arpi-5.15
1961 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Peter Yoon
|
670c6da635 | Merge branch 'android14-5.15' into arpi-5.15.92 | ||
Dom Cobley
|
e9e421392e | Merge remote-tracking branch 'stable/linux-5.15.y' into rpi-5.15.y | ||
Greg Kroah-Hartman
|
e3d8fe0993 |
Merge 5.15.91 into android14-5.15
Changes in 5.15.91 memory: tegra: Remove clients SID override programming memory: atmel-sdramc: Fix missing clk_disable_unprepare in atmel_ramc_probe() memory: mvebu-devbus: Fix missing clk_disable_unprepare in mvebu_devbus_probe() dmaengine: ti: k3-udma: Do conditional decrement of UDMA_CHAN_RT_PEER_BCNT_REG arm64: dts: imx8mp-phycore-som: Remove invalid PMIC property ARM: dts: imx6ul-pico-dwarf: Use 'clock-frequency' ARM: dts: imx7d-pico: Use 'clock-frequency' ARM: dts: imx6qdl-gw560x: Remove incorrect 'uart-has-rtscts' arm64: dts: imx8mm-beacon: Fix ecspi2 pinmux ARM: imx: add missing of_node_put() HID: intel_ish-hid: Add check for ishtp_dma_tx_map arm64: dts: imx8mm-venice-gw7901: fix USB2 controller OC polarity soc: imx8m: Fix incorrect check for of_clk_get_by_name() reset: uniphier-glue: Use reset_control_bulk API reset: uniphier-glue: Fix possible null-ptr-deref EDAC/highbank: Fix memory leak in highbank_mc_probe() firmware: arm_scmi: Harden shared memory access in fetch_response firmware: arm_scmi: Harden shared memory access in fetch_notification tomoyo: fix broken dependency on *.conf.default RDMA/core: Fix ib block iterator counter overflow IB/hfi1: Reject a zero-length user expected buffer IB/hfi1: Reserve user expected TIDs IB/hfi1: Fix expected receive setup error exit issues IB/hfi1: Immediately remove invalid memory from hardware IB/hfi1: Remove user expected buffer invalidate race affs: initialize fsdata in affs_truncate() PM: AVS: qcom-cpr: Fix an error handling path in cpr_probe() arm64: dts: qcom: msm8992: Don't use sfpb mutex arm64: dts: qcom: msm8992-libra: Add CPU regulators arm64: dts: qcom: msm8992-libra: Fix the memory map phy: ti: fix Kconfig warning and operator precedence NFSD: fix use-after-free in nfsd4_ssc_setup_dul() ARM: dts: at91: sam9x60: fix the ddr clock for sam9x60 amd-xgbe: TX Flow Ctrl Registers are h/w ver dependent amd-xgbe: Delay AN timeout during KR training bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation phy: rockchip-inno-usb2: Fix missing clk_disable_unprepare() in rockchip_usb2phy_power_on() net: nfc: Fix use-after-free in local_cleanup() net: wan: Add checks for NULL for utdm in undo_uhdlc_init and unmap_si_regs net: enetc: avoid deadlock in enetc_tx_onestep_tstamp() sch_htb: Avoid grafting on htb_destroy_class_offload when destroying htb gpio: use raw spinlock for gpio chip shadowed data gpio: mxc: Protect GPIO irqchip RMW with bgpio spinlock gpio: mxc: Always set GPIOs used as interrupt source to INPUT mode wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid pinctrl/rockchip: Use temporary variable for struct device pinctrl/rockchip: add error handling for pull/drive register getters pinctrl: rockchip: fix reading pull type on rk3568 net: stmmac: Fix queue statistics reading net/sched: sch_taprio: fix possible use-after-free l2tp: Serialize access to sk_user_data with sk_callback_lock l2tp: Don't sleep and disable BH under writer-side sk_callback_lock l2tp: convert l2tp_tunnel_list to idr l2tp: close all race conditions in l2tp_tunnel_register() octeontx2-pf: Avoid use of GFP_KERNEL in atomic context net: usb: sr9700: Handle negative len net: mdio: validate parameter addr in mdiobus_get_phy() HID: check empty report_list in hid_validate_values() HID: check empty report_list in bigben_probe() net: stmmac: fix invalid call to mdiobus_get_phy() pinctrl: rockchip: fix mux route data for rk3568 HID: revert CHERRY_MOUSE_000C quirk usb: gadget: f_fs: Prevent race during ffs_ep0_queue_wait usb: gadget: f_fs: Ensure ep0req is dequeued before free_request Bluetooth: Fix possible deadlock in rfcomm_sk_state_change net: ipa: disable ipa interrupt during suspend net/mlx5: E-switch, Fix setting of reserved fields on MODIFY_SCHEDULING_ELEMENT net: mlx5: eliminate anonymous module_init & module_exit drm/panfrost: fix GENERIC_ATOMIC64 dependency dmaengine: Fix double increment of client_count in dma_chan_get() net: macb: fix PTP TX timestamp failure due to packet padding virtio-net: correctly enable callback during start_xmit l2tp: prevent lockdep issue in l2tp_tunnel_register() HID: betop: check shape of output reports cifs: fix potential deadlock in cache_refresh_path() dmaengine: xilinx_dma: call of_node_put() when breaking out of for_each_child_of_node() phy: phy-can-transceiver: Skip warning if no "max-bitrate" drm/amd/display: fix issues with driver unload nvme-pci: fix timeout request state check tcp: avoid the lookup process failing to get sk in ehash table octeontx2-pf: Fix the use of GFP_KERNEL in atomic context on rt ptdma: pt_core_execute_cmd() should use spinlock device property: fix of node refcount leak in fwnode_graph_get_next_endpoint() w1: fix deadloop in __w1_remove_master_device() w1: fix WARNING after calling w1_process() driver core: Fix test_async_probe_init saves device in wrong array selftests/net: toeplitz: fix race on tpacket_v3 block close net: dsa: microchip: ksz9477: port map correction in ALU table entry register thermal/core: Remove duplicate information when an error occurs thermal/core: Rename 'trips' to 'num_trips' thermal: Validate new state in cur_state_store() thermal/core: fix error code in __thermal_cooling_device_register() thermal: core: call put_device() only after device_register() fails net: stmmac: enable all safety features by default tcp: fix rate_app_limited to default to 1 scsi: iscsi: Fix multiple iSCSI session unbind events sent to userspace cpufreq: Add Tegra234 to cpufreq-dt-platdev blocklist kcsan: test: don't put the expect array on the stack cpufreq: Add SM6375 to cpufreq-dt-platdev blocklist ASoC: fsl_micfil: Correct the number of steps on SX controls net: usb: cdc_ether: add support for Thales Cinterion PLS62-W modem drm: Add orientation quirk for Lenovo ideapad D330-10IGL s390/debug: add _ASM_S390_ prefix to header guard s390: expicitly align _edata and _end symbols on page boundary perf/x86/msr: Add Emerald Rapids perf/x86/intel/uncore: Add Emerald Rapids cpufreq: armada-37xx: stop using 0 as NULL pointer ASoC: fsl_ssi: Rename AC'97 streams to avoid collisions with AC'97 CODEC ASoC: fsl-asoc-card: Fix naming of AC'97 CODEC widgets spi: spidev: remove debug messages that access spidev->spi without locking KVM: s390: interrupt: use READ_ONCE() before cmpxchg() scsi: hisi_sas: Set a port invalid only if there are no devices attached when refreshing port id r8152: add vendor/device ID pair for Microsoft Devkit platform/x86: touchscreen_dmi: Add info for the CSL Panther Tab HD platform/x86: asus-nb-wmi: Add alternate mapping for KEY_SCREENLOCK lockref: stop doing cpu_relax in the cmpxchg loop firmware: coreboot: Check size of table entry and use flex-array drm/i915: Allow switching away via vga-switcheroo if uninitialized Revert "selftests/bpf: check null propagation only neither reg is PTR_TO_BTF_ID" drm/i915: Remove unused variable x86: ACPI: cstate: Optimize C3 entry on AMD CPUs fs: reiserfs: remove useless new_opts in reiserfs_remount sysctl: add a new register_sysctl_init() interface kernel/panic: move panic sysctls to its own file panic: unset panic_on_warn inside panic() ubsan: no need to unset panic_on_warn in ubsan_epilogue() kasan: no need to unset panic_on_warn in end_report() exit: Add and use make_task_dead. objtool: Add a missing comma to avoid string concatenation hexagon: Fix function name in die() h8300: Fix build errors from do_exit() to make_task_dead() transition csky: Fix function name in csky_alignment() and die() ia64: make IA64_MCA_RECOVERY bool instead of tristate panic: Separate sysctl logic from CONFIG_SMP exit: Put an upper limit on how often we can oops exit: Expose "oops_count" to sysfs exit: Allow oops_limit to be disabled panic: Consolidate open-coded panic_on_warn checks panic: Introduce warn_limit panic: Expose "warn_count" to sysfs docs: Fix path paste-o for /sys/kernel/warn_count exit: Use READ_ONCE() for all oops/warn limit reads Bluetooth: hci_sync: cancel cmd_timer if hci_open failed drm/amdgpu: complete gfxoff allow signal during suspend without delay scsi: hpsa: Fix allocation size for scsi_host_alloc() KVM: SVM: fix tsc scaling cache logic module: Don't wait for GOING modules tracing: Make sure trace_printk() can output as soon as it can be used trace_events_hist: add check for return value of 'create_hist_field' ftrace/scripts: Update the instructions for ftrace-bisect.sh cifs: Fix oops due to uncleared server->smbd_conn in reconnect i2c: mv64xxx: Remove shutdown method from driver i2c: mv64xxx: Add atomic_xfer method to driver ksmbd: add smbd max io size parameter ksmbd: add max connections parameter ksmbd: do not sign response to session request for guest login ksmbd: downgrade ndr version error message to debug ksmbd: limit pdu length size according to connection status ovl: fail on invalid uid/gid mapping at copy up KVM: x86/vmx: Do not skip segment attributes if unusable bit is set KVM: arm64: GICv4.1: Fix race with doorbell on VPE activation/deactivation thermal: intel: int340x: Protect trip temperature from concurrent updates ipv6: fix reachability confirmation with proxy_ndp ARM: 9280/1: mm: fix warning on phys_addr_t to void pointer assignment EDAC/device: Respect any driver-supplied workqueue polling value EDAC/qcom: Do not pass llcc_driv_data as edac_device_ctl_info's pvt_info net: mana: Fix IRQ name - add PCI and queue number scsi: ufs: core: Fix devfreq deadlocks i2c: designware: use casting of u64 in clock multiplication to avoid overflow netlink: prevent potential spectre v1 gadgets net: fix UaF in netns ops registration error path drm/i915/selftest: fix intel_selftest_modify_policy argument types netfilter: nft_set_rbtree: Switch to node list walk for overlap detection netfilter: nft_set_rbtree: skip elements in transaction from garbage collection netlink: annotate data races around nlk->portid netlink: annotate data races around dst_portid and dst_group netlink: annotate data races around sk_state ipv4: prevent potential spectre v1 gadget in ip_metrics_convert() ipv4: prevent potential spectre v1 gadget in fib_metrics_match() netfilter: conntrack: fix vtag checks for ABORT/SHUTDOWN_COMPLETE netrom: Fix use-after-free of a listening socket. net/sched: sch_taprio: do not schedule in taprio_reset() sctp: fail if no bound addresses can be used for a given scope riscv/kprobe: Fix instruction simulation of JALR nvme: fix passthrough csi check gpio: mxc: Unlock on error path in mxc_flip_edge() ravb: Rename "no_ptp_cfg_active" and "ptp_cfg_active" variables net: ravb: Fix lack of register setting after system resumed for Gen3 net: ravb: Fix possible hang if RIS2_QFF1 happen net: mctp: mark socks as dead on unhash, prevent re-add thermal: intel: int340x: Add locking to int340x_thermal_get_trip_type() net/tg3: resolve deadlock in tg3_reset_task() during EEH net: mdio-mux-meson-g12a: force internal PHY off on mux switch treewide: fix up files incorrectly marked executable tools: gpio: fix -c option of gpio-event-mon Revert "Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI mode" cpufreq: Move to_gov_attr_set() to cpufreq.h cpufreq: governor: Use kobject release() method to free dbs_data kbuild: Allow kernel installation packaging to override pkg-config block: fix and cleanup bio_check_ro x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL netfilter: conntrack: unify established states for SCTP paths perf/x86/amd: fix potential integer overflow on shift of a int Linux 5.15.91 Change-Id: I3349d802533097ac86e5c680fbd40c00c9719ec7 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
Kees Cook
|
0691ddae56 |
panic: Introduce warn_limit
commit 9fc9e278a5c0b708eeffaf47d6eb0c82aa74ed78 upstream. Like oops_limit, add warn_limit for limiting the number of warnings when panic_on_warn is not set. Cc: Jonathan Corbet <corbet@lwn.net> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Baolin Wang <baolin.wang@linux.alibaba.com> Cc: "Jason A. Donenfeld" <Jason@zx2c4.com> Cc: Eric Biggers <ebiggers@google.com> Cc: Huang Ying <ying.huang@intel.com> Cc: Petr Mladek <pmladek@suse.com> Cc: tangmeng <tangmeng@uniontech.com> Cc: "Guilherme G. Piccoli" <gpiccoli@igalia.com> Cc: Tiezhu Yang <yangtiezhu@loongson.cn> Cc: Sebastian Andrzej Siewior <bigeasy@linutronix.de> Cc: linux-doc@vger.kernel.org Reviewed-by: Luis Chamberlain <mcgrof@kernel.org> Signed-off-by: Kees Cook <keescook@chromium.org> Link: https://lore.kernel.org/r/20221117234328.594699-5-keescook@chromium.org Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Kees Cook
|
fc636b1362 |
exit: Allow oops_limit to be disabled
commit de92f65719cd672f4b48397540b9f9eff67eca40 upstream. In preparation for keeping oops_limit logic in sync with warn_limit, have oops_limit == 0 disable checking the Oops counter. Cc: Jann Horn <jannh@google.com> Cc: Jonathan Corbet <corbet@lwn.net> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Baolin Wang <baolin.wang@linux.alibaba.com> Cc: "Jason A. Donenfeld" <Jason@zx2c4.com> Cc: Eric Biggers <ebiggers@google.com> Cc: Huang Ying <ying.huang@intel.com> Cc: "Eric W. Biederman" <ebiederm@xmission.com> Cc: Arnd Bergmann <arnd@arndb.de> Cc: linux-doc@vger.kernel.org Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
Jann Horn
|
f80fb0001f |
exit: Put an upper limit on how often we can oops
commit d4ccd54d28d3c8598e2354acc13e28c060961dbb upstream. Many Linux systems are configured to not panic on oops; but allowing an attacker to oops the system **really** often can make even bugs that look completely unexploitable exploitable (like NULL dereferences and such) if each crash elevates a refcount by one or a lock is taken in read mode, and this causes a counter to eventually overflow. The most interesting counters for this are 32 bits wide (like open-coded refcounts that don't use refcount_t). (The ldsem reader count on 32-bit platforms is just 16 bits, but probably nobody cares about 32-bit platforms that much nowadays.) So let's panic the system if the kernel is constantly oopsing. The speed of oopsing 2^32 times probably depends on several factors, like how long the stack trace is and which unwinder you're using; an empirically important one is whether your console is showing a graphical environment or a text console that oopses will be printed to. In a quick single-threaded benchmark, it looks like oopsing in a vfork() child with a very short stack trace only takes ~510 microseconds per run when a graphical console is active; but switching to a text console that oopses are printed to slows it down around 87x, to ~45 milliseconds per run. (Adding more threads makes this faster, but the actual oops printing happens under &die_lock on x86, so you can maybe speed this up by a factor of around 2 and then any further improvement gets eaten up by lock contention.) It looks like it would take around 8-12 days to overflow a 32-bit counter with repeated oopsing on a multi-core X86 system running a graphical environment; both me (in an X86 VM) and Seth (with a distro kernel on normal hardware in a standard configuration) got numbers in that ballpark. 12 days aren't *that* short on a desktop system, and you'd likely need much longer on a typical server system (assuming that people don't run graphical desktop environments on their servers), and this is a *very* noisy and violent approach to exploiting the kernel; and it also seems to take orders of magnitude longer on some machines, probably because stuff like EFI pstore will slow it down a ton if that's active. Signed-off-by: Jann Horn <jannh@google.com> Link: https://lore.kernel.org/r/20221107201317.324457-1-jannh@google.com Reviewed-by: Luis Chamberlain <mcgrof@kernel.org> Signed-off-by: Kees Cook <keescook@chromium.org> Link: https://lore.kernel.org/r/20221117234328.594699-2-keescook@chromium.org Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
Yu Zhao
|
642d9866d6 |
UPSTREAM: mm: multi-gen LRU: admin guide
Add an admin guide. Link: https://lkml.kernel.org/r/20220918080010.2920238-14-yuzhao@google.com Change-Id: Ia4dba47e8231eda4f0e76fb8969df7291a9bfe7c Signed-off-by: Yu Zhao <yuzhao@google.com> Acked-by: Brian Geffon <bgeffon@google.com> Acked-by: Jan Alexander Steffens (heftig) <heftig@archlinux.org> Acked-by: Oleksandr Natalenko <oleksandr@natalenko.name> Acked-by: Steven Barrett <steven@liquorix.net> Acked-by: Suleiman Souhlal <suleiman@google.com> Acked-by: Mike Rapoport <rppt@linux.ibm.com> Tested-by: Daniel Byrne <djbyrne@mtu.edu> Tested-by: Donald Carr <d@chaos-reins.com> Tested-by: Holger Hoffstätte <holger@applied-asynchrony.com> Tested-by: Konstantin Kharlamov <Hi-Angel@yandex.ru> Tested-by: Shuang Zhai <szhai2@cs.rochester.edu> Tested-by: Sofia Trinh <sofia.trinh@edi.works> Tested-by: Vaibhav Jain <vaibhav@linux.ibm.com> Cc: Andi Kleen <ak@linux.intel.com> Cc: Aneesh Kumar K.V <aneesh.kumar@linux.ibm.com> Cc: Barry Song <baohua@kernel.org> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Dave Hansen <dave.hansen@linux.intel.com> Cc: Hillf Danton <hdanton@sina.com> Cc: Jens Axboe <axboe@kernel.dk> Cc: Johannes Weiner <hannes@cmpxchg.org> Cc: Jonathan Corbet <corbet@lwn.net> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Matthew Wilcox <willy@infradead.org> Cc: Mel Gorman <mgorman@suse.de> Cc: Miaohe Lin <linmiaohe@huawei.com> Cc: Michael Larabel <Michael@MichaelLarabel.com> Cc: Michal Hocko <mhocko@kernel.org> Cc: Mike Rapoport <rppt@kernel.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Qi Zheng <zhengqi.arch@bytedance.com> Cc: Tejun Heo <tj@kernel.org> Cc: Vlastimil Babka <vbabka@suse.cz> Cc: Will Deacon <will@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> (cherry picked from commit 07017acb06012d250fb68930e809257e6694d324) Bug: 249601646 Signed-off-by: Kalesh Singh <kaleshsingh@google.com> |
||
Kalesh Singh
|
543542a21e |
Revert "FROMLIST: mm: multi-gen LRU: admin guide"
This reverts commit
|
||
Yosry Ahmed
|
4445b043d4 |
BACKPORT: mm: add NR_SECONDARY_PAGETABLE to count secondary page table uses.
We keep track of several kernel memory stats (total kernel memory, page
tables, stack, vmalloc, etc) on multiple levels (global, per-node,
per-memcg, etc). These stats give insights to users to how much memory
is used by the kernel and for what purposes.
Currently, memory used by KVM mmu is not accounted in any of those
kernel memory stats. This patch series accounts the memory pages
used by KVM for page tables in those stats in a new
NR_SECONDARY_PAGETABLE stat. This stat can be later extended to account
for other types of secondary pages tables (e.g. iommu page tables).
KVM has a decent number of large allocations that aren't for page
tables, but for most of them, the number/size of those allocations
scales linearly with either the number of vCPUs or the amount of memory
assigned to the VM. KVM's secondary page table allocations do not scale
linearly, especially when nested virtualization is in use.
From a KVM perspective, NR_SECONDARY_PAGETABLE will scale with KVM's
per-VM pages_{4k,2m,1g} stats unless the guest is doing something
bizarre (e.g. accessing only 4kb chunks of 2mb pages so that KVM is
forced to allocate a large number of page tables even though the guest
isn't accessing that much memory). However, someone would need to either
understand how KVM works to make that connection, or know (or be told) to
go look at KVM's stats if they're running VMs to better decipher the stats.
Furthermore, having NR_PAGETABLE side-by-side with NR_SECONDARY_PAGETABLE
is informative. For example, when backing a VM with THP vs. HugeTLB,
NR_SECONDARY_PAGETABLE is roughly the same, but NR_PAGETABLE is an order
of magnitude higher with THP. So having this stat will at the very least
prove to be useful for understanding tradeoffs between VM backing types,
and likely even steer folks towards potential optimizations.
The original discussion with more details about the rationale:
https://lore.kernel.org/all/87ilqoi77b.wl-maz@kernel.org
This stat will be used by subsequent patches to count KVM mmu
memory usage.
Signed-off-by: Yosry Ahmed <yosryahmed@google.com>
Acked-by: Shakeel Butt <shakeelb@google.com>
Acked-by: Marc Zyngier <maz@kernel.org>
Link: https://lore.kernel.org/r/20220823004639.2387269-2-yosryahmed@google.com
Signed-off-by: Sean Christopherson <seanjc@google.com>
Bug: 222044477
(cherry picked from commit ebc97a52b5d6cd5fb0c15a3fc9cdd6eb924646a1)
[vdonnefort@: Fix trivial documentation conflict]
Change-Id: I16976e21d2e68ebbcd49e9f1275055e81ec82881
Signed-off-by: Vincent Donnefort <vdonnefort@google.com>
|
||
Will Deacon
|
39d08ecff2 |
ANDROID: Documentation: KVM: Add some documentation for Protected KVM on arm64
Add some initial documentation for the Protected KVM (pKVM) feature on arm64, describing the user ABI for creating protected VMs as well as their limitations. Signed-off-by: Will Deacon <will@kernel.org> Signed-off-by: Will Deacon <willdeacon@google.com> Bug: 233587962 Change-Id: I152af404f24b9aba3cc9be6acd8e26afcfa4b0a5 |
||
|
Greg Kroah-Hartman
|
d32ea5d2c0 |
Merge 5.15.64 into android14-5.15
Changes in 5.15.64 wifi: rtlwifi: remove always-true condition pointed out by GCC 12 eth: sun: cassini: remove dead code audit: fix potential double free on error path from fsnotify_add_inode_mark cgroup: Fix race condition at rebind_subsystems() parisc: Make CONFIG_64BIT available for ARCH=parisc64 only parisc: Fix exception handler for fldw and fstw instructions kernel/sys_ni: add compat entry for fadvise64_64 x86/entry: Move CLD to the start of the idtentry macro block: add a bdev_max_zone_append_sectors helper block: add bdev_max_segments() helper btrfs: zoned: revive max_zone_append_bytes btrfs: replace BTRFS_MAX_EXTENT_SIZE with fs_info->max_extent_size btrfs: convert count_max_extents() to use fs_info->max_extent_size Input: i8042 - move __initconst to fix code styling warning Input: i8042 - merge quirk tables Input: i8042 - add TUXEDO devices to i8042 quirk tables Input: i8042 - add additional TUXEDO devices to i8042 quirk tables drivers/base: fix userspace break from using bin_attributes for cpumap and cpulist scsi: qla2xxx: Fix response queue handler reading stale packets scsi: qla2xxx: edif: Fix dropped IKE message btrfs: put initial index value of a directory in a constant btrfs: pass the dentry to btrfs_log_new_name() instead of the inode btrfs: remove unnecessary parameter delalloc_start for writepage_delalloc() riscv: lib: uaccess: fold fixups into body riscv: lib: uaccess: fix CSR_STATUS SR_SUM bit xfrm: fix refcount leak in __xfrm_policy_check() xfrm: clone missing x->lastused in xfrm_do_migrate af_key: Do not call xfrm_probe_algs in parallel xfrm: policy: fix metadata dst->dev xmit null pointer dereference fs: require CAP_SYS_ADMIN in target namespace for idmapped mounts net: use eth_hw_addr_set() instead of ether_addr_copy() Revert "net: macsec: update SCI upon MAC address change." NFS: Don't allocate nfs_fattr on the stack in __nfs42_ssc_open() NFSv4.2 fix problems with __nfs42_ssc_open SUNRPC: RPC level errors should set task->tk_rpc_status mm/smaps: don't access young/dirty bit if pte unpresent ntfs: fix acl handling rose: check NULL rose_loopback_neigh->loopback r8152: fix the units of some registers for RTL8156A r8152: fix the RX FIFO settings when suspending nfc: pn533: Fix use-after-free bugs caused by pn532_cmd_timeout ice: xsk: Force rings to be sized to power of 2 ice: xsk: prohibit usage of non-balanced queue id net/mlx5e: Properly disable vlan strip on non-UL reps net/mlx5: Avoid false positive lockdep warning by adding lock_class_key net/mlx5e: Fix wrong application of the LRO state net/mlx5e: Fix wrong tc flag used when set hw-tc-offload off net: ipa: don't assume SMEM is page-aligned net: phy: Don't WARN for PHY_READY state in mdio_bus_phy_resume() net: moxa: get rid of asymmetry in DMA mapping/unmapping bonding: 802.3ad: fix no transmission of LACPDUs net: ipvtap - add __init/__exit annotations to module init/exit funcs netfilter: ebtables: reject blobs that don't provide all entry points bnxt_en: fix NQ resource accounting during vf creation on 57500 chips netfilter: nf_tables: disallow updates of implicit chain netfilter: nf_tables: make table handle allocation per-netns friendly netfilter: nft_payload: report ERANGE for too long offset and length netfilter: nft_payload: do not truncate csum_offset and csum_type netfilter: nf_tables: do not leave chain stats enabled on error netfilter: nft_osf: restrict osf to ipv4, ipv6 and inet families netfilter: nft_tunnel: restrict it to netdev family netfilter: nf_tables: consolidate rule verdict trace call netfilter: nft_cmp: optimize comparison for 16-bytes netfilter: bitwise: improve error goto labels netfilter: nf_tables: upfront validation of data via nft_data_init() netfilter: nf_tables: disallow jump to implicit chain from set element netfilter: nf_tables: disallow binding to already bound chain netfilter: flowtable: add function to invoke garbage collection immediately netfilter: flowtable: fix stuck flows on cleanup due to pending work net: Fix data-races around sysctl_[rw]mem_(max|default). net: Fix data-races around weight_p and dev_weight_[rt]x_bias. net: Fix data-races around netdev_max_backlog. net: Fix data-races around netdev_tstamp_prequeue. ratelimit: Fix data-races in ___ratelimit(). net: Fix data-races around sysctl_optmem_max. net: Fix a data-race around sysctl_tstamp_allow_data. net: Fix a data-race around sysctl_net_busy_poll. net: Fix a data-race around sysctl_net_busy_read. net: Fix a data-race around netdev_budget. tcp: expose the tcp_mark_push() and tcp_skb_entail() helpers mptcp: stop relying on tcp_tx_skb_cache net: Fix data-races around sysctl_max_skb_frags. net: Fix a data-race around netdev_budget_usecs. net: Fix data-races around sysctl_fb_tunnels_only_for_init_net. net: Fix data-races around sysctl_devconf_inherit_init_net. net: Fix a data-race around sysctl_somaxconn. ixgbe: stop resetting SYSTIME in ixgbe_ptp_start_cyclecounter i40e: Fix incorrect address type for IPv6 flow rules rxrpc: Fix locking in rxrpc's sendmsg ionic: widen queue_lock use around lif init and deinit ionic: clear broken state on generation change ionic: fix up issues with handling EAGAIN on FW cmds ionic: VF initial random MAC address if no assigned mac net: stmmac: work around sporadic tx issue on link-up btrfs: fix silent failure when deleting root reference btrfs: replace: drop assert for suspended replace btrfs: add info when mount fails due to stale replace target btrfs: check if root is readonly while setting security xattr btrfs: fix possible memory leak in btrfs_get_dev_args_from_path() perf/x86/lbr: Enable the branch type for the Arch LBR by default x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry x86/bugs: Add "unknown" reporting for MMIO Stale Data x86/nospec: Unwreck the RSB stuffing loop: Check for overflow while configuring loop writeback: avoid use-after-free after removing device asm-generic: sections: refactor memory_intersects mm/damon/dbgfs: avoid duplicate context directory creation s390/mm: do not trigger write fault when vma does not allow VM_WRITE bootmem: remove the vmemmap pages from kmemleak in put_page_bootmem s390: fix double free of GS and RI CBs on fork() failure fbdev: fbcon: Properly revert changes when vc_resize() failed Revert "memcg: cleanup racy sum avoidance code" ACPI: processor: Remove freq Qos request for all CPUs nouveau: explicitly wait on the fence in nouveau_bo_move_m2mf smb3: missing inode locks in punch hole xen/privcmd: fix error exit of privcmd_ioctl_dm_op() riscv: traps: add missing prototype io_uring: fix issue with io_write() not always undoing sb_start_write() Revert "usbnet: smsc95xx: Fix deadlock on runtime resume" Revert "usbnet: smsc95xx: Forward PHY interrupts to PHY driver to avoid polling" mm/hugetlb: fix hugetlb not supporting softdirty tracking Revert "md-raid: destroy the bitmap after destroying the thread" md: call __md_stop_writes in md_stop mptcp: Fix crash due to tcp_tsorted_anchor was initialized before release skb arm64: Fix match_list for erratum 1286807 on Arm Cortex-A76 binder_alloc: add missing mmap_lock calls when using the VMA x86/nospec: Fix i386 RSB stuffing Documentation/ABI: Mention retbleed vulnerability info file for sysfs blk-mq: fix io hung due to missing commit_rqs perf python: Fix build when PYTHON_CONFIG is user supplied perf/x86/intel/uncore: Fix broken read_counter() for SNB IMC PMU perf/x86/intel/ds: Fix precise store latency handling perf stat: Clear evsel->reset_group for each stat run scsi: ufs: core: Enable link lost interrupt scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq bpf: Don't use tnum_range on array range checking for poke descriptors Linux 5.15.64 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I8e4d8a8ed90e22487e249b9635b210935febda6e |
||
|
Greg Kroah-Hartman
|
47c7e57022 |
Merge 5.15.61 into android14-5.15
Changes in 5.15.61
Makefile: link with -z noexecstack --no-warn-rwx-segments
x86: link vdso and boot with -z noexecstack --no-warn-rwx-segments
Revert "pNFS: nfs3_set_ds_client should set NFS_CS_NOPING"
scsi: Revert "scsi: qla2xxx: Fix disk failure to rediscover"
pNFS/flexfiles: Report RDMA connection errors to the server
NFSD: Clean up the show_nf_flags() macro
nfsd: eliminate the NFSD_FILE_BREAK_* flags
ALSA: usb-audio: Add quirk for Behringer UMC202HD
ALSA: bcd2000: Fix a UAF bug on the error path of probing
ALSA: hda/realtek: Add quirk for Clevo NV45PZ
ALSA: hda/realtek: Add quirk for HP Spectre x360 15-eb0xxx
wifi: mac80211_hwsim: fix race condition in pending packet
wifi: mac80211_hwsim: add back erroneously removed cast
wifi: mac80211_hwsim: use 32-bit skb cookie
add barriers to buffer_uptodate and set_buffer_uptodate
lockd: detect and reject lock arguments that overflow
HID: hid-input: add Surface Go battery quirk
HID: wacom: Only report rotation for art pen
HID: wacom: Don't register pad_input for touch switch
KVM: nVMX: Snapshot pre-VM-Enter BNDCFGS for !nested_run_pending case
KVM: nVMX: Snapshot pre-VM-Enter DEBUGCTL for !nested_run_pending case
KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0
KVM: s390: pv: don't present the ecall interrupt twice
KVM: x86: Split kvm_is_valid_cr4() and export only the non-vendor bits
KVM: nVMX: Let userspace set nVMX MSR to any _host_ supported value
KVM: nVMX: Account for KVM reserved CR4 bits in consistency checks
KVM: nVMX: Inject #UD if VMXON is attempted with incompatible CR0/CR4
KVM: x86: Mark TSS busy during LTR emulation _after_ all fault checks
KVM: x86: Set error code to segment selector on LLDT/LTR non-canonical #GP
KVM: nVMX: Always enable TSC scaling for L2 when it was enabled for L1
KVM: x86: Tag kvm_mmu_x86_module_init() with __init
KVM: x86: do not report preemption if the steal time cache is stale
KVM: x86: revalidate steal time cache if MSR value changes
riscv: set default pm_power_off to NULL
ALSA: hda/conexant: Add quirk for LENOVO 20149 Notebook model
ALSA: hda/cirrus - support for iMac 12,1 model
ALSA: hda/realtek: Add quirk for another Asus K42JZ model
ALSA: hda/realtek: Add a quirk for HP OMEN 15 (8786) mute LED
tty: vt: initialize unicode screen buffer
vfs: Check the truncate maximum size in inode_newsize_ok()
fs: Add missing umask strip in vfs_tmpfile
thermal: sysfs: Fix cooling_device_stats_setup() error code path
fbcon: Fix boundary checks for fbcon=vc:n1-n2 parameters
fbcon: Fix accelerated fbdev scrolling while logo is still shown
usbnet: Fix linkwatch use-after-free on disconnect
fix short copy handling in copy_mc_pipe_to_iter()
crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak
ovl: drop WARN_ON() dentry is NULL in ovl_encode_fh()
parisc: Fix device names in /proc/iomem
parisc: Drop pa_swapper_pg_lock spinlock
parisc: Check the return value of ioremap() in lba_driver_probe()
parisc: io_pgetevents_time64() needs compat syscall in 32-bit compat mode
riscv:uprobe fix SR_SPIE set/clear handling
dt-bindings: riscv: fix SiFive l2-cache's cache-sets
RISC-V: kexec: Fixup use of smp_processor_id() in preemptible context
RISC-V: Fixup get incorrect user mode PC for kernel mode regs
RISC-V: Fixup schedule out issue in machine_crash_shutdown()
RISC-V: Add modules to virtual kernel memory layout dump
rtc: rx8025: fix 12/24 hour mode detection on RX-8035
drm/gem: Properly annotate WW context on drm_gem_lock_reservations() error
drm/shmem-helper: Add missing vunmap on error
drm/vc4: hdmi: Disable audio if dmas property is present but empty
drm/hyperv-drm: Include framebuffer and EDID headers
drm/nouveau: fix another off-by-one in nvbios_addr
drm/nouveau: Don't pm_runtime_put_sync(), only pm_runtime_put_autosuspend()
drm/nouveau/acpi: Don't print error when we get -EINPROGRESS from pm_runtime
drm/nouveau/kms: Fix failure path for creating DP connectors
drm/amdgpu: Check BO's requested pinning domains against its preferred_domains
drm/amdgpu: fix check in fbdev init
bpf: Fix KASAN use-after-free Read in compute_effective_progs
btrfs: reject log replay if there is unsupported RO compat flag
mtd: rawnand: arasan: Fix clock rate in NV-DDR
mtd: rawnand: arasan: Update NAND bus clock instead of system clock
um: Remove straying parenthesis
um: seed rng using host OS rng
iio: fix iio_format_avail_range() printing for none IIO_VAL_INT
iio: light: isl29028: Fix the warning in isl29028_remove()
scsi: sg: Allow waiting for commands to complete on removed device
scsi: qla2xxx: Fix incorrect display of max frame size
scsi: qla2xxx: Zero undefined mailbox IN registers
soundwire: qcom: Check device status before reading devid
ksmbd: fix memory leak in smb2_handle_negotiate
ksmbd: prevent out of bound read for SMB2_TREE_CONNNECT
ksmbd: fix use-after-free bug in smb2_tree_disconect
fuse: limit nsec
fuse: ioctl: translate ENOSYS
serial: mvebu-uart: uart2 error bits clearing
md-raid: destroy the bitmap after destroying the thread
md-raid10: fix KASAN warning
mbcache: don't reclaim used entries
mbcache: add functions to delete entry if unused
media: [PATCH] pci: atomisp_cmd: fix three missing checks on list iterator
ia64, processor: fix -Wincompatible-pointer-types in ia64_get_irr()
PCI: Add defines for normal and subtractive PCI bridges
powerpc/fsl-pci: Fix Class Code of PCIe Root Port
powerpc/ptdump: Fix display of RW pages on FSL_BOOK3E
powerpc/powernv: Avoid crashing if rng is NULL
MIPS: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK
coresight: Clear the connection field properly
usb: typec: ucsi: Acknowledge the GET_ERROR_STATUS command completion
USB: HCD: Fix URB giveback issue in tasklet function
ARM: dts: uniphier: Fix USB interrupts for PXs2 SoC
arm64: dts: uniphier: Fix USB interrupts for PXs3 SoC
usb: dwc3: gadget: refactor dwc3_repare_one_trb
usb: dwc3: gadget: fix high speed multiplier setting
netfilter: nf_tables: do not allow SET_ID to refer to another table
netfilter: nf_tables: do not allow CHAIN_ID to refer to another table
netfilter: nf_tables: do not allow RULE_ID to refer to another chain
netfilter: nf_tables: fix null deref due to zeroed list head
epoll: autoremove wakers even more aggressively
x86: Handle idle=nomwait cmdline properly for x86_idle
arch: make TRACE_IRQFLAGS_NMI_SUPPORT generic
arm64: Do not forget syscall when starting a new thread.
arm64: fix oops in concurrently setting insn_emulation sysctls
arm64: kasan: Revert "arm64: mte: reset the page tag in page->flags"
ext2: Add more validity checks for inode counts
sched/fair: Introduce SIS_UTIL to search idle CPU based on sum of util_avg
genirq: Don't return error on missing optional irq_request_resources()
irqchip/mips-gic: Only register IPI domain when SMP is enabled
genirq: GENERIC_IRQ_IPI depends on SMP
sched/core: Always flush pending blk_plug
irqchip/mips-gic: Check the return value of ioremap() in gic_of_init()
wait: Fix __wait_event_hrtimeout for RT/DL tasks
ARM: dts: imx6ul: add missing properties for sram
ARM: dts: imx6ul: change operating-points to uint32-matrix
ARM: dts: imx6ul: fix keypad compatible
ARM: dts: imx6ul: fix csi node compatible
ARM: dts: imx6ul: fix lcdif node compatible
ARM: dts: imx6ul: fix qspi node compatible
ARM: dts: BCM5301X: Add DT for Meraki MR26
ARM: dts: ux500: Fix Codina accelerometer mounting matrix
ARM: dts: ux500: Fix Gavini accelerometer mounting matrix
spi: synquacer: Add missing clk_disable_unprepare()
ARM: OMAP2+: display: Fix refcount leak bug
ARM: OMAP2+: pdata-quirks: Fix refcount leak bug
ACPI: EC: Remove duplicate ThinkPad X1 Carbon 6th entry from DMI quirks
ACPI: EC: Drop the EC_FLAGS_IGNORE_DSDT_GPE quirk
ACPI: PM: save NVS memory for Lenovo G40-45
ACPI: LPSS: Fix missing check in register_device_clock()
ARM: dts: qcom: sdx55: Fix the IRQ trigger type for UART
arm64: dts: qcom: ipq8074: fix NAND node name
arm64: dts: allwinner: a64: orangepi-win: Fix LED node name
ARM: shmobile: rcar-gen2: Increase refcount for new reference
firmware: tegra: Fix error check return value of debugfs_create_file()
hwmon: (dell-smm) Add Dell XPS 13 7390 to fan control whitelist
hwmon: (sht15) Fix wrong assumptions in device remove callback
PM: hibernate: defer device probing when resuming from hibernation
selinux: fix memleak in security_read_state_kernel()
selinux: Add boundary check in put_entry()
kasan: test: Silence GCC 12 warnings
drm/amdgpu: Remove one duplicated ef removal
powerpc/64s: Disable stack variable initialisation for prom_init
spi: spi-rspi: Fix PIO fallback on RZ platforms
ARM: findbit: fix overflowing offset
meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init
arm64: dts: renesas: beacon: Fix regulator node names
spi: spi-altera-dfl: Fix an error handling path
ARM: bcm: Fix refcount leak in bcm_kona_smc_init
ACPI: processor/idle: Annotate more functions to live in cpuidle section
ARM: dts: imx7d-colibri-emmc: add cpu1 supply
soc: renesas: r8a779a0-sysc: Fix A2DP1 and A2CV[2357] PDR values
scsi: hisi_sas: Use managed PCI functions
dt-bindings: iio: accel: Add DT binding doc for ADXL355
soc: amlogic: Fix refcount leak in meson-secure-pwrc.c
arm64: dts: renesas: Fix thermal-sensors on single-zone sensors
x86/pmem: Fix platform-device leak in error path
ARM: dts: ast2500-evb: fix board compatible
ARM: dts: ast2600-evb: fix board compatible
ARM: dts: ast2600-evb-a1: fix board compatible
arm64: dts: mt8192: Fix idle-states nodes naming scheme
arm64: dts: mt8192: Fix idle-states entry-method
arm64: select TRACE_IRQFLAGS_NMI_SUPPORT
arm64: cpufeature: Allow different PMU versions in ID_DFR0_EL1
locking/lockdep: Fix lockdep_init_map_*() confusion
arm64: dts: qcom: sc7180: Remove ipa_fw_mem node on trogdor
soc: fsl: guts: machine variable might be unset
block: fix infinite loop for invalid zone append
ARM: dts: qcom: mdm9615: add missing PMIC GPIO reg
ARM: OMAP2+: Fix refcount leak in omapdss_init_of
ARM: OMAP2+: Fix refcount leak in omap3xxx_prm_late_init
arm64: dts: qcom: sdm630: disable GPU by default
arm64: dts: qcom: sdm630: fix the qusb2phy ref clock
arm64: dts: qcom: sdm630: fix gpu's interconnect path
arm64: dts: qcom: sdm636-sony-xperia-ganges-mermaid: correct sdc2 pinconf
cpufreq: zynq: Fix refcount leak in zynq_get_revision
regulator: qcom_smd: Fix pm8916_pldo range
ACPI: APEI: Fix _EINJ vs EFI_MEMORY_SP
ARM: dts: qcom-msm8974: fix irq type on blsp2_uart1
soc: qcom: ocmem: Fix refcount leak in of_get_ocmem
soc: qcom: aoss: Fix refcount leak in qmp_cooling_devices_register
ARM: dts: qcom: pm8841: add required thermal-sensor-cells
bus: hisi_lpc: fix missing platform_device_put() in hisi_lpc_acpi_probe()
stack: Declare {randomize_,}kstack_offset to fix Sparse warnings
arm64: dts: qcom: msm8916: Fix typo in pronto remoteproc node
ACPI: APEI: explicit init of HEST and GHES in apci_init()
drivers/iio: Remove all strcpy() uses
ACPI: VIOT: Fix ACS setup
arm64: dts: qcom: sm6125: Move sdc2 pinctrl from seine-pdx201 to sm6125
arm64: dts: qcom: sm6125: Append -state suffix to pinctrl nodes
arm64: dts: qcom: sm8250: add missing PCIe PHY clock-cells
arm64: dts: mt7622: fix BPI-R64 WPS button
arm64: tegra: Fixup SYSRAM references
arm64: tegra: Update Tegra234 BPMP channel addresses
arm64: tegra: Mark BPMP channels as no-memory-wc
arm64: tegra: Fix SDMMC1 CD on P2888
erofs: avoid consecutive detection for Highmem memory
blk-mq: don't create hctx debugfs dir until q->debugfs_dir is created
spi: Fix simplification of devm_spi_register_controller
spi: tegra20-slink: fix UAF in tegra_slink_remove()
hwmon: (drivetemp) Add module alias
blktrace: Trace remapped requests correctly
PM: domains: Ensure genpd_debugfs_dir exists before remove
dm writecache: return void from functions
dm writecache: count number of blocks read, not number of read bios
dm writecache: count number of blocks written, not number of write bios
dm writecache: count number of blocks discarded, not number of discard bios
regulator: of: Fix refcount leak bug in of_get_regulation_constraints()
soc: qcom: Make QCOM_RPMPD depend on PM
arm64: dts: qcom: qcs404: Fix incorrect USB2 PHYs assignment
irqdomain: Report irq number for NOMAP domains
drivers/perf: arm_spe: Fix consistency of SYS_PMSCR_EL1.CX
nohz/full, sched/rt: Fix missed tick-reenabling bug in dequeue_task_rt()
x86/extable: Fix ex_handler_msr() print condition
selftests/seccomp: Fix compile warning when CC=clang
thermal/tools/tmon: Include pthread and time headers in tmon.h
dm: return early from dm_pr_call() if DM device is suspended
pwm: sifive: Simplify offset calculation for PWMCMP registers
pwm: sifive: Ensure the clk is enabled exactly once per running PWM
pwm: sifive: Shut down hardware only after pwmchip_remove() completed
pwm: lpc18xx-sct: Reduce number of devm memory allocations
pwm: lpc18xx-sct: Simplify driver by not using pwm_[gs]et_chip_data()
pwm: lpc18xx: Fix period handling
drm/dp: Export symbol / kerneldoc fixes for DP AUX bus
drm/bridge: tc358767: Move (e)DP bridge endpoint parsing into dedicated function
ath10k: do not enforce interrupt trigger type
drm/st7735r: Fix module autoloading for Okaya RH128128T
drm/panel: Fix build error when CONFIG_DRM_PANEL_SAMSUNG_ATNA33XC20=y && CONFIG_DRM_DISPLAY_HELPER=m
wifi: rtlwifi: fix error codes in rtl_debugfs_set_write_h2c()
ath11k: fix netdev open race
drm/mipi-dbi: align max_chunk to 2 in spi_transfer
ath11k: Fix incorrect debug_mask mappings
drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers()
drm/mediatek: Modify dsi funcs to atomic operations
drm/mediatek: Separate poweron/poweroff from enable/disable and define new funcs
drm/mediatek: Add pull-down MIPI operation in mtk_dsi_poweroff function
drm/meson: encoder_hdmi: switch to bridge DRM_BRIDGE_ATTACH_NO_CONNECTOR
drm/meson: encoder_hdmi: Fix refcount leak in meson_encoder_hdmi_init
drm/bridge: lt9611uxc: Cancel only driver's work
i2c: npcm: Remove own slave addresses 2:10
i2c: npcm: Correct slave role behavior
i2c: mxs: Silence a clang warning
virtio-gpu: fix a missing check to avoid NULL dereference
drm/shmem-helper: Unexport drm_gem_shmem_create_with_handle()
drm/shmem-helper: Export dedicated wrappers for GEM object functions
drm/shmem-helper: Pass GEM shmem object in public interfaces
drm/virtio: Fix NULL vs IS_ERR checking in virtio_gpu_object_shmem_init
drm: adv7511: override i2c address of cec before accessing it
crypto: sun8i-ss - do not allocate memory when handling hash requests
crypto: sun8i-ss - fix error codes in allocate_flows()
net: fix sk_wmem_schedule() and sk_rmem_schedule() errors
can: netlink: allow configuring of fixed bit rates without need for do_set_bittiming callback
can: netlink: allow configuring of fixed data bit rates without need for do_set_data_bittiming callback
i2c: Fix a potential use after free
crypto: sun8i-ss - fix infinite loop in sun8i_ss_setup_ivs()
media: atmel: atmel-sama7g5-isc: fix warning in configs without OF
media: tw686x: Register the irq at the end of probe
media: imx-jpeg: Correct some definition according specification
media: imx-jpeg: Leave a blank space before the configuration data
media: imx-jpeg: Add pm-runtime support for imx-jpeg
media: imx-jpeg: use NV12M to represent non contiguous NV12
media: imx-jpeg: Set V4L2_BUF_FLAG_LAST at eos
media: imx-jpeg: Refactor function mxc_jpeg_parse
media: imx-jpeg: Identify and handle precision correctly
media: imx-jpeg: Handle source change in a function
media: imx-jpeg: Support dynamic resolution change
media: imx-jpeg: Align upwards buffer size
media: imx-jpeg: Implement drain using v4l2-mem2mem helpers
ath9k: fix use-after-free in ath9k_hif_usb_rx_cb
wifi: iwlegacy: 4965: fix potential off-by-one overflow in il4965_rs_fill_link_cmd()
drm/radeon: fix incorrrect SPDX-License-Identifiers
rcutorture: Warn on individual rcu_torture_init() error conditions
rcutorture: Don't cpuhp_remove_state() if cpuhp_setup_state() failed
rcutorture: Fix ksoftirqd boosting timing and iteration
test_bpf: fix incorrect netdev features
crypto: ccp - During shutdown, check SEV data pointer before using
drm: bridge: adv7511: Add check for mipi_dsi_driver_register
media: imx-jpeg: Disable slot interrupt when frame done
drm/mcde: Fix refcount leak in mcde_dsi_bind
media: hdpvr: fix error value returns in hdpvr_read
media: v4l2-mem2mem: prevent pollerr when last_buffer_dequeued is set
media: driver/nxp/imx-jpeg: fix a unexpected return value problem
media: tw686x: Fix memory leak in tw686x_video_init
drm/vc4: plane: Remove subpixel positioning check
drm/vc4: plane: Fix margin calculations for the right/bottom edges
drm/bridge: Add a function to abstract away panels
drm/vc4: dsi: Switch to devm_drm_of_get_bridge
drm/vc4: Use of_device_get_match_data()
drm/vc4: dsi: Release workaround buffer and DMA
drm/vc4: dsi: Correct DSI divider calculations
drm/vc4: dsi: Correct pixel order for DSI0
drm/vc4: dsi: Register dsi0 as the correct vc4 encoder type
drm/vc4: dsi: Fix dsi0 interrupt support
drm/vc4: dsi: Add correct stop condition to vc4_dsi_encoder_disable iteration
drm/vc4: hdmi: Fix HPD GPIO detection
drm/vc4: hdmi: Avoid full hdmi audio fifo writes
drm/vc4: hdmi: Reset HDMI MISC_CONTROL register
drm/vc4: hdmi: Fix timings for interlaced modes
drm/vc4: hdmi: Correct HDMI timing registers for interlaced modes
crypto: arm64/gcm - Select AEAD for GHASH_ARM64_CE
selftests/xsk: Destroy BPF resources only when ctx refcount drops to 0
drm/rockchip: vop: Don't crash for invalid duplicate_state()
drm/rockchip: Fix an error handling path rockchip_dp_probe()
drm/mediatek: dpi: Remove output format of YUV
drm/mediatek: dpi: Only enable dpi after the bridge is enabled
drm: bridge: sii8620: fix possible off-by-one
hinic: Use the bitmap API when applicable
net: hinic: fix bug that ethtool get wrong stats
net: hinic: avoid kernel hung in hinic_get_stats64()
drm/msm/mdp5: Fix global state lock backoff
crypto: hisilicon/sec - don't sleep when in softirq
crypto: hisilicon - Kunpeng916 crypto driver don't sleep when in softirq
media: platform: mtk-mdp: Fix mdp_ipi_comm structure alignment
drm/msm: Avoid dirtyfb stalls on video mode displays (v2)
drm/msm/dpu: Fix for non-visible planes
mt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg
mt76: mt7615: do not update pm stats in case of error
ieee80211: add EHT 1K aggregation definitions
mt76: mt7921: fix aggregation subframes setting to HE max
mt76: mt7921: enlarge maximum VHT MPDU length to 11454
mediatek: mt76: mac80211: Fix missing of_node_put() in mt76_led_init()
mediatek: mt76: eeprom: fix missing of_node_put() in mt76_find_power_limits_node()
skmsg: Fix invalid last sg check in sk_msg_recvmsg()
drm/exynos/exynos7_drm_decon: free resources when clk_set_parent() failed.
tcp: make retransmitted SKB fit into the send window
libbpf: Fix the name of a reused map
selftests: timers: valid-adjtimex: build fix for newer toolchains
selftests: timers: clocksource-switch: fix passing errors from child
bpf: Fix subprog names in stack traces.
fs: check FMODE_LSEEK to control internal pipe splicing
media: cedrus: h265: Fix flag name
media: hantro: postproc: Fix motion vector space size
media: hantro: Simplify postprocessor
media: hevc: Embedded indexes in RPS
media: staging: media: hantro: Fix typos
wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi()
wifi: p54: Fix an error handling path in p54spi_probe()
wifi: p54: add missing parentheses in p54_flush()
selftests/bpf: fix a test for snprintf() overflow
libbpf: fix an snprintf() overflow check
can: pch_can: do not report txerr and rxerr during bus-off
can: rcar_can: do not report txerr and rxerr during bus-off
can: sja1000: do not report txerr and rxerr during bus-off
can: hi311x: do not report txerr and rxerr during bus-off
can: sun4i_can: do not report txerr and rxerr during bus-off
can: kvaser_usb_hydra: do not report txerr and rxerr during bus-off
can: kvaser_usb_leaf: do not report txerr and rxerr during bus-off
can: usb_8dev: do not report txerr and rxerr during bus-off
can: error: specify the values of data[5..7] of CAN error frames
can: pch_can: pch_can_error(): initialize errc before using it
Bluetooth: hci_intel: Add check for platform_driver_register
i2c: cadence: Support PEC for SMBus block read
i2c: mux-gpmux: Add of_node_put() when breaking out of loop
wifi: wil6210: debugfs: fix uninitialized variable use in `wil_write_file_wmi()`
wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue
wifi: libertas: Fix possible refcount leak in if_usb_probe()
media: cedrus: hevc: Add check for invalid timestamp
net/mlx5e: Remove WARN_ON when trying to offload an unsupported TLS cipher/version
net/mlx5e: Fix the value of MLX5E_MAX_RQ_NUM_MTTS
net/mlx5: Adjust log_max_qp to be 18 at most
crypto: hisilicon/hpre - don't use GFP_KERNEL to alloc mem during softirq
crypto: inside-secure - Add missing MODULE_DEVICE_TABLE for of
crypto: hisilicon/sec - fix auth key size error
inet: add READ_ONCE(sk->sk_bound_dev_if) in INET_MATCH()
ipv6: add READ_ONCE(sk->sk_bound_dev_if) in INET6_MATCH()
net: allow unbound socket for packets in VRF when tcp_l3mdev_accept set
netdevsim: fib: Fix reference count leak on route deletion failure
wifi: rtw88: check the return value of alloc_workqueue()
iavf: Fix max_rate limiting
iavf: Fix 'tc qdisc show' listing too many queues
netdevsim: Avoid allocation warnings triggered from user space
net: rose: fix netdev reference changes
net: ionic: fix error check for vlan flags in ionic_set_nic_features()
dccp: put dccp_qpolicy_full() and dccp_qpolicy_push() in the same lock
net: usb: make USB_RTL8153_ECM non user configurable
wireguard: ratelimiter: use hrtimer in selftest
wireguard: allowedips: don't corrupt stack when detecting overflow
HID: amd_sfh: Don't show client init failed as error when discovery fails
clk: renesas: r9a06g032: Fix UART clkgrp bitsel
mtd: maps: Fix refcount leak in of_flash_probe_versatile
mtd: maps: Fix refcount leak in ap_flash_init
mtd: rawnand: meson: Fix a potential double free issue
of: check previous kernel's ima-kexec-buffer against memory bounds
scsi: qla2xxx: edif: Reduce Initiator-Initiator thrashing
scsi: qla2xxx: edif: Fix potential stuck session in sa update
scsi: qla2xxx: edif: Reduce connection thrash
scsi: qla2xxx: edif: Fix inconsistent check of db_flags
scsi: qla2xxx: edif: Synchronize NPIV deletion with authentication application
scsi: qla2xxx: edif: Add retry for ELS passthrough
scsi: qla2xxx: edif: Fix n2n discovery issue with secure target
scsi: qla2xxx: edif: Fix n2n login retry for secure device
KVM: SVM: Unwind "speculative" RIP advancement if INTn injection "fails"
KVM: SVM: Stuff next_rip on emulated INT3 injection if NRIPS is supported
phy: samsung: exynosautov9-ufs: correct TSRV register configurations
PCI: microchip: Fix refcount leak in mc_pcie_init_irq_domains()
PCI: tegra194: Fix PM error handling in tegra_pcie_config_ep()
HID: cp2112: prevent a buffer overflow in cp2112_xfer()
mtd: sm_ftl: Fix deadlock caused by cancel_work_sync in sm_release
mtd: partitions: Fix refcount leak in parse_redboot_of
mtd: parsers: ofpart: Fix refcount leak in bcm4908_partitions_fw_offset
mtd: st_spi_fsm: Add a clk_disable_unprepare() in .probe()'s error path
PCI: mediatek-gen3: Fix refcount leak in mtk_pcie_init_irq_domains()
fpga: altera-pr-ip: fix unsigned comparison with less than zero
usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe
usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe
usb: gadget: tegra-xudc: Fix error check in tegra_xudc_powerdomain_init()
usb: xhci: tegra: Fix error check
netfilter: xtables: Bring SPDX identifier back
scsi: qla2xxx: edif: Send LOGO for unexpected IKE message
scsi: qla2xxx: edif: Reduce disruption due to multiple app start
scsi: qla2xxx: edif: Fix no login after app start
scsi: qla2xxx: edif: Tear down session if keys have been removed
scsi: qla2xxx: edif: Fix session thrash
scsi: qla2xxx: edif: Fix no logout on delete for N2N
iio: accel: bma400: Fix the scale min and max macro values
platform/chrome: cros_ec: Always expose last resume result
iio: accel: bma400: Reordering of header files
clk: mediatek: reset: Fix written reset bit offset
lib/test_hmm: avoid accessing uninitialized pages
memremap: remove support for external pgmap refcounts
mm/memremap: fix memunmap_pages() race with get_dev_pagemap()
KVM: Don't set Accessed/Dirty bits for ZERO_PAGE
mwifiex: Ignore BTCOEX events from the 88W8897 firmware
mwifiex: fix sleep in atomic context bugs caused by dev_coredumpv
scsi: iscsi: Allow iscsi_if_stop_conn() to be called from kernel
scsi: iscsi: Add helper to remove a session from the kernel
scsi: iscsi: Fix session removal on shutdown
dmaengine: dw-edma: Fix eDMA Rd/Wr-channels and DMA-direction semantics
mtd: dataflash: Add SPI ID table
clk: qcom: camcc-sm8250: Fix halt on boot by reducing driver's init level
misc: rtsx: Fix an error handling path in rtsx_pci_probe()
driver core: fix potential deadlock in __driver_attach
clk: qcom: clk-krait: unlock spin after mux completion
clk: qcom: gcc-msm8939: Add missing SYSTEM_MM_NOC_BFDCD_CLK_SRC
clk: qcom: gcc-msm8939: Fix bimc_ddr_clk_src rcgr base address
clk: qcom: gcc-msm8939: Add missing system_mm_noc_bfdcd_clk_src
clk: qcom: gcc-msm8939: Point MM peripherals to system_mm_noc clock
usb: host: xhci: use snprintf() in xhci_decode_trb()
RDMA/rxe: Fix deadlock in rxe_do_local_ops()
clk: qcom: ipq8074: fix NSS core PLL-s
clk: qcom: ipq8074: SW workaround for UBI32 PLL lock
clk: qcom: ipq8074: fix NSS port frequency tables
clk: qcom: ipq8074: set BRANCH_HALT_DELAY flag for UBI clocks
clk: qcom: camcc-sdm845: Fix topology around titan_top power domain
clk: qcom: camcc-sm8250: Fix topology around titan_top power domain
clk: qcom: clk-rcg2: Fail Duty-Cycle configuration if MND divider is not enabled.
clk: qcom: clk-rcg2: Make sure to not write d=0 to the NMD register
mm/mempolicy: fix get_nodes out of bound access
PCI: dwc: Stop link on host_init errors and de-initialization
PCI: dwc: Add unroll iATU space support to dw_pcie_disable_atu()
PCI: dwc: Disable outbound windows only for controllers using iATU
PCI: dwc: Set INCREASE_REGION_SIZE flag based on limit address
PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors
PCI: dwc: Always enable CDM check if "snps,enable-cdm-check" exists
soundwire: bus_type: fix remove and shutdown support
soundwire: revisit driver bind/unbind and callbacks
KVM: arm64: Don't return from void function
dmaengine: sf-pdma: Add multithread support for a DMA channel
PCI: endpoint: Don't stop controller when unbinding endpoint function
scsi: qla2xxx: Check correct variable in qla24xx_async_gffid()
intel_th: Fix a resource leak in an error handling path
intel_th: msu-sink: Potential dereference of null pointer
intel_th: msu: Fix vmalloced buffers
binder: fix redefinition of seq_file attributes
staging: rtl8192u: Fix sleep in atomic context bug in dm_fsync_timer_callback
mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch
mmc: mxcmmc: Silence a clang warning
mmc: renesas_sdhi: Get the reset handle early in the probe
memstick/ms_block: Fix some incorrect memory allocation
memstick/ms_block: Fix a memory leak
mmc: sdhci-of-at91: fix set_uhs_signaling rewriting of MC1R
of: device: Fix missing of_node_put() in of_dma_set_restricted_buffer
mmc: block: Add single read for 4k sector cards
KVM: s390: pv: leak the topmost page table when destroy fails
PCI/portdrv: Don't disable AER reporting in get_port_device_capability()
PCI: qcom: Set up rev 2.1.0 PARF_PHY before enabling clocks
scsi: smartpqi: Fix DMA direction for RAID requests
xtensa: iss/network: provide release() callback
xtensa: iss: fix handling error cases in iss_net_configure()
usb: gadget: udc: amd5536 depends on HAS_DMA
usb: aspeed-vhub: Fix refcount leak bug in ast_vhub_init_desc()
usb: dwc3: core: Deprecate GCTL.CORESOFTRESET
usb: dwc3: core: Do not perform GCTL_CORE_SOFTRESET during bootup
usb: dwc3: qcom: fix missing optional irq warnings
eeprom: idt_89hpesx: uninitialized data in idt_dbgfs_csr_write()
phy: stm32: fix error return in stm32_usbphyc_phy_init
interconnect: imx: fix max_node_id
um: random: Don't initialise hwrng struct with zero
RDMA/irdma: Fix a window for use-after-free
RDMA/irdma: Fix VLAN connection with wildcard address
RDMA/irdma: Fix setting of QP context err_rq_idx_valid field
RDMA/rtrs-srv: Fix modinfo output for stringify
RDMA/rtrs: Fix warning when use poll mode on client side.
RDMA/rtrs: Replace duplicate check with is_pollqueue helper
RDMA/rtrs: Introduce destroy_cq helper
RDMA/rtrs: Do not allow sessname to contain special symbols / and .
RDMA/rtrs: Rename rtrs_sess to rtrs_path
RDMA/rtrs-srv: Rename rtrs_srv_sess to rtrs_srv_path
RDMA/rtrs-clt: Rename rtrs_clt_sess to rtrs_clt_path
RDMA/rtrs-clt: Replace list_next_or_null_rr_rcu with an inline function
RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr()
RDMA/hns: Fix incorrect clearing of interrupt status register
RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event
iio: cros: Register FIFO callback after sensor is registered
clk: qcom: gcc-msm8939: Fix weird field spacing in ftbl_gcc_camss_cci_clk
RDMA/hfi1: fix potential memory leak in setup_base_ctxt()
gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data()
HID: mcp2221: prevent a buffer overflow in mcp_smbus_write()
HID: amd_sfh: Add NULL check for hid device
dmaengine: imx-dma: Cast of_device_get_match_data() with (uintptr_t)
scripts/gdb: lx-dmesg: read records individually
scripts/gdb: fix 'lx-dmesg' on 32 bits arch
RDMA/rxe: Fix mw bind to allow any consumer key portion
mmc: cavium-octeon: Add of_node_put() when breaking out of loop
mmc: cavium-thunderx: Add of_node_put() when breaking out of loop
HID: alps: Declare U1_UNICORN_LEGACY support
RDMA/rxe: For invalidate compare according to set keys in mr
PCI: tegra194: Fix Root Port interrupt handling
PCI: tegra194: Fix link up retry sequence
HID: amd_sfh: Handle condition of "no sensors"
USB: serial: fix tty-port initialized comments
usb: cdns3: change place of 'priv_ep' assignment in cdns3_gadget_ep_dequeue(), cdns3_gadget_ep_enable()
mtd: spi-nor: fix spi_nor_spimem_setup_op() call in spi_nor_erase_{sector,chip}()
KVM: nVMX: Set UMIP bit CR4_FIXED1 MSR when emulating UMIP
platform/olpc: Fix uninitialized data in debugfs write
RDMA/srpt: Duplicate port name members
RDMA/srpt: Introduce a reference count in struct srpt_device
RDMA/srpt: Fix a use-after-free
android: binder: stop saving a pointer to the VMA
mm/mmap.c: fix missing call to vm_unacct_memory in mmap_region
selftests: kvm: set rax before vmcall
of/fdt: declared return type does not match actual return type
RDMA/mlx5: Add missing check for return value in get namespace flow
RDMA/rxe: Add memory barriers to kernel queues
RDMA/rxe: Remove the is_user members of struct rxe_sq/rxe_rq/rxe_srq
RDMA/rxe: Fix error unwind in rxe_create_qp()
block/rnbd-srv: Set keep_id to true after mutex_trylock
null_blk: fix ida error handling in null_add_dev()
nvme: use command_id instead of req->tag in trace_nvme_complete_rq()
nvme: define compat_ioctl again to unbreak 32-bit userspace.
nvme: disable namespace access for unsupported metadata
nvme: don't return an error from nvme_configure_metadata
nvme: catch -ENODEV from nvme_revalidate_zones again
block/bio: remove duplicate append pages code
block: ensure iov_iter advances for added pages
jbd2: fix outstanding credits assert in jbd2_journal_commit_transaction()
ext4: recover csum seed of tmp_inode after migrating to extents
jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted
usb: cdns3: Don't use priv_dev uninitialized in cdns3_gadget_ep_enable()
opp: Fix error check in dev_pm_opp_attach_genpd()
ASoC: cros_ec_codec: Fix refcount leak in cros_ec_codec_platform_probe
ASoC: samsung: Fix error handling in aries_audio_probe
ASoC: imx-audmux: Silence a clang warning
ASoC: mediatek: mt8173: Fix refcount leak in mt8173_rt5650_rt5676_dev_probe
ASoC: mt6797-mt6351: Fix refcount leak in mt6797_mt6351_dev_probe
ASoC: codecs: da7210: add check for i2c_add_driver
ASoC: mediatek: mt8173-rt5650: Fix refcount leak in mt8173_rt5650_dev_probe
serial: 8250: Export ICR access helpers for internal use
serial: 8250: dma: Allow driver operations before starting DMA transfers
serial: 8250_dw: Store LSR into lsr_saved_flags in dw8250_tx_wait_empty()
ASoC: codecs: msm8916-wcd-digital: move gains from SX_TLV to S8_TLV
ASoC: codecs: wcd9335: move gains from SX_TLV to S8_TLV
rpmsg: char: Add mutex protection for rpmsg_eptdev_open()
rpmsg: mtk_rpmsg: Fix circular locking dependency
remoteproc: k3-r5: Fix refcount leak in k3_r5_cluster_of_init
selftests/livepatch: better synchronize test_klp_callbacks_busy
profiling: fix shift too large makes kernel panic
remoteproc: imx_rproc: Fix refcount leak in imx_rproc_addr_init
ASoC: samsung: h1940_uda1380: include proepr GPIO consumer header
powerpc/perf: Optimize clearing the pending PMI and remove WARN_ON for PMI check in power_pmu_disable
ASoC: samsung: change gpiod_speaker_power and rx1950_audio from global to static variables
tty: n_gsm: Delete gsmtty open SABM frame when config requester
tty: n_gsm: fix user open not possible at responder until initiator open
tty: n_gsm: fix tty registration before control channel open
tty: n_gsm: fix wrong queuing behavior in gsm_dlci_data_output()
tty: n_gsm: fix missing timer to handle stalled links
tty: n_gsm: fix non flow control frames during mux flow off
tty: n_gsm: fix packet re-transmission without open control channel
tty: n_gsm: fix race condition in gsmld_write()
tty: n_gsm: fix resource allocation order in gsm_activate_mux()
ASoC: qcom: Fix missing of_node_put() in asoc_qcom_lpass_cpu_platform_probe()
ASoC: imx-card: Fix DSD/PDM mclk frequency
remoteproc: qcom: wcnss: Fix handling of IRQs
vfio/ccw: Do not change FSM state in subchannel event
serial: 8250_fsl: Don't report FE, PE and OE twice
tty: n_gsm: fix wrong T1 retry count handling
tty: n_gsm: fix DM command
tty: n_gsm: fix missing corner cases in gsmld_poll()
MIPS: vdso: Utilize __pa() for gic_pfn
swiotlb: fail map correctly with failed io_tlb_default_mem
ASoC: mt6359: Fix refcount leak bug
serial: 8250_bcm7271: Save/restore RTS in suspend/resume
iommu/exynos: Handle failed IOMMU device registration properly
9p: fix a bunch of checkpatch warnings
9p: Drop kref usage
9p: Add client parameter to p9_req_put()
net: 9p: fix refcount leak in p9_read_work() error handling
MIPS: Fixed __debug_virt_addr_valid()
rpmsg: qcom_smd: Fix refcount leak in qcom_smd_parse_edge
kfifo: fix kfifo_to_user() return type
lib/smp_processor_id: fix imbalanced instrumentation_end() call
proc: fix a dentry lock race between release_task and lookup
remoteproc: qcom: pas: Check if coredump is enabled
remoteproc: sysmon: Wait for SSCTL service to come up
mfd: t7l66xb: Drop platform disable callback
mfd: max77620: Fix refcount leak in max77620_initialise_fps
iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of loop
perf tools: Fix dso_id inode generation comparison
s390/dump: fix old lowcore virtual vs physical address confusion
s390/maccess: fix semantics of memcpy_real() and its callers
s390/crash: fix incorrect number of bytes to copy to user space
s390/zcore: fix race when reading from hardware system area
ASoC: fsl_asrc: force cast the asrc_format type
ASoC: fsl-asoc-card: force cast the asrc_format type
ASoC: fsl_easrc: use snd_pcm_format_t type for sample_format
ASoC: imx-card: use snd_pcm_format_t type for asrc_format
ASoC: qcom: q6dsp: Fix an off-by-one in q6adm_alloc_copp()
fuse: Remove the control interface for virtio-fs
ASoC: audio-graph-card: Add of_node_put() in fail path
watchdog: sp5100_tco: Fix a memory leak of EFCH MMIO resource
watchdog: armada_37xx_wdt: check the return value of devm_ioremap() in armada_37xx_wdt_probe()
video: fbdev: amba-clcd: Fix refcount leak bugs
video: fbdev: sis: fix typos in SiS_GetModeID()
ASoC: mchp-spdifrx: disable end of block interrupt on failures
powerpc/32: Call mmu_mark_initmem_nx() regardless of data block mapping.
powerpc/32: Do not allow selection of e5500 or e6500 CPUs on PPC32
powerpc/iommu: Fix iommu_table_in_use for a small default DMA window case
powerpc/pci: Prefer PCI domain assignment via DT 'linux,pci-domain' and alias
tty: serial: fsl_lpuart: correct the count of break characters
s390/dump: fix os_info virtual vs physical address confusion
s390/smp: cleanup target CPU callback starting
s390/smp: cleanup control register update routines
s390/maccess: rework absolute lowcore accessors
s390/smp: enforce lowcore protection on CPU restart
f2fs: fix to remove F2FS_COMPR_FL and tag F2FS_NOCOMP_FL at the same time
powerpc/spufs: Fix refcount leak in spufs_init_isolated_loader
powerpc/xive: Fix refcount leak in xive_get_max_prio
powerpc/cell/axon_msi: Fix refcount leak in setup_msi_msg_address
perf symbol: Fail to read phdr workaround
kprobes: Forbid probing on trampoline and BPF code areas
x86/bus_lock: Don't assume the init value of DEBUGCTLMSR.BUS_LOCK_DETECT to be zero
powerpc/pci: Fix PHB numbering when using opal-phbid
genelf: Use HAVE_LIBCRYPTO_SUPPORT, not the never defined HAVE_LIBCRYPTO
scripts/faddr2line: Fix vmlinux detection on arm64
sched/deadline: Merge dl_task_can_attach() and dl_cpu_busy()
sched, cpuset: Fix dl_cpu_busy() panic due to empty cs->cpus_allowed
x86/numa: Use cpumask_available instead of hardcoded NULL check
video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock()
tools/thermal: Fix possible path truncations
sched: Fix the check of nr_running at queue wakelist
sched: Remove the limitation of WF_ON_CPU on wakelist if wakee cpu is idle
sched/core: Do not requeue task on CPU excluded from cpus_mask
x86/entry: Build thunk_$(BITS) only if CONFIG_PREEMPTION=y
f2fs: allow compression for mmap files in compress_mode=user
f2fs: do not allow to decompress files have FI_COMPRESS_RELEASED
video: fbdev: vt8623fb: Check the size of screen before memset_io()
video: fbdev: arkfb: Check the size of screen before memset_io()
video: fbdev: s3fb: Check the size of screen before memset_io()
scsi: ufs: core: Correct ufshcd_shutdown() flow
scsi: zfcp: Fix missing auto port scan and thus missing target ports
scsi: qla2xxx: Fix imbalance vha->vref_count
scsi: qla2xxx: Fix discovery issues in FC-AL topology
scsi: qla2xxx: Turn off multi-queue for 8G adapters
scsi: qla2xxx: Fix crash due to stale SRB access around I/O timeouts
scsi: qla2xxx: Fix excessive I/O error messages by default
scsi: qla2xxx: Fix erroneous mailbox timeout after PCI error injection
scsi: qla2xxx: Wind down adapter after PCIe error
scsi: qla2xxx: Fix losing FCP-2 targets on long port disable with I/Os
scsi: qla2xxx: Fix losing target when it reappears during delete
scsi: qla2xxx: Fix losing FCP-2 targets during port perturbation tests
x86/bugs: Enable STIBP for IBPB mitigated RETBleed
ftrace/x86: Add back ftrace_expected assignment
x86/kprobes: Update kcb status flag after singlestepping
x86/olpc: fix 'logical not is only applied to the left hand side'
SMB3: fix lease break timeout when multiple deferred close handles for the same file.
posix-cpu-timers: Cleanup CPU timers before freeing them during exec
Input: gscps2 - check return value of ioremap() in gscps2_probe()
__follow_mount_rcu(): verify that mount_lock remains unchanged
spmi: trace: fix stack-out-of-bound access in SPMI tracing functions
drm/mediatek: Allow commands to be sent during video mode
drm/mediatek: Keep dsi as LP00 before dcs cmds transfer
crypto: blake2s - remove shash module
drm/dp/mst: Read the extended DPCD capabilities during system resume
drm/vc4: drv: Adopt the dma configuration from the HVS or V3D component
usbnet: smsc95xx: Don't clear read-only PHY interrupt
usbnet: smsc95xx: Avoid link settings race on interrupt reception
usbnet: smsc95xx: Forward PHY interrupts to PHY driver to avoid polling
usbnet: smsc95xx: Fix deadlock on runtime resume
firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails
scsi: lpfc: Fix EEH support for NVMe I/O
scsi: lpfc: SLI path split: Refactor lpfc_iocbq
scsi: lpfc: SLI path split: Refactor fast and slow paths to native SLI4
scsi: lpfc: SLI path split: Refactor SCSI paths
scsi: lpfc: Remove extra atomic_inc on cmd_pending in queuecommand after VMID
intel_th: pci: Add Meteor Lake-P support
intel_th: pci: Add Raptor Lake-S PCH support
intel_th: pci: Add Raptor Lake-S CPU support
KVM: set_msr_mce: Permit guests to ignore single-bit ECC errors
KVM: x86: Signal #GP, not -EPERM, on bad WRMSR(MCi_CTL/STATUS)
iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE)
PCI/AER: Iterate over error counters instead of error strings
PCI: qcom: Power on PHY before IPQ8074 DBI register accesses
serial: 8250_pci: Refactor the loop in pci_ite887x_init()
serial: 8250_pci: Replace dev_*() by pci_*() macros
serial: 8250: Fold EndRun device support into OxSemi Tornado code
serial: 8250: Add proper clock handling for OxSemi PCIe devices
tty: 8250: Add support for Brainboxes PX cards.
dm writecache: set a default MAX_WRITEBACK_JOBS
kexec, KEYS, s390: Make use of built-in and secondary keyring for signature verification
dm thin: fix use-after-free crash in dm_sm_register_threshold_callback
net/9p: Initialize the iounit field during fid creation
ARM: remove some dead code
timekeeping: contribute wall clock to rng on time change
locking/csd_lock: Change csdlock_debug from early_param to __setup
block: remove the struct blk_queue_ctx forward declaration
block: don't allow the same type rq_qos add more than once
btrfs: ensure pages are unlocked on cow_file_range() failure
btrfs: reset block group chunk force if we have to wait
btrfs: properly flag filesystem with BTRFS_FEATURE_INCOMPAT_BIG_METADATA
ACPI: CPPC: Do not prevent CPPC from working in the future
powerpc/powernv/kvm: Use darn for H_RANDOM on Power9
KVM: x86/pmu: Introduce the ctrl_mask value for fixed counter
KVM: VMX: Mark all PERF_GLOBAL_(OVF)_CTRL bits reserved if there's no vPMU
KVM: x86/pmu: Ignore pmu->global_ctrl check if vPMU doesn't support global_ctrl
KVM: VMX: Add helper to check if the guest PMU has PERF_GLOBAL_CTRL
KVM: nVMX: Attempt to load PERF_GLOBAL_CTRL on nVMX xfer iff it exists
dm raid: fix address sanitizer warning in raid_status
dm raid: fix address sanitizer warning in raid_resume
tracing: Add '__rel_loc' using trace event macros
tracing: Avoid -Warray-bounds warning for __rel_loc macro
ext4: update s_overhead_clusters in the superblock during an on-line resize
ext4: fix extent status tree race in writeback error recovery path
ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h
ext4: fix use-after-free in ext4_xattr_set_entry
ext4: correct max_inline_xattr_value_size computing
ext4: correct the misjudgment in ext4_iget_extra_inode
ext4: fix warning in ext4_iomap_begin as race between bmap and write
ext4: check if directory block is within i_size
ext4: make sure ext4_append() always allocates new block
ext4: remove EA inode entry from mbcache on inode eviction
ext4: use kmemdup() to replace kmalloc + memcpy
ext4: unindent codeblock in ext4_xattr_block_set()
ext4: fix race when reusing xattr blocks
KEYS: asymmetric: enforce SM2 signature use pkey algo
tpm: eventlog: Fix section mismatch for DEBUG_SECTION_MISMATCH
xen-blkback: fix persistent grants negotiation
xen-blkback: Apply 'feature_persistent' parameter when connect
xen-blkfront: Apply 'feature_persistent' parameter when connect
powerpc: Fix eh field when calling lwarx on PPC32
tracing: Use a struct alignof to determine trace event field alignment
net_sched: cls_route: remove from list when handle is 0
mac80211: fix a memory leak where sta_info is not freed
tcp: fix over estimation in sk_forced_mem_schedule()
crypto: lib/blake2s - reduce stack frame usage in self test
Revert "mwifiex: fix sleep in atomic context bugs caused by dev_coredumpv"
Revert "s390/smp: enforce lowcore protection on CPU restart"
drm/bridge: tc358767: Fix (e)DP bridge endpoint parsing in dedicated function
net: phy: smsc: Disable Energy Detect Power-Down in interrupt mode
drm/vc4: change vc4_dma_range_matches from a global to static
tracing/perf: Avoid -Warray-bounds warning for __rel_loc macro
drm/msm: Fix dirtyfb refcounting
drm/meson: Fix refcount leak in meson_encoder_hdmi_init
io_uring: mem-account pbuf buckets
Revert "net: usb: ax88179_178a needs FLAG_SEND_ZLP"
Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression
drm/bridge: Move devm_drm_of_get_bridge to bridge/panel.c
scsi: lpfc: Fix locking for lpfc_sli_iocbq_lookup()
scsi: lpfc: Fix element offset in __lpfc_sli_release_iocbq_s4()
scsi: lpfc: Resolve some cleanup issues following SLI path refactoring
Linux 5.15.61
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Iec359ed301bcbcd6e19b67ee8534418fab26850b
|
||
|
Dom Cobley
|
0dd9984696 |
Merge tag 'v5.15.64' into rpi-5.15.y
This is the 5.15.64 stable release |
||
Pawan Gupta
|
75fa6c733b |
x86/bugs: Add "unknown" reporting for MMIO Stale Data
commit 7df548840c496b0141fb2404b889c346380c2b22 upstream.
Older Intel CPUs that are not in the affected processor list for MMIO
Stale Data vulnerabilities currently report "Not affected" in sysfs,
which may not be correct. Vulnerability status for these older CPUs is
unknown.
Add known-not-affected CPUs to the whitelist. Report "unknown"
mitigation status for CPUs that are not in blacklist, whitelist and also
don't enumerate MSR ARCH_CAPABILITIES bits that reflect hardware
immunity to MMIO Stale Data vulnerabilities.
Mitigation is not deployed when the status is unknown.
[ bp: Massage, fixup. ]
Fixes: 8d50cdf8b834 ("x86/speculation/mmio: Add sysfs reporting for Processor MMIO Stale Data")
Suggested-by: Andrew Cooper <andrew.cooper3@citrix.com>
Suggested-by: Tony Luck <tony.luck@intel.com>
Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: stable@vger.kernel.org
Link: https://lore.kernel.org/r/a932c154772f2121794a5f2eded1a11013114711.1657846269.git.pawan.kumar.gupta@linux.intel.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Kuniyuki Iwashima
|
4d2c808d09 |
net: Fix data-races around netdev_max_backlog.
[ Upstream commit 5dcd08cd19912892586c6082d56718333e2d19db ]
While reading netdev_max_backlog, it can be changed concurrently.
Thus, we need to add READ_ONCE() to its readers.
While at it, we remove the unnecessary spaces in the doc.
Fixes:
|
||
|
Dom Cobley
|
64ad74084f |
Merge tag 'v5.15.61' into rpi-5.15.y
This is the 5.15.61 stable release |
||
|
Dom Cobley
|
a309898597 |
Merge tag 'v5.15.60' into rpi-5.15.y
This is the 5.15.60 stable release |
||
|
Dom Cobley
|
95de22bb80 |
Merge tag 'v5.15.59' into rpi-5.15.y
This is the 5.15.59 stable release |
||
|
Dom Cobley
|
4a52697029 |
Merge tag 'v5.15.58' into rpi-5.15.y
This is the 5.15.58 stable release |
||
|
Dom Cobley
|
533693d71c |
Merge tag 'v5.15.57' into rpi-5.15.y
This is the 5.15.57 stable release |
||
Kim Phillips
|
0b00cb428f |
x86/bugs: Enable STIBP for IBPB mitigated RETBleed
commit e6cfcdda8cbe81eaf821c897369a65fec987b404 upstream.
AMD's "Technical Guidance for Mitigating Branch Type Confusion,
Rev. 1.0 2022-07-12" whitepaper, under section 6.1.2 "IBPB On
Privileged Mode Entry / SMT Safety" says:
Similar to the Jmp2Ret mitigation, if the code on the sibling thread
cannot be trusted, software should set STIBP to 1 or disable SMT to
ensure SMT safety when using this mitigation.
So, like already being done for retbleed=unret, and now also for
retbleed=ibpb, force STIBP on machines that have it, and report its SMT
vulnerability status accordingly.
[ bp: Remove the "we" and remove "[AMD]" applicability parameter which
doesn't work here. ]
Fixes: 3ebc17006888 ("x86/bugs: Add retbleed=ibpb")
Signed-off-by: Kim Phillips <kim.phillips@amd.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: stable@vger.kernel.org # 5.10, 5.15, 5.19
Link: https://bugzilla.kernel.org/show_bug.cgi?id=206537
Link: https://lore.kernel.org/r/20220804192201.439596-1-kim.phillips@amd.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Mikulas Patocka
|
a638fa9745 |
dm writecache: count number of blocks discarded, not number of discard bios
[ Upstream commit 2ee73ef60db4d79b9f9b8cd501e8188b5179449f ]
Change dm-writecache, so that it counts the number of blocks discarded
instead of the number of discard bios. Make it consistent with the
read and write statistics counters that were changed to count the
number of blocks instead of bios.
Fixes:
|
||
|
Mikulas Patocka
|
fc988f1ca2 |
dm writecache: count number of blocks written, not number of write bios
[ Upstream commit b2676e1482af89714af6988ce5d31a84692e2530 ]
Change dm-writecache, so that it counts the number of blocks written
instead of the number of write bios. Bios can be split and requeued
using the dm_accept_partial_bio function, so counting bios caused
inaccurate results.
Fixes:
|
||
|
Mikulas Patocka
|
3a2500b73a |
dm writecache: count number of blocks read, not number of read bios
[ Upstream commit 2c6e755b49d273243431f5f1184654e71221fc78 ]
Change dm-writecache, so that it counts the number of blocks read
instead of the number of read bios. Bios can be split and requeued
using the dm_accept_partial_bio function, so counting bios caused
inaccurate results.
Fixes:
|
||
Wyes Karny
|
932b5e6524 |
x86: Handle idle=nomwait cmdline properly for x86_idle
[ Upstream commit 8bcedb4ce04750e1ccc9a6b6433387f6a9166a56 ] When kernel is booted with idle=nomwait do not use MWAIT as the default idle state. If the user boots the kernel with idle=nomwait, it is a clear direction to not use mwait as the default idle state. However, the current code does not take this into consideration while selecting the default idle state on x86. Fix it by checking for the idle=nomwait boot option in prefer_mwait_c1_over_halt(). Also update the documentation around idle=nomwait appropriately. [ dhansen: tweak commit message ] Signed-off-by: Wyes Karny <wyes.karny@amd.com> Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com> Tested-by: Zhang Rui <rui.zhang@intel.com> Link: https://lkml.kernel.org/r/fdc2dc2d0a1bc21c2f53d989ea2d2ee3ccbc0dbe.1654538381.git-series.wyes.karny@amd.com Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Greg Kroah-Hartman
|
08c4bae24d |
Merge 5.15.60 into android14-5.15
Changes in 5.15.60
x86/speculation: Make all RETbleed mitigations 64-bit only
selftests/bpf: Extend verifier and bpf_sock tests for dst_port loads
selftests/bpf: Check dst_port only on the client socket
block: fix default IO priority handling again
tools/vm/slabinfo: Handle files in debugfs
ACPI: video: Force backlight native for some TongFang devices
ACPI: video: Shortening quirk list by identifying Clevo by board_name only
ACPI: APEI: Better fix to avoid spamming the console with old error logs
crypto: arm64/poly1305 - fix a read out-of-bound
KVM: x86: do not report a vCPU as preempted outside instruction boundaries
KVM: x86: do not set st->preempted when going back to user space
KVM: selftests: Make hyperv_clock selftest more stable
tools/kvm_stat: fix display of error when multiple processes are found
selftests: KVM: Handle compiler optimizations in ucall
KVM: x86/svm: add __GFP_ACCOUNT to __sev_dbg_{en,de}crypt_user()
arm64: set UXN on swapper page tables
btrfs: zoned: prevent allocation from previous data relocation BG
btrfs: zoned: fix critical section of relocation inode writeback
Bluetooth: hci_bcm: Add BCM4349B1 variant
Bluetooth: hci_bcm: Add DT compatible for CYW55572
dt-bindings: bluetooth: broadcom: Add BCM4349B1 DT binding
Bluetooth: btusb: Add support of IMC Networks PID 0x3568
Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04CA:0x4007
Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04C5:0x1675
Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0CB8:0xC558
Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3587
Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3586
macintosh/adb: fix oob read in do_adb_query() function
x86/speculation: Add RSB VM Exit protections
x86/speculation: Add LFENCE to RSB fill sequence
Linux 5.15.60
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I297301e2121a2fdda063cada7377da1ae414da2a
|
||
Daniel Sneddon
|
7fcd99e889 |
x86/speculation: Add RSB VM Exit protections
commit 2b1299322016731d56807aa49254a5ea3080b6b3 upstream.
tl;dr: The Enhanced IBRS mitigation for Spectre v2 does not work as
documented for RET instructions after VM exits. Mitigate it with a new
one-entry RSB stuffing mechanism and a new LFENCE.
== Background ==
Indirect Branch Restricted Speculation (IBRS) was designed to help
mitigate Branch Target Injection and Speculative Store Bypass, i.e.
Spectre, attacks. IBRS prevents software run in less privileged modes
from affecting branch prediction in more privileged modes. IBRS requires
the MSR to be written on every privilege level change.
To overcome some of the performance issues of IBRS, Enhanced IBRS was
introduced. eIBRS is an "always on" IBRS, in other words, just turn
it on once instead of writing the MSR on every privilege level change.
When eIBRS is enabled, more privileged modes should be protected from
less privileged modes, including protecting VMMs from guests.
== Problem ==
Here's a simplification of how guests are run on Linux' KVM:
void run_kvm_guest(void)
{
// Prepare to run guest
VMRESUME();
// Clean up after guest runs
}
The execution flow for that would look something like this to the
processor:
1. Host-side: call run_kvm_guest()
2. Host-side: VMRESUME
3. Guest runs, does "CALL guest_function"
4. VM exit, host runs again
5. Host might make some "cleanup" function calls
6. Host-side: RET from run_kvm_guest()
Now, when back on the host, there are a couple of possible scenarios of
post-guest activity the host needs to do before executing host code:
* on pre-eIBRS hardware (legacy IBRS, or nothing at all), the RSB is not
touched and Linux has to do a 32-entry stuffing.
* on eIBRS hardware, VM exit with IBRS enabled, or restoring the host
IBRS=1 shortly after VM exit, has a documented side effect of flushing
the RSB except in this PBRSB situation where the software needs to stuff
the last RSB entry "by hand".
IOW, with eIBRS supported, host RET instructions should no longer be
influenced by guest behavior after the host retires a single CALL
instruction.
However, if the RET instructions are "unbalanced" with CALLs after a VM
exit as is the RET in #6, it might speculatively use the address for the
instruction after the CALL in #3 as an RSB prediction. This is a problem
since the (untrusted) guest controls this address.
Balanced CALL/RET instruction pairs such as in step #5 are not affected.
== Solution ==
The PBRSB issue affects a wide variety of Intel processors which
support eIBRS. But not all of them need mitigation. Today,
X86_FEATURE_RSB_VMEXIT triggers an RSB filling sequence that mitigates
PBRSB. Systems setting RSB_VMEXIT need no further mitigation - i.e.,
eIBRS systems which enable legacy IBRS explicitly.
However, such systems (X86_FEATURE_IBRS_ENHANCED) do not set RSB_VMEXIT
and most of them need a new mitigation.
Therefore, introduce a new feature flag X86_FEATURE_RSB_VMEXIT_LITE
which triggers a lighter-weight PBRSB mitigation versus RSB_VMEXIT.
The lighter-weight mitigation performs a CALL instruction which is
immediately followed by a speculative execution barrier (INT3). This
steers speculative execution to the barrier -- just like a retpoline
-- which ensures that speculation can never reach an unbalanced RET.
Then, ensure this CALL is retired before continuing execution with an
LFENCE.
In other words, the window of exposure is opened at VM exit where RET
behavior is troublesome. While the window is open, force RSB predictions
sampling for RET targets to a dead end at the INT3. Close the window
with the LFENCE.
There is a subset of eIBRS systems which are not vulnerable to PBRSB.
Add these systems to the cpu_vuln_whitelist[] as NO_EIBRS_PBRSB.
Future systems that aren't vulnerable will set ARCH_CAP_PBRSB_NO.
[ bp: Massage, incorporate review comments from Andy Cooper. ]
Signed-off-by: Daniel Sneddon <daniel.sneddon@linux.intel.com>
Co-developed-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Will Deacon
|
807ee6de4c |
UPSTREAM: KVM: arm64: Ignore 'kvm-arm.mode=protected' when using VHE
Ignore 'kvm-arm.mode=protected' when using VHE so that kvm_get_mode() only returns KVM_MODE_PROTECTED on systems where the feature is available. Cc: David Brazdil <dbrazdil@google.com> Acked-by: Mark Rutland <mark.rutland@arm.com> Signed-off-by: Will Deacon <will@kernel.org> Signed-off-by: Marc Zyngier <maz@kernel.org> Link: https://lore.kernel.org/r/20220609121223.2551-4-will@kernel.org (cherry picked from commit cde5042adf11b0a30a6ce0ec3d071afcf8d2efaf) Signed-off-by: Will Deacon <willdeacon@google.com> Bug: 233587962 Bug: 233588291 Change-Id: Ib9b884594fa5f8f1cba444ca9054dc0d3a6c8b0c |
||
|
Greg Kroah-Hartman
|
046ce7a74e |
Merge 5.15.59 into android14-5.15
Changes in 5.15.59
Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put
Revert "ocfs2: mount shared volume without ha stack"
ntfs: fix use-after-free in ntfs_ucsncmp()
fs: sendfile handles O_NONBLOCK of out_fd
secretmem: fix unhandled fault in truncate
mm: fix page leak with multiple threads mapping the same page
hugetlb: fix memoryleak in hugetlb_mcopy_atomic_pte
asm-generic: remove a broken and needless ifdef conditional
s390/archrandom: prevent CPACF trng invocations in interrupt context
nouveau/svm: Fix to migrate all requested pages
drm/simpledrm: Fix return type of simpledrm_simple_display_pipe_mode_valid()
watch_queue: Fix missing rcu annotation
watch_queue: Fix missing locking in add_watch_to_object()
tcp: Fix data-races around sysctl_tcp_dsack.
tcp: Fix a data-race around sysctl_tcp_app_win.
tcp: Fix a data-race around sysctl_tcp_adv_win_scale.
tcp: Fix a data-race around sysctl_tcp_frto.
tcp: Fix a data-race around sysctl_tcp_nometrics_save.
tcp: Fix data-races around sysctl_tcp_no_ssthresh_metrics_save.
ice: check (DD | EOF) bits on Rx descriptor rather than (EOP | RS)
ice: do not setup vlan for loopback VSI
scsi: ufs: host: Hold reference returned by of_parse_phandle()
Revert "tcp: change pingpong threshold to 3"
octeontx2-pf: Fix UDP/TCP src and dst port tc filters
tcp: Fix data-races around sysctl_tcp_moderate_rcvbuf.
tcp: Fix a data-race around sysctl_tcp_limit_output_bytes.
tcp: Fix a data-race around sysctl_tcp_challenge_ack_limit.
scsi: core: Fix warning in scsi_alloc_sgtables()
scsi: mpt3sas: Stop fw fault watchdog work item during system shutdown
net: ping6: Fix memleak in ipv6_renew_options().
ipv6/addrconf: fix a null-ptr-deref bug for ip6_ptr
net/tls: Remove the context from the list in tls_device_down
igmp: Fix data-races around sysctl_igmp_qrv.
net: pcs: xpcs: propagate xpcs_read error to xpcs_get_state_c37_sgmii
net: sungem_phy: Add of_node_put() for reference returned by of_get_parent()
tcp: Fix a data-race around sysctl_tcp_min_tso_segs.
tcp: Fix a data-race around sysctl_tcp_min_rtt_wlen.
tcp: Fix a data-race around sysctl_tcp_autocorking.
tcp: Fix a data-race around sysctl_tcp_invalid_ratelimit.
Documentation: fix sctp_wmem in ip-sysctl.rst
macsec: fix NULL deref in macsec_add_rxsa
macsec: fix error message in macsec_add_rxsa and _txsa
macsec: limit replay window size with XPN
macsec: always read MACSEC_SA_ATTR_PN as a u64
net: macsec: fix potential resource leak in macsec_add_rxsa() and macsec_add_txsa()
net: mld: fix reference count leak in mld_{query | report}_work()
tcp: Fix data-races around sk_pacing_rate.
net: Fix data-races around sysctl_[rw]mem(_offset)?.
tcp: Fix a data-race around sysctl_tcp_comp_sack_delay_ns.
tcp: Fix a data-race around sysctl_tcp_comp_sack_slack_ns.
tcp: Fix a data-race around sysctl_tcp_comp_sack_nr.
tcp: Fix data-races around sysctl_tcp_reflect_tos.
ipv4: Fix data-races around sysctl_fib_notify_on_flag_change.
i40e: Fix interface init with MSI interrupts (no MSI-X)
sctp: fix sleep in atomic context bug in timer handlers
octeontx2-pf: cn10k: Fix egress ratelimit configuration
netfilter: nf_queue: do not allow packet truncation below transport header offset
virtio-net: fix the race between refill work and close
perf symbol: Correct address for bss symbols
sfc: disable softirqs for ptp TX
sctp: leave the err path free in sctp_stream_init to sctp_stream_free
ARM: crypto: comment out gcc warning that breaks clang builds
mm/hmm: fault non-owner device private entries
page_alloc: fix invalid watermark check on a negative value
ARM: 9216/1: Fix MAX_DMA_ADDRESS overflow
EDAC/ghes: Set the DIMM label unconditionally
docs/kernel-parameters: Update descriptions for "mitigations=" param with retbleed
locking/rwsem: Allow slowpath writer to ignore handoff bit if not set by first waiter
x86/bugs: Do not enable IBPB at firmware entry when IBPB is not available
Linux 5.15.59
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I4f2002d38aea467e150a912f50d456c41b23de89
|
||
Marc Zyngier
|
82e2a5389c |
ANDROID: BACKPORT: arm64: Enroll into KVM's MMIO guard if required
Should a guest desire to enroll into the MMIO guard, allow it to do so with a command-line option. Signed-off-by: Marc Zyngier <maz@kernel.org> Bug: 233587962 Change-Id: Ia9a77f693531740500739693c52b4959abacafd4 [willdeacon@: Add hypercall IDs] Signed-off-by: Will Deacon <willdeacon@google.com> |
||
Will Deacon
|
9cd6530cd8 |
Revert "ANDROID: KVM: arm64: Ignore 'kvm-arm.mode=protected' when using VHE"
This reverts commit
|
||
|
Will Deacon
|
cbc4618d5f |
Revert "ANDROID: arm64: Enroll into KVM's MMIO guard if required"
This reverts commit
|
||
Eiichi Tsukata
|
66d31cef48 |
docs/kernel-parameters: Update descriptions for "mitigations=" param with retbleed
commit ea304a8b89fd0d6cf94ee30cb139dc23d9f1a62f upstream. Updates descriptions for "mitigations=off" and "mitigations=auto,nosmt" with the respective retbleed= settings. Signed-off-by: Eiichi Tsukata <eiichi.tsukata@nutanix.com> Signed-off-by: Borislav Petkov <bp@suse.de> Cc: corbet@lwn.net Link: https://lore.kernel.org/r/20220728043907.165688-1-eiichi.tsukata@nutanix.com Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Suren Baghdasaryan
|
e2b6c5f7ee |
mm/pagealloc: sysctl: change watermark_scale_factor max limit to 30%
[ Upstream commit 39c65a94cd9661532be150e88f8b02f4a6844a35 ] For embedded systems with low total memory, having to run applications with relatively large memory requirements, 10% max limitation for watermark_scale_factor poses an issue of triggering direct reclaim every time such application is started. This results in slow application startup times and bad end-user experience. By increasing watermark_scale_factor max limit we allow vendors more flexibility to choose the right level of kswapd aggressiveness for their device and workload requirements. Link: https://lkml.kernel.org/r/20211124193604.2758863-1-surenb@google.com Signed-off-by: Suren Baghdasaryan <surenb@google.com> Acked-by: Johannes Weiner <hannes@cmpxchg.org> Cc: Michal Hocko <mhocko@suse.com> Cc: Lukas Middendorf <kernel@tuxforce.de> Cc: Antti Palosaari <crope@iki.fi> Cc: Luis Chamberlain <mcgrof@kernel.org> Cc: Kees Cook <keescook@chromium.org> Cc: Iurii Zaikin <yzaikin@google.com> Cc: Dave Hansen <dave.hansen@linux.intel.com> Cc: Vlastimil Babka <vbabka@suse.cz> Cc: Mel Gorman <mgorman@techsingularity.net> Cc: Jonathan Corbet <corbet@lwn.net> Cc: Zhang Yi <yi.zhang@huawei.com> Cc: Fengfei Xi <xi.fengfei@h3c.com> Cc: Mike Rapoport <rppt@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Greg Kroah-Hartman
|
4f868bc314 |
Merge 5.15.57 into android14-5.15
Changes in 5.15.57
x86/traps: Use pt_regs directly in fixup_bad_iret()
x86/entry: Switch the stack after error_entry() returns
x86/entry: Move PUSH_AND_CLEAR_REGS out of error_entry()
x86/entry: Don't call error_entry() for XENPV
objtool: Classify symbols
objtool: Explicitly avoid self modifying code in .altinstr_replacement
objtool: Shrink struct instruction
objtool,x86: Replace alternatives with .retpoline_sites
objtool: Introduce CFI hash
x86/retpoline: Remove unused replacement symbols
x86/asm: Fix register order
x86/asm: Fixup odd GEN-for-each-reg.h usage
x86/retpoline: Move the retpoline thunk declarations to nospec-branch.h
x86/retpoline: Create a retpoline thunk array
x86/alternative: Implement .retpoline_sites support
x86/alternative: Handle Jcc __x86_indirect_thunk_\reg
x86/alternative: Try inline spectre_v2=retpoline,amd
x86/alternative: Add debug prints to apply_retpolines()
bpf,x86: Simplify computing label offsets
bpf,x86: Respect X86_FEATURE_RETPOLINE*
objtool: Default ignore INT3 for unreachable
x86/entry: Remove skip_r11rcx
x86/realmode: build with -D__DISABLE_EXPORTS
x86/kvm/vmx: Make noinstr clean
x86/cpufeatures: Move RETPOLINE flags to word 11
x86/retpoline: Cleanup some #ifdefery
x86/retpoline: Swizzle retpoline thunk
x86/retpoline: Use -mfunction-return
x86: Undo return-thunk damage
x86,objtool: Create .return_sites
objtool: skip non-text sections when adding return-thunk sites
x86,static_call: Use alternative RET encoding
x86/ftrace: Use alternative RET encoding
x86/bpf: Use alternative RET encoding
x86/kvm: Fix SETcc emulation for return thunks
x86/vsyscall_emu/64: Don't use RET in vsyscall emulation
x86/sev: Avoid using __x86_return_thunk
x86: Use return-thunk in asm code
x86/entry: Avoid very early RET
objtool: Treat .text.__x86.* as noinstr
x86: Add magic AMD return-thunk
x86/bugs: Report AMD retbleed vulnerability
x86/bugs: Add AMD retbleed= boot parameter
x86/bugs: Enable STIBP for JMP2RET
x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value
x86/entry: Add kernel IBRS implementation
x86/bugs: Optimize SPEC_CTRL MSR writes
x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS
x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation()
x86/bugs: Report Intel retbleed vulnerability
intel_idle: Disable IBRS during long idle
objtool: Update Retpoline validation
x86/xen: Rename SYS* entry points
x86/xen: Add UNTRAIN_RET
x86/bugs: Add retbleed=ibpb
x86/bugs: Do IBPB fallback check only once
objtool: Add entry UNRET validation
x86/cpu/amd: Add Spectral Chicken
x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n
x86/speculation: Fix firmware entry SPEC_CTRL handling
x86/speculation: Fix SPEC_CTRL write on SMT state change
x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit
x86/speculation: Remove x86_spec_ctrl_mask
objtool: Re-add UNWIND_HINT_{SAVE_RESTORE}
KVM: VMX: Flatten __vmx_vcpu_run()
KVM: VMX: Convert launched argument to flags
KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS
KVM: VMX: Fix IBRS handling after vmexit
x86/speculation: Fill RSB on vmexit for IBRS
x86/common: Stamp out the stepping madness
x86/cpu/amd: Enumerate BTC_NO
x86/retbleed: Add fine grained Kconfig knobs
x86/bugs: Add Cannon lake to RETBleed affected CPU list
x86/entry: Move PUSH_AND_CLEAR_REGS() back into error_entry
x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported
x86/kexec: Disable RET on kexec
x86/speculation: Disable RRSBA behavior
x86/static_call: Serialize __static_call_fixup() properly
x86/xen: Fix initialisation in hypercall_page after rethunk
x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit
x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current
efi/x86: use naked RET on mixed mode call wrapper
x86/kvm: fix FASTOP_SIZE when return thunks are enabled
KVM: emulate: do not adjust size of fastop and setcc subroutines
tools arch x86: Sync the msr-index.h copy with the kernel sources
tools headers cpufeatures: Sync with the kernel sources
x86/bugs: Remove apostrophe typo
um: Add missing apply_returns()
x86: Use -mindirect-branch-cs-prefix for RETPOLINE builds
Linux 5.15.57
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I7d0a3c3eb4be1e5401c2678fdb6229523486146f
|
||
Peter Zijlstra
|
fd17a42549 |
x86/bugs: Add retbleed=ibpb
commit 3ebc170068885b6fc7bedda6c667bb2c4d533159 upstream. jmp2ret mitigates the easy-to-attack case at relatively low overhead. It mitigates the long speculation windows after a mispredicted RET, but it does not mitigate the short speculation window from arbitrary instruction boundaries. On Zen2, there is a chicken bit which needs setting, which mitigates "arbitrary instruction boundaries" down to just "basic block boundaries". But there is no fix for the short speculation window on basic block boundaries, other than to flush the entire BTB to evict all attacker predictions. On the spectrum of "fast & blurry" -> "safe", there is (on top of STIBP or no-SMT): 1) Nothing System wide open 2) jmp2ret May stop a script kiddy 3) jmp2ret+chickenbit Raises the bar rather further 4) IBPB Only thing which can count as "safe". Tentative numbers put IBPB-on-entry at a 2.5x hit on Zen2, and a 10x hit on Zen1 according to lmbench. [ bp: Fixup feature bit comments, document option, 32-bit build fix. ] Suggested-by: Andrew Cooper <Andrew.Cooper3@citrix.com> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Signed-off-by: Borislav Petkov <bp@suse.de> Reviewed-by: Josh Poimboeuf <jpoimboe@kernel.org> Signed-off-by: Borislav Petkov <bp@suse.de> Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Pawan Gupta
|
347d0bf6b0 |
x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS
commit 7c693f54c873691a4b7da05c7e0f74e67745d144 upstream. Extend spectre_v2= boot option with Kernel IBRS. [jpoimboe: no STIBP with IBRS] Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Signed-off-by: Borislav Petkov <bp@suse.de> Reviewed-by: Josh Poimboeuf <jpoimboe@kernel.org> Signed-off-by: Borislav Petkov <bp@suse.de> Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Kim Phillips
|
b4e05ea71e |
x86/bugs: Enable STIBP for JMP2RET
commit e8ec1b6e08a2102d8755ccb06fa26d540f26a2fa upstream. For untrained return thunks to be fully effective, STIBP must be enabled or SMT disabled. Co-developed-by: Josh Poimboeuf <jpoimboe@redhat.com> Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com> Signed-off-by: Kim Phillips <kim.phillips@amd.com> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Signed-off-by: Borislav Petkov <bp@suse.de> Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Alexandre Chartre
|
89eba42632 |
x86/bugs: Add AMD retbleed= boot parameter
commit 7fbf47c7ce50b38a64576b150e7011ae73d54669 upstream. Add the "retbleed=<value>" boot parameter to select a mitigation for RETBleed. Possible values are "off", "auto" and "unret" (JMP2RET mitigation). The default value is "auto". Currently, "retbleed=auto" will select the unret mitigation on AMD and Hygon and no mitigation on Intel (JMP2RET is not effective on Intel). [peterz: rebase; add hygon] [jpoimboe: cleanups] Signed-off-by: Alexandre Chartre <alexandre.chartre@oracle.com> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Signed-off-by: Borislav Petkov <bp@suse.de> Reviewed-by: Josh Poimboeuf <jpoimboe@kernel.org> Signed-off-by: Borislav Petkov <bp@suse.de> Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Srinivasarao Pathipati
|
031e91e83d |
FROMLIST: arm64: perf: Make exporting of pmu events configurable
The PMU export bit (PMCR_EL0.X) is getting reset during pmu reset, Make is configurable using sysctls to enable/disable at runtime. It can also be enabled at early bootup with kernel arguments. Bug: 230559577 Change-Id: I35dcfeed23e64ec9493f9a15dbb43e9966108664 Link: https://lore.kernel.org/lkml/1653306574-20946-1-git-send-email-quic_c_spathi@quicinc.com/ Signed-off-by: Srinivasarao Pathipati <quic_spathi@quicinc.com> |
||
Rob Herring
|
0211bf43ce |
UPSTREAM: arm64: perf: Add userspace counter access disable switch
Like x86, some users may want to disable userspace PMU counter altogether. Add a sysctl 'perf_user_access' file to control userspace counter access. The default is '0' which is disabled. Writing '1' enables access. Note that x86 supports globally enabling user access by writing '2' to /sys/bus/event_source/devices/cpu/rdpmc. As there's not existing userspace support to worry about, this shouldn't be necessary for Arm. It could be added later if the need arises. Cc: Peter Zijlstra <peterz@infradead.org> Cc: Ingo Molnar <mingo@redhat.com> Cc: Arnaldo Carvalho de Melo <acme@kernel.org> Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com> Cc: Jiri Olsa <jolsa@redhat.com> Cc: Namhyung Kim <namhyung@kernel.org> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: linux-perf-users@vger.kernel.org Acked-by: Will Deacon <will@kernel.org> Reviewed-by: Mark Rutland <mark.rutland@arm.com> Signed-off-by: Rob Herring <robh@kernel.org> Link: https://lore.kernel.org/r/20211208201124.310740-4-robh@kernel.org Signed-off-by: Will Deacon <will@kernel.org> Bug: 230559577 (cherry picked from commit e2012600810c9ded81f6f63a8d04781be3c300ad) Change-Id: Iea14f96122992944e1d97b9f6f6f821d54c1def1 Signed-off-by: Srinivasarao Pathipati <quic_spathi@quicinc.com> |
||
|
Greg Kroah-Hartman
|
2e0e8a7b8c |
Merge 5.15.48 into android14-5.15
Changes in 5.15.48 Documentation: Add documentation for Processor MMIO Stale Data x86/speculation/mmio: Enumerate Processor MMIO Stale Data bug x86/speculation: Add a common function for MD_CLEAR mitigation update x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data x86/bugs: Group MDS, TAA & Processor MMIO Stale Data mitigations x86/speculation/mmio: Enable CPU Fill buffer clearing on idle x86/speculation/mmio: Add sysfs reporting for Processor MMIO Stale Data x86/speculation/srbds: Update SRBDS mitigation selection x86/speculation/mmio: Reuse SRBDS mitigation for SBDS KVM: x86/speculation: Disable Fill buffer clear within guests x86/speculation/mmio: Print SMT warning Linux 5.15.48 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Idb9b863febed6fc504dc04175d8ddf76acef3a6f |
||
|
Dom Cobley
|
a587b2ea44 | Merge remote-tracking branch 'stable/linux-5.15.y' into rpi-5.15.y | ||
|
Pawan Gupta
|
d74f4eb1dd |
x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data
commit 8cb861e9e3c9a55099ad3d08e1a3b653d29c33ca upstream
Processor MMIO Stale Data is a class of vulnerabilities that may
expose data after an MMIO operation. For details please refer to
Documentation/admin-guide/hw-vuln/processor_mmio_stale_data.rst.
These vulnerabilities are broadly categorized as:
Device Register Partial Write (DRPW):
Some endpoint MMIO registers incorrectly handle writes that are
smaller than the register size. Instead of aborting the write or only
copying the correct subset of bytes (for example, 2 bytes for a 2-byte
write), more bytes than specified by the write transaction may be
written to the register. On some processors, this may expose stale
data from the fill buffers of the core that created the write
transaction.
Shared Buffers Data Sampling (SBDS):
After propagators may have moved data around the uncore and copied
stale data into client core fill buffers, processors affected by MFBDS
can leak data from the fill buffer.
Shared Buffers Data Read (SBDR):
It is similar to Shared Buffer Data Sampling (SBDS) except that the
data is directly read into the architectural software-visible state.
An attacker can use these vulnerabilities to extract data from CPU fill
buffers using MDS and TAA methods. Mitigate it by clearing the CPU fill
buffers using the VERW instruction before returning to a user or a
guest.
On CPUs not affected by MDS and TAA, user application cannot sample data
from CPU fill buffers using MDS or TAA. A guest with MMIO access can
still use DRPW or SBDR to extract data architecturally. Mitigate it with
VERW instruction to clear fill buffers before VMENTER for MMIO capable
guests.
Add a kernel parameter mmio_stale_data={off|full|full,nosmt} to control
the mitigation.
Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Pawan Gupta
|
1fcc3d646f |
Documentation: Add documentation for Processor MMIO Stale Data
commit 4419470191386456e0b8ed4eb06a70b0021798a6 upstream Add the admin guide for Processor MMIO stale data vulnerabilities. Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com> Signed-off-by: Borislav Petkov <bp@suse.de> Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
28f0c67d40 |
Merge 5.15.44 into android14-5.15
Changes in 5.15.44
HID: amd_sfh: Add support for sensor discovery
KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID
ice: fix crash at allocation failure
ACPI: sysfs: Fix BERT error region memory mapping
MAINTAINERS: co-maintain random.c
MAINTAINERS: add git tree for random.c
lib/crypto: blake2s: include as built-in
lib/crypto: blake2s: move hmac construction into wireguard
lib/crypto: sha1: re-roll loops to reduce code size
lib/crypto: blake2s: avoid indirect calls to compression function for Clang CFI
random: document add_hwgenerator_randomness() with other input functions
random: remove unused irq_flags argument from add_interrupt_randomness()
random: use BLAKE2s instead of SHA1 in extraction
random: do not sign extend bytes for rotation when mixing
random: do not re-init if crng_reseed completes before primary init
random: mix bootloader randomness into pool
random: harmonize "crng init done" messages
random: use IS_ENABLED(CONFIG_NUMA) instead of ifdefs
random: early initialization of ChaCha constants
random: avoid superfluous call to RDRAND in CRNG extraction
random: don't reset crng_init_cnt on urandom_read()
random: fix typo in comments
random: cleanup poolinfo abstraction
random: cleanup integer types
random: remove incomplete last_data logic
random: remove unused extract_entropy() reserved argument
random: rather than entropy_store abstraction, use global
random: remove unused OUTPUT_POOL constants
random: de-duplicate INPUT_POOL constants
random: prepend remaining pool constants with POOL_
random: cleanup fractional entropy shift constants
random: access input_pool_data directly rather than through pointer
random: selectively clang-format where it makes sense
random: simplify arithmetic function flow in account()
random: continually use hwgenerator randomness
random: access primary_pool directly rather than through pointer
random: only call crng_finalize_init() for primary_crng
random: use computational hash for entropy extraction
random: simplify entropy debiting
random: use linear min-entropy accumulation crediting
random: always wake up entropy writers after extraction
random: make credit_entropy_bits() always safe
random: remove use_input_pool parameter from crng_reseed()
random: remove batched entropy locking
random: fix locking in crng_fast_load()
random: use RDSEED instead of RDRAND in entropy extraction
random: get rid of secondary crngs
random: inline leaves of rand_initialize()
random: ensure early RDSEED goes through mixer on init
random: do not xor RDRAND when writing into /dev/random
random: absorb fast pool into input pool after fast load
random: use simpler fast key erasure flow on per-cpu keys
random: use hash function for crng_slow_load()
random: make more consistent use of integer types
random: remove outdated INT_MAX >> 6 check in urandom_read()
random: zero buffer after reading entropy from userspace
random: fix locking for crng_init in crng_reseed()
random: tie batched entropy generation to base_crng generation
random: remove ifdef'd out interrupt bench
random: remove unused tracepoints
random: add proper SPDX header
random: deobfuscate irq u32/u64 contributions
random: introduce drain_entropy() helper to declutter crng_reseed()
random: remove useless header comment
random: remove whitespace and reorder includes
random: group initialization wait functions
random: group crng functions
random: group entropy extraction functions
random: group entropy collection functions
random: group userspace read/write functions
random: group sysctl functions
random: rewrite header introductory comment
random: defer fast pool mixing to worker
random: do not take pool spinlock at boot
random: unify early init crng load accounting
random: check for crng_init == 0 in add_device_randomness()
random: pull add_hwgenerator_randomness() declaration into random.h
random: clear fast pool, crng, and batches in cpuhp bring up
random: round-robin registers as ulong, not u32
random: only wake up writers after zap if threshold was passed
random: cleanup UUID handling
random: unify cycles_t and jiffies usage and types
random: do crng pre-init loading in worker rather than irq
random: give sysctl_random_min_urandom_seed a more sensible value
random: don't let 644 read-only sysctls be written to
random: replace custom notifier chain with standard one
random: use SipHash as interrupt entropy accumulator
random: make consistent usage of crng_ready()
random: reseed more often immediately after booting
random: check for signal and try earlier when generating entropy
random: skip fast_init if hwrng provides large chunk of entropy
random: treat bootloader trust toggle the same way as cpu trust toggle
random: re-add removed comment about get_random_{u32,u64} reseeding
random: mix build-time latent entropy into pool at init
random: do not split fast init input in add_hwgenerator_randomness()
random: do not allow user to keep crng key around on stack
random: check for signal_pending() outside of need_resched() check
random: check for signals every PAGE_SIZE chunk of /dev/[u]random
random: allow partial reads if later user copies fail
random: make random_get_entropy() return an unsigned long
random: document crng_fast_key_erasure() destination possibility
random: fix sysctl documentation nits
init: call time_init() before rand_initialize()
ia64: define get_cycles macro for arch-override
s390: define get_cycles macro for arch-override
parisc: define get_cycles macro for arch-override
alpha: define get_cycles macro for arch-override
powerpc: define get_cycles macro for arch-override
timekeeping: Add raw clock fallback for random_get_entropy()
m68k: use fallback for random_get_entropy() instead of zero
riscv: use fallback for random_get_entropy() instead of zero
mips: use fallback for random_get_entropy() instead of just c0 random
arm: use fallback for random_get_entropy() instead of zero
nios2: use fallback for random_get_entropy() instead of zero
x86/tsc: Use fallback for random_get_entropy() instead of zero
um: use fallback for random_get_entropy() instead of zero
sparc: use fallback for random_get_entropy() instead of zero
xtensa: use fallback for random_get_entropy() instead of zero
random: insist on random_get_entropy() existing in order to simplify
random: do not use batches when !crng_ready()
random: use first 128 bits of input as fast init
random: do not pretend to handle premature next security model
random: order timer entropy functions below interrupt functions
random: do not use input pool from hard IRQs
random: help compiler out with fast_mix() by using simpler arguments
siphash: use one source of truth for siphash permutations
random: use symbolic constants for crng_init states
random: avoid initializing twice in credit race
random: move initialization out of reseeding hot path
random: remove ratelimiting for in-kernel unseeded randomness
random: use proper jiffies comparison macro
random: handle latent entropy and command line from random_init()
random: credit architectural init the exact amount
random: use static branch for crng_ready()
random: remove extern from functions in header
random: use proper return types on get_random_{int,long}_wait()
random: make consistent use of buf and len
random: move initialization functions out of hot pages
random: move randomize_page() into mm where it belongs
random: unify batched entropy implementations
random: convert to using fops->read_iter()
random: convert to using fops->write_iter()
random: wire up fops->splice_{read,write}_iter()
random: check for signals after page of pool writes
ALSA: ctxfi: Add SB046x PCI ID
Linux 5.15.44
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I2d874cba14f13379fc5f874e72634c9179b28742
|
||
|
Dom Cobley
|
ea7fe1b21e | Merge remote-tracking branch 'stable/linux-5.15.y' into rpi-5.15.y | ||
Jason A. Donenfeld
|
2814a9e632 |
random: fix sysctl documentation nits
commit 069c4ea6871c18bd368f27756e0f91ffb524a788 upstream. A semicolon was missing, and the almost-alphabetical-but-not ordering was confusing, so regroup these by category instead. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Jason A. Donenfeld
|
25727cbbe9 |
random: treat bootloader trust toggle the same way as cpu trust toggle
commit d97c68d178fbf8aaaf21b69b446f2dfb13909316 upstream. If CONFIG_RANDOM_TRUST_CPU is set, the RNG initializes using RDRAND. But, the user can disable (or enable) this behavior by setting `random.trust_cpu=0/1` on the kernel command line. This allows system builders to do reasonable things while avoiding howls from tinfoil hatters. (Or vice versa.) CONFIG_RANDOM_TRUST_BOOTLOADER is basically the same thing, but regards the seed passed via EFI or device tree, which might come from RDRAND or a TPM or somewhere else. In order to allow distros to more easily enable this while avoiding those same howls (or vice versa), this commit adds the corresponding `random.trust_bootloader=0/1` toggle. Cc: Theodore Ts'o <tytso@mit.edu> Cc: Graham Christensen <graham@grahamc.com> Reviewed-by: Ard Biesheuvel <ardb@kernel.org> Reviewed-by: Dominik Brodowski <linux@dominikbrodowski.net> Link: https://github.com/NixOS/nixpkgs/pull/165355 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Jason A. Donenfeld
|
4509941f75 |
random: remove ifdef'd out interrupt bench
commit 95e6060c20a7f5db60163274c5222a725ac118f9 upstream. With tools like kbench9000 giving more finegrained responses, and this basically never having been used ever since it was initially added, let's just get rid of this. There *is* still work to be done on the interrupt handler, but this really isn't the way it's being developed. Cc: Theodore Ts'o <tytso@mit.edu> Reviewed-by: Eric Biggers <ebiggers@google.com> Reviewed-by: Dominik Brodowski <linux@dominikbrodowski.net> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |