1. 22 Sep, 2023 1 commit
    • Linus Torvalds's avatar
      Merge tag 'platform-drivers-x86-v6.6-3' of... · 3a457d28
      Linus Torvalds authored
      Merge tag 'platform-drivers-x86-v6.6-3' of git://git.kernel.org/pub/scm/linux/kernel/git/pdx86/platform-drivers-x86
      
      Pull x86 platform driver fixes from Hans de Goede:
       "The most noteworthy change in here is the addition of Ilpo Järvinen as
        co-maintainer of platform-drivers-x86. Ilpo will be helping me with
        platform-drivers-x86 maintenance going forward and you can expect
        pull-requests from Ilpo in the future.
      
        Other then that there is a set of Intel SCU IPC fixes and a
        thinkpad_acpi locking fix"
      
      * tag 'platform-drivers-x86-v6.6-3' of git://git.kernel.org/pub/scm/linux/kernel/git/pdx86/platform-drivers-x86:
        MAINTAINERS: Add x86 platform drivers patchwork
        MAINTAINERS: Add myself into x86 platform driver maintainers
        platform/x86: thinkpad_acpi: Take mutex in hotkey_resume
        platform/x86: intel_scu_ipc: Fail IPC send if still busy
        platform/x86: intel_scu_ipc: Don't override scu in intel_scu_ipc_dev_simple_command()
        platform/x86: intel_scu_ipc: Check status upon timeout in ipc_wait_for_interrupt()
        platform/x86: intel_scu_ipc: Check status after timeout in busy_loop()
      3a457d28
  2. 21 Sep, 2023 15 commits
    • Linus Torvalds's avatar
      Merge tag 'net-6.6-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net · 27bbf45e
      Linus Torvalds authored
      Pull networking fixes from Paolo Abeni:
       "Including fixes from netfilter and bpf.
      
        Current release - regressions:
      
         - bpf: adjust size_index according to the value of KMALLOC_MIN_SIZE
      
         - netfilter: fix entries val in rule reset audit log
      
         - eth: stmmac: fix incorrect rxq|txq_stats reference
      
        Previous releases - regressions:
      
         - ipv4: fix null-deref in ipv4_link_failure
      
         - netfilter:
            - fix several GC related issues
            - fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
      
         - eth: team: fix null-ptr-deref when team device type is changed
      
         - eth: i40e: fix VF VLAN offloading when port VLAN is configured
      
         - eth: ionic: fix 16bit math issue when PAGE_SIZE >= 64KB
      
        Previous releases - always broken:
      
         - core: fix ETH_P_1588 flow dissector
      
         - mptcp: fix several connection hang-up conditions
      
         - bpf:
            - avoid deadlock when using queue and stack maps from NMI
            - add override check to kprobe multi link attach
      
         - hsr: properly parse HSRv1 supervisor frames.
      
         - eth: igc: fix infinite initialization loop with early XDP redirect
      
         - eth: octeon_ep: fix tx dma unmap len values in SG
      
         - eth: hns3: fix GRE checksum offload issue"
      
      * tag 'net-6.6-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (87 commits)
        sfc: handle error pointers returned by rhashtable_lookup_get_insert_fast()
        igc: Expose tx-usecs coalesce setting to user
        octeontx2-pf: Do xdp_do_flush() after redirects.
        bnxt_en: Flush XDP for bnxt_poll_nitroa0()'s NAPI
        net: ena: Flush XDP packets on error.
        net/handshake: Fix memory leak in __sock_create() and sock_alloc_file()
        net: hinic: Fix warning-hinic_set_vlan_fliter() warn: variable dereferenced before check 'hwdev'
        netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
        netfilter: nf_tables: fix memleak when more than 255 elements expired
        netfilter: nf_tables: disable toggling dormant table state more than once
        vxlan: Add missing entries to vxlan_get_size()
        net: rds: Fix possible NULL-pointer dereference
        team: fix null-ptr-deref when team device type is changed
        net: bridge: use DEV_STATS_INC()
        net: hns3: add 5ms delay before clear firmware reset irq source
        net: hns3: fix fail to delete tc flower rules during reset issue
        net: hns3: only enable unicast promisc when mac table full
        net: hns3: fix GRE checksum offload issue
        net: hns3: add cmdq check for vf periodic service task
        net: stmmac: fix incorrect rxq|txq_stats reference
        ...
      27bbf45e
    • Linus Torvalds's avatar
      Merge tag 'v6.6-rc3.vfs.ctime.revert' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs · b5cbe7c0
      Linus Torvalds authored
      Pull finegrained timestamp reverts from Christian Brauner:
       "Earlier this week we sent a few minor fixes for the multi-grained
        timestamp work in [1]. While we were polishing those up after Linus
        realized that there might be a nicer way to fix them we received a
        regression report in [2] that fine grained timestamps break gnulib
        tests and thus possibly other tools.
      
        The kernel will elide fine-grain timestamp updates when no one is
        actively querying for them to avoid performance impacts. So a sequence
        like write(f1) stat(f2) write(f2) stat(f2) write(f1) stat(f1) may
        result in timestamp f1 to be older than the final f2 timestamp even
        though f1 was last written too but the second write didn't update the
        timestamp.
      
        Such plotholes can lead to subtle bugs when programs compare
        timestamps. For example, the nap() function in [2] will estimate that
        it needs to wait one ns on a fine-grain timestamp enabled filesytem
        between subsequent calls to observe a timestamp change. But in general
        we don't update timestamps with more than one jiffie if we think that
        no one is actively querying for fine-grain timestamps to avoid
        performance impacts.
      
        While discussing various fixes the decision was to go back to the
        drawing board and ultimately to explore a solution that involves only
        exposing such fine-grained timestamps to nfs internally and never to
        userspace.
      
        As there are multiple solutions discussed the honest thing to do here
        is not to fix this up or disable it but to cleanly revert. The general
        infrastructure will probably come back but there is no reason to keep
        this code in mainline.
      
        The general changes to timestamp handling are valid and a good cleanup
        that will stay. The revert is fully bisectable"
      
      Link: https://lore.kernel.org/all/20230918-hirte-neuzugang-4c2324e7bae3@brauner [1]
      Link: https://lore.kernel.org/all/bf0524debb976627693e12ad23690094e4514303.camel@linuxfromscratch.org [2]
      
      * tag 'v6.6-rc3.vfs.ctime.revert' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs:
        Revert "fs: add infrastructure for multigrain timestamps"
        Revert "btrfs: convert to multigrain timestamps"
        Revert "ext4: switch to multigrain timestamps"
        Revert "xfs: switch to multigrain timestamps"
        Revert "tmpfs: add support for multigrain timestamps"
      b5cbe7c0
    • Ilpo Järvinen's avatar
      MAINTAINERS: Add x86 platform drivers patchwork · bc3b6f59
      Ilpo Järvinen authored
      Add x86 platform drivers patchwork which has been missing from
      MAINTAINERS.
      Signed-off-by: default avatarIlpo Järvinen <ilpo.jarvinen@linux.intel.com>
      Link: https://lore.kernel.org/r/20230919123948.1583-1-ilpo.jarvinen@linux.intel.comSigned-off-by: default avatarHans de Goede <hdegoede@redhat.com>
      bc3b6f59
    • Linus Torvalds's avatar
      Merge tag 'powerpc-6.6-2' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux · 7bdfc1af
      Linus Torvalds authored
      Pull powerpc fixes from Michael Ellerman:
      
       - A fix for breakpoint handling which was using get_user() while atomic
      
       - Fix the Power10 HASHCHK handler which was using get_user() while
         atomic
      
       - A few build fixes for issues caused by recent changes
      
      Thanks to Benjamin Gray, Christophe Leroy, Kajol Jain, and Naveen N Rao.
      
      * tag 'powerpc-6.6-2' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux:
        powerpc/dexcr: Move HASHCHK trap handler
        powerpc/82xx: Select FSL_SOC
        powerpc: Fix build issue with LD_DEAD_CODE_DATA_ELIMINATION and FTRACE_MCOUNT_USE_PATCHABLE_FUNCTION_ENTRY
        powerpc/watchpoints: Annotate atomic context in more places
        powerpc/watchpoint: Disable pagefaults when getting user instruction
        powerpc/watchpoints: Disable preemption in thread_change_pc()
        powerpc/perf/hv-24x7: Update domain value check
      7bdfc1af
    • Linus Torvalds's avatar
      Merge tag 'for-linus-6.6a-rc3-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip · 88a174a9
      Linus Torvalds authored
      Pull xen fixes from Juergen Gross:
      
       - remove some unused functions in the Xen event channel handling
      
       - fix a regression (introduced during the merge window) when booting as
         Xen PV guest
      
       - small cleanup removing another strncpy() instance
      
      * tag 'for-linus-6.6a-rc3-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip:
        xen/efi: refactor deprecated strncpy
        x86/xen: allow nesting of same lazy mode
        x86/xen: move paravirt lazy code
        arm/xen: remove lazy mode related definitions
        xen: simplify evtchn_do_upcall() call maze
      88a174a9
    • Linus Torvalds's avatar
      Merge tag 'fixes-2023-09-21' of git://git.kernel.org/pub/scm/linux/kernel/git/rppt/memblock · fb8b1b93
      Linus Torvalds authored
      Pull memblock test fixes from Mike Rapoport:
       "Fix several compilation errors and warnings in memblock tests"
      
      * tag 'fixes-2023-09-21' of git://git.kernel.org/pub/scm/linux/kernel/git/rppt/memblock:
        memblock tests: fix warning ‘struct seq_file’ declared inside parameter list
        memblock tests: fix warning: "__ALIGN_KERNEL" redefined
        memblock tests: Fix compilation errors.
      fb8b1b93
    • Linus Torvalds's avatar
      Merge tag 'sound-6.6-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound · 2af5acba
      Linus Torvalds authored
      Pull sound fixes from Takashi Iwai:
       "A large collection of fixes around this time.
      
        All small and mostly trivial fixes.
      
         - Lots of fixes for the new -Wformat-truncation warnings
      
         - A fix in ALSA rawmidi core regression and UMP handling
      
         - Series of Cirrus codec fixes
      
         - ASoC Intel and Realtek codec fixes
      
         - Usual HD- and USB-audio quirks and AMD ASoC quirks"
      
      * tag 'sound-6.6-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound: (64 commits)
        ALSA: hda/realtek - ALC287 Realtek I2S speaker platform support
        ALSA: hda: cs35l56: Use the new RUNTIME_PM_OPS() macro
        ALSA: usb-audio: scarlett_gen2: Fix another -Wformat-truncation warning
        ALSA: rawmidi: Fix NULL dereference at proc read
        ASoC: SOF: core: Only call sof_ops_free() on remove if the probe was successful
        ASoC: SOF: Intel: MTL: Reduce the DSP init timeout
        ASoC: cs42l43: Add shared IRQ flag for shutters
        ASoC: imx-audmix: Fix return error with devm_clk_get()
        ASoC: hdaudio.c: Add missing check for devm_kstrdup
        ALSA: riptide: Fix -Wformat-truncation warning for longname string
        ALSA: cs4231: Fix -Wformat-truncation warning for longname string
        ALSA: ad1848: Fix -Wformat-truncation warning for longname string
        ALSA: hda: generic: Check potential mixer name string truncation
        ALSA: cmipci: Fix -Wformat-truncation warning
        ALSA: firewire: Fix -Wformat-truncation warning for MIDI stream names
        ALSA: firewire: Fix -Wformat-truncation warning for longname string
        ALSA: xen: Fix -Wformat-truncation warning
        ALSA: opti9x: Fix -Wformat-truncation warning
        ALSA: es1688: Fix -Wformat-truncation warning
        ALSA: cs4236: Fix -Wformat-truncation warning
        ...
      2af5acba
    • Linus Torvalds's avatar
      Merge tag 'hwmon-for-v6.6-rc3' of... · b300c0fd
      Linus Torvalds authored
      Merge tag 'hwmon-for-v6.6-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging
      
      Pull hwmon fix from Guenter Roeck:
       "One patch to drop a non-existent alarm attribute in the nct6775 driver"
      
      * tag 'hwmon-for-v6.6-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging:
        hwmon: (nct6775) Fix non-existent ALARM warning
      b300c0fd
    • Paolo Abeni's avatar
      Merge tag 'nf-23-09-20' of https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf · ecf43926
      Paolo Abeni authored
      Florian Westphal says:
      
      ====================
      netfilter updates for net
      
      The following three patches fix regressions in the netfilter subsystem:
      
      1. Reject attempts to repeatedly toggle the 'dormant' flag in a single
         transaction.  Doing so makes nf_tables lose track of the real state
         vs. the desired state.  This ends with an attempt to unregister hooks
         that were never registered in the first place, which yields a splat.
      
      2. Fix element counting in the new nftables garbage collection infra
         that came with 6.5:  More than 255 expired elements wraps a counter
         which results in memory leak.
      
      3. Since 6.4 ipset can BUG when a set is renamed while a CREATE command
         is in progress, fix from Jozsef Kadlecsik.
      
      * tag 'nf-23-09-20' of https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf:
        netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
        netfilter: nf_tables: fix memleak when more than 255 elements expired
        netfilter: nf_tables: disable toggling dormant table state more than once
      ====================
      
      Link: https://lore.kernel.org/r/20230920084156.4192-1-fw@strlen.deSigned-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
      ecf43926
    • Edward Cree's avatar
      sfc: handle error pointers returned by rhashtable_lookup_get_insert_fast() · fc21f083
      Edward Cree authored
      Several places in TC offload code assumed that the return from
       rhashtable_lookup_get_insert_fast() was always either NULL or a valid
       pointer to an existing entry, but in fact that function can return an
       error pointer.  In that case, perform the usual cleanup of the newly
       created entry, then pass up the error, rather than attempting to take a
       reference on the old entry.
      
      Fixes: d902e1a7 ("sfc: bare bones TC offload on EF100")
      Reported-by: default avatarDan Carpenter <dan.carpenter@linaro.org>
      Signed-off-by: default avatarEdward Cree <ecree.xilinx@gmail.com>
      Link: https://lore.kernel.org/r/20230919183949.59392-1-edward.cree@amd.comSigned-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
      fc21f083
    • Muhammad Husaini Zulkifli's avatar
      igc: Expose tx-usecs coalesce setting to user · 1703b2e0
      Muhammad Husaini Zulkifli authored
      When users attempt to obtain the coalesce setting using the
      ethtool command, current code always returns 0 for tx-usecs.
      This is because I225/6 always uses a queue pair setting, hence
      tx_coalesce_usecs does not return a value during the
      igc_ethtool_get_coalesce() callback process. The pair queue
      condition checking in igc_ethtool_get_coalesce() is removed by
      this patch so that the user gets information of the value of tx-usecs.
      
      Even if i225/6 is using queue pair setting, there is no harm in
      notifying the user of the tx-usecs. The implementation of the current
      code may have previously been a copy of the legacy code i210.
      Since I225 has the queue pair setting enabled, tx-usecs will always adhere
      to the user-set rx-usecs value. An error message will appear when the user
      attempts to set the tx-usecs value for the input parameters because,
      by default, they should only set the rx-usecs value.
      
      This patch also adds the helper function to get the
      previous rx coalesce value similar to tx coalesce.
      
      How to test:
      User can get the coalesce value using ethtool command.
      
      Example command:
      Get: ethtool -c <interface>
      
      Previous output:
      
      rx-usecs: 3
      rx-frames: n/a
      rx-usecs-irq: n/a
      rx-frames-irq: n/a
      
      tx-usecs: 0
      tx-frames: n/a
      tx-usecs-irq: n/a
      tx-frames-irq: n/a
      
      New output:
      
      rx-usecs: 3
      rx-frames: n/a
      rx-usecs-irq: n/a
      rx-frames-irq: n/a
      
      tx-usecs: 3
      tx-frames: n/a
      tx-usecs-irq: n/a
      tx-frames-irq: n/a
      
      Fixes: 8c5ad0da ("igc: Add ethtool support")
      Signed-off-by: default avatarMuhammad Husaini Zulkifli <muhammad.husaini.zulkifli@intel.com>
      Tested-by: default avatarNaama Meir <naamax.meir@linux.intel.com>
      Reviewed-by: default avatarSimon Horman <horms@kernel.org>
      Signed-off-by: default avatarTony Nguyen <anthony.l.nguyen@intel.com>
      Link: https://lore.kernel.org/r/20230919170331.1581031-1-anthony.l.nguyen@intel.comSigned-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
      1703b2e0
    • Paolo Abeni's avatar
      Merge branch 'add-missing-xdp_do_flush-invocations' · 49dcffef
      Paolo Abeni authored
      Sebastian Andrzej Siewior says:
      
      ====================
      Add missing xdp_do_flush() invocations.
      
      I've been looking at the drivers/ XDP users and noticed that some
      XDP_REDIRECT user don't invoke xdp_do_flush() at the end.
      ====================
      
      Link: https://lore.kernel.org/r/20230918153611.165722-1-bigeasy@linutronix.deSigned-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
      49dcffef
    • Sebastian Andrzej Siewior's avatar
      octeontx2-pf: Do xdp_do_flush() after redirects. · 70b2b689
      Sebastian Andrzej Siewior authored
      xdp_do_flush() should be invoked before leaving the NAPI poll function
      if XDP-redirect has been performed.
      
      Invoke xdp_do_flush() before leaving NAPI.
      
      Cc: Geetha sowjanya <gakula@marvell.com>
      Cc: Subbaraya Sundeep <sbhatta@marvell.com>
      Cc: Sunil Goutham <sgoutham@marvell.com>
      Cc: hariprasad <hkelam@marvell.com>
      Fixes: 06059a1a ("octeontx2-pf: Add XDP support to netdev PF")
      Signed-off-by: default avatarSebastian Andrzej Siewior <bigeasy@linutronix.de>
      Acked-by: default avatarGeethasowjanya Akula <gakula@marvell.com>
      Acked-by: default avatarJesper Dangaard Brouer <hawk@kernel.org>
      Signed-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
      70b2b689
    • Sebastian Andrzej Siewior's avatar
      bnxt_en: Flush XDP for bnxt_poll_nitroa0()'s NAPI · edc0140c
      Sebastian Andrzej Siewior authored
      bnxt_poll_nitroa0() invokes bnxt_rx_pkt() which can run a XDP program
      which in turn can return XDP_REDIRECT. bnxt_rx_pkt() is also used by
      __bnxt_poll_work() which flushes (xdp_do_flush()) the packets after each
      round. bnxt_poll_nitroa0() lacks this feature.
      xdp_do_flush() should be invoked before leaving the NAPI callback.
      
      Invoke xdp_do_flush() after a redirect in bnxt_poll_nitroa0() NAPI.
      
      Cc: Michael Chan <michael.chan@broadcom.com>
      Fixes: f18c2b77 ("bnxt_en: optimized XDP_REDIRECT support")
      Reviewed-by: default avatarAndy Gospodarek <gospo@broadcom.com>
      Signed-off-by: default avatarSebastian Andrzej Siewior <bigeasy@linutronix.de>
      Reviewed-by: default avatarMichael Chan <michael.chan@broadcom.com>
      Acked-by: default avatarJesper Dangaard Brouer <hawk@kernel.org>
      Signed-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
      edc0140c
    • Sebastian Andrzej Siewior's avatar
      net: ena: Flush XDP packets on error. · 6f411fb5
      Sebastian Andrzej Siewior authored
      xdp_do_flush() should be invoked before leaving the NAPI poll function
      after a XDP-redirect. This is not the case if the driver leaves via
      the error path (after having a redirect in one of its previous
      iterations).
      
      Invoke xdp_do_flush() also in the error path.
      
      Cc: Arthur Kiyanovski <akiyano@amazon.com>
      Cc: David Arinzon <darinzon@amazon.com>
      Cc: Noam Dagan <ndagan@amazon.com>
      Cc: Saeed Bishara <saeedb@amazon.com>
      Cc: Shay Agroskin <shayagr@amazon.com>
      Fixes: a318c70a ("net: ena: introduce XDP redirect implementation")
      Acked-by: default avatarArthur Kiyanovski <akiyano@amazon.com>
      Signed-off-by: default avatarSebastian Andrzej Siewior <bigeasy@linutronix.de>
      Acked-by: default avatarJesper Dangaard Brouer <hawk@kernel.org>
      Signed-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
      6f411fb5
  3. 20 Sep, 2023 17 commits
    • Linus Torvalds's avatar
      Merge tag 'media/v6.6-2' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media · 42dc8149
      Linus Torvalds authored
      Pull media fixes from Mauro Carvalho Chehab:
      
       - driver fixes due to incorrect fwnode_handle_put() call
      
       - bt8xx: bttv_risc_packed(): remove field checks
      
       - vb2: frame_vector.c: replace WARN_ONCE with a comment
      
       - imx219: a couple typo fixes and perform a full mode set
         unconditionally
      
       - uvcvideo: Fix OOB read
      
       - some dependency fixes
      
      * tag 'media/v6.6-2' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media:
        media: imx-mipi-csis: Remove an incorrect fwnode_handle_put() call
        media: vb2: frame_vector.c: replace WARN_ONCE with a comment
        media: uvcvideo: Fix OOB read
        media: bt8xx: bttv_risc_packed(): remove field checks
        media: i2c: rdacm21: Remove an incorrect fwnode_handle_put() call
        media: i2c: imx219: Perform a full mode set unconditionally
        media: i2c: imx219: Fix crop rectangle setting when changing format
        media: i2c: imx219: Fix a typo referring to a wrong variable
        media: i2c: max9286: Remove an incorrect fwnode_handle_put() call
        media: ivsc: Depend on VIDEO_DEV
        media: via: Use correct dependency for camera sensor drivers
        media: v4l: Use correct dependency for camera sensor drivers
        media: pci: ivsc: Select build dependencies
      42dc8149
    • Linus Torvalds's avatar
      Merge tag 'for-6.6-rc2-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux · a229cf67
      Linus Torvalds authored
      Pull btrfs fixes from David Sterba:
       "A few more followup fixes to the directory listing.
      
        People have noticed different behaviour compared to other filesystems
        after changes in 6.5. This is now unified to more "logical" and
        expected behaviour while still within POSIX. And a few more fixes for
        stable.
      
         - change behaviour of readdir()/rewinddir() when new directory
           entries are created after opendir(), properly tracking the last
           entry
      
         - fix race in readdir when multiple threads can set the last entry
           index for a directory
      
        Additionally:
      
         - use exclusive lock when direct io might need to drop privs and call
           notify_change()
      
         - don't clear uptodate bit on page after an error, this may lead to a
           deadlock in subpage mode
      
         - fix waiting pattern when multiple readers block on Merkle tree
           data, switch to folios"
      
      * tag 'for-6.6-rc2-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux:
        btrfs: fix race between reading a directory and adding entries to it
        btrfs: refresh dir last index during a rewinddir(3) call
        btrfs: set last dir index to the current last index when opening dir
        btrfs: don't clear uptodate on write errors
        btrfs: file_remove_privs needs an exclusive lock in direct io write
        btrfs: convert btrfs_read_merkle_tree_page() to use a folio
      a229cf67
    • Linus Torvalds's avatar
      Merge tag 'spi-fix-v6.6-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi · 5d2f5353
      Linus Torvalds authored
      Pull spi fixes from Mark Brown:
       "A small collection of fixes, plus a new device ID for Intel Granite
        Rapids systems.
      
        The fix for the i.MX driver is fairly urgent, it's fixing a data
        corruption issue when bits per word isn't 8.
      
        There's also one fix which was queued but not sent for v6.4 due to
        being minor and arriving at the end of the release"
      
      * tag 'spi-fix-v6.6-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi:
        spi: imx: Take in account bits per word instead of assuming 8-bits
        spi: intel-pci: Add support for Granite Rapids SPI serial flash
        spi: stm32: add a delay before SPI disable
        spi: nxp-fspi: reset the FLSHxCR1 registers
        spi: zynqmp-gqspi: fix clock imbalance on probe failure
      5d2f5353
    • Linus Torvalds's avatar
      Merge tag 'regulator-fix-v6.6-rc2' of... · 1c0a21da
      Linus Torvalds authored
      Merge tag 'regulator-fix-v6.6-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator
      
      Pull regulator fix from Mark Brown:
       "One fix for the tps6287x driver which was incorrectly specifying the
        field for voltage range selection leading to incorrect voltages being
        set"
      
      * tag 'regulator-fix-v6.6-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator:
        regulator: Fix voltage range selection
      1c0a21da
    • Christian Brauner's avatar
      Revert "fs: add infrastructure for multigrain timestamps" · 647aa768
      Christian Brauner authored
      This reverts commit ffb6cf19.
      
      Users reported regressions due to enabling multi-grained timestamps
      unconditionally. As no clear consensus on a solution has come up and the
      discussion has gone back to the drawing board revert the infrastructure
      changes for. If it isn't code that's here to stay, make it go away.
      
      Message-ID: <20230920-keine-eile-c9755b5825db@brauner>
      Acked-by: default avatarJan Kara <jack@suse.cz>
      Acked-by: default avatarJeff Layton <jlayton@kernel.org>
      Signed-off-by: default avatarChristian Brauner <brauner@kernel.org>
      647aa768
    • Christian Brauner's avatar
      Revert "btrfs: convert to multigrain timestamps" · efd34f03
      Christian Brauner authored
      This reverts commit 50e9ceef.
      
      Users reported regressions due to enabling multi-grained timestamps
      unconditionally. As no clear consensus on a solution has come up and the
      discussion has gone back to the drawing board revert the infrastructure
      changes for. If it isn't code that's here to stay, make it go away.
      
      Message-ID: <20230920-keine-eile-c9755b5825db@brauner>
      Acked-by: default avatarJan Kara <jack@suse.cz>
      Acked-by: default avatarJeff Layton <jlayton@kernel.org>
      Signed-off-by: default avatarChristian Brauner <brauner@kernel.org>
      efd34f03
    • Christian Brauner's avatar
      Revert "ext4: switch to multigrain timestamps" · 50ec1d72
      Christian Brauner authored
      This reverts commit 0269b585.
      
      Users reported regressions due to enabling multi-grained timestamps
      unconditionally. As no clear consensus on a solution has come up and the
      discussion has gone back to the drawing board revert the infrastructure
      changes for. If it isn't code that's here to stay, make it go away.
      
      Message-ID: <20230920-keine-eile-c9755b5825db@brauner>
      Acked-by: default avatarJan Kara <jack@suse.cz>
      Acked-by: default avatarJeff Layton <jlayton@kernel.org>
      Signed-off-by: default avatarChristian Brauner <brauner@kernel.org>
      50ec1d72
    • Christian Brauner's avatar
      Revert "xfs: switch to multigrain timestamps" · f798accd
      Christian Brauner authored
      This reverts commit e44df266.
      
      Users reported regressions due to enabling multi-grained timestamps
      unconditionally. As no clear consensus on a solution has come up and the
      discussion has gone back to the drawing board revert the infrastructure
      changes for. If it isn't code that's here to stay, make it go away.
      
      Message-ID: <20230920-keine-eile-c9755b5825db@brauner>
      Acked-by: default avatarJan Kara <jack@suse.cz>
      Acked-by: default avatarJeff Layton <jlayton@kernel.org>
      Signed-off-by: default avatarChristian Brauner <brauner@kernel.org>
      f798accd
    • Christian Brauner's avatar
      Revert "tmpfs: add support for multigrain timestamps" · db58b5ee
      Christian Brauner authored
      This reverts commit d48c3397.
      
      Users reported regressions due to enabling multi-grained timestamps
      unconditionally. As no clear consensus on a solution has come up and the
      discussion has gone back to the drawing board revert the infrastructure
      changes for. If it isn't code that's here to stay, make it go away.
      
      Message-ID: <20230920-keine-eile-c9755b5825db@brauner>
      Acked-by: default avatarJan Kara <jack@suse.cz>
      Acked-by: default avatarJeff Layton <jlayton@kernel.org>
      Signed-off-by: default avatarChristian Brauner <brauner@kernel.org>
      db58b5ee
    • Takashi Iwai's avatar
      Merge tag 'asoc-fix-v6.6-rc2' of... · 0eb0e272
      Takashi Iwai authored
      Merge tag 'asoc-fix-v6.6-rc2' of https://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound into for-linus
      
      ASoC: Fixes for v6.6
      
      Quite a large collection of fixes, with numbers boosted by multiple
      vendors sending multi-patch serieses.  Nothing super major, and also one
      device quirk.
      0eb0e272
    • Jinjie Ruan's avatar
      net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() · 4a0f07d7
      Jinjie Ruan authored
      When making CONFIG_DEBUG_KMEMLEAK=y and CONFIG_DEBUG_KMEMLEAK_AUTO_SCAN=y,
      modprobe handshake-test and then rmmmod handshake-test, the below memory
      leak is detected.
      
      The struct socket_alloc which is allocated by alloc_inode_sb() in
      __sock_create() is not freed. And the struct dentry which is allocated
      by __d_alloc() in sock_alloc_file() is not freed.
      
      Since fput() will call file->f_op->release() which is sock_close() here and
      it will call __sock_release(). and fput() will call dput(dentry) to free
      the struct dentry. So replace sock_release() with fput() to fix the
      below memory leak. After applying this patch, the following memory leak is
      never detected.
      
      unreferenced object 0xffff888109165840 (size 768):
        comm "kunit_try_catch", pid 1852, jiffies 4294685807 (age 976.262s)
        hex dump (first 32 bytes):
          01 00 00 00 01 00 5a 5a 20 00 00 00 00 00 00 00  ......ZZ .......
          00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
        backtrace:
          [<ffffffff8397993f>] sock_alloc_inode+0x1f/0x1b0
          [<ffffffff81a2cb5b>] alloc_inode+0x5b/0x1a0
          [<ffffffff81a32bed>] new_inode_pseudo+0xd/0x70
          [<ffffffff8397889c>] sock_alloc+0x3c/0x260
          [<ffffffff83979b46>] __sock_create+0x66/0x3d0
          [<ffffffffa0209ba2>] 0xffffffffa0209ba2
          [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
          [<ffffffff81236fc6>] kthread+0x2b6/0x380
          [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
          [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
      unreferenced object 0xffff88810f472008 (size 192):
        comm "kunit_try_catch", pid 1852, jiffies 4294685808 (age 976.261s)
        hex dump (first 32 bytes):
          00 00 50 40 02 00 00 00 00 00 00 00 00 00 00 00  ..P@............
          00 00 00 00 00 00 00 00 08 20 47 0f 81 88 ff ff  ......... G.....
        backtrace:
          [<ffffffff81a1ff11>] __d_alloc+0x31/0x8a0
          [<ffffffff81a2910e>] d_alloc_pseudo+0xe/0x50
          [<ffffffff819d549e>] alloc_file_pseudo+0xce/0x210
          [<ffffffff83978582>] sock_alloc_file+0x42/0x1b0
          [<ffffffffa0209bbb>] 0xffffffffa0209bbb
          [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
          [<ffffffff81236fc6>] kthread+0x2b6/0x380
          [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
          [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
      unreferenced object 0xffff88810958e580 (size 224):
        comm "kunit_try_catch", pid 1852, jiffies 4294685808 (age 976.261s)
        hex dump (first 32 bytes):
          00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
          00 00 00 00 03 00 2e 08 01 00 00 00 00 00 00 00  ................
        backtrace:
          [<ffffffff819d4b90>] alloc_empty_file+0x50/0x160
          [<ffffffff819d4cf9>] alloc_file+0x59/0x730
          [<ffffffff819d5524>] alloc_file_pseudo+0x154/0x210
          [<ffffffff83978582>] sock_alloc_file+0x42/0x1b0
          [<ffffffffa0209bbb>] 0xffffffffa0209bbb
          [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
          [<ffffffff81236fc6>] kthread+0x2b6/0x380
          [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
          [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
      unreferenced object 0xffff88810926dc88 (size 192):
        comm "kunit_try_catch", pid 1854, jiffies 4294685809 (age 976.271s)
        hex dump (first 32 bytes):
          00 00 50 40 02 00 00 00 00 00 00 00 00 00 00 00  ..P@............
          00 00 00 00 00 00 00 00 88 dc 26 09 81 88 ff ff  ..........&.....
        backtrace:
          [<ffffffff81a1ff11>] __d_alloc+0x31/0x8a0
          [<ffffffff81a2910e>] d_alloc_pseudo+0xe/0x50
          [<ffffffff819d549e>] alloc_file_pseudo+0xce/0x210
          [<ffffffff83978582>] sock_alloc_file+0x42/0x1b0
          [<ffffffffa0208fdc>] 0xffffffffa0208fdc
          [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
          [<ffffffff81236fc6>] kthread+0x2b6/0x380
          [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
          [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
      unreferenced object 0xffff88810a241380 (size 224):
        comm "kunit_try_catch", pid 1854, jiffies 4294685809 (age 976.271s)
        hex dump (first 32 bytes):
          00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
          00 00 00 00 03 00 2e 08 01 00 00 00 00 00 00 00  ................
        backtrace:
          [<ffffffff819d4b90>] alloc_empty_file+0x50/0x160
          [<ffffffff819d4cf9>] alloc_file+0x59/0x730
          [<ffffffff819d5524>] alloc_file_pseudo+0x154/0x210
          [<ffffffff83978582>] sock_alloc_file+0x42/0x1b0
          [<ffffffffa0208fdc>] 0xffffffffa0208fdc
          [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
          [<ffffffff81236fc6>] kthread+0x2b6/0x380
          [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
          [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
      unreferenced object 0xffff888109165040 (size 768):
        comm "kunit_try_catch", pid 1856, jiffies 4294685811 (age 976.269s)
        hex dump (first 32 bytes):
          01 00 00 00 01 00 5a 5a 20 00 00 00 00 00 00 00  ......ZZ .......
          00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
        backtrace:
          [<ffffffff8397993f>] sock_alloc_inode+0x1f/0x1b0
          [<ffffffff81a2cb5b>] alloc_inode+0x5b/0x1a0
          [<ffffffff81a32bed>] new_inode_pseudo+0xd/0x70
          [<ffffffff8397889c>] sock_alloc+0x3c/0x260
          [<ffffffff83979b46>] __sock_create+0x66/0x3d0
          [<ffffffffa0208860>] 0xffffffffa0208860
          [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
          [<ffffffff81236fc6>] kthread+0x2b6/0x380
          [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
          [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
      unreferenced object 0xffff88810926d568 (size 192):
        comm "kunit_try_catch", pid 1856, jiffies 4294685811 (age 976.269s)
        hex dump (first 32 bytes):
          00 00 50 40 02 00 00 00 00 00 00 00 00 00 00 00  ..P@............
          00 00 00 00 00 00 00 00 68 d5 26 09 81 88 ff ff  ........h.&.....
        backtrace:
          [<ffffffff81a1ff11>] __d_alloc+0x31/0x8a0
          [<ffffffff81a2910e>] d_alloc_pseudo+0xe/0x50
          [<ffffffff819d549e>] alloc_file_pseudo+0xce/0x210
          [<ffffffff83978582>] sock_alloc_file+0x42/0x1b0
          [<ffffffffa0208879>] 0xffffffffa0208879
          [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
          [<ffffffff81236fc6>] kthread+0x2b6/0x380
          [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
          [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
      unreferenced object 0xffff88810a240580 (size 224):
        comm "kunit_try_catch", pid 1856, jiffies 4294685811 (age 976.347s)
        hex dump (first 32 bytes):
          00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
          00 00 00 00 03 00 2e 08 01 00 00 00 00 00 00 00  ................
        backtrace:
          [<ffffffff819d4b90>] alloc_empty_file+0x50/0x160
          [<ffffffff819d4cf9>] alloc_file+0x59/0x730
          [<ffffffff819d5524>] alloc_file_pseudo+0x154/0x210
          [<ffffffff83978582>] sock_alloc_file+0x42/0x1b0
          [<ffffffffa0208879>] 0xffffffffa0208879
          [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
          [<ffffffff81236fc6>] kthread+0x2b6/0x380
          [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
          [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
      unreferenced object 0xffff888109164c40 (size 768):
        comm "kunit_try_catch", pid 1858, jiffies 4294685816 (age 976.342s)
        hex dump (first 32 bytes):
          01 00 00 00 01 00 5a 5a 20 00 00 00 00 00 00 00  ......ZZ .......
          00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
        backtrace:
          [<ffffffff8397993f>] sock_alloc_inode+0x1f/0x1b0
          [<ffffffff81a2cb5b>] alloc_inode+0x5b/0x1a0
          [<ffffffff81a32bed>] new_inode_pseudo+0xd/0x70
          [<ffffffff8397889c>] sock_alloc+0x3c/0x260
          [<ffffffff83979b46>] __sock_create+0x66/0x3d0
          [<ffffffffa0208541>] 0xffffffffa0208541
          [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
          [<ffffffff81236fc6>] kthread+0x2b6/0x380
          [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
          [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
      unreferenced object 0xffff88810926cd18 (size 192):
        comm "kunit_try_catch", pid 1858, jiffies 4294685816 (age 976.342s)
        hex dump (first 32 bytes):
          00 00 50 40 02 00 00 00 00 00 00 00 00 00 00 00  ..P@............
          00 00 00 00 00 00 00 00 18 cd 26 09 81 88 ff ff  ..........&.....
        backtrace:
          [<ffffffff81a1ff11>] __d_alloc+0x31/0x8a0
          [<ffffffff81a2910e>] d_alloc_pseudo+0xe/0x50
          [<ffffffff819d549e>] alloc_file_pseudo+0xce/0x210
          [<ffffffff83978582>] sock_alloc_file+0x42/0x1b0
          [<ffffffffa020855a>] 0xffffffffa020855a
          [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
          [<ffffffff81236fc6>] kthread+0x2b6/0x380
          [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
          [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
      unreferenced object 0xffff88810a240200 (size 224):
        comm "kunit_try_catch", pid 1858, jiffies 4294685816 (age 976.342s)
        hex dump (first 32 bytes):
          00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
          00 00 00 00 03 00 2e 08 01 00 00 00 00 00 00 00  ................
        backtrace:
          [<ffffffff819d4b90>] alloc_empty_file+0x50/0x160
          [<ffffffff819d4cf9>] alloc_file+0x59/0x730
          [<ffffffff819d5524>] alloc_file_pseudo+0x154/0x210
          [<ffffffff83978582>] sock_alloc_file+0x42/0x1b0
          [<ffffffffa020855a>] 0xffffffffa020855a
          [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
          [<ffffffff81236fc6>] kthread+0x2b6/0x380
          [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
          [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
      unreferenced object 0xffff888109164840 (size 768):
        comm "kunit_try_catch", pid 1860, jiffies 4294685817 (age 976.416s)
        hex dump (first 32 bytes):
          01 00 00 00 01 00 5a 5a 20 00 00 00 00 00 00 00  ......ZZ .......
          00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
        backtrace:
          [<ffffffff8397993f>] sock_alloc_inode+0x1f/0x1b0
          [<ffffffff81a2cb5b>] alloc_inode+0x5b/0x1a0
          [<ffffffff81a32bed>] new_inode_pseudo+0xd/0x70
          [<ffffffff8397889c>] sock_alloc+0x3c/0x260
          [<ffffffff83979b46>] __sock_create+0x66/0x3d0
          [<ffffffffa02093e2>] 0xffffffffa02093e2
          [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
          [<ffffffff81236fc6>] kthread+0x2b6/0x380
          [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
          [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
      unreferenced object 0xffff88810926cab8 (size 192):
        comm "kunit_try_catch", pid 1860, jiffies 4294685817 (age 976.416s)
        hex dump (first 32 bytes):
          00 00 50 40 02 00 00 00 00 00 00 00 00 00 00 00  ..P@............
          00 00 00 00 00 00 00 00 b8 ca 26 09 81 88 ff ff  ..........&.....
        backtrace:
          [<ffffffff81a1ff11>] __d_alloc+0x31/0x8a0
          [<ffffffff81a2910e>] d_alloc_pseudo+0xe/0x50
          [<ffffffff819d549e>] alloc_file_pseudo+0xce/0x210
          [<ffffffff83978582>] sock_alloc_file+0x42/0x1b0
          [<ffffffffa02093fb>] 0xffffffffa02093fb
          [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
          [<ffffffff81236fc6>] kthread+0x2b6/0x380
          [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
          [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
      unreferenced object 0xffff88810a240040 (size 224):
        comm "kunit_try_catch", pid 1860, jiffies 4294685817 (age 976.416s)
        hex dump (first 32 bytes):
          00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
          00 00 00 00 03 00 2e 08 01 00 00 00 00 00 00 00  ................
        backtrace:
          [<ffffffff819d4b90>] alloc_empty_file+0x50/0x160
          [<ffffffff819d4cf9>] alloc_file+0x59/0x730
          [<ffffffff819d5524>] alloc_file_pseudo+0x154/0x210
          [<ffffffff83978582>] sock_alloc_file+0x42/0x1b0
          [<ffffffffa02093fb>] 0xffffffffa02093fb
          [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
          [<ffffffff81236fc6>] kthread+0x2b6/0x380
          [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
          [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
      unreferenced object 0xffff888109166440 (size 768):
        comm "kunit_try_catch", pid 1862, jiffies 4294685819 (age 976.489s)
        hex dump (first 32 bytes):
          01 00 00 00 01 00 5a 5a 20 00 00 00 00 00 00 00  ......ZZ .......
          00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
        backtrace:
          [<ffffffff8397993f>] sock_alloc_inode+0x1f/0x1b0
          [<ffffffff81a2cb5b>] alloc_inode+0x5b/0x1a0
          [<ffffffff81a32bed>] new_inode_pseudo+0xd/0x70
          [<ffffffff8397889c>] sock_alloc+0x3c/0x260
          [<ffffffff83979b46>] __sock_create+0x66/0x3d0
          [<ffffffffa02097c1>] 0xffffffffa02097c1
          [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
          [<ffffffff81236fc6>] kthread+0x2b6/0x380
          [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
          [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
      unreferenced object 0xffff88810926c398 (size 192):
        comm "kunit_try_catch", pid 1862, jiffies 4294685819 (age 976.489s)
        hex dump (first 32 bytes):
          00 00 50 40 02 00 00 00 00 00 00 00 00 00 00 00  ..P@............
          00 00 00 00 00 00 00 00 98 c3 26 09 81 88 ff ff  ..........&.....
        backtrace:
          [<ffffffff81a1ff11>] __d_alloc+0x31/0x8a0
          [<ffffffff81a2910e>] d_alloc_pseudo+0xe/0x50
          [<ffffffff819d549e>] alloc_file_pseudo+0xce/0x210
          [<ffffffff83978582>] sock_alloc_file+0x42/0x1b0
          [<ffffffffa02097da>] 0xffffffffa02097da
          [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
          [<ffffffff81236fc6>] kthread+0x2b6/0x380
          [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
          [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
      unreferenced object 0xffff888107e0b8c0 (size 224):
        comm "kunit_try_catch", pid 1862, jiffies 4294685819 (age 976.489s)
        hex dump (first 32 bytes):
          00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
          00 00 00 00 03 00 2e 08 01 00 00 00 00 00 00 00  ................
        backtrace:
          [<ffffffff819d4b90>] alloc_empty_file+0x50/0x160
          [<ffffffff819d4cf9>] alloc_file+0x59/0x730
          [<ffffffff819d5524>] alloc_file_pseudo+0x154/0x210
          [<ffffffff83978582>] sock_alloc_file+0x42/0x1b0
          [<ffffffffa02097da>] 0xffffffffa02097da
          [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
          [<ffffffff81236fc6>] kthread+0x2b6/0x380
          [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
          [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
      unreferenced object 0xffff888109164440 (size 768):
        comm "kunit_try_catch", pid 1864, jiffies 4294685821 (age 976.487s)
        hex dump (first 32 bytes):
          01 00 00 00 01 00 5a 5a 20 00 00 00 00 00 00 00  ......ZZ .......
          00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
        backtrace:
          [<ffffffff8397993f>] sock_alloc_inode+0x1f/0x1b0
          [<ffffffff81a2cb5b>] alloc_inode+0x5b/0x1a0
          [<ffffffff81a32bed>] new_inode_pseudo+0xd/0x70
          [<ffffffff8397889c>] sock_alloc+0x3c/0x260
          [<ffffffff83979b46>] __sock_create+0x66/0x3d0
          [<ffffffffa020824e>] 0xffffffffa020824e
          [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
          [<ffffffff81236fc6>] kthread+0x2b6/0x380
          [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
          [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
      unreferenced object 0xffff88810f4cf698 (size 192):
        comm "kunit_try_catch", pid 1864, jiffies 4294685821 (age 976.501s)
        hex dump (first 32 bytes):
          00 00 50 40 02 00 00 00 00 00 00 00 00 00 00 00  ..P@............
          00 00 00 00 00 00 00 00 98 f6 4c 0f 81 88 ff ff  ..........L.....
        backtrace:
          [<ffffffff81a1ff11>] __d_alloc+0x31/0x8a0
          [<ffffffff81a2910e>] d_alloc_pseudo+0xe/0x50
          [<ffffffff819d549e>] alloc_file_pseudo+0xce/0x210
          [<ffffffff83978582>] sock_alloc_file+0x42/0x1b0
          [<ffffffffa0208267>] 0xffffffffa0208267
          [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
          [<ffffffff81236fc6>] kthread+0x2b6/0x380
          [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
          [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
      unreferenced object 0xffff888107e0b000 (size 224):
        comm "kunit_try_catch", pid 1864, jiffies 4294685821 (age 976.501s)
        hex dump (first 32 bytes):
          00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
          00 00 00 00 03 00 2e 08 01 00 00 00 00 00 00 00  ................
        backtrace:
          [<ffffffff819d4b90>] alloc_empty_file+0x50/0x160
          [<ffffffff819d4cf9>] alloc_file+0x59/0x730
          [<ffffffff819d5524>] alloc_file_pseudo+0x154/0x210
          [<ffffffff83978582>] sock_alloc_file+0x42/0x1b0
          [<ffffffffa0208267>] 0xffffffffa0208267
          [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
          [<ffffffff81236fc6>] kthread+0x2b6/0x380
          [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
          [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
      
      Fixes: 88232ec1 ("net/handshake: Add Kunit tests for the handshake consumer API")
      Signed-off-by: default avatarJinjie Ruan <ruanjinjie@huawei.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      4a0f07d7
    • Cai Huoqing's avatar
      net: hinic: Fix warning-hinic_set_vlan_fliter() warn: variable dereferenced before check 'hwdev' · 22b6e7f3
      Cai Huoqing authored
      'hwdev' is checked too late and hwdev will not be NULL, so remove the check
      
      Fixes: 2acf960e ("net: hinic: Add support for configuration of rx-vlan-filter by ethtool")
      Reported-by: default avatarDan Carpenter <dan.carpenter@linaro.org>
      Closes: https://lore.kernel.org/r/202309112354.pikZCmyk-lkp@intel.com/Signed-off-by: default avatarCai Huoqing <cai.huoqing@linux.dev>
      Reviewed-by: default avatarVadim Fedorenko <vadim.fedorenko@linux.dev>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      22b6e7f3
    • Jozsef Kadlecsik's avatar
      netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP · 7433b6d2
      Jozsef Kadlecsik authored
      Kyle Zeng reported that there is a race between IPSET_CMD_ADD and IPSET_CMD_SWAP
      in netfilter/ip_set, which can lead to the invocation of `__ip_set_put` on a
      wrong `set`, triggering the `BUG_ON(set->ref == 0);` check in it.
      
      The race is caused by using the wrong reference counter, i.e. the ref counter instead
      of ref_netlink.
      
      Fixes: 24e22789 ("netfilter: ipset: Add schedule point in call_ad().")
      Reported-by: default avatarKyle Zeng <zengyhkyle@gmail.com>
      Closes: https://lore.kernel.org/netfilter-devel/ZPZqetxOmH+w%2Fmyc@westworld/#rTested-by: default avatarKyle Zeng <zengyhkyle@gmail.com>
      Signed-off-by: default avatarJozsef Kadlecsik <kadlec@netfilter.org>
      Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
      7433b6d2
    • Florian Westphal's avatar
      netfilter: nf_tables: fix memleak when more than 255 elements expired · cf5000a7
      Florian Westphal authored
      When more than 255 elements expired we're supposed to switch to a new gc
      container structure.
      
      This never happens: u8 type will wrap before reaching the boundary
      and nft_trans_gc_space() always returns true.
      
      This means we recycle the initial gc container structure and
      lose track of the elements that came before.
      
      While at it, don't deref 'gc' after we've passed it to call_rcu.
      
      Fixes: 5f68718b ("netfilter: nf_tables: GC transaction API to avoid race with control plane")
      Reported-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
      cf5000a7
    • Florian Westphal's avatar
      netfilter: nf_tables: disable toggling dormant table state more than once · c9bd2651
      Florian Westphal authored
      nft -f -<<EOF
      add table ip t
      add table ip t { flags dormant; }
      add chain ip t c { type filter hook input priority 0; }
      add table ip t
      EOF
      
      Triggers a splat from nf core on next table delete because we lose
      track of right hook register state:
      
      WARNING: CPU: 2 PID: 1597 at net/netfilter/core.c:501 __nf_unregister_net_hook
      RIP: 0010:__nf_unregister_net_hook+0x41b/0x570
       nf_unregister_net_hook+0xb4/0xf0
       __nf_tables_unregister_hook+0x160/0x1d0
      [..]
      
      The above should have table in *active* state, but in fact no
      hooks were registered.
      
      Reject on/off/on games rather than attempting to fix this.
      
      Fixes: 179d9ba5 ("netfilter: nf_tables: fix table flag updates")
      Reported-by: default avatar"Lee, Cherie-Anne" <cherie.lee@starlabs.sg>
      Cc: Bing-Jhong Billy Jheng <billy@starlabs.sg>
      Cc: info@starlabs.sg
      Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
      c9bd2651
    • Benjamin Poirier's avatar
      vxlan: Add missing entries to vxlan_get_size() · 4e4b1798
      Benjamin Poirier authored
      There are some attributes added by vxlan_fill_info() which are not
      accounted for in vxlan_get_size(). Add them.
      
      I didn't find a way to trigger an actual problem from this miscalculation
      since there is usually extra space in netlink size calculations like
      if_nlmsg_size(); but maybe I just didn't search long enough.
      
      Fixes: 3511494c ("vxlan: Group Policy extension")
      Fixes: e1e5314d ("vxlan: implement GPE")
      Fixes: 0ace2ca8 ("vxlan: Use checksum partial with remote checksum offload")
      Fixes: f9c4bb0b ("vxlan: vni filtering support on collect metadata device")
      Signed-off-by: default avatarBenjamin Poirier <bpoirier@nvidia.com>
      Acked-by: default avatarNikolay Aleksandrov <razor@blackwall.org>
      Reviewed-by: default avatarIdo Schimmel <idosch@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      4e4b1798
    • Artem Chernyshev's avatar
      net: rds: Fix possible NULL-pointer dereference · f1d95df0
      Artem Chernyshev authored
      In rds_rdma_cm_event_handler_cmn() check, if conn pointer exists
      before dereferencing it as rdma_set_service_type() argument
      
      Found by Linux Verification Center (linuxtesting.org) with SVACE.
      
      Fixes: fd261ce6 ("rds: rdma: update rdma transport for tos")
      Signed-off-by: default avatarArtem Chernyshev <artem.chernyshev@red-soft.ru>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      f1d95df0
  4. 19 Sep, 2023 7 commits
    • Ziyang Xuan's avatar
      team: fix null-ptr-deref when team device type is changed · 49203276
      Ziyang Xuan authored
      Get a null-ptr-deref bug as follows with reproducer [1].
      
      BUG: kernel NULL pointer dereference, address: 0000000000000228
      ...
      RIP: 0010:vlan_dev_hard_header+0x35/0x140 [8021q]
      ...
      Call Trace:
       <TASK>
       ? __die+0x24/0x70
       ? page_fault_oops+0x82/0x150
       ? exc_page_fault+0x69/0x150
       ? asm_exc_page_fault+0x26/0x30
       ? vlan_dev_hard_header+0x35/0x140 [8021q]
       ? vlan_dev_hard_header+0x8e/0x140 [8021q]
       neigh_connected_output+0xb2/0x100
       ip6_finish_output2+0x1cb/0x520
       ? nf_hook_slow+0x43/0xc0
       ? ip6_mtu+0x46/0x80
       ip6_finish_output+0x2a/0xb0
       mld_sendpack+0x18f/0x250
       mld_ifc_work+0x39/0x160
       process_one_work+0x1e6/0x3f0
       worker_thread+0x4d/0x2f0
       ? __pfx_worker_thread+0x10/0x10
       kthread+0xe5/0x120
       ? __pfx_kthread+0x10/0x10
       ret_from_fork+0x34/0x50
       ? __pfx_kthread+0x10/0x10
       ret_from_fork_asm+0x1b/0x30
      
      [1]
      $ teamd -t team0 -d -c '{"runner": {"name": "loadbalance"}}'
      $ ip link add name t-dummy type dummy
      $ ip link add link t-dummy name t-dummy.100 type vlan id 100
      $ ip link add name t-nlmon type nlmon
      $ ip link set t-nlmon master team0
      $ ip link set t-nlmon nomaster
      $ ip link set t-dummy up
      $ ip link set team0 up
      $ ip link set t-dummy.100 down
      $ ip link set t-dummy.100 master team0
      
      When enslave a vlan device to team device and team device type is changed
      from non-ether to ether, header_ops of team device is changed to
      vlan_header_ops. That is incorrect and will trigger null-ptr-deref
      for vlan->real_dev in vlan_dev_hard_header() because team device is not
      a vlan device.
      
      Cache eth_header_ops in team_setup(), then assign cached header_ops to
      header_ops of team net device when its type is changed from non-ether
      to ether to fix the bug.
      
      Fixes: 1d76efe1 ("team: add support for non-ethernet devices")
      Suggested-by: default avatarHangbin Liu <liuhangbin@gmail.com>
      Reviewed-by: default avatarHangbin Liu <liuhangbin@gmail.com>
      Signed-off-by: default avatarZiyang Xuan <william.xuanziyang@huawei.com>
      Reviewed-by: default avatarJiri Pirko <jiri@nvidia.com>
      Reviewed-by: default avatarEric Dumazet <edumazet@google.com>
      Link: https://lore.kernel.org/r/20230918123011.1884401-1-william.xuanziyang@huawei.comSigned-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
      49203276
    • Kailang Yang's avatar
      ALSA: hda/realtek - ALC287 Realtek I2S speaker platform support · 41b07476
      Kailang Yang authored
      New platform SSID:0x231f.
      
      0x17 was only speaker pin, DAC assigned will be 0x03. Headphone
      assigned to 0x02.
      Playback via headphone will get EQ filter processing.
      So, it needs to swap DAC.
      Signed-off-by: default avatarKailang Yang <kailang@realtek.com>
      Cc: <stable@vger.kernel.org>
      Link: https://lore.kernel.org/r/8d63c6e360124e3ea2523753050e6f05@realtek.comSigned-off-by: default avatarTakashi Iwai <tiwai@suse.de>
      41b07476
    • Richard Fitzgerald's avatar
      ALSA: hda: cs35l56: Use the new RUNTIME_PM_OPS() macro · deff8486
      Richard Fitzgerald authored
      Use RUNTIME_PM_OPS() instead of the old SET_RUNTIME_PM_OPS().
      This means we don't need  __maybe_unused on the functions.
      
      Fixes: 73cfbfa9 ("ALSA: hda/cs35l56: Add driver for Cirrus Logic CS35L56 amplifier")
      Signed-off-by: default avatarRichard Fitzgerald <rf@opensource.cirrus.com>
      Link: https://lore.kernel.org/r/20230919081153.19793-1-rf@opensource.cirrus.comSigned-off-by: default avatarTakashi Iwai <tiwai@suse.de>
      deff8486
    • Mark Brown's avatar
      spi: Merge up old fix · 4221a2be
      Mark Brown authored
      This fix was originally queued at the end of the 6.4 cycle but as it was
      minor it never actually got sent.
      4221a2be
    • Eric Dumazet's avatar
      net: bridge: use DEV_STATS_INC() · 44bdb313
      Eric Dumazet authored
      syzbot/KCSAN reported data-races in br_handle_frame_finish() [1]
      This function can run from multiple cpus without mutual exclusion.
      
      Adopt SMP safe DEV_STATS_INC() to update dev->stats fields.
      
      Handles updates to dev->stats.tx_dropped while we are at it.
      
      [1]
      BUG: KCSAN: data-race in br_handle_frame_finish / br_handle_frame_finish
      
      read-write to 0xffff8881374b2178 of 8 bytes by interrupt on cpu 1:
      br_handle_frame_finish+0xd4f/0xef0 net/bridge/br_input.c:189
      br_nf_hook_thresh+0x1ed/0x220
      br_nf_pre_routing_finish_ipv6+0x50f/0x540
      NF_HOOK include/linux/netfilter.h:304 [inline]
      br_nf_pre_routing_ipv6+0x1e3/0x2a0 net/bridge/br_netfilter_ipv6.c:178
      br_nf_pre_routing+0x526/0xba0 net/bridge/br_netfilter_hooks.c:508
      nf_hook_entry_hookfn include/linux/netfilter.h:144 [inline]
      nf_hook_bridge_pre net/bridge/br_input.c:272 [inline]
      br_handle_frame+0x4c9/0x940 net/bridge/br_input.c:417
      __netif_receive_skb_core+0xa8a/0x21e0 net/core/dev.c:5417
      __netif_receive_skb_one_core net/core/dev.c:5521 [inline]
      __netif_receive_skb+0x57/0x1b0 net/core/dev.c:5637
      process_backlog+0x21f/0x380 net/core/dev.c:5965
      __napi_poll+0x60/0x3b0 net/core/dev.c:6527
      napi_poll net/core/dev.c:6594 [inline]
      net_rx_action+0x32b/0x750 net/core/dev.c:6727
      __do_softirq+0xc1/0x265 kernel/softirq.c:553
      run_ksoftirqd+0x17/0x20 kernel/softirq.c:921
      smpboot_thread_fn+0x30a/0x4a0 kernel/smpboot.c:164
      kthread+0x1d7/0x210 kernel/kthread.c:388
      ret_from_fork+0x48/0x60 arch/x86/kernel/process.c:147
      ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304
      
      read-write to 0xffff8881374b2178 of 8 bytes by interrupt on cpu 0:
      br_handle_frame_finish+0xd4f/0xef0 net/bridge/br_input.c:189
      br_nf_hook_thresh+0x1ed/0x220
      br_nf_pre_routing_finish_ipv6+0x50f/0x540
      NF_HOOK include/linux/netfilter.h:304 [inline]
      br_nf_pre_routing_ipv6+0x1e3/0x2a0 net/bridge/br_netfilter_ipv6.c:178
      br_nf_pre_routing+0x526/0xba0 net/bridge/br_netfilter_hooks.c:508
      nf_hook_entry_hookfn include/linux/netfilter.h:144 [inline]
      nf_hook_bridge_pre net/bridge/br_input.c:272 [inline]
      br_handle_frame+0x4c9/0x940 net/bridge/br_input.c:417
      __netif_receive_skb_core+0xa8a/0x21e0 net/core/dev.c:5417
      __netif_receive_skb_one_core net/core/dev.c:5521 [inline]
      __netif_receive_skb+0x57/0x1b0 net/core/dev.c:5637
      process_backlog+0x21f/0x380 net/core/dev.c:5965
      __napi_poll+0x60/0x3b0 net/core/dev.c:6527
      napi_poll net/core/dev.c:6594 [inline]
      net_rx_action+0x32b/0x750 net/core/dev.c:6727
      __do_softirq+0xc1/0x265 kernel/softirq.c:553
      do_softirq+0x5e/0x90 kernel/softirq.c:454
      __local_bh_enable_ip+0x64/0x70 kernel/softirq.c:381
      __raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]
      _raw_spin_unlock_bh+0x36/0x40 kernel/locking/spinlock.c:210
      spin_unlock_bh include/linux/spinlock.h:396 [inline]
      batadv_tt_local_purge+0x1a8/0x1f0 net/batman-adv/translation-table.c:1356
      batadv_tt_purge+0x2b/0x630 net/batman-adv/translation-table.c:3560
      process_one_work kernel/workqueue.c:2630 [inline]
      process_scheduled_works+0x5b8/0xa30 kernel/workqueue.c:2703
      worker_thread+0x525/0x730 kernel/workqueue.c:2784
      kthread+0x1d7/0x210 kernel/kthread.c:388
      ret_from_fork+0x48/0x60 arch/x86/kernel/process.c:147
      ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304
      
      value changed: 0x00000000000d7190 -> 0x00000000000d7191
      
      Reported by Kernel Concurrency Sanitizer on:
      CPU: 0 PID: 14848 Comm: kworker/u4:11 Not tainted 6.6.0-rc1-syzkaller-00236-gad8a69f3 #0
      
      Fixes: 1c29fc49 ("[BRIDGE]: keep track of received multicast packets")
      Reported-by: default avatarsyzbot <syzkaller@googlegroups.com>
      Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
      Cc: Roopa Prabhu <roopa@nvidia.com>
      Cc: Nikolay Aleksandrov <razor@blackwall.org>
      Cc: bridge@lists.linux-foundation.org
      Acked-by: default avatarNikolay Aleksandrov <razor@blackwall.org>
      Link: https://lore.kernel.org/r/20230918091351.1356153-1-edumazet@google.comSigned-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
      44bdb313
    • Paolo Abeni's avatar
      Merge branch 'there-are-some-bugfix-for-the-hns3-ethernet-driver' · 5f8621c1
      Paolo Abeni authored
      Jijie Shao says:
      
      ====================
      There are some bugfix for the HNS3 ethernet driver
      ====================
      
      Link: https://lore.kernel.org/r/20230918074840.2650978-1-shaojijie@huawei.comSigned-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
      5f8621c1
    • Jie Wang's avatar
      net: hns3: add 5ms delay before clear firmware reset irq source · 07700630
      Jie Wang authored
      Currently the reset process in hns3 and firmware watchdog init process is
      asynchronous. we think firmware watchdog initialization is completed
      before hns3 clear the firmware interrupt source. However, firmware
      initialization may not complete early.
      
      so we add delay before hns3 clear firmware interrupt source and 5 ms delay
      is enough to avoid second firmware reset interrupt.
      
      Fixes: c1a81619 ("net: hns3: Add mailbox interrupt handling to PF driver")
      Signed-off-by: default avatarJie Wang <wangjie125@huawei.com>
      Signed-off-by: default avatarJijie Shao <shaojijie@huawei.com>
      Signed-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
      07700630