1. 24 Feb, 2023 3 commits
  2. 23 Feb, 2023 13 commits
  3. 22 Feb, 2023 7 commits
    • Pavel Tikhomirov's avatar
      netfilter: x_tables: fix percpu counter block leak on error path when creating new netns · 0af8c09c
      Pavel Tikhomirov authored
      Here is the stack where we allocate percpu counter block:
      
        +-< __alloc_percpu
          +-< xt_percpu_counter_alloc
            +-< find_check_entry # {arp,ip,ip6}_tables.c
              +-< translate_table
      
      And it can be leaked on this code path:
      
        +-> ip6t_register_table
          +-> translate_table # allocates percpu counter block
          +-> xt_register_table # fails
      
      there is no freeing of the counter block on xt_register_table fail.
      Note: xt_percpu_counter_free should be called to free it like we do in
      do_replace through cleanup_entry helper (or in __ip6t_unregister_table).
      
      Probability of hitting this error path is low AFAICS (xt_register_table
      can only return ENOMEM here, as it is not replacing anything, as we are
      creating new netns, and it is hard to imagine that all previous
      allocations succeeded and after that one in xt_register_table failed).
      But it's worth fixing even the rare leak.
      
      Fixes: 71ae0dff ("netfilter: xtables: use percpu rule counters")
      Signed-off-by: default avatarPavel Tikhomirov <ptikhomirov@virtuozzo.com>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      0af8c09c
    • Linus Torvalds's avatar
      Merge tag 'net-next-6.3' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next · 5b7c4cab
      Linus Torvalds authored
      Pull networking updates from Jakub Kicinski:
       "Core:
      
         - Add dedicated kmem_cache for typical/small skb->head, avoid having
           to access struct page at kfree time, and improve memory use.
      
         - Introduce sysctl to set default RPS configuration for new netdevs.
      
         - Define Netlink protocol specification format which can be used to
           describe messages used by each family and auto-generate parsers.
           Add tools for generating kernel data structures and uAPI headers.
      
         - Expose all net/core sysctls inside netns.
      
         - Remove 4s sleep in netpoll if carrier is instantly detected on
           boot.
      
         - Add configurable limit of MDB entries per port, and port-vlan.
      
         - Continue populating drop reasons throughout the stack.
      
         - Retire a handful of legacy Qdiscs and classifiers.
      
        Protocols:
      
         - Support IPv4 big TCP (TSO frames larger than 64kB).
      
         - Add IP_LOCAL_PORT_RANGE socket option, to control local port range
           on socket by socket basis.
      
         - Track and report in procfs number of MPTCP sockets used.
      
         - Support mixing IPv4 and IPv6 flows in the in-kernel MPTCP path
           manager.
      
         - IPv6: don't check net.ipv6.route.max_size and rely on garbage
           collection to free memory (similarly to IPv4).
      
         - Support Penultimate Segment Pop (PSP) flavor in SRv6 (RFC8986).
      
         - ICMP: add per-rate limit counters.
      
         - Add support for user scanning requests in ieee802154.
      
         - Remove static WEP support.
      
         - Support minimal Wi-Fi 7 Extremely High Throughput (EHT) rate
           reporting.
      
         - WiFi 7 EHT channel puncturing support (client & AP).
      
        BPF:
      
         - Add a rbtree data structure following the "next-gen data structure"
           precedent set by recently added linked list, that is, by using
           kfunc + kptr instead of adding a new BPF map type.
      
         - Expose XDP hints via kfuncs with initial support for RX hash and
           timestamp metadata.
      
         - Add BPF_F_NO_TUNNEL_KEY extension to bpf_skb_set_tunnel_key to
           better support decap on GRE tunnel devices not operating in collect
           metadata.
      
         - Improve x86 JIT's codegen for PROBE_MEM runtime error checks.
      
         - Remove the need for trace_printk_lock for bpf_trace_printk and
           bpf_trace_vprintk helpers.
      
         - Extend libbpf's bpf_tracing.h support for tracing arguments of
           kprobes/uprobes and syscall as a special case.
      
         - Significantly reduce the search time for module symbols by
           livepatch and BPF.
      
         - Enable cpumasks to be used as kptrs, which is useful for tracing
           programs tracking which tasks end up running on which CPUs in
           different time intervals.
      
         - Add support for BPF trampoline on s390x and riscv64.
      
         - Add capability to export the XDP features supported by the NIC.
      
         - Add __bpf_kfunc tag for marking kernel functions as kfuncs.
      
         - Add cgroup.memory=nobpf kernel parameter option to disable BPF
           memory accounting for container environments.
      
        Netfilter:
      
         - Remove the CLUSTERIP target. It has been marked as obsolete for
           years, and we still have WARN splats wrt races of the out-of-band
           /proc interface installed by this target.
      
         - Add 'destroy' commands to nf_tables. They are identical to the
           existing 'delete' commands, but do not return an error if the
           referenced object (set, chain, rule...) did not exist.
      
        Driver API:
      
         - Improve cpumask_local_spread() locality to help NICs set the right
           IRQ affinity on AMD platforms.
      
         - Separate C22 and C45 MDIO bus transactions more clearly.
      
         - Introduce new DCB table to control DSCP rewrite on egress.
      
         - Support configuration of Physical Layer Collision Avoidance (PLCA)
           Reconciliation Sublayer (RS) (802.3cg-2019). Modern version of
           shared medium Ethernet.
      
         - Support for MAC Merge layer (IEEE 802.3-2018 clause 99). Allowing
           preemption of low priority frames by high priority frames.
      
         - Add support for controlling MACSec offload using netlink SET.
      
         - Rework devlink instance refcounts to allow registration and
           de-registration under the instance lock. Split the code into
           multiple files, drop some of the unnecessarily granular locks and
           factor out common parts of netlink operation handling.
      
         - Add TX frame aggregation parameters (for USB drivers).
      
         - Add a new attr TCA_EXT_WARN_MSG to report TC (offload) warning
           messages with notifications for debug.
      
         - Allow offloading of UDP NEW connections via act_ct.
      
         - Add support for per action HW stats in TC.
      
         - Support hardware miss to TC action (continue processing in SW from
           a specific point in the action chain).
      
         - Warn if old Wireless Extension user space interface is used with
           modern cfg80211/mac80211 drivers. Do not support Wireless
           Extensions for Wi-Fi 7 devices at all. Everyone should switch to
           using nl80211 interface instead.
      
         - Improve the CAN bit timing configuration. Use extack to return
           error messages directly to user space, update the SJW handling,
           including the definition of a new default value that will benefit
           CAN-FD controllers, by increasing their oscillator tolerance.
      
        New hardware / drivers:
      
         - Ethernet:
            - nVidia BlueField-3 support (control traffic driver)
            - Ethernet support for imx93 SoCs
            - Motorcomm yt8531 gigabit Ethernet PHY
            - onsemi NCN26000 10BASE-T1S PHY (with support for PLCA)
            - Microchip LAN8841 PHY (incl. cable diagnostics and PTP)
            - Amlogic gxl MDIO mux
      
         - WiFi:
            - RealTek RTL8188EU (rtl8xxxu)
            - Qualcomm Wi-Fi 7 devices (ath12k)
      
         - CAN:
            - Renesas R-Car V4H
      
        Drivers:
      
         - Bluetooth:
            - Set Per Platform Antenna Gain (PPAG) for Intel controllers.
      
         - Ethernet NICs:
            - Intel (1G, igc):
               - support TSN / Qbv / packet scheduling features of i226 model
            - Intel (100G, ice):
               - use GNSS subsystem instead of TTY
               - multi-buffer XDP support
               - extend support for GPIO pins to E823 devices
            - nVidia/Mellanox:
               - update the shared buffer configuration on PFC commands
               - implement PTP adjphase function for HW offset control
               - TC support for Geneve and GRE with VF tunnel offload
               - more efficient crypto key management method
               - multi-port eswitch support
            - Netronome/Corigine:
               - add DCB IEEE support
               - support IPsec offloading for NFP3800
            - Freescale/NXP (enetc):
               - support XDP_REDIRECT for XDP non-linear buffers
               - improve reconfig, avoid link flap and waiting for idle
               - support MAC Merge layer
            - Other NICs:
               - sfc/ef100: add basic devlink support for ef100
               - ionic: rx_push mode operation (writing descriptors via MMIO)
               - bnxt: use the auxiliary bus abstraction for RDMA
               - r8169: disable ASPM and reset bus in case of tx timeout
               - cpsw: support QSGMII mode for J721e CPSW9G
               - cpts: support pulse-per-second output
               - ngbe: add an mdio bus driver
               - usbnet: optimize usbnet_bh() by avoiding unnecessary queuing
               - r8152: handle devices with FW with NCM support
               - amd-xgbe: support 10Mbps, 2.5GbE speeds and rx-adaptation
               - virtio-net: support multi buffer XDP
               - virtio/vsock: replace virtio_vsock_pkt with sk_buff
               - tsnep: XDP support
      
         - Ethernet high-speed switches:
            - nVidia/Mellanox (mlxsw):
               - add support for latency TLV (in FW control messages)
            - Microchip (sparx5):
               - separate explicit and implicit traffic forwarding rules, make
                 the implicit rules always active
               - add support for egress DSCP rewrite
               - IS0 VCAP support (Ingress Classification)
               - IS2 VCAP filters (protos, L3 addrs, L4 ports, flags, ToS
                 etc.)
               - ES2 VCAP support (Egress Access Control)
               - support for Per-Stream Filtering and Policing (802.1Q,
                 8.6.5.1)
      
         - Ethernet embedded switches:
            - Marvell (mv88e6xxx):
               - add MAB (port auth) offload support
               - enable PTP receive for mv88e6390
            - NXP (ocelot):
               - support MAC Merge layer
               - support for the the vsc7512 internal copper phys
            - Microchip:
               - lan9303: convert to PHYLINK
               - lan966x: support TC flower filter statistics
               - lan937x: PTP support for KSZ9563/KSZ8563 and LAN937x
               - lan937x: support Credit Based Shaper configuration
               - ksz9477: support Energy Efficient Ethernet
            - other:
               - qca8k: convert to regmap read/write API, use bulk operations
               - rswitch: Improve TX timestamp accuracy
      
         - Intel WiFi (iwlwifi):
            - EHT (Wi-Fi 7) rate reporting
            - STEP equalizer support: transfer some STEP (connection to radio
              on platforms with integrated wifi) related parameters from the
              BIOS to the firmware.
      
         - Qualcomm 802.11ax WiFi (ath11k):
            - IPQ5018 support
            - Fine Timing Measurement (FTM) responder role support
            - channel 177 support
      
         - MediaTek WiFi (mt76):
            - per-PHY LED support
            - mt7996: EHT (Wi-Fi 7) support
            - Wireless Ethernet Dispatch (WED) reset support
            - switch to using page pool allocator
      
         - RealTek WiFi (rtw89):
            - support new version of Bluetooth co-existance
      
         - Mobile:
            - rmnet: support TX aggregation"
      
      * tag 'net-next-6.3' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next: (1872 commits)
        page_pool: add a comment explaining the fragment counter usage
        net: ethtool: fix __ethtool_dev_mm_supported() implementation
        ethtool: pse-pd: Fix double word in comments
        xsk: add linux/vmalloc.h to xsk.c
        sefltests: netdevsim: wait for devlink instance after netns removal
        selftest: fib_tests: Always cleanup before exit
        net/mlx5e: Align IPsec ASO result memory to be as required by hardware
        net/mlx5e: TC, Set CT miss to the specific ct action instance
        net/mlx5e: Rename CHAIN_TO_REG to MAPPED_OBJ_TO_REG
        net/mlx5: Refactor tc miss handling to a single function
        net/mlx5: Kconfig: Make tc offload depend on tc skb extension
        net/sched: flower: Support hardware miss to tc action
        net/sched: flower: Move filter handle initialization earlier
        net/sched: cls_api: Support hardware miss to tc action
        net/sched: Rename user cookie and act cookie
        sfc: fix builds without CONFIG_RTC_LIB
        sfc: clean up some inconsistent indentings
        net/mlx4_en: Introduce flexible array to silence overflow warning
        net: lan966x: Fix possible deadlock inside PTP
        net/ulp: Remove redundant ->clone() test in inet_clone_ulp().
        ...
      5b7c4cab
    • Linus Torvalds's avatar
      Merge tag 'v6.3-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 · 36289a03
      Linus Torvalds authored
      Pull crypto update from Herbert Xu:
       "API:
         - Use kmap_local instead of kmap_atomic
         - Change request callback to take void pointer
         - Print FIPS status in /proc/crypto (when enabled)
      
        Algorithms:
         - Add rfc4106/gcm support on arm64
         - Add ARIA AVX2/512 support on x86
      
        Drivers:
         - Add TRNG driver for StarFive SoC
         - Delete ux500/hash driver (subsumed by stm32/hash)
         - Add zlib support in qat
         - Add RSA support in aspeed"
      
      * tag 'v6.3-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (156 commits)
        crypto: x86/aria-avx - Do not use avx2 instructions
        crypto: aspeed - Fix modular aspeed-acry
        crypto: hisilicon/qm - fix coding style issues
        crypto: hisilicon/qm - update comments to match function
        crypto: hisilicon/qm - change function names
        crypto: hisilicon/qm - use min() instead of min_t()
        crypto: hisilicon/qm - remove some unused defines
        crypto: proc - Print fips status
        crypto: crypto4xx - Call dma_unmap_page when done
        crypto: octeontx2 - Fix objects shared between several modules
        crypto: nx - Fix sparse warnings
        crypto: ecc - Silence sparse warning
        tls: Pass rec instead of aead_req into tls_encrypt_done
        crypto: api - Remove completion function scaffolding
        tls: Remove completion function scaffolding
        tipc: Remove completion function scaffolding
        net: ipv6: Remove completion function scaffolding
        net: ipv4: Remove completion function scaffolding
        net: macsec: Remove completion function scaffolding
        dm: Remove completion function scaffolding
        ...
      36289a03
    • Linus Torvalds's avatar
      Merge tag 'platform-drivers-x86-v6.3-1' of... · 69308402
      Linus Torvalds authored
      Merge tag 'platform-drivers-x86-v6.3-1' of git://git.kernel.org/pub/scm/linux/kernel/git/pdx86/platform-drivers-x86
      
      Pull x86 platform driver updates from Hans de Goede:
      
       - AMD PMC: Improvements to aid s2idle debugging
      
       - Dell WMI-DDV: hwmon support
      
       - INT3472 camera sensor power-management: Improve privacy LED support
      
       - Intel VSEC: Base TPMI (Topology Aware Register and PM Capsule
         Interface) support
      
       - Mellanox: SN5600 and Nvidia L1 switch support
      
       - Microsoft Surface Support: Various cleanups + code improvements
      
       - tools/intel-speed-select: Various improvements
      
       - Miscellaneous other cleanups / fixes
      
      * tag 'platform-drivers-x86-v6.3-1' of git://git.kernel.org/pub/scm/linux/kernel/git/pdx86/platform-drivers-x86: (80 commits)
        platform/x86: nvidia-wmi-ec-backlight: Add force module parameter
        platform/x86/amd/pmf: Add depends on CONFIG_POWER_SUPPLY
        platform/x86: dell-ddv: Prefer asynchronous probing
        platform/x86: dell-ddv: Add hwmon support
        Documentation/ABI: Add new attribute for mlxreg-io sysfs interfaces
        platform: mellanox: mlx-platform: Move bus shift assignment out of the loop
        platform: mellanox: mlx-platform: Add mux selection register to regmap
        platform_data/mlxreg: Add field with mapped resource address
        platform/mellanox: mlxreg-hotplug: Allow more flexible hotplug events configuration
        platform: mellanox: Extend all systems with I2C notification callback
        platform: mellanox: Split logic in init and exit flow
        platform: mellanox: Split initialization procedure
        platform: mellanox: Introduce support of new Nvidia L1 switch
        platform: mellanox: Introduce support for next-generation 800GB/s switch
        platform: mellanox: Cosmetic changes - rename to more common name
        platform: mellanox: Change "reset_pwr_converter_fail" attribute
        platform: mellanox: Introduce support for rack manager switch
        MAINTAINERS: dell-wmi-sysman: drop Divya Bharathi
        x86/platform/uv: Make kobj_type structure constant
        platform/x86: think-lmi: Make kobj_type structure constant
        ...
      69308402
    • Linus Torvalds's avatar
      Merge tag 'tag-chrome-platform-for-v6.3' of... · 5f5ce6bc
      Linus Torvalds authored
      Merge tag 'tag-chrome-platform-for-v6.3' of git://git.kernel.org/pub/scm/linux/kernel/git/chrome-platform/linux
      
      Pull chrome platform updates from Tzung-Bi Shih:
       "New drivers:
         - cros_ec_uart for ChromeOS EC protocol over UART
         - cros_typec_vdm for USB PD Vendor Defined Message
      
        Improvements:
         - Preserve logs as much as possible when EC panics
         - Shutdown to refrain from potential HW damages when EC panics
      
        Fixes:
         - Fix DP_PORT_VDO to include DP_CAP_RECEPTACLE
         - Fix a lockdep false positive
      
        Cleanups:
         - Use sysfs_emit*() instead of scnprintf()
         - Use asm instead of asm-generic for unaligned.h
      
        Misc:
         - Rename module name from cros_ec_typec to cros-ec-typec
         - Minor fixes"
      
      * tag 'tag-chrome-platform-for-v6.3' of git://git.kernel.org/pub/scm/linux/kernel/git/chrome-platform/linux: (34 commits)
        platform/chrome: cros_ec_typec: Fix spelling mistake
        platform/chrome: cros_typec_vdm: Add Attention support
        platform/chrome: cros_ec: Add VDM attention headers
        platform/chrome: cros_typec_vdm: Fix VDO copy
        platform/chrome: cros_ec_typec: allow deferred probe of switch handles
        platform/chrome: cros_ec_proto: remove big stub objects from stack
        platform/chrome: cros_ec_uart: fix negative type promoted to high
        platform/chrome: cros_ec: Use per-device lockdep key
        platform/chrome: fix kernel-doc warnings for cros_ec_command
        platform/chrome: fix kernel-doc warning for last_resume_result
        platform/chrome: fix kernel-doc warning for suspend_timeout_ms
        platform/chrome: fix kernel-doc warnings for panic notifier
        platform/chrome: cros_ec_lpc: initialize the buf variable
        platform/chrome: cros_ec: Fix panic notifier registration
        platform/chrome: cros_typec_switch: Check for retimer flag
        platform/chrome: cros_typec_switch: Use fwnode* prop check
        platform/chrome: cros_typec_vdm: Add VDM send support
        platform/chrome: cros_typec_vdm: Add VDM reply support
        platform/chrome: cros_ec_typec: Add initial VDM support
        platform/chrome: cros_ec_typec: Alter module name with hyphens
        ...
      5f5ce6bc
    • Linus Torvalds's avatar
      Merge tag 'for-linus-6.3-rc1-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip · 239451e9
      Linus Torvalds authored
      Pull xen updates from Juergen Gross:
      
       - help deprecate the /proc/xen files by making the related information
         available via sysfs
      
       - mark the Xen variants of play_dead "noreturn"
      
       - support a shared Xen platform interrupt
      
       - several small cleanups and fixes
      
      * tag 'for-linus-6.3-rc1-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip:
        xen: sysfs: make kobj_type structure constant
        x86/Xen: drop leftover VM-assist uses
        xen: Replace one-element array with flexible-array member
        xen/grant-dma-iommu: Implement a dummy probe_device() callback
        xen/pvcalls-back: fix permanently masked event channel
        xen: Allow platform PCI interrupt to be shared
        x86/xen/time: prefer tsc as clocksource when it is invariant
        x86/xen: mark xen_pv_play_dead() as __noreturn
        x86/xen: don't let xen_pv_play_dead() return
        drivers/xen/hypervisor: Expose Xen SIF flags to userspace
      239451e9
    • Linus Torvalds's avatar
      Merge tag 'hyperv-next-signed-20230220' of... · b8878e5a
      Linus Torvalds authored
      Merge tag 'hyperv-next-signed-20230220' of git://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux
      
      Pull hyperv updates from Wei Liu:
      
       - allow Linux to run as the nested root partition for Microsoft
         Hypervisor (Jinank Jain and Nuno Das Neves)
      
       - clean up the return type of callback functions (Dawei Li)
      
      * tag 'hyperv-next-signed-20230220' of git://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux:
        x86/hyperv: Fix hv_get/set_register for nested bringup
        Drivers: hv: Make remove callback of hyperv driver void returned
        Drivers: hv: Enable vmbus driver for nested root partition
        x86/hyperv: Add an interface to do nested hypercalls
        Drivers: hv: Setup synic registers in case of nested root partition
        x86/hyperv: Add support for detecting nested hypervisor
      b8878e5a
  4. 21 Feb, 2023 17 commits
    • Florian Westphal's avatar
      netfilter: ctnetlink: make event listener tracking global · fdf64911
      Florian Westphal authored
      pernet tracking doesn't work correctly because other netns might have
      set NETLINK_LISTEN_ALL_NSID on its event socket.
      
      In this case its expected that events originating in other net
      namespaces are also received.
      
      Making pernet-tracking work while also honoring NETLINK_LISTEN_ALL_NSID
      requires much more intrusive changes both in netlink and nfnetlink,
      f.e. adding a 'setsockopt' callback that lets nfnetlink know that the
      event socket entered (or left) ALL_NSID mode.
      
      Move to global tracking instead: if there is an event socket anywhere
      on the system, all net namespaces which have conntrack enabled and
      use autobind mode will allocate the ecache extension.
      
      netlink_has_listeners() returns false only if the given group has no
      subscribers in any net namespace, the 'net' argument passed to
      nfnetlink_has_listeners is only used to derive the protocol (nfnetlink),
      it has no other effect.
      
      For proper NETLINK_LISTEN_ALL_NSID-aware pernet tracking of event
      listeners a new netlink_has_net_listeners() is also needed.
      
      Fixes: 90d1daa4 ("netfilter: conntrack: add nf_conntrack_events autodetect mode")
      Reported-by: default avatarBryce Kahle <bryce.kahle@datadoghq.com>
      Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      fdf64911
    • Xin Long's avatar
      netfilter: xt_length: use skb len to match in length_mt6 · 05c07c0c
      Xin Long authored
      For IPv6 Jumbo packets, the ipv6_hdr(skb)->payload_len is always 0,
      and its real payload_len ( > 65535) is saved in hbh exthdr. With 0
      length for the jumbo packets, it may mismatch.
      
      To fix this, we can just use skb->len instead of parsing exthdrs, as
      the hbh exthdr parsing has been done before coming to length_mt6 in
      ip6_rcv_core() and br_validate_ipv6() and also the packet has been
      trimmed according to the correct IPv6 (ext)hdr length there, and skb
      len is trustable in length_mt6().
      
      Note that this patch is especially needed after the IPv6 BIG TCP was
      supported in kernel, which is using IPv6 Jumbo packets. Besides, to
      match the packets greater than 65535 more properly, a v1 revision of
      xt_length may be needed to extend "min, max" to u32 in the future,
      and for now the IPv6 Jumbo packets can be matched by:
      
        # ip6tables -m length ! --length 0:65535
      
      Fixes: 7c4e983c ("net: allow gso_max_size to exceed 65536")
      Fixes: 0fe79f28 ("net: allow gro_max_size to exceed 65536")
      Signed-off-by: default avatarXin Long <lucien.xin@gmail.com>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      05c07c0c
    • Linus Torvalds's avatar
      Merge tag 'arm64-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux · 8bf1a529
      Linus Torvalds authored
      Pull arm64 updates from Catalin Marinas:
      
       - Support for arm64 SME 2 and 2.1. SME2 introduces a new 512-bit
         architectural register (ZT0, for the look-up table feature) that
         Linux needs to save/restore
      
       - Include TPIDR2 in the signal context and add the corresponding
         kselftests
      
       - Perf updates: Arm SPEv1.2 support, HiSilicon uncore PMU updates, ACPI
         support to the Marvell DDR and TAD PMU drivers, reset DTM_PMU_CONFIG
         (ARM CMN) at probe time
      
       - Support for DYNAMIC_FTRACE_WITH_CALL_OPS on arm64
      
       - Permit EFI boot with MMU and caches on. Instead of cleaning the
         entire loaded kernel image to the PoC and disabling the MMU and
         caches before branching to the kernel bare metal entry point, leave
         the MMU and caches enabled and rely on EFI's cacheable 1:1 mapping of
         all of system RAM to populate the initial page tables
      
       - Expose the AArch32 (compat) ELF_HWCAP features to user in an arm64
         kernel (the arm32 kernel only defines the values)
      
       - Harden the arm64 shadow call stack pointer handling: stash the shadow
         stack pointer in the task struct on interrupt, load it directly from
         this structure
      
       - Signal handling cleanups to remove redundant validation of size
         information and avoid reading the same data from userspace twice
      
       - Refactor the hwcap macros to make use of the automatically generated
         ID registers. It should make new hwcaps writing less error prone
      
       - Further arm64 sysreg conversion and some fixes
      
       - arm64 kselftest fixes and improvements
      
       - Pointer authentication cleanups: don't sign leaf functions, unify
         asm-arch manipulation
      
       - Pseudo-NMI code generation optimisations
      
       - Minor fixes for SME and TPIDR2 handling
      
       - Miscellaneous updates: ARCH_FORCE_MAX_ORDER is now selectable,
         replace strtobool() to kstrtobool() in the cpufeature.c code, apply
         dynamic shadow call stack in two passes, intercept pfn changes in
         set_pte_at() without the required break-before-make sequence, attempt
         to dump all instructions on unhandled kernel faults
      
      * tag 'arm64-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux: (130 commits)
        arm64: fix .idmap.text assertion for large kernels
        kselftest/arm64: Don't require FA64 for streaming SVE+ZA tests
        kselftest/arm64: Copy whole EXTRA context
        arm64: kprobes: Drop ID map text from kprobes blacklist
        perf: arm_spe: Print the version of SPE detected
        perf: arm_spe: Add support for SPEv1.2 inverted event filtering
        perf: Add perf_event_attr::config3
        arm64/sme: Fix __finalise_el2 SMEver check
        drivers/perf: fsl_imx8_ddr_perf: Remove set-but-not-used variable
        arm64/signal: Only read new data when parsing the ZT context
        arm64/signal: Only read new data when parsing the ZA context
        arm64/signal: Only read new data when parsing the SVE context
        arm64/signal: Avoid rereading context frame sizes
        arm64/signal: Make interface for restore_fpsimd_context() consistent
        arm64/signal: Remove redundant size validation from parse_user_sigframe()
        arm64/signal: Don't redundantly verify FPSIMD magic
        arm64/cpufeature: Use helper macros to specify hwcaps
        arm64/cpufeature: Always use symbolic name for feature value in hwcaps
        arm64/sysreg: Initial unsigned annotations for ID registers
        arm64/sysreg: Initial annotation of signed ID registers
        ...
      8bf1a529
    • Florian Westphal's avatar
      netfilter: ebtables: fix table blob use-after-free · e58a171d
      Florian Westphal authored
      We are not allowed to return an error at this point.
      Looking at the code it looks like ret is always 0 at this
      point, but its not.
      
      t = find_table_lock(net, repl->name, &ret, &ebt_mutex);
      
      ... this can return a valid table, with ret != 0.
      
      This bug causes update of table->private with the new
      blob, but then frees the blob right away in the caller.
      
      Syzbot report:
      
      BUG: KASAN: vmalloc-out-of-bounds in __ebt_unregister_table+0xc00/0xcd0 net/bridge/netfilter/ebtables.c:1168
      Read of size 4 at addr ffffc90005425000 by task kworker/u4:4/74
      Workqueue: netns cleanup_net
      Call Trace:
       kasan_report+0xbf/0x1f0 mm/kasan/report.c:517
       __ebt_unregister_table+0xc00/0xcd0 net/bridge/netfilter/ebtables.c:1168
       ebt_unregister_table+0x35/0x40 net/bridge/netfilter/ebtables.c:1372
       ops_exit_list+0xb0/0x170 net/core/net_namespace.c:169
       cleanup_net+0x4ee/0xb10 net/core/net_namespace.c:613
      ...
      
      ip(6)tables appears to be ok (ret should be 0 at this point) but make
      this more obvious.
      
      Fixes: c58dd2dd ("netfilter: Can't fail and free after table replacement")
      Reported-by: syzbot+f61594de72d6705aea03@syzkaller.appspotmail.com
      Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      e58a171d
    • Phil Sutter's avatar
      netfilter: ip6t_rpfilter: Fix regression with VRF interfaces · efb056e5
      Phil Sutter authored
      When calling ip6_route_lookup() for the packet arriving on the VRF
      interface, the result is always the real (slave) interface. Expect this
      when validating the result.
      
      Fixes: acc641ab ("netfilter: rpfilter/fib: Populate flowic_l3mdev field")
      Signed-off-by: default avatarPhil Sutter <phil@nwl.cc>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      efb056e5
    • Linus Torvalds's avatar
      Merge tag 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-arm · b327dfe0
      Linus Torvalds authored
      Pull ARM udpates from Russell King:
      
       - Improve Kconfig help text for Cortex A8 and Cortex A9 errata
      
       - Kconfig spelling and grammar fixes
      
       - Allow kernel-mode VFP/Neon in softirq context
      
       - Use Neon in softirq context
      
       - Implement AES-CTR/GHASH version of GCM
      
      * tag 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-arm:
        ARM: 9289/1: Allow pre-ARMv5 builds with ld.lld 16.0.0 and newer
        ARM: 9288/1: Kconfigs: fix spelling & grammar
        ARM: 9286/1: crypto: Implement fused AES-CTR/GHASH version of GCM
        ARM: 9285/1: remove meaningless arch/arm/mach-rda/Makefile
        ARM: 9283/1: permit non-nested kernel mode NEON in softirq context
        ARM: 9282/1: vfp: Manipulate task VFP state with softirqs disabled
        ARM: 9281/1: improve Cortex A8/A9 errata help text
      b327dfe0
    • Florian Westphal's avatar
      netfilter: conntrack: fix rmmod double-free race · e6d57e9f
      Florian Westphal authored
      nf_conntrack_hash_check_insert() callers free the ct entry directly, via
      nf_conntrack_free.
      
      This isn't safe anymore because
      nf_conntrack_hash_check_insert() might place the entry into the conntrack
      table and then delteted the entry again because it found that a conntrack
      extension has been removed at the same time.
      
      In this case, the just-added entry is removed again and an error is
      returned to the caller.
      
      Problem is that another cpu might have picked up this entry and
      incremented its reference count.
      
      This results in a use-after-free/double-free, once by the other cpu and
      once by the caller of nf_conntrack_hash_check_insert().
      
      Fix this by making nf_conntrack_hash_check_insert() not fail anymore
      after the insertion, just like before the 'Fixes' commit.
      
      This is safe because a racing nf_ct_iterate() has to wait for us
      to release the conntrack hash spinlocks.
      
      While at it, make the function return -EAGAIN in the rmmod (genid
      changed) case, this makes nfnetlink replay the command (suggested
      by Pablo Neira).
      
      Fixes: c56716c6 ("netfilter: extensions: introduce extension genid count")
      Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      e6d57e9f
    • Linus Torvalds's avatar
      Merge tag 'm68k-for-v6.3-tag1' of git://git.kernel.org/pub/scm/linux/kernel/git/geert/linux-m68k · eb6d5bbe
      Linus Torvalds authored
      Pull m68k updates from Geert Uytterhoeven:
      
       - Add seccomp support
      
       - defconfig updates
      
       - Miscellaneous fixes and improvements
      
      * tag 'm68k-for-v6.3-tag1' of git://git.kernel.org/pub/scm/linux/kernel/git/geert/linux-m68k:
        m68k: /proc/hardware should depend on PROC_FS
        selftests/seccomp: Add m68k support
        m68k: Add kernel seccomp support
        m68k: Check syscall_trace_enter() return code
        m68k: defconfig: Update defconfigs for v6.2-rc3
        m68k: q40: Do not initialise statics to 0
      eb6d5bbe
    • Linus Torvalds's avatar
      Merge tag 's390-6.3-1' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux · bcf5470e
      Linus Torvalds authored
      Pull s390 updates from Heiko Carstens:
      
       - Large cleanup of the con3270/tty3270 driver. Among others this fixes:
           - Background Color Support
           - ASCII Line Character Support
           - VT100 Support
           - Geometries other than 80x24
      
       - Cleanup and improve cmpxchg() code. Also add cmpxchg_user_key() to
         uaccess functions, which will be used by KVM to access KVM guest
         memory with a specific storage key
      
       - Add support for user space events counting to CPUMF
      
       - Cleanup the vfio/ccw code, which also allows now to properly support
         2K Format-2 IDALs
      
       - Move kernel page table allocation and initialization to decompressor,
         which finally allows to enter the kernel with dynamic address
         translation enabled. This in turn allows to get rid of code with
         special handling in the kernel, which has to distinguish if DAT is on
         or off
      
       - Replace kretprobe with rethook
      
       - Various improvements to vfio/ap queue resets:
           - Use TAPQ to verify completion of a reset in progress rather than
             multiple invocations of ZAPQ.
           - Check TAPQ response codes when verifying successful completion of
             ZAPQ.
           - Fix erroneous handling of some error response codes.
           - Increase the maximum amount of time to wait for successful
             completion of ZAPQ
      
       - Rework system call wrappers to get rid of alias functions, which were
         only left on s390
      
       - Cleanup diag288_wdt watchdog driver. It has been agreed on with
         Guenter Roeck that this goes upstream via the s390 tree
      
       - Add missing loadparm parameter handling for list-directed ECKD
         ipl/reipl
      
       - Various improvements to memory detection code
      
       - Remove arch_cpu_idle_time() since the current implementation is
         broken, and allows user space observable accounted idle times which
         can temporarily decrease
      
       - Add Reset DAT-Protection support: (only) allow to change PTEs from RO
         to RW with a new RDP instruction. Unlike the currently used IPTE
         instruction, this does not necessarily guarantee that TLBs of all
         CPUs are synchronously flushed; and that remote CPUs can see spurious
         protection faults. The overall improvement for not requiring an all
         CPU synchronization, like it is required with IPTE, should be
         beneficial
      
       - Fix KFENCE page fault reporting
      
       - Smaller cleanups and improvement all over the place
      
      * tag 's390-6.3-1' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux: (182 commits)
        s390/irq,idle: simplify idle check
        s390/processor: add test_and_set_cpu_flag() and test_and_clear_cpu_flag()
        s390/processor: let cpu helper functions return boolean values
        s390/kfence: fix page fault reporting
        s390/zcrypt: introduce ctfm field in struct CPRBX
        s390: remove confusing comment from uapi types header file
        vfio/ccw: remove WARN_ON during shutdown
        s390/entry: remove toolchain dependent micro-optimization
        s390/mem_detect: do not truncate online memory ranges info
        s390/vx: remove __uint128_t type from __vector128 struct again
        s390/mm: add support for RDP (Reset DAT-Protection)
        s390/mm: define private VM_FAULT_* reasons from top bits
        Documentation: s390: correct spelling
        s390/ap: fix status returned by ap_qact()
        s390/ap: fix status returned by ap_aqic()
        s390: vfio-ap: tighten the NIB validity check
        Revert "s390/mem_detect: do not update output parameters on failure"
        s390/idle: remove arch_cpu_idle_time() and corresponding code
        s390/vx: use simple assignments to access __vector128 members
        s390/vx: add 64 and 128 bit members to __vector128 struct
        ...
      bcf5470e
    • Hangyu Hua's avatar
      netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() · ac489398
      Hangyu Hua authored
      nf_ct_put() needs to be called to put the refcount got by
      nf_conntrack_find_get() to avoid refcount leak when
      nf_conntrack_hash_check_insert() fails.
      
      Fixes: 7d367e06 ("netfilter: ctnetlink: fix soft lockup when netlink adds new entries (v2)")
      Signed-off-by: default avatarHangyu Hua <hbh25y@gmail.com>
      Acked-by: default avatarFlorian Westphal <fw@strlen.de>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      ac489398
    • Linus Torvalds's avatar
      Merge tag 'x86_cpu_for_v6.3_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 87793476
      Linus Torvalds authored
      Pull x86 cpuid updates from Borislav Petkov:
      
       - Cache the AMD debug registers in per-CPU variables to avoid MSR
         writes where possible, when supporting a debug registers swap feature
         for SEV-ES guests
      
       - Add support for AMD's version of eIBRS called Automatic IBRS which is
         a set-and-forget control of indirect branch restriction speculation
         resources on privilege change
      
       - Add support for a new x86 instruction - LKGS - Load kernel GS which
         is part of the FRED infrastructure
      
       - Reset SPEC_CTRL upon init to accomodate use cases like kexec which
         rediscover
      
       - Other smaller fixes and cleanups
      
      * tag 'x86_cpu_for_v6.3_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        x86/amd: Cache debug register values in percpu variables
        KVM: x86: Propagate the AMD Automatic IBRS feature to the guest
        x86/cpu: Support AMD Automatic IBRS
        x86/cpu, kvm: Add the SMM_CTL MSR not present feature
        x86/cpu, kvm: Add the Null Selector Clears Base feature
        x86/cpu, kvm: Move X86_FEATURE_LFENCE_RDTSC to its native leaf
        x86/cpu, kvm: Add the NO_NESTED_DATA_BP feature
        KVM: x86: Move open-coded CPUID leaf 0x80000021 EAX bit propagation code
        x86/cpu, kvm: Add support for CPUID_80000021_EAX
        x86/gsseg: Add the new <asm/gsseg.h> header to <asm/asm-prototypes.h>
        x86/gsseg: Use the LKGS instruction if available for load_gs_index()
        x86/gsseg: Move load_gs_index() to its own new header file
        x86/gsseg: Make asm_load_gs_index() take an u16
        x86/opcode: Add the LKGS instruction to x86-opcode-map
        x86/cpufeature: Add the CPU feature bit for LKGS
        x86/bugs: Reset speculation control settings on init
        x86/cpu: Remove redundant extern x86_read_arch_cap_msr()
      87793476
    • Dave Hansen's avatar
      uaccess: Add speculation barrier to copy_from_user() · 74e19ef0
      Dave Hansen authored
      The results of "access_ok()" can be mis-speculated.  The result is that
      you can end speculatively:
      
      	if (access_ok(from, size))
      		// Right here
      
      even for bad from/size combinations.  On first glance, it would be ideal
      to just add a speculation barrier to "access_ok()" so that its results
      can never be mis-speculated.
      
      But there are lots of system calls just doing access_ok() via
      "copy_to_user()" and friends (example: fstat() and friends).  Those are
      generally not problematic because they do not _consume_ data from
      userspace other than the pointer.  They are also very quick and common
      system calls that should not be needlessly slowed down.
      
      "copy_from_user()" on the other hand uses a user-controller pointer and
      is frequently followed up with code that might affect caches.  Take
      something like this:
      
      	if (!copy_from_user(&kernelvar, uptr, size))
      		do_something_with(kernelvar);
      
      If userspace passes in an evil 'uptr' that *actually* points to a kernel
      addresses, and then do_something_with() has cache (or other)
      side-effects, it could allow userspace to infer kernel data values.
      
      Add a barrier to the common copy_from_user() code to prevent
      mis-speculated values which happen after the copy.
      
      Also add a stub for architectures that do not define barrier_nospec().
      This makes the macro usable in generic code.
      
      Since the barrier is now usable in generic code, the x86 #ifdef in the
      BPF code can also go away.
      Reported-by: default avatarJordy Zomer <jordyzomer@google.com>
      Suggested-by: default avatarLinus Torvalds <torvalds@linuxfoundation.org>
      Signed-off-by: default avatarDave Hansen <dave.hansen@linux.intel.com>
      Reviewed-by: default avatarThomas Gleixner <tglx@linutronix.de>
      Acked-by: Daniel Borkmann <daniel@iogearbox.net>   # BPF bits
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      74e19ef0
    • Linus Torvalds's avatar
      Merge tag 'thermal-6.3-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm · 1b72607d
      Linus Torvalds authored
      Pull thermal control updates from Rafael Wysocki:
       "The majority of changes here are related to the general switch-over to
        using arrays of generic trip point structures registered along with a
        thermal zone instead of trip point callbacks (this has been done
        mostly by Daniel Lezcano with some help from yours truly on the Intel
        drivers front).
      
        Apart from that and the related reorganization of code, there are some
        enhancements of the existing driver and a new Mediatek Low Voltage
        Thermal Sensor (LVTS) driver. The Intel powerclamp undergoes a major
        rework so it will use the generic idle_inject facility for CPU idle
        time injection going forward and it will take additional module
        parameters for specifying the subset of CPUs to be affected by it
        (work done by Srinivas Pandruvada).
      
        Also included are assorted fixes and a whole bunch of cleanups.
      
        Specifics:
      
         - Rework a large bunch of drivers to use the generic thermal trip
           structure and use the opportunity to do more cleanups by removing
           unused functions from the OF code (Daniel Lezcano)
      
         - Remove core header inclusion from drivers (Daniel Lezcano)
      
         - Fix some locking issues related to the generic thermal trip rework
           (Johan Hovold)
      
         - Fix a crash when requesting the critical temperature on tegra,
           which is related to the generic trip point work (Jon Hunter)
      
         - Clean up thermal device unregistration code (Viresh Kumar)
      
         - Fix and clean up thermal control core initialization error code
           paths (Daniel Lezcano)
      
         - Relocate the trip points handling code into a separate file (Daniel
           Lezcano)
      
         - Make the thermal core fail registration of thermal zones and
           cooling devices if the thermal class has not been registered
           (Rafael Wysocki)
      
         - Add trip point initialization helper functions for ACPI-defined
           trip points and modify two thermal drivers to use them (Rafael
           Wysocki, Daniel Lezcano)
      
         - Make the core thermal control code use sysfs_emit_at() instead of
           scnprintf() where applicable (ye xingchen)
      
         - Consolidate code accessing the Intel TCC (Thermal Control
           Circuitry) MSRs by introducing library functions for that and
           making the TCC-related code in thermal drivers use them (Zhang Rui)
      
         - Enhance the x86_pkg_temp_thermal driver to support dynamic tjmax
           changes (Zhang Rui)
      
         - Address an "unsigned expression compared with zero" warning in the
           intel_soc_dts_iosf thermal driver (Yang Li)
      
         - Update comments regarding two functions in the Intel Menlow thermal
           driver (Deming Wang)
      
         - Use sysfs_emit_at() instead of scnprintf() in the int340x thermal
           driver (ye xingchen)
      
         - Make the intel_pch thermal driver support the Wellsburg PCH (Tim
           Zimmermann)
      
         - Modify the intel_pch and processor_thermal_device_pci thermal
           drivers use generic trip point tables instead of thermal zone trip
           point callbacks (Daniel Lezcano)
      
         - Add production mode attribute sysfs attribute to the int340x
           thermal driver (Srinivas Pandruvada)
      
         - Rework dynamic trip point updates handling and locking in the
           int340x thermal driver (Rafael Wysocki)
      
         - Make the int340x thermal driver use a generic trip points table
           instead of thermal zone trip point callbacks (Rafael Wysocki,
           Daniel Lezcano)
      
         - Clean up and improve the int340x thermal driver (Rafael Wysocki)
      
         - Simplify and clean up the intel_pch thermal driver (Rafael Wysocki)
      
         - Fix the Intel powerclamp thermal driver and make it use the common
           idle injection framework (Srinivas Pandruvada)
      
         - Add two module parameters, cpumask and max_idle, to the Intel
           powerclamp thermal driver to allow it to affect only a specific
           subset of CPUs instead of all of them (Srinivas Pandruvada)
      
         - Make the Intel quark_dts thermal driver Use generic trip point
           objects instead of its own trip point representation (Daniel
           Lezcano)
      
         - Add toctree entry for thermal documents and fix two issues in the
           Intel powerclamp driver documentation (Bagas Sanjaya)
      
         - Use strscpy() to instead of strncpy() in the thermal core (Xu
           Panda)
      
         - Fix thermal_sampling_exit() (Vincent Guittot)
      
         - Add Mediatek Low Voltage Thermal Sensor (LVTS) driver (Balsam
           Chihi)
      
         - Add r8a779g0 RCar support to the rcar_gen3 thermal driver (Geert
           Uytterhoeven)
      
         - Fix useless call to set_trips() when resuming in the rcar_gen3
           thermal control driver and add interrupt support detection at init
           time to it (Niklas Söderlund)
      
         - Fix memory corruption in the hi3660 thermal driver (Yongqin Liu)
      
         - Fix include path for libnl3 in pkg-config file for libthermal
           (Vibhav Pant)
      
         - Remove syscfg-based driver for st as the platform is not supported
           any more (Alain Volmat)"
      
      * tag 'thermal-6.3-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm: (135 commits)
        thermal/drivers/st: Remove syscfg based driver
        thermal: Remove core header inclusion from drivers
        tools/lib/thermal: Fix include path for libnl3 in pkg-config file.
        thermal/drivers/hisi: Drop second sensor hi3660
        thermal/drivers/rcar_gen3_thermal: Fix device initialization
        thermal/drivers/rcar_gen3_thermal: Create device local ops struct
        thermal/drivers/rcar_gen3_thermal: Do not call set_trips() when resuming
        thermal/drivers/rcar_gen3: Add support for R-Car V4H
        dt-bindings: thermal: rcar-gen3-thermal: Add r8a779g0 support
        thermal/drivers/mediatek: Add the Low Voltage Thermal Sensor driver
        dt-bindings: thermal: mediatek: Add LVTS thermal controllers
        thermal/drivers/mediatek: Relocate driver to mediatek folder
        tools/lib/thermal: Fix thermal_sampling_exit()
        Documentation: powerclamp: Fix numbered lists formatting
        Documentation: powerclamp: Escape wildcard in cpumask description
        Documentation: admin-guide: Add toctree entry for thermal docs
        thermal: intel: powerclamp: Add two module parameters
        Documentation: admin-guide: Move intel_powerclamp documentation
        thermal: core: Use sysfs_emit_at() instead of scnprintf()
        thermal: intel: powerclamp: Fix duration module parameter
        ...
      1b72607d
    • Linus Torvalds's avatar
      Merge tag 'acpi-6.3-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm · 88af9b16
      Linus Torvalds authored
      Pull ACPI updates from Rafael Wysocki:
       "These fix a frequency limit issue in the ACPI processor performance
        library code, fix a few issues in the ACPICA code, improve Crystal
        Cove support in the ACPI PMIC driver, fix string handling in the ACPI
        battery driver, add IRQ override quirks for a few machines more, fix
        other assorted problems and clean up code and documentation.
      
        Specifics:
      
         - Drop port I/O validation for some regions to avoid AML failures due
           to rejections of legitimate port I/O writes (Mario Limonciello)
      
         - Constify acpi_get_handle() pathname argument to allow its callers
           to pass const pathnames to it (Sakari Ailus)
      
         - Prevent acpi_ns_simple_repair() from crashing in some cases when
           AE_AML_NO_RETURN_VALUE should be returned (Daniil Tatianin)
      
         - Fix typo in CDAT DSMAS struct definition (Lukas Wunner)
      
         - Drop an unnecessary (void *) conversion from the ACPI processor
           driver (Zhou jie)
      
         - Modify the ACPI processor performance library code to use the "no
           limit" frequency QoS as appropriate and adjust the intel_pstate
           driver accordingly (Rafael Wysocki)
      
         - Add support for NBFT to the ACPI table parser (Stuart Hayes)
      
         - Introduce list of known non-PNP devices to avoid enumerating some
           of them as PNP devices (Rafael Wysocki)
      
         - Add x86 ACPI paths to the ACPI entry in MAINTAINERS to allow
           scripts to report the actual maintainers information (Rafael
           Wysocki)
      
         - Add two more entries to the ACPI IRQ override quirk list (Adam
           Niederer, Werner Sembach)
      
         - Add a pmic_i2c_address entry for Intel Bay Trail Crystal Cove to
           allow intel_soc_pmic_exec_mipi_pmic_seq_element() to be used with
           the Bay Trail Crystal Cove PMIC OpRegion driver (Hans de Goede)
      
         - Add comments with DSDT power OpRegion field names to the ACPI PMIC
           driver (Hans de Goede)
      
         - Fix string termination handling in the ACPI battery driver (Armin
           Wolf)
      
         - Limit error type to 32-bit width in the ACPI APEI error injection
           code (Shuai Xue)
      
         - Fix Lenovo Ideapad Z570 DMI match in the ACPI backlight driver
           (Hans de Goede)
      
         - Silence missing prototype warnings in some places in the
           ACPI-related code (Ammar Faizi)
      
         - Make kobj_type structures used in the ACPI code constant (Thomas
           Weißschuh)
      
         - Correct spelling in firmware-guide/ACPI (Randy Dunlap)
      
         - Clarify the meaning of Explicit and Implicit in the _DSD GPIO
           properties documentation (Andy Shevchenko)
      
         - Fix some kernel-doc comments in the ACPI CPPC library code (Yang
           Li)"
      
      * tag 'acpi-6.3-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm: (25 commits)
        ACPI: make kobj_type structures constant
        Documentation: firmware-guide: gpio-properties: Clarify Explicit and Implicit
        ACPICA: Fix typo in CDAT DSMAS struct definition
        ACPI: resource: Do IRQ override on all TongFang GMxRGxx
        ACPI: resource: Add IRQ overrides for MAINGEAR Vector Pro 2 models
        ACPI: CPPC: Fix some kernel-doc comments
        ACPI: video: Fix Lenovo Ideapad Z570 DMI match
        Documentation: firmware-guide/ACPI: correct spelling
        ACPI: PMIC: Add comments with DSDT power opregion field names
        ACPI: battery: Increase maximum string length
        ACPI: battery: Fix buffer overread if not NUL-terminated
        ACPI: APEI: EINJ: Limit error type to 32-bit width
        MAINTAINERS: Add x86 ACPI paths to the ACPI entry
        ACPI: battery: Fix missing NUL-termination with large strings
        ACPI: PNP: Introduce list of known non-PNP devices
        ACPICA: nsrepair: handle cases without a return value correctly
        ACPI: Silence missing prototype warnings
        cpufreq: intel_pstate: Drop ACPI _PSS states table patching
        ACPI: processor: perflib: Avoid updating frequency QoS unnecessarily
        ACPI: processor: perflib: Use the "no limit" frequency QoS
        ...
      88af9b16
    • Linus Torvalds's avatar
      Merge tag 'pm-6.3-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm · 2504ba8b
      Linus Torvalds authored
      Pull power management updates from Rafael Wysocki:
       "These add EPP support to the AMD P-state cpufreq driver, add support
        for new platforms to the Intel RAPL power capping driver, intel_idle
        and the Qualcomm cpufreq driver, enable thermal cooling for Tegra194,
        drop the custom cpufreq driver for loongson1 that is not necessary any
        more (and the corresponding cpufreq platform device), fix assorted
        issues and clean up code.
      
        Specifics:
      
         - Add EPP support to the AMD P-state cpufreq driver (Perry Yuan, Wyes
           Karny, Arnd Bergmann, Bagas Sanjaya)
      
         - Drop the custom cpufreq driver for loongson1 that is not necessary
           any more and the corresponding cpufreq platform device (Keguang
           Zhang)
      
         - Remove "select SRCU" from system sleep, cpufreq and OPP Kconfig
           entries (Paul E. McKenney)
      
         - Enable thermal cooling for Tegra194 (Yi-Wei Wang)
      
         - Register module device table and add missing compatibles for
           cpufreq-qcom-hw (Nícolas F. R. A. Prado, Abel Vesa and Luca Weiss)
      
         - Various dt binding updates for qcom-cpufreq-nvmem and
           opp-v2-kryo-cpu (Christian Marangi)
      
         - Make kobj_type structure in the cpufreq core constant (Thomas
           Weißschuh)
      
         - Make cpufreq_unregister_driver() return void (Uwe Kleine-König)
      
         - Make the TEO cpuidle governor check CPU utilization in order to
           refine idle state selection (Kajetan Puchalski)
      
         - Make Kconfig select the haltpoll cpuidle governor when the haltpoll
           cpuidle driver is selected and replace a default_idle() call in
           that driver with arch_cpu_idle() to allow MWAIT to be used (Li
           RongQing)
      
         - Add Emerald Rapids Xeon support to the intel_idle driver (Artem
           Bityutskiy)
      
         - Add ARCH_SUSPEND_POSSIBLE dependencies for ARMv4 cpuidle drivers to
           avoid randconfig build failures (Arnd Bergmann)
      
         - Make kobj_type structures used in the cpuidle sysfs interface
           constant (Thomas Weißschuh)
      
         - Make the cpuidle driver registration code update microsecond values
           of idle state parameters in accordance with their nanosecond values
           if they are provided (Rafael Wysocki)
      
         - Make the PSCI cpuidle driver prevent topology CPUs from being
           suspended on PREEMPT_RT (Krzysztof Kozlowski)
      
         - Document that pm_runtime_force_suspend() cannot be used with
           DPM_FLAG_SMART_SUSPEND (Richard Fitzgerald)
      
         - Add EXPORT macros for exporting PM functions from drivers (Richard
           Fitzgerald)
      
         - Remove /** from non-kernel-doc comments in hibernation code (Randy
           Dunlap)
      
         - Fix possible name leak in powercap_register_zone() (Yang Yingliang)
      
         - Add Meteor Lake and Emerald Rapids support to the intel_rapl power
           capping driver (Zhang Rui)
      
         - Modify the idle_inject power capping facility to support 100% idle
           injection (Srinivas Pandruvada)
      
         - Fix large time windows handling in the intel_rapl power capping
           driver (Zhang Rui)
      
         - Fix memory leaks with using debugfs_lookup() in the generic PM
           domains and Energy Model code (Greg Kroah-Hartman)
      
         - Add missing 'cache-unified' property in the example for kryo OPP
           bindings (Rob Herring)
      
         - Fix error checking in opp_migrate_dentry() (Qi Zheng)
      
         - Let qcom,opp-fuse-level be a 2-long array for qcom SoCs (Konrad
           Dybcio)
      
         - Modify some power management utilities to use the canonical ftrace
           path (Ross Zwisler)
      
         - Correct spelling problems for Documentation/power/ as reported by
           codespell (Randy Dunlap)"
      
      * tag 'pm-6.3-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm: (53 commits)
        Documentation: amd-pstate: disambiguate user space sections
        cpufreq: amd-pstate: Fix invalid write to MSR_AMD_CPPC_REQ
        dt-bindings: opp: opp-v2-kryo-cpu: enlarge opp-supported-hw maximum
        dt-bindings: cpufreq: qcom-cpufreq-nvmem: make cpr bindings optional
        dt-bindings: cpufreq: qcom-cpufreq-nvmem: specify supported opp tables
        PM: Add EXPORT macros for exporting PM functions
        cpuidle: psci: Do not suspend topology CPUs on PREEMPT_RT
        MIPS: loongson32: Drop obsolete cpufreq platform device
        powercap: intel_rapl: Fix handling for large time window
        cpuidle: driver: Update microsecond values of state parameters as needed
        cpuidle: sysfs: make kobj_type structures constant
        cpuidle: add ARCH_SUSPEND_POSSIBLE dependencies
        PM: EM: fix memory leak with using debugfs_lookup()
        PM: domains: fix memory leak with using debugfs_lookup()
        cpufreq: Make kobj_type structure constant
        cpufreq: davinci: Fix clk use after free
        cpufreq: amd-pstate: avoid uninitialized variable use
        cpufreq: Make cpufreq_unregister_driver() return void
        OPP: fix error checking in opp_migrate_dentry()
        dt-bindings: cpufreq: cpufreq-qcom-hw: Add SM8550 compatible
        ...
      2504ba8b
    • Linus Torvalds's avatar
      Merge tag 'hardening-v6.3-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux · 4a7d37e8
      Linus Torvalds authored
      Pull hardening updates from Kees Cook:
       "Beyond some specific LoadPin, UBSAN, and fortify features, there are
        other fixes scattered around in various subsystems where maintainers
        were okay with me carrying them in my tree or were non-responsive but
        the patches were reviewed by others:
      
         - Replace 0-length and 1-element arrays with flexible arrays in
           various subsystems (Paulo Miguel Almeida, Stephen Rothwell, Kees
           Cook)
      
         - randstruct: Disable Clang 15 support (Eric Biggers)
      
         - GCC plugins: Drop -std=gnu++11 flag (Sam James)
      
         - strpbrk(): Refactor to use strchr() (Andy Shevchenko)
      
         - LoadPin LSM: Allow root filesystem switching when non-enforcing
      
         - fortify: Use dynamic object size hints when available
      
         - ext4: Fix CFI function prototype mismatch
      
         - Nouveau: Fix DP buffer size arguments
      
         - hisilicon: Wipe entire crypto DMA pool on error
      
         - coda: Fully allocate sig_inputArgs
      
         - UBSAN: Improve arm64 trap code reporting
      
         - copy_struct_from_user(): Add minimum bounds check on kernel buffer
           size"
      
      * tag 'hardening-v6.3-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
        randstruct: disable Clang 15 support
        uaccess: Add minimum bounds check on kernel buffer size
        arm64: Support Clang UBSAN trap codes for better reporting
        coda: Avoid partial allocation of sig_inputArgs
        gcc-plugins: drop -std=gnu++11 to fix GCC 13 build
        lib/string: Use strchr() in strpbrk()
        crypto: hisilicon: Wipe entire pool on error
        net/i40e: Replace 0-length array with flexible array
        io_uring: Replace 0-length array with flexible array
        ext4: Fix function prototype mismatch for ext4_feat_ktype
        i915/gvt: Replace one-element array with flexible-array member
        drm/nouveau/disp: Fix nvif_outp_acquire_dp() argument size
        LoadPin: Allow filesystem switch when not enforcing
        LoadPin: Move pin reporting cleanly out of locking
        LoadPin: Refactor sysctl initialization
        LoadPin: Refactor read-only check into a helper
        ARM: ixp4xx: Replace 0-length arrays with flexible arrays
        fortify: Use __builtin_dynamic_object_size() when available
        rxrpc: replace zero-lenth array with DECLARE_FLEX_ARRAY() helper
      4a7d37e8
    • Linus Torvalds's avatar
      Merge tag 'seccomp-v6.3-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux · 902d9fcd
      Linus Torvalds authored
      Pull seccomp update from Kees Cook:
      
       - Fix kernel-doc function name ordering to avoid warning (Randy Dunlap)
      
      * tag 'seccomp-v6.3-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
        seccomp: fix kernel-doc function name warning
      902d9fcd