: fix bug for rename with RENAME_WHITEOUT
cifs: check pointer before freeing
cifs: fix interrupted close commands
riscv: Drop a duplicated PAGE_KERNEL_EXEC
riscv: return -ENOSYS for syscall -1
riscv: Fixup CONFIG_GENERIC_TIME_VSYSCALL
riscv: Fix KASAN memory mapping.
mips: fix Section mismatch in reference
mips: lib: uncached: fix non-standard usage of variable 'sp'
MIPS: boot: Fix unaligned access with CONFIG_MIPS_RAW_APPENDED_DTB
MIPS: Fix malformed NT_FILE and NT_SIGINFO in 32bit coredumps
MIPS: relocatable: fix possible boot hangup with KASLR enabled
RDMA/ocrdma: Fix use after free in ocrdma_dealloc_ucontext_pd()
ACPI: scan: Harden acpi_device_add() against device ID overflows
xen/privcmd: allow fetching resource sizes
compiler.h: Raise minimum version of GCC to 5.1 for arm64
mm/vmalloc.c: fix potential memory leak
mm/hugetlb: fix potential missing huge page size info
mm/process_vm_access.c: include compat.h
dm raid: fix discard limits for raid1
dm snapshot: flush merged data before committing metadata
dm integrity: fix flush with external metadata device
dm integrity: fix the maximum number of arguments
dm crypt: use GFP_ATOMIC when allocating crypto requests from softirq
dm crypt: do not wait for backlogged crypto request completion in softirq
dm crypt: do not call bio_endio() from the dm-crypt tasklet
dm crypt: defer decryption to a tasklet if interrupts disabled
stmmac: intel: change all EHL/TGL to auto detect phy addr
r8152: Add Lenovo Powered USB-C Travel Hub
btrfs: tree-checker: check if chunk item end overflows
ext4: don't leak old mountpoint samples
io_uring: don't take files/mm for a dead task
io_uring: drop mm and files after task_work_run
ARC: build: remove non-existing bootpImage from KBUILD_IMAGE
ARC: build: add uImage.lzma to the top-level target
ARC: build: add boot_targets to PHONY
ARC: build: move symlink creation to arch/arc/Makefile to avoid race
ARM: omap2: pmic-cpcap: fix maximum voltage to be consistent with defaults on xt875
ath11k: fix crash caused by NULL rx_channel
netfilter: ipset: fixes possible oops in mtype_resize
ath11k: qmi: try to allocate a big block of DMA memory first
btrfs: fix async discard stall
btrfs: merge critical sections of discard lock in workfn
btrfs: fix transaction leak and crash after RO remount caused by qgroup rescan
regulator: bd718x7: Add enable times
ethernet: ucc_geth: fix definition and size of ucc_geth_tx_global_pram
ARM: dts: ux500/golden: Set display max brightness
habanalabs: adjust pci controller init to new firmware
habanalabs/gaudi: retry loading TPC f/w on -EINTR
habanalabs: register to pci shutdown callback
staging: spmi: hisi-spmi-controller: Fix some error handling paths
spi: altera: fix return value for altera_spi_txrx()
habanalabs: Fix memleak in hl_device_reset
hwmon: (pwm-fan) Ensure that calculation doesn't discard big period values
lib/raid6: Let $(UNROLL) rules work with macOS userland
kconfig: remove 'kvmconfig' and 'xenconfig' shorthands
spi: fix the divide by 0 error when calculating xfer waiting time
io_uring: drop file refs after task cancel
bfq: Fix computation of shallow depth
arch/arc: add copy_user_page() to <asm/page.h> to fix build error on ARC
misdn: dsp: select CONFIG_BITREVERSE
net: ethernet: fs_enet: Add missing MODULE_LICENSE
selftests: fix the return value for UDP GRO test
nvme-pci: mark Samsung PM1725a as IGNORE_DEV_SUBNQN
nvme: avoid possible double fetch in handling CQE
nvmet-rdma: Fix list_del corruption on queue establishment failure
drm/amd/display: fix sysfs amdgpu_current_backlight_pwm NULL pointer issue
drm/amdgpu: fix a GPU hang issue when remove device
drm/amd/pm: fix the failure when change power profile for renoir
drm/amdgpu: fix potential memory leak during navi12 deinitialization
usb: typec: Fix copy paste error for NVIDIA alt-mode description
iommu/vt-d: Fix lockdep splat in sva bind()/unbind()
ACPI: scan: add stub acpi_create_platform_device() for !CONFIG_ACPI
drm/msm: Call msm_init_vram before binding the gpu
ARM: picoxcell: fix missing interrupt-parent properties
poll: fix performance regression due to out-of-line __put_user()
rcu-tasks: Move RCU-tasks initialization to before early_initcall()
bpf: Simplify task_file_seq_get_next()
bpf: Save correct stopping point in file seq iteration
x86/sev-es: Fix SEV-ES OUT/IN immediate opcode vc handling
cfg80211: select CONFIG_CRC32
nvme-fc: avoid calling _nvme_fc_abort_outstanding_ios from interrupt context
iommu/vt-d: Update domain geometry in iommu_ops.at(de)tach_dev
net/mlx5e: CT: Use per flow counter when CT flow accounting is enabled
net/mlx5: Fix passing zero to 'PTR_ERR'
net/mlx5: E-Switch, fix changing vf VLANID
blk-mq-debugfs: Add decode for BLK_MQ_F_TAG_HCTX_SHARED
mm: fix clear_refs_write locking
mm: don't play games with pinned pages in clear_page_refs
mm: don't put pinned pages into the swap cache
perf intel-pt: Fix 'CPU too large' error
dump_common_audit_data(): fix racy accesses to ->d_name
ASoC: meson: axg-tdm-interface: fix loopback
ASoC: meson: axg-tdmin: fix axg skew offset
ASoC: Intel: fix error code cnl_set_dsp_D0()
nvmet-rdma: Fix NULL deref when setting pi_enable and traddr INADDR_ANY
nvme: don't intialize hwmon for discovery controllers
nvme-tcp: fix possible data corruption with bio merges
nvme-tcp: Fix warning with CONFIG_DEBUG_PREEMPT
NFS4: Fix use-after-free in trace_event_raw_event_nfs4_set_lock
pNFS: We want return-on-close to complete when evicting the inode
pNFS: Mark layout for return if return-on-close was not sent
pNFS: Stricter ordering of layoutget and layoutreturn
NFS: Adjust fs_context error logging
NFS/pNFS: Don't call pnfs_free_bucket_lseg() before removing the request
NFS/pNFS: Don't leak DS commits in pnfs_generic_retry_commit()
NFS/pNFS: Fix a leak of the layout 'plh_outstanding' counter
NFS: nfs_delegation_find_inode_server must first reference the superblock
NFS: nfs_igrab_and_active must first reference the superblock
scsi: ufs: Fix possible power drain during system suspend
ext4: fix superblock checksum failure when setting password salt
RDMA/restrack: Don't treat as an error allocation ID wrapping
RDMA/usnic: Fix memleak in find_free_vf_and_create_qp_grp
bnxt_en: Improve stats context resource accounting with RDMA driver loaded.
RDMA/mlx5: Fix wrong free of blue flame register on error
IB/mlx5: Fix error unwinding when set_has_smi_cap fails
umount(2): move the flag validity checks first
dm zoned: select CONFIG_CRC32
drm/i915/dsi: Use unconditional msleep for the panel_on_delay when there is no reset-deassert MIPI-sequence
drm/i915/icl: Fix initing the DSI DSC power refcount during HW readout
drm/i915/gt: Restore clear-residual mitigations for Ivybridge, Baytrail
mm, slub: consider rest of partial list if acquire_slab() fails
riscv: Trace irq on only interrupt is enabled
iommu/vt-d: Fix unaligned addresses for intel_flush_svm_range_dev()
net: sunrpc: interpret the return value of kstrtou32 correctly
selftests: netfilter: Pass family parameter "-f" to conntrack tool
dm: eliminate potential source of excessive kernel log noise
ALSA: fireface: Fix integer overflow in transmit_midi_msg()
ALSA: firewire-tascam: Fix integer overflow in midi_port_work()
netfilter: conntrack: fix reading nf_conntrack_buckets
netfilter: nf_nat: Fix memleak in nf_nat_init
Linux 5.10.9
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I609e501511889081e03d2d18ee7e1be95406f396
[ Upstream commit 9348b73c2e ]
Turning a pinned page read-only breaks the pinning after COW. Don't do it.
The whole "track page soft dirty" state doesn't work with pinned pages
anyway, since the page might be dirtied by the pinning entity without
ever being noticed in the page tables.
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 29a951dfb3 ]
Turning page table entries read-only requires the mmap_sem held for
writing.
So stop doing the odd games with turning things from read locks to write
locks and back. Just get the write lock.
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Changes in 5.10.6
Revert "drm/amd/display: Fix memory leaks in S3 resume"
Revert "mtd: spinand: Fix OOB read"
rtc: pcf2127: move watchdog initialisation to a separate function
rtc: pcf2127: only use watchdog when explicitly available
dt-bindings: rtc: add reset-source property
kdev_t: always inline major/minor helper functions
Bluetooth: Fix attempting to set RPA timeout when unsupported
ALSA: hda/realtek - Modify Dell platform name
ALSA: hda/hdmi: Fix incorrect mutex unlock in silent_stream_disable()
drm/i915/tgl: Fix Combo PHY DPLL fractional divider for 38.4MHz ref clock
scsi: ufs: Allow an error return value from ->device_reset()
scsi: ufs: Re-enable WriteBooster after device reset
RDMA/core: remove use of dma_virt_ops
RDMA/siw,rxe: Make emulated devices virtual in the device tree
fuse: fix bad inode
perf: Break deadlock involving exec_update_mutex
rwsem: Implement down_read_killable_nested
rwsem: Implement down_read_interruptible
exec: Transform exec_update_mutex into a rw_semaphore
mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start
Linux 5.10.6
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Id4c57a151a1e8f2162163d2337b6055f04edbe9b
[ Upstream commit f7cfd871ae ]
Recently syzbot reported[0] that there is a deadlock amongst the users
of exec_update_mutex. The problematic lock ordering found by lockdep
was:
perf_event_open (exec_update_mutex -> ovl_i_mutex)
chown (ovl_i_mutex -> sb_writes)
sendfile (sb_writes -> p->lock)
by reading from a proc file and writing to overlayfs
proc_pid_syscall (p->lock -> exec_update_mutex)
While looking at possible solutions it occured to me that all of the
users and possible users involved only wanted to state of the given
process to remain the same. They are all readers. The only writer is
exec.
There is no reason for readers to block on each other. So fix
this deadlock by transforming exec_update_mutex into a rw_semaphore
named exec_update_lock that only exec takes for writing.
Cc: Jann Horn <jannh@google.com>
Cc: Vasiliy Kulikov <segoon@openwall.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Bernd Edlinger <bernd.edlinger@hotmail.de>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Christopher Yeoh <cyeoh@au1.ibm.com>
Cc: Cyrill Gorcunov <gorcunov@gmail.com>
Cc: Sargun Dhillon <sargun@sargun.me>
Cc: Christian Brauner <christian.brauner@ubuntu.com>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Arnaldo Carvalho de Melo <acme@kernel.org>
Fixes: eea9673250 ("exec: Add exec_update_mutex to replace cred_guard_mutex")
[0] https://lkml.kernel.org/r/00000000000063640c05ade8e3de@google.com
Reported-by: syzbot+db9cdf3dd1f64252c6ef@syzkaller.appspotmail.com
Link: https://lkml.kernel.org/r/87ft4mbqen.fsf@x220.int.ebiederm.org
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Changes in 5.10.4
hwmon: (k10temp) Remove support for displaying voltage and current on Zen CPUs
drm/gma500: fix double free of gma_connector
iio: adc: at91_adc: add Kconfig dep on the OF symbol and remove of_match_ptr()
drm/aspeed: Fix Kconfig warning & subsequent build errors
drm/mcde: Fix handling of platform_get_irq() error
drm/tve200: Fix handling of platform_get_irq() error
arm64: dts: renesas: hihope-rzg2-ex: Drop rxc-skew-ps from ethernet-phy node
arm64: dts: renesas: cat875: Remove rxc-skew-ps from ethernet-phy node
soc: renesas: rmobile-sysc: Fix some leaks in rmobile_init_pm_domains()
soc: mediatek: Check if power domains can be powered on at boot time
arm64: dts: mediatek: mt8183: fix gce incorrect mbox-cells value
arm64: dts: ipq6018: update the reserved-memory node
arm64: dts: qcom: sc7180: Fix one forgotten interconnect reference
soc: qcom: geni: More properly switch to DMA mode
Revert "i2c: i2c-qcom-geni: Fix DMA transfer race"
RDMA/bnxt_re: Set queue pair state when being queried
rtc: pcf2127: fix pcf2127_nvmem_read/write() returns
RDMA/bnxt_re: Fix entry size during SRQ create
selinux: fix error initialization in inode_doinit_with_dentry()
ARM: dts: aspeed-g6: Fix the GPIO memory size
ARM: dts: aspeed: s2600wf: Fix VGA memory region location
RDMA/core: Fix error return in _ib_modify_qp()
RDMA/rxe: Compute PSN windows correctly
x86/mm/ident_map: Check for errors from ident_pud_init()
ARM: p2v: fix handling of LPAE translation in BE mode
RDMA/rtrs-clt: Remove destroy_con_cq_qp in case route resolving failed
RDMA/rtrs-clt: Missing error from rtrs_rdma_conn_established
RDMA/rtrs-srv: Don't guard the whole __alloc_srv with srv_mutex
x86/apic: Fix x2apic enablement without interrupt remapping
ASoC: qcom: fix unsigned int bitwidth compared to less than zero
sched/deadline: Fix sched_dl_global_validate()
sched: Reenable interrupts in do_sched_yield()
drm/amdgpu: fix incorrect enum type
crypto: talitos - Endianess in current_desc_hdr()
crypto: talitos - Fix return type of current_desc_hdr()
crypto: inside-secure - Fix sizeof() mismatch
ASoC: sun4i-i2s: Fix lrck_period computation for I2S justified mode
drm/msm: Add missing stub definition
ARM: dts: aspeed: tiogapass: Remove vuart
drm/amdgpu: fix build_coefficients() argument
powerpc/64: Set up a kernel stack for secondaries before cpu_restore()
spi: img-spfi: fix reference leak in img_spfi_resume
f2fs: call f2fs_get_meta_page_retry for nat page
RDMA/mlx5: Fix corruption of reg_pages in mlx5_ib_rereg_user_mr()
perf test: Use generic event for expand_libpfm_events()
drm/msm/dp: DisplayPort PHY compliance tests fixup
drm/msm/dsi_pll_7nm: restore VCO rate during restore_state
drm/msm/dsi_pll_10nm: restore VCO rate during restore_state
drm/msm/dpu: fix clock scaling on non-sc7180 board
spi: spi-mem: fix reference leak in spi_mem_access_start
scsi: aacraid: Improve compat_ioctl handlers
pinctrl: core: Add missing #ifdef CONFIG_GPIOLIB
ASoC: pcm: DRAIN support reactivation
drm/bridge: tpd12s015: Fix irq registering in tpd12s015_probe
crypto: arm64/poly1305-neon - reorder PAC authentication with SP update
crypto: arm/aes-neonbs - fix usage of cbc(aes) fallback
crypto: caam - fix printing on xts fallback allocation error path
selinux: fix inode_doinit_with_dentry() LABEL_INVALID error handling
nl80211/cfg80211: fix potential infinite loop
spi: stm32: fix reference leak in stm32_spi_resume
bpf: Fix tests for local_storage
x86/mce: Correct the detection of invalid notifier priorities
drm/edid: Fix uninitialized variable in drm_cvt_modes()
ath11k: Initialize complete alpha2 for regulatory change
ath11k: Fix number of rules in filtered ETSI regdomain
ath11k: fix wmi init configuration
brcmfmac: Fix memory leak for unpaired brcmf_{alloc/free}
arm64: dts: exynos: Include common syscon restart/poweroff for Exynos7
arm64: dts: exynos: Correct psci compatible used on Exynos7
drm/panel: simple: Add flags to boe_nv133fhm_n61
Bluetooth: Fix null pointer dereference in hci_event_packet()
Bluetooth: Fix: LL PRivacy BLE device fails to connect
Bluetooth: hci_h5: fix memory leak in h5_close
spi: stm32-qspi: fix reference leak in stm32 qspi operations
spi: spi-ti-qspi: fix reference leak in ti_qspi_setup
spi: mt7621: fix missing clk_disable_unprepare() on error in mt7621_spi_probe
spi: tegra20-slink: fix reference leak in slink ops of tegra20
spi: tegra20-sflash: fix reference leak in tegra_sflash_resume
spi: tegra114: fix reference leak in tegra spi ops
spi: bcm63xx-hsspi: fix missing clk_disable_unprepare() on error in bcm63xx_hsspi_resume
spi: imx: fix reference leak in two imx operations
ASoC: qcom: common: Fix refcounting in qcom_snd_parse_of()
ath11k: Handle errors if peer creation fails
mwifiex: fix mwifiex_shutdown_sw() causing sw reset failure
drm/msm/a6xx: Clear shadow on suspend
drm/msm/a5xx: Clear shadow on suspend
firmware: tegra: fix strncpy()/strncat() confusion
drm/msm/dp: return correct connection status after suspend
drm/msm/dp: skip checking LINK_STATUS_UPDATED bit
drm/msm/dp: do not notify audio subsystem if sink doesn't support audio
selftests/run_kselftest.sh: fix dry-run typo
selftest/bpf: Add missed ip6ip6 test back
ASoC: wm8994: Fix PM disable depth imbalance on error
ASoC: wm8998: Fix PM disable depth imbalance on error
spi: sprd: fix reference leak in sprd_spi_remove
virtiofs fix leak in setup
ASoC: arizona: Fix a wrong free in wm8997_probe
RDMa/mthca: Work around -Wenum-conversion warning
ASoC: SOF: Intel: fix Kconfig dependency for SND_INTEL_DSP_CONFIG
arm64: dts: ti: k3-am65*/j721e*: Fix unit address format error for dss node
MIPS: BCM47XX: fix kconfig dependency bug for BCM47XX_BCMA
drm/amdgpu: fix compute queue priority if num_kcq is less than 4
soc: ti: omap-prm: Do not check rstst bit on deassert if already deasserted
crypto: Kconfig - CRYPTO_MANAGER_EXTRA_TESTS requires the manager
crypto: qat - fix status check in qat_hal_put_rel_rd_xfer()
firmware: arm_scmi: Fix missing destroy_workqueue()
drm/udl: Fix missing error code in udl_handle_damage()
staging: greybus: codecs: Fix reference counter leak in error handling
staging: gasket: interrupt: fix the missed eventfd_ctx_put() in gasket_interrupt.c
scripts: kernel-doc: Restore anonymous enum parsing
drm/amdkfd: Put ACPI table after using it
ionic: use mc sync for multicast filters
ionic: flatten calls to ionic_lif_rx_mode
ionic: change set_rx_mode from_ndo to can_sleep
media: tm6000: Fix sizeof() mismatches
media: platform: add missing put_device() call in mtk_jpeg_clk_init()
media: mtk-vcodec: add missing put_device() call in mtk_vcodec_init_dec_pm()
media: mtk-vcodec: add missing put_device() call in mtk_vcodec_release_dec_pm()
media: mtk-vcodec: add missing put_device() call in mtk_vcodec_init_enc_pm()
media: v4l2-fwnode: Return -EINVAL for invalid bus-type
media: v4l2-fwnode: v4l2_fwnode_endpoint_parse caller must init vep argument
media: ov5640: fix support of BT656 bus mode
media: staging: rkisp1: cap: fix runtime PM imbalance on error
media: cedrus: fix reference leak in cedrus_start_streaming
media: platform: add missing put_device() call in mtk_jpeg_probe() and mtk_jpeg_remove()
media: venus: core: change clk enable and disable order in resume and suspend
media: venus: core: vote for video-mem path
media: venus: core: vote with average bandwidth and peak bandwidth as zero
RDMA/cma: Add missing error handling of listen_id
ASoC: meson: fix COMPILE_TEST error
spi: dw: fix build error by selecting MULTIPLEXER
scsi: core: Fix VPD LUN ID designator priorities
media: venus: put dummy vote on video-mem path after last session release
media: solo6x10: fix missing snd_card_free in error handling case
video: fbdev: atmel_lcdfb: fix return error code in atmel_lcdfb_of_init()
mmc: sdhci: tegra: fix wrong unit with busy_timeout
drm/omap: dmm_tiler: fix return error code in omap_dmm_probe()
drm/meson: Free RDMA resources after tearing down DRM
drm/meson: Unbind all connectors on module removal
drm/meson: dw-hdmi: Register a callback to disable the regulator
drm/meson: dw-hdmi: Ensure that clocks are enabled before touching the TOP registers
ASoC: intel: SND_SOC_INTEL_KEEMBAY should depend on ARCH_KEEMBAY
iommu/vt-d: include conditionally on CONFIG_INTEL_IOMMU_SVM
Input: ads7846 - fix race that causes missing releases
Input: ads7846 - fix integer overflow on Rt calculation
Input: ads7846 - fix unaligned access on 7845
bus: mhi: core: Remove double locking from mhi_driver_remove()
bus: mhi: core: Fix null pointer access when parsing MHI configuration
usb/max3421: fix return error code in max3421_probe()
spi: mxs: fix reference leak in mxs_spi_probe
selftests/bpf: Fix broken riscv build
powerpc: Avoid broken GCC __attribute__((optimize))
powerpc/feature: Fix CPU_FTRS_ALWAYS by removing CPU_FTRS_GENERIC_32
ARM: dts: tacoma: Fix node vs reg mismatch for flash memory
Revert "powerpc/pseries/hotplug-cpu: Remove double free in error path"
powerpc/powernv/sriov: fix unsigned int win compared to less than zero
mfd: htc-i2cpld: Add the missed i2c_put_adapter() in htcpld_register_chip_i2c()
mfd: MFD_SL28CPLD should depend on ARCH_LAYERSCAPE
mfd: stmfx: Fix dev_err_probe() call in stmfx_chip_init()
mfd: cpcap: Fix interrupt regression with regmap clear_ack
EDAC/mce_amd: Use struct cpuinfo_x86.cpu_die_id for AMD NodeId
scsi: ufs: Avoid to call REQ_CLKS_OFF to CLKS_OFF
scsi: ufs: Fix clkgating on/off
rcu: Allow rcu_irq_enter_check_tick() from NMI
rcu,ftrace: Fix ftrace recursion
rcu/tree: Defer kvfree_rcu() allocation to a clean context
crypto: crypto4xx - Replace bitwise OR with logical OR in crypto4xx_build_pd
crypto: omap-aes - Fix PM disable depth imbalance in omap_aes_probe
crypto: sun8i-ce - fix two error path's memory leak
spi: fix resource leak for drivers without .remove callback
drm/meson: dw-hdmi: Disable clocks on driver teardown
drm/meson: dw-hdmi: Enable the iahb clock early enough
PCI: Disable MSI for Pericom PCIe-USB adapter
PCI: brcmstb: Initialize "tmp" before use
soc: ti: knav_qmss: fix reference leak in knav_queue_probe
soc: ti: Fix reference imbalance in knav_dma_probe
drivers: soc: ti: knav_qmss_queue: Fix error return code in knav_queue_probe
soc: qcom: initialize local variable
arm64: dts: qcom: sm8250: correct compatible for sm8250-mtp
arm64: dts: qcom: msm8916-samsung-a2015: Disable muic i2c pin bias
Input: omap4-keypad - fix runtime PM error handling
clk: meson: Kconfig: fix dependency for G12A
staging: mfd: hi6421-spmi-pmic: fix error return code in hi6421_spmi_pmic_probe()
ath11k: Fix the rx_filter flag setting for peer rssi stats
RDMA/cxgb4: Validate the number of CQEs
soundwire: Fix DEBUG_LOCKS_WARN_ON for uninitialized attribute
pinctrl: sunxi: fix irq bank map for the Allwinner A100 pin controller
memstick: fix a double-free bug in memstick_check
ARM: dts: at91: sam9x60: add pincontrol for USB Host
ARM: dts: at91: sama5d4_xplained: add pincontrol for USB Host
ARM: dts: at91: sama5d3_xplained: add pincontrol for USB Host
mmc: pxamci: Fix error return code in pxamci_probe
brcmfmac: fix error return code in brcmf_cfg80211_connect()
orinoco: Move context allocation after processing the skb
qtnfmac: fix error return code in qtnf_pcie_probe()
rsi: fix error return code in rsi_reset_card()
cw1200: fix missing destroy_workqueue() on error in cw1200_init_common
dmaengine: mv_xor_v2: Fix error return code in mv_xor_v2_probe()
arm64: dts: qcom: sdm845: Limit ipa iommu streams
leds: netxbig: add missing put_device() call in netxbig_leds_get_of_pdata()
leds: lp50xx: Fix an error handling path in 'lp50xx_probe_dt()'
leds: turris-omnia: check for LED_COLOR_ID_RGB instead LED_COLOR_ID_MULTI
arm64: tegra: Fix DT binding for IO High Voltage entry
RDMA/cma: Fix deadlock on &lock in rdma_cma_listen_on_all() error unwind
soundwire: qcom: Fix build failure when slimbus is module
drm/imx/dcss: fix rotations for Vivante tiled formats
media: siano: fix memory leak of debugfs members in smsdvb_hotplug
platform/x86: mlx-platform: Remove PSU EEPROM from default platform configuration
platform/x86: mlx-platform: Remove PSU EEPROM from MSN274x platform configuration
arm64: dts: qcom: sc7180: limit IPA iommu streams
RDMA/hns: Only record vlan info for HIP08
RDMA/hns: Fix missing fields in address vector
RDMA/hns: Avoid setting loopback indicator when smac is same as dmac
serial: 8250-mtk: Fix reference leak in mtk8250_probe
samples: bpf: Fix lwt_len_hist reusing previous BPF map
media: imx214: Fix stop streaming
mips: cdmm: fix use-after-free in mips_cdmm_bus_discover
media: max2175: fix max2175_set_csm_mode() error code
slimbus: qcom-ngd-ctrl: Avoid sending power requests without QMI
RDMA/core: Track device memory MRs
drm/mediatek: Use correct aliases name for ovl
HSI: omap_ssi: Don't jump to free ID in ssi_add_controller()
ARM: dts: Remove non-existent i2c1 from 98dx3236
arm64: dts: armada-3720-turris-mox: update ethernet-phy handle name
power: supply: bq25890: Use the correct range for IILIM register
arm64: dts: rockchip: Set dr_mode to "host" for OTG on rk3328-roc-cc
power: supply: max17042_battery: Fix current_{avg,now} hiding with no current sense
power: supply: axp288_charger: Fix HP Pavilion x2 10 DMI matching
power: supply: bq24190_charger: fix reference leak
genirq/irqdomain: Don't try to free an interrupt that has no mapping
arm64: dts: ls1028a: fix ENETC PTP clock input
arm64: dts: ls1028a: fix FlexSPI clock input
arm64: dts: freescale: sl28: combine SPI MTD partitions
phy: tegra: xusb: Fix usb_phy device driver field
arm64: dts: qcom: c630: Polish i2c-hid devices
arm64: dts: qcom: c630: Fix pinctrl pins properties
PCI: Bounds-check command-line resource alignment requests
PCI: Fix overflow in command-line resource alignment requests
PCI: iproc: Fix out-of-bound array accesses
PCI: iproc: Invalidate correct PAXB inbound windows
arm64: dts: meson: fix spi-max-frequency on Khadas VIM2
arm64: dts: meson-sm1: fix typo in opp table
soc: amlogic: canvas: add missing put_device() call in meson_canvas_get()
scsi: hisi_sas: Fix up probe error handling for v3 hw
scsi: pm80xx: Do not sleep in atomic context
spi: spi-fsl-dspi: Use max_native_cs instead of num_chipselect to set SPI_MCR
ARM: dts: at91: at91sam9rl: fix ADC triggers
RDMA/hns: Fix 0-length sge calculation error
RDMA/hns: Bugfix for calculation of extended sge
mailbox: arm_mhu_db: Fix mhu_db_shutdown by replacing kfree with devm_kfree
soundwire: master: use pm_runtime_set_active() on add
platform/x86: dell-smbios-base: Fix error return code in dell_smbios_init
ASoC: Intel: Boards: tgl_max98373: update TDM slot_width
media: max9271: Fix GPIO enable/disable
media: rdacm20: Enable GPIO1 explicitly
media: i2c: imx219: Selection compliance fixes
ath11k: Don't cast ath11k_skb_cb to ieee80211_tx_info.control
ath11k: Reset ath11k_skb_cb before setting new flags
ath11k: Fix an error handling path
ath10k: Fix the parsing error in service available event
ath10k: Fix an error handling path
ath10k: Release some resources in an error handling path
SUNRPC: rpc_wake_up() should wake up tasks in the correct order
NFSv4.2: condition READDIR's mask for security label based on LSM state
SUNRPC: xprt_load_transport() needs to support the netid "rdma6"
NFSv4: Fix the alignment of page data in the getdeviceinfo reply
net: sunrpc: Fix 'snprintf' return value check in 'do_xprt_debugfs'
lockd: don't use interval-based rebinding over TCP
NFS: switch nfsiod to be an UNBOUND workqueue.
selftests/seccomp: Update kernel config
vfio-pci: Use io_remap_pfn_range() for PCI IO memory
hwmon: (ina3221) Fix PM usage counter unbalance in ina3221_write_enable
f2fs: fix double free of unicode map
media: tvp5150: Fix wrong return value of tvp5150_parse_dt()
media: saa7146: fix array overflow in vidioc_s_audio()
powerpc/perf: Fix crash with is_sier_available when pmu is not set
powerpc/64: Fix an EMIT_BUG_ENTRY in head_64.S
powerpc/xmon: Fix build failure for 8xx
powerpc/perf: Fix to update radix_scope_qual in power10
powerpc/perf: Update the PMU group constraints for l2l3 events in power10
powerpc/perf: Fix the PMU group constraints for threshold events in power10
clocksource/drivers/orion: Add missing clk_disable_unprepare() on error path
clocksource/drivers/cadence_ttc: Fix memory leak in ttc_setup_clockevent()
clocksource/drivers/ingenic: Fix section mismatch
clocksource/drivers/riscv: Make RISCV_TIMER depends on RISCV_SBI
arm64: mte: fix prctl(PR_GET_TAGGED_ADDR_CTRL) if TCF0=NONE
iio: hrtimer-trigger: Mark hrtimer to expire in hard interrupt context
libbpf: Sanitise map names before pinning
ARM: dts: at91: sam9x60ek: remove bypass property
ARM: dts: at91: sama5d2: map securam as device
scripts: kernel-doc: fix parsing function-like typedefs
bpf: Fix bpf_put_raw_tracepoint()'s use of __module_address()
selftests/bpf: Fix invalid use of strncat in test_sockmap
pinctrl: falcon: add missing put_device() call in pinctrl_falcon_probe()
soc: rockchip: io-domain: Fix error return code in rockchip_iodomain_probe()
arm64: dts: rockchip: Fix UART pull-ups on rk3328
memstick: r592: Fix error return in r592_probe()
MIPS: Don't round up kernel sections size for memblock_add()
mt76: mt7663s: fix a possible ple quota underflow
mt76: mt7915: set fops_sta_stats.owner to THIS_MODULE
mt76: set fops_tx_stats.owner to THIS_MODULE
mt76: dma: fix possible deadlock running mt76_dma_cleanup
net/mlx5: Properly convey driver version to firmware
mt76: fix memory leak if device probing fails
mt76: fix tkip configuration for mt7615/7663 devices
ASoC: jz4740-i2s: add missed checks for clk_get()
ASoC: q6afe-clocks: Add missing parent clock rate
dm ioctl: fix error return code in target_message
ASoC: cros_ec_codec: fix uninitialized memory read
ASoC: atmel: mchp-spdifrx needs COMMON_CLK
ASoC: qcom: fix QDSP6 dependencies, attempt #3
phy: mediatek: allow compile-testing the hdmi phy
phy: renesas: rcar-gen3-usb2: disable runtime pm in case of failure
memory: ti-emif-sram: only build for ARMv7
memory: jz4780_nemc: Fix potential NULL dereference in jz4780_nemc_probe()
drm/msm: a5xx: Make preemption reset case reentrant
drm/msm: add IOMMU_SUPPORT dependency
clocksource/drivers/arm_arch_timer: Use stable count reader in erratum sne
clocksource/drivers/arm_arch_timer: Correct fault programming of CNTKCTL_EL1.EVNTI
cpufreq: ap806: Add missing MODULE_DEVICE_TABLE
cpufreq: highbank: Add missing MODULE_DEVICE_TABLE
cpufreq: mediatek: Add missing MODULE_DEVICE_TABLE
cpufreq: qcom: Add missing MODULE_DEVICE_TABLE
cpufreq: st: Add missing MODULE_DEVICE_TABLE
cpufreq: sun50i: Add missing MODULE_DEVICE_TABLE
cpufreq: loongson1: Add missing MODULE_ALIAS
cpufreq: scpi: Add missing MODULE_ALIAS
cpufreq: vexpress-spc: Add missing MODULE_ALIAS
cpufreq: imx: fix NVMEM_IMX_OCOTP dependency
macintosh/adb-iop: Always wait for reply message from IOP
macintosh/adb-iop: Send correct poll command
staging: bcm2835: fix vchiq_mmal dependencies
staging: greybus: audio: Fix possible leak free widgets in gbaudio_dapm_free_controls
spi: dw: Fix error return code in dw_spi_bt1_probe()
Bluetooth: btusb: Add the missed release_firmware() in btusb_mtk_setup_firmware()
Bluetooth: btmtksdio: Add the missed release_firmware() in mtk_setup_firmware()
Bluetooth: sco: Fix crash when using BT_SNDMTU/BT_RCVMTU option
block/rnbd-clt: Dynamically alloc buffer for pathname & blk_symlink_name
block/rnbd: fix a null pointer dereference on dev->blk_symlink_name
Bluetooth: btusb: Fix detection of some fake CSR controllers with a bcdDevice val of 0x0134
platform/x86: intel-vbtn: Fix SW_TABLET_MODE always reporting 1 on some HP x360 models
adm8211: fix error return code in adm8211_probe()
mtd: spi-nor: sst: fix BPn bits for the SST25VF064C
mtd: spi-nor: ignore errors in spi_nor_unlock_all()
mtd: spi-nor: atmel: remove global protection flag
mtd: spi-nor: atmel: fix unlock_all() for AT25FS010/040
arm64: dts: meson: g12b: odroid-n2: fix PHY deassert timing requirements
arm64: dts: meson: fix PHY deassert timing requirements
ARM: dts: meson: fix PHY deassert timing requirements
arm64: dts: meson: g12a: x96-max: fix PHY deassert timing requirements
arm64: dts: meson: g12b: w400: fix PHY deassert timing requirements
clk: fsl-sai: fix memory leak
scsi: qedi: Fix missing destroy_workqueue() on error in __qedi_probe
scsi: pm80xx: Fix error return in pm8001_pci_probe()
scsi: iscsi: Fix inappropriate use of put_device()
seq_buf: Avoid type mismatch for seq_buf_init
scsi: fnic: Fix error return code in fnic_probe()
platform/x86: mlx-platform: Fix item counter assignment for MSN2700, MSN24xx systems
platform/x86: mlx-platform: Fix item counter assignment for MSN2700/ComEx system
ARM: 9030/1: entry: omit FP emulation for UND exceptions taken in kernel mode
powerpc/pseries/hibernation: drop pseries_suspend_begin() from suspend ops
powerpc/pseries/hibernation: remove redundant cacheinfo update
powerpc/powermac: Fix low_sleep_handler with CONFIG_VMAP_STACK
drm/mediatek: avoid dereferencing a null hdmi_phy on an error message
ASoC: amd: change clk_get() to devm_clk_get() and add missed checks
coresight: remove broken __exit annotations
ASoC: max98390: Fix error codes in max98390_dsm_init()
powerpc/mm: sanity_check_fault() should work for all, not only BOOK3S
usb: ehci-omap: Fix PM disable depth umbalance in ehci_hcd_omap_probe
usb: oxu210hp-hcd: Fix memory leak in oxu_create
speakup: fix uninitialized flush_lock
nfsd: Fix message level for normal termination
NFSD: Fix 5 seconds delay when doing inter server copy
nfs_common: need lock during iterate through the list
x86/kprobes: Restore BTF if the single-stepping is cancelled
scsi: qla2xxx: Fix FW initialization error on big endian machines
scsi: qla2xxx: Fix N2N and NVMe connect retry failure
platform/chrome: cros_ec_spi: Don't overwrite spi::mode
misc: pci_endpoint_test: fix return value of error branch
bus: fsl-mc: add back accidentally dropped error check
bus: fsl-mc: fix error return code in fsl_mc_object_allocate()
fsi: Aspeed: Add mutex to protect HW access
s390/cio: fix use-after-free in ccw_device_destroy_console
iwlwifi: dbg-tlv: fix old length in is_trig_data_contained()
iwlwifi: mvm: hook up missing RX handlers
erofs: avoid using generic_block_bmap
clk: renesas: r8a779a0: Fix R and OSC clocks
can: m_can: m_can_config_endisable(): remove double clearing of clock stop request bit
powerpc/sstep: Emulate prefixed instructions only when CPU_FTR_ARCH_31 is set
powerpc/sstep: Cover new VSX instructions under CONFIG_VSX
slimbus: qcom: fix potential NULL dereference in qcom_slim_prg_slew()
ALSA: hda/hdmi: fix silent stream for first playback to DP
RDMA/core: Do not indicate device ready when device enablement fails
RDMA/uverbs: Fix incorrect variable type
remoteproc/mediatek: change MT8192 CFG register base
remoteproc/mtk_scp: surround DT device IDs with CONFIG_OF
remoteproc: q6v5-mss: fix error handling in q6v5_pds_enable
remoteproc: qcom: fix reference leak in adsp_start
remoteproc: qcom: pas: fix error handling in adsp_pds_enable
remoteproc: k3-dsp: Fix return value check in k3_dsp_rproc_of_get_memories()
remoteproc: qcom: Fix potential NULL dereference in adsp_init_mmio()
remoteproc/mediatek: unprepare clk if scp_before_load fails
clk: qcom: gcc-sc7180: Use floor ops for sdcc clks
clk: tegra: Fix duplicated SE clock entry
mtd: rawnand: gpmi: fix reference count leak in gpmi ops
mtd: rawnand: meson: Fix a resource leak in init
mtd: rawnand: gpmi: Fix the random DMA timeout issue
samples/bpf: Fix possible hang in xdpsock with multiple threads
fs: Handle I_DONTCACHE in iput_final() instead of generic_drop_inode()
extcon: max77693: Fix modalias string
crypto: atmel-i2c - select CONFIG_BITREVERSE
mac80211: don't set set TDLS STA bandwidth wider than possible
mac80211: fix a mistake check for rx_stats update
ASoC: wm_adsp: remove "ctl" from list on error in wm_adsp_create_control()
irqchip/alpine-msi: Fix freeing of interrupts on allocation error path
irqchip/ti-sci-inta: Fix printing of inta id on probe success
irqchip/ti-sci-intr: Fix freeing of irqs
dmaengine: ti: k3-udma: Correct normal channel offset when uchan_cnt is not 0
RDMA/hns: Limit the length of data copied between kernel and userspace
RDMA/hns: Normalization the judgment of some features
RDMA/hns: Do shift on traffic class when using RoCEv2
gpiolib: irq hooks: fix recursion in gpiochip_irq_unmask
ath11k: Fix incorrect tlvs in scan start command
irqchip/qcom-pdc: Fix phantom irq when changing between rising/falling
watchdog: armada_37xx: Add missing dependency on HAS_IOMEM
watchdog: sirfsoc: Add missing dependency on HAS_IOMEM
watchdog: sprd: remove watchdog disable from resume fail path
watchdog: sprd: check busy bit before new loading rather than after that
watchdog: Fix potential dereferencing of null pointer
ubifs: Fix error return code in ubifs_init_authentication()
um: Monitor error events in IRQ controller
um: tty: Fix handling of close in tty lines
um: chan_xterm: Fix fd leak
sunrpc: fix xs_read_xdr_buf for partial pages receive
RDMA/mlx5: Fix MR cache memory leak
RDMA/cma: Don't overwrite sgid_attr after device is released
nfc: s3fwrn5: Release the nfc firmware
drm: mxsfb: Silence -EPROBE_DEFER while waiting for bridge
powerpc/perf: Fix Threshold Event Counter Multiplier width for P10
powerpc/ps3: use dma_mapping_error()
perf test: Fix metric parsing test
drm/amdgpu: fix regression in vbios reservation handling on headless
mm/gup: reorganize internal_get_user_pages_fast()
mm/gup: prevent gup_fast from racing with COW during fork
mm/gup: combine put_compound_head() and unpin_user_page()
mm: memcg/slab: fix return of child memcg objcg for root memcg
mm: memcg/slab: fix use after free in obj_cgroup_charge
mm/rmap: always do TTU_IGNORE_ACCESS
sparc: fix handling of page table constructor failure
mm/vmalloc: Fix unlock order in s_stop()
mm/vmalloc.c: fix kasan shadow poisoning size
mm,memory_failure: always pin the page in madvise_inject_error
hugetlb: fix an error code in hugetlb_reserve_pages()
mm: don't wake kswapd prematurely when watermark boosting is disabled
proc: fix lookup in /proc/net subdirectories after setns(2)
checkpatch: fix unescaped left brace
s390/test_unwind: fix CALL_ON_STACK tests
lan743x: fix rx_napi_poll/interrupt ping-pong
ice, xsk: clear the status bits for the next_to_use descriptor
i40e, xsk: clear the status bits for the next_to_use descriptor
net: dsa: qca: ar9331: fix sleeping function called from invalid context bug
dpaa2-eth: fix the size of the mapped SGT buffer
net: bcmgenet: Fix a resource leak in an error handling path in the probe functin
net: mscc: ocelot: Fix a resource leak in the error handling path of the probe function
net: allwinner: Fix some resources leak in the error handling path of the probe and in the remove function
block/rnbd-clt: Get rid of warning regarding size argument in strlcpy
block/rnbd-clt: Fix possible memleak
NFS/pNFS: Fix a typo in ff_layout_resend_pnfs_read()
net: korina: fix return value
devlink: use _BITUL() macro instead of BIT() in the UAPI header
libnvdimm/label: Return -ENXIO for no slot in __blk_label_update
powerpc/32s: Fix cleanup_cpu_mmu_context() compile bug
watchdog: qcom: Avoid context switch in restart handler
watchdog: coh901327: add COMMON_CLK dependency
clk: ti: Fix memleak in ti_fapll_synth_setup
pwm: zx: Add missing cleanup in error path
pwm: lp3943: Dynamically allocate PWM chip base
pwm: imx27: Fix overflow for bigger periods
pwm: sun4i: Remove erroneous else branch
io_uring: cancel only requests of current task
tools build: Add missing libcap to test-all.bin target
perf record: Fix memory leak when using '--user-regs=?' to list registers
qlcnic: Fix error code in probe
nfp: move indirect block cleanup to flower app stop callback
vdpa/mlx5: Use write memory barrier after updating CQ index
virtio_ring: Cut and paste bugs in vring_create_virtqueue_packed()
virtio_net: Fix error code in probe()
virtio_ring: Fix two use after free bugs
vhost scsi: fix error return code in vhost_scsi_set_endpoint()
epoll: check for events when removing a timed out thread from the wait queue
clk: bcm: dvp: Add MODULE_DEVICE_TABLE()
clk: at91: sama7g5: fix compilation error
clk: at91: sam9x60: remove atmel,osc-bypass support
clk: s2mps11: Fix a resource leak in error handling paths in the probe function
clk: sunxi-ng: Make sure divider tables have sentinel
clk: vc5: Use "idt,voltage-microvolt" instead of "idt,voltage-microvolts"
kconfig: fix return value of do_error_if()
powerpc/boot: Fix build of dts/fsl
powerpc/smp: Add __init to init_big_cores()
ARM: 9044/1: vfp: use undef hook for VFP support detection
ARM: 9036/1: uncompress: Fix dbgadtb size parameter name
perf probe: Fix memory leak when synthesizing SDT probes
io_uring: fix racy IOPOLL flush overflow
io_uring: cancel reqs shouldn't kill overflow list
Smack: Handle io_uring kernel thread privileges
proc mountinfo: make splice available again
io_uring: fix io_cqring_events()'s noflush
io_uring: fix racy IOPOLL completions
io_uring: always let io_iopoll_complete() complete polled io
vfio/pci: Move dummy_resources_list init in vfio_pci_probe()
vfio/pci/nvlink2: Do not attempt NPU2 setup on POWER8NVL NPU
media: gspca: Fix memory leak in probe
io_uring: fix io_wqe->work_list corruption
io_uring: fix 0-iov read buffer select
io_uring: hold uring_lock while completing failed polled io in io_wq_submit_work()
io_uring: fix ignoring xa_store errors
io_uring: fix double io_uring free
io_uring: make ctx cancel on exit targeted to actual ctx
media: sunxi-cir: ensure IR is handled when it is continuous
media: netup_unidvb: Don't leak SPI master in probe error path
media: ipu3-cio2: Remove traces of returned buffers
media: ipu3-cio2: Return actual subdev format
media: ipu3-cio2: Serialise access to pad format
media: ipu3-cio2: Validate mbus format in setting subdev format
media: ipu3-cio2: Make the field on subdev format V4L2_FIELD_NONE
Input: cyapa_gen6 - fix out-of-bounds stack access
ALSA: hda/ca0132 - Change Input Source enum strings.
ACPI: NFIT: Fix input validation of bus-family
PM: ACPI: PCI: Drop acpi_pm_set_bridge_wakeup()
Revert "ACPI / resources: Use AE_CTRL_TERMINATE to terminate resources walks"
ACPI: PNP: compare the string length in the matching_id()
ALSA: hda: Fix regressions on clear and reconfig sysfs
ALSA: hda/ca0132 - Fix AE-5 rear headphone pincfg.
ALSA: hda/realtek: make bass spk volume adjustable on a yoga laptop
ALSA: hda/realtek - Enable headset mic of ASUS X430UN with ALC256
ALSA: hda/realtek - Enable headset mic of ASUS Q524UQK with ALC255
ALSA: hda/realtek - Add supported for more Lenovo ALC285 Headset Button
ALSA: pcm: oss: Fix a few more UBSAN fixes
ALSA/hda: apply jack fixup for the Acer Veriton N4640G/N6640G/N2510G
ALSA: hda/realtek: Add quirk for MSI-GP73
ALSA: hda/realtek: Apply jack fixup for Quanta NL3
ALSA: hda/realtek: Remove dummy lineout on Acer TravelMate P648/P658
ALSA: hda/realtek - Supported Dell fixed type headset
ALSA: usb-audio: Add VID to support native DSD reproduction on FiiO devices
ALSA: usb-audio: Disable sample read check if firmware doesn't give back
ALSA: usb-audio: Add alias entry for ASUS PRIME TRX40 PRO-S
ALSA: core: memalloc: add page alignment for iram
s390/smp: perform initial CPU reset also for SMT siblings
s390/kexec_file: fix diag308 subcode when loading crash kernel
s390/idle: add missing mt_cycles calculation
s390/idle: fix accounting with machine checks
s390/dasd: fix hanging device offline processing
s390/dasd: prevent inconsistent LCU device data
s390/dasd: fix list corruption of pavgroup group list
s390/dasd: fix list corruption of lcu list
binder: add flag to clear buffer on txn complete
ASoC: cx2072x: Fix doubly definitions of Playback and Capture streams
ASoC: AMD Renoir - add DMI table to avoid the ACP mic probe (broken BIOS)
ASoC: AMD Raven/Renoir - fix the PCI probe (PCI revision)
staging: comedi: mf6x4: Fix AI end-of-conversion detection
z3fold: simplify freeing slots
z3fold: stricter locking and more careful reclaim
perf/x86/intel: Add event constraint for CYCLE_ACTIVITY.STALLS_MEM_ANY
perf/x86/intel: Fix rtm_abort_event encoding on Ice Lake
perf/x86/intel/lbr: Fix the return type of get_lbr_cycles()
powerpc/perf: Exclude kernel samples while counting events in user space.
cpufreq: intel_pstate: Use most recent guaranteed performance values
crypto: ecdh - avoid unaligned accesses in ecdh_set_secret()
crypto: arm/aes-ce - work around Cortex-A57/A72 silion errata
m68k: Fix WARNING splat in pmac_zilog driver
Documentation: seqlock: s/LOCKTYPE/LOCKNAME/g
EDAC/i10nm: Use readl() to access MMIO registers
EDAC/amd64: Fix PCI component registration
cpuset: fix race between hotplug work and later CPU offline
dyndbg: fix use before null check
USB: serial: mos7720: fix parallel-port state restore
USB: serial: digi_acceleport: fix write-wakeup deadlocks
USB: serial: keyspan_pda: fix dropped unthrottle interrupts
USB: serial: keyspan_pda: fix write deadlock
USB: serial: keyspan_pda: fix stalled writes
USB: serial: keyspan_pda: fix write-wakeup use-after-free
USB: serial: keyspan_pda: fix tx-unthrottle use-after-free
USB: serial: keyspan_pda: fix write unthrottling
btrfs: do not shorten unpin len for caching block groups
btrfs: update last_byte_to_unpin in switch_commit_roots
btrfs: fix race when defragmenting leads to unnecessary IO
ext4: fix an IS_ERR() vs NULL check
ext4: fix a memory leak of ext4_free_data
ext4: fix deadlock with fs freezing and EA inodes
ext4: don't remount read-only with errors=continue on reboot
RISC-V: Fix usage of memblock_enforce_memory_limit
arm64: dts: ti: k3-am65: mark dss as dma-coherent
arm64: dts: marvell: keep SMMU disabled by default for Armada 7040 and 8040
KVM: arm64: Introduce handling of AArch32 TTBCR2 traps
KVM: x86: reinstate vendor-agnostic check on SPEC_CTRL cpuid bits
KVM: SVM: Remove the call to sev_platform_status() during setup
iommu/arm-smmu: Allow implementation specific write_s2cr
iommu/arm-smmu-qcom: Read back stream mappings
iommu/arm-smmu-qcom: Implement S2CR quirk
ARM: dts: pandaboard: fix pinmux for gpio user button of Pandaboard ES
ARM: dts: at91: sama5d2: fix CAN message ram offset and size
ARM: tegra: Populate OPP table for Tegra20 Ventana
xprtrdma: Fix XDRBUF_SPARSE_PAGES support
powerpc/32: Fix vmap stack - Properly set r1 before activating MMU on syscall too
powerpc: Fix incorrect stw{, ux, u, x} instructions in __set_pte_at
powerpc/rtas: Fix typo of ibm,open-errinjct in RTAS filter
powerpc/bitops: Fix possible undefined behaviour with fls() and fls64()
powerpc/feature: Add CPU_FTR_NOEXECUTE to G2_LE
powerpc/xmon: Change printk() to pr_cont()
powerpc/8xx: Fix early debug when SMC1 is relocated
powerpc/mm: Fix verification of MMU_FTR_TYPE_44x
powerpc/powernv/npu: Do not attempt NPU2 setup on POWER8NVL NPU
powerpc/powernv/memtrace: Don't leak kernel memory to user space
powerpc/powernv/memtrace: Fix crashing the kernel when enabling concurrently
ovl: make ioctl() safe
ima: Don't modify file descriptor mode on the fly
um: Remove use of asprinf in umid.c
um: Fix time-travel mode
ceph: fix race in concurrent __ceph_remove_cap invocations
SMB3: avoid confusing warning message on mount to Azure
SMB3.1.1: remove confusing mount warning when no SPNEGO info on negprot rsp
SMB3.1.1: do not log warning message if server doesn't populate salt
ubifs: wbuf: Don't leak kernel memory to flash
jffs2: Fix GC exit abnormally
jffs2: Fix ignoring mounting options problem during remounting
fsnotify: generalize handle_inode_event()
inotify: convert to handle_inode_event() interface
fsnotify: fix events reported to watching parent and child
jfs: Fix array index bounds check in dbAdjTree
drm/panfrost: Fix job timeout handling
drm/panfrost: Move the GPU reset bits outside the timeout handler
platform/x86: mlx-platform: remove an unused variable
drm/amdgpu: only set DP subconnector type on DP and eDP connectors
drm/amd/display: Fix memory leaks in S3 resume
drm/dp_aux_dev: check aux_dev before use in drm_dp_aux_dev_get_by_minor()
drm/i915: Fix mismatch between misplaced vma check and vma insert
iio: ad_sigma_delta: Don't put SPI transfer buffer on the stack
spi: pxa2xx: Fix use-after-free on unbind
spi: spi-sh: Fix use-after-free on unbind
spi: atmel-quadspi: Fix use-after-free on unbind
spi: spi-mtk-nor: Don't leak SPI master in probe error path
spi: ar934x: Don't leak SPI master in probe error path
spi: davinci: Fix use-after-free on unbind
spi: fsl: fix use of spisel_boot signal on MPC8309
spi: gpio: Don't leak SPI master in probe error path
spi: mxic: Don't leak SPI master in probe error path
spi: npcm-fiu: Disable clock in probe error path
spi: pic32: Don't leak DMA channels in probe error path
spi: rb4xx: Don't leak SPI master in probe error path
spi: rpc-if: Fix use-after-free on unbind
spi: sc18is602: Don't leak SPI master in probe error path
spi: spi-geni-qcom: Fix use-after-free on unbind
spi: spi-qcom-qspi: Fix use-after-free on unbind
spi: st-ssc4: Fix unbalanced pm_runtime_disable() in probe error path
spi: synquacer: Disable clock in probe error path
spi: mt7621: Disable clock in probe error path
spi: mt7621: Don't leak SPI master in probe error path
spi: atmel-quadspi: Disable clock in probe error path
spi: atmel-quadspi: Fix AHB memory accesses
soc: qcom: smp2p: Safely acquire spinlock without IRQs
mtd: spinand: Fix OOB read
mtd: parser: cmdline: Fix parsing of part-names with colons
mtd: core: Fix refcounting for unpartitioned MTDs
mtd: rawnand: qcom: Fix DMA sync on FLASH_STATUS register read
mtd: rawnand: meson: fix meson_nfc_dma_buffer_release() arguments
scsi: qla2xxx: Fix crash during driver load on big endian machines
scsi: lpfc: Fix invalid sleeping context in lpfc_sli4_nvmet_alloc()
scsi: lpfc: Fix scheduling call while in softirq context in lpfc_unreg_rpi
scsi: lpfc: Re-fix use after free in lpfc_rq_buf_free()
openat2: reject RESOLVE_BENEATH|RESOLVE_IN_ROOT
iio: buffer: Fix demux update
iio: adc: rockchip_saradc: fix missing clk_disable_unprepare() on error in rockchip_saradc_resume
iio: imu: st_lsm6dsx: fix edge-trigger interrupts
iio:light:rpr0521: Fix timestamp alignment and prevent data leak.
iio:light:st_uvis25: Fix timestamp alignment and prevent data leak.
iio:magnetometer:mag3110: Fix alignment and data leak issues.
iio:pressure:mpl3115: Force alignment of buffer
iio:imu:bmi160: Fix too large a buffer.
iio:imu:bmi160: Fix alignment and data leak issues
iio:adc:ti-ads124s08: Fix buffer being too long.
iio:adc:ti-ads124s08: Fix alignment and data leak issues.
md/cluster: block reshape with remote resync job
md/cluster: fix deadlock when node is doing resync job
pinctrl: sunxi: Always call chained_irq_{enter, exit} in sunxi_pinctrl_irq_handler
clk: ingenic: Fix divider calculation with div tables
clk: mvebu: a3700: fix the XTAL MODE pin to MPP1_9
clk: tegra: Do not return 0 on failure
counter: microchip-tcb-capture: Fix CMR value check
device-dax/core: Fix memory leak when rmmod dax.ko
dma-buf/dma-resv: Respect num_fences when initializing the shared fence list.
driver: core: Fix list corruption after device_del()
xen-blkback: set ring->xenblkd to NULL after kthread_stop()
xen/xenbus: Allow watches discard events before queueing
xen/xenbus: Add 'will_handle' callback support in xenbus_watch_path()
xen/xenbus/xen_bus_type: Support will_handle watch callback
xen/xenbus: Count pending messages for each watch
xenbus/xenbus_backend: Disallow pending watch messages
memory: jz4780_nemc: Fix an error pointer vs NULL check in probe()
memory: renesas-rpc-if: Fix a node reference leak in rpcif_probe()
memory: renesas-rpc-if: Return correct value to the caller of rpcif_manual_xfer()
memory: renesas-rpc-if: Fix unbalanced pm_runtime_enable in rpcif_{enable,disable}_rpm
libnvdimm/namespace: Fix reaping of invalidated block-window-namespace labels
platform/x86: intel-vbtn: Allow switch events on Acer Switch Alpha 12
tracing: Disable ftrace selftests when any tracer is running
mt76: add back the SUPPORTS_REORDERING_BUFFER flag
of: fix linker-section match-table corruption
PCI: Fix pci_slot_release() NULL pointer dereference
regulator: axp20x: Fix DLDO2 voltage control register mask for AXP22x
remoteproc: sysmon: Ensure remote notification ordering
thermal/drivers/cpufreq_cooling: Update cpufreq_state only if state has changed
rtc: ep93xx: Fix NULL pointer dereference in ep93xx_rtc_read_time
Revert: "ring-buffer: Remove HAVE_64BIT_ALIGNED_ACCESS"
null_blk: Fix zone size initialization
null_blk: Fail zone append to conventional zones
drm/edid: fix objtool warning in drm_cvt_modes()
x86/CPU/AMD: Save AMD NodeId as cpu_die_id
Linux 5.10.4
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I25209e79d8b9faf5382087955a29b7404bdefe38
[ Upstream commit c6c75deda8 ]
Commit 1fde6f21d9 ("proc: fix /proc/net/* after setns(2)") only forced
revalidation of regular files under /proc/net/
However, /proc/net/ is unusual in the sense of /proc/net/foo handlers
take netns pointer from parent directory which is old netns.
Steps to reproduce:
(void)open("/proc/net/sctp/snmp", O_RDONLY);
unshare(CLONE_NEWNET);
int fd = open("/proc/net/sctp/snmp", O_RDONLY);
read(fd, &c, 1);
Read will read wrong data from original netns.
Patch forces lookup on every directory under /proc/net .
Link: https://lkml.kernel.org/r/20201205160916.GA109739@localhost.localdomain
Fixes: 1da4d377f9 ("proc: revalidate misc dentries")
Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
Reported-by: "Rantala, Tommi T. (Nokia - FI/Espoo)" <tommi.t.rantala@nokia.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
When we try to visit the pagemap of a tagged userspace pointer, we find
that the start_vaddr is not correct because of the tag.
To fix it, we should untag the userspace pointers in pagemap_read().
I tested with 5.10-rc4 and the issue remains.
Explanation from Catalin in [1]:
"Arguably, that's a user-space bug since tagged file offsets were never
supported. In this case it's not even a tag at bit 56 as per the arm64
tagged address ABI but rather down to bit 47. You could say that the
problem is caused by the C library (malloc()) or whoever created the
tagged vaddr and passed it to this function. It's not a kernel
regression as we've never supported it.
Now, pagemap is a special case where the offset is usually not
generated as a classic file offset but rather derived by shifting a
user virtual address. I guess we can make a concession for pagemap
(only) and allow such offset with the tag at bit (56 - PAGE_SHIFT + 3)"
My test code is based on [2]:
A userspace pointer which has been tagged by 0xb4: 0xb400007662f541c8
userspace program:
uint64 OsLayer::VirtualToPhysical(void *vaddr) {
uint64 frame, paddr, pfnmask, pagemask;
int pagesize = sysconf(_SC_PAGESIZE);
off64_t off = ((uintptr_t)vaddr) / pagesize * 8; // off = 0xb400007662f541c8 / pagesize * 8 = 0x5a00003b317aa0
int fd = open(kPagemapPath, O_RDONLY);
...
if (lseek64(fd, off, SEEK_SET) != off || read(fd, &frame, 8) != 8) {
int err = errno;
string errtxt = ErrorString(err);
if (fd >= 0)
close(fd);
return 0;
}
...
}
kernel fs/proc/task_mmu.c:
static ssize_t pagemap_read(struct file *file, char __user *buf,
size_t count, loff_t *ppos)
{
...
src = *ppos;
svpfn = src / PM_ENTRY_BYTES; // svpfn == 0xb400007662f54
start_vaddr = svpfn << PAGE_SHIFT; // start_vaddr == 0xb400007662f54000
end_vaddr = mm->task_size;
/* watch out for wraparound */
// svpfn == 0xb400007662f54
// (mm->task_size >> PAGE) == 0x8000000
if (svpfn > mm->task_size >> PAGE_SHIFT) // the condition is true because of the tag 0xb4
start_vaddr = end_vaddr;
ret = 0;
while (count && (start_vaddr < end_vaddr)) { // we cannot visit correct entry because start_vaddr is set to end_vaddr
int len;
unsigned long end;
...
}
...
}
[1] https://lore.kernel.org/patchwork/patch/1343258/
[2] https://github.com/stressapptest/stressapptest/blob/master/src/os.cc#L158
Link: https://lkml.kernel.org/r/20201204024347.8295-1-miles.chen@mediatek.com
Signed-off-by: Miles Chen <miles.chen@mediatek.com>
Reviewed-by: Vincenzo Frascino <vincenzo.frascino@arm.com>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Andrey Konovalov <andreyknvl@google.com>
Cc: Alexander Potapenko <glider@google.com>
Cc: Vincenzo Frascino <vincenzo.frascino@arm.com>
Cc: Andrey Ryabinin <aryabinin@virtuozzo.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Marco Elver <elver@google.com>
Cc: Will Deacon <will@kernel.org>
Cc: Eric W. Biederman <ebiederm@xmission.com>
Cc: Song Bao Hua (Barry Song) <song.bao.hua@hisilicon.com>
Cc: <stable@vger.kernel.org> [5.4-]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-----BEGIN PGP SIGNATURE-----
iQJEBAABCAAuFiEEwPw5LcreJtl1+l5K99NY+ylx4KYFAl+4DAwQHGF4Ym9lQGtl
cm5lbC5kawAKCRD301j7KXHgphdOD/9xOEnYPuekvVH9G9nyNd//Q9fPArG2+j6V
/MCnze07GNtDt7z15oR+T07hKXmf+Ejh4nu3JJ6MUNfe/47hhJqHSxRHU6+PJCjk
hPrsaTsDedxxLEDiLmvhXnUPzfVzJtefxVAAaKikWOb3SBqLdh7xTFSlor1HbRBl
Zk4d343cjBDYfvSSt/zMWDzwwvramdz7rJnnPMKXITu64ITL5314vuK2YVZmBOet
YujSah7J8FL1jKhiG1Iw5rayd2Q3smnHWIEQ+lvW6WiTvMJMLOxif2xNF4/VEZs1
CBGJUQt42LI6QGEzRBHohcefZFuPGoxnduSzHCOIhh7d6+k+y9mZfsPGohr3g9Ov
NotXpVonnA7GbRqzo1+IfBRve7iRONdZ3/LBwyRmqav4I4jX68wXBNH5IDpVR0Sn
c31avxa/ZL7iLIBx32enp0/r3mqNTQotEleSLUdyJQXAZTyG2INRhjLLXTqSQ5BX
oVp0fZzKCwsr6HCPZpXZ/f2G7dhzuF0ghoceC02GsOVooni22gdVnQj+AWNus398
e+wcimT4MX6AHNFxO2aUtJow0KWWZRzC1p5Mxu/9W3YiMtJiC0YOGePfSqiTqX0g
Uk0H5dOAgBUQrAsusf7bKr0K6W25yEk/JipxhWqi0rC71x42mLTsCT1wxSCvLwqs
WxhdtVKroQ==
=7PAe
-----END PGP SIGNATURE-----
Merge tag 'io_uring-5.10-2020-11-20' of git://git.kernel.dk/linux-block
Pull io_uring fixes from Jens Axboe:
"Mostly regression or stable fodder:
- Disallow async path resolution of /proc/self
- Tighten constraints for segmented async buffered reads
- Fix double completion for a retry error case
- Fix for fixed file life times (Pavel)"
* tag 'io_uring-5.10-2020-11-20' of git://git.kernel.dk/linux-block:
io_uring: order refnode recycling
io_uring: get an active ref_node from files_data
io_uring: don't double complete failed reissue request
mm: never attempt async page lock if we've transferred data already
io_uring: handle -EOPNOTSUPP on path resolution
proc: don't allow async path resolution of /proc/self components
If this is attempted by a kthread, then return -EOPNOTSUPP as we don't
currently support that. Once we can get task_pid_ptr() doing the right
thing, then this can go away again.
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Merge procfs splice read fixes from Christoph Hellwig:
"Greg reported a problem due to the fact that Android tests use procfs
files to test splice, which stopped working with the changes for
set_fs() removal.
This series adds read_iter support for seq_file, and uses those for
various proc files using seq_file to restore splice read support"
[ Side note: Christoph initially had a scripted "move everything over"
patch, which looks fine, but I personally would prefer us to actively
discourage splice() on random files. So this does just the minimal
basic core set of proc file op conversions.
For completeness, and in case people care, that script was
sed -i -e 's/\.proc_read\(\s*=\s*\)seq_read/\.proc_read_iter\1seq_read_iter/g'
but I'll wait and see if somebody has a strong argument for using
splice on random small /proc files before I'd run it on the whole
kernel. - Linus ]
* emailed patches from Christoph Hellwig <hch@lst.de>:
proc "seq files": switch to ->read_iter
proc "single files": switch to ->read_iter
proc/stat: switch to ->read_iter
proc/cpuinfo: switch to ->read_iter
proc: wire up generic_file_splice_read for iter ops
seq_file: add seq_read_iter
Greg Kroah-Hartman